Privacy Policy
When collecting the data specified in this privacy policy, we, UK Parking Control Ltd, are the Data Controllers. This policy has been produced in line with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018) and the Human Rights Act 1998 (HRA 1998).
Please note that this policy can also be obtained by telephone by calling 0333 220 1070.
This policy was last updated on 20 April 2023.
NOTICE OF PARKING CHARGE DATA
What data is processed?
When you use a Car Park that is managed by UKPC, we may collect and process data compromising of imagines of your car together with your Vehicle Registration Marks (VRMs).
If the contractual parking terms and conditions are breached, a Notice of Parking Charge may be issued. The data we process when issuing a Notice of Parking Charge includes the recipient’s name and address, images of the vehicle, its details, its VRM and movement whilst using the Car Park.
If you submit an appeal in relation to a Notice of Parking Charge issued to you, or otherwise correspond with us in anyways, you may provide us with additional personal data, the data we process may include: your VRM, your name, address, email and phone number, a Notice of Parking Charge or other reference number, IP address, the capacity in which you are appealing (e.g. keeper, driver, hirer, other), and any other information you provide within any correspondence or appeal, including any documentation you share with us.
How do we collect your personal data?
Images of your vehicle and VRMs are captured by our Automatic Number Plate Recognition (ANPR) cameras, CCTV cameras and/or attendants on site.
If you have received a Notice of Parking Charge and you are the registered keeper of the vehicle, as held by the relevant vehicle licensing agency, then your data has been provided by the Driver and Vehicle Licensing Agency (DVLA) or international equivalent.
​
If you are not the registered keeper of the vehicle, then your data has been provided by:
​
• A third party who has confirmed that you were responsible for the vehicle on that date;
• A third party who has confirmed that you were driving the vehicle on that date;
• A third party who has confirmed that the vehicle was on hire or leased to you on that date.
​
If you no longer live at the address held by the DVLA, then your data has been provided by:
​
• A third party now living at the property whom has confirmed that you no longer live at that address and has supplied a forwarding address; or
• A third-party credit reference agency.
​
If you submit an appeal or otherwise corresponded with us, the data processed by us will be as provided by you within that appeal or correspondence. Where someone appeals or corresponds with us on your behalf with your authority, then the data processed will be as provided within the documentation we receive from them.
What is the purpose of processing your personal data?
In order to provide effective Car Park management services, we obtain, use and were necessary, share personal data in a proportionate way and in accordance with data protection law for the following purposes:
​
• Ensuring you comply with the parking terms and conditions, as displayed on signage throughout each car park, and to enforce those terms and conditions where necessary.
• Issuing a Notice of Parking Charge where the parking terms and conditions have been breached.
• Progressing any issued Parking Charge to closure or payment, which includes receipt of, reviewing and responding to appeals (both internal and with POPLA) and seeking payment of the Parking Charge amounts. Recovery may include collections undertaken via the use of debt collection agents and/or legal action (where required) and / or verification of your address.
• Providing car park management services, including the prevention and detection of crime, and data analytics.
What is the lawful basis for processing personal data?
Our lawful bases for processing personal data are:
​
• Contract – Processing is necessary for the performance of the parking contract to which you entered into when entering and remaining in the car park.
• Legitimate Interests – Processing is required to protect and enable pursuit of legitimate interests in ensuring the car park is effectively managed, obtaining sums due and promoting the safety and security of the car park and helping the prevention and detection of crime.
Who do we share data with?
We only share data in a way that is proportionate to the purposes explained above and safeguard your data through agreements that we must have with all those we share data with. This means that the data is only to be used appropriately and is held securely and confidentially. We do not share information about you or vehicle with anyone other than the organisations listed below:
​
• Where a Notice of Parking Charge is issued under the parking and payment terms of the parking contract, the notice may be placed on your vehicles windscreen or sent to the registered keeper of the vehicle by means of post. In both cases we may request the registered keeper’s details from the DVLA. We may provide the DVLA with data captured by our cameras or our parking attendants.
• Where you are not the registered keeper of a vehicle that caused a Notice of Parking Charge to be issued, we may share data with vehicle hire and lease companies or individuals that have confirmed that it hired, leased or authorised your use of the vehicle.
• Where necessary in relation to a notice we may share data about the registered keeper (name, address, registration number, details of the parking contravention including movements within the parking area) with:
​
o Agents who act on our behalf such as legal advisors including those who collect sums due such as debt recovery agents;
o Our Accredited Trade Associations and independent parking appeals services in relation to dealing with Notice of Parking Charge queries, complaints and appeals
o Landowners, managing agents and tenants of land within which we manage car parks
o Authorised agents such as subcontractors such as mail, email, print, IT, business process and payment service providers, credit reference agencies and collection agents.
• Where necessary for the purposes of preventing or detecting crime, we may share or be requested to share data about you or your vehicle with insurance companies, the police or other security organisations
• We may share data about the use of car parks we manage with companies providing marketing and analysis services. We will not share with them any data from which you or any other individual can be identified.
• We use the services of data processors acting on our behalf, some may store personal data outside the European Economic Area where we have in place the appropriate safeguards required by data protection law.
BODY WORN VIDEO CAMERA DATA
What data is processed and how do we collect your personal data?
BMV equipment consists of a small camera attached to the uniform of the Warden which can record visual and sound data. The purpose of the recording is to safeguard the Warden during violent and aggressive or anti-social behaviour incidents against the Warden caused by members of the public.
​
The footage will be is an encrypted format, securely stored and only viewed by authorised and trained personnel.
​
Recordings are automatically sent to a secured server stored by UKPC’s third party. The Warden will never be able to replay or remove the recording from the device. Once the recording is on the server, it will automatically be deleted after 30 days unless stored on the server.
What is the purpose of processing your personal data?
The devices will only be switched on for audio and visual recordings by the Warden when he/she legitimately suspects that a member of the public is about to embark on aggressive and/or violent behaviour towards the Warden themselves. i.e. when the Wardens personal security is in question doing their job. The use of the BWV device will be a form of self-defence to deter this behaviour and to ensure the safeguard of the Warden.
What is the lawful basis for processing personal data?
The lawful basis for processing BWV camera footage is as follows: Legitimate interest - Processing is required to protect and enable pursuit of legitimate interests in ensuring the Wardens safety as follows:
​
1. Deterrent and encourages compliance through self-awareness.
2. Supports de-escalation of violence.
3. Safety of staff by reducing verbal and physical attacks.
4. Contribute to the transparency of security procedures.
5. Provision of verifiable recordings with time-stamp & support statements.
6. Saving lengthy descriptive reports having to be provided.
7. A reduction in complaints against staff.
Who do we share data with?
Reason for storing on the server is if UKPC are initiating an internal investigation, or if the footage has been requested by the Police. This data will not be shared.
MARKETING OF OFFERS AND REWARDS DATA (iPark)
What data is processed and how do we collect your personal data?
When entering your VRM into one of our tablets at a UKPC monitored Car Park, you will be given the opportunity to opt-in to receive offers and rewards across all UKPC operated sites. If you said we can, we’ll send you offers and rewards across all UKPC operated Car Parks, depending on your preferences shared, and depending on which Car Park you visit with your registered vehicle.
The collection of your data requires you entering your full name, contact details, vehicle details and your lifestyle preferences. By choosing to opt-in to this, you are consenting to storage and processing of your personal data, and as a result you will be added to our mailing list.
Who do we share data with?
The data collected in line with the above will not be shared with any third parties.
How to stop/ opt-out of the marketing feature?
You can control the marketing communications you receive from us by simply reaching out to dpo@ukparkingcontrol.com and requesting this to be done on your behalf.
​
If you tell us you don’t want to receive marketing messages it might take a few days for all our systems to be updated, so we would ask for your patience as you might get messages from us while we process your request.
Security of your data
We will keep all your personal information in such a manner that is appropriate for the nature and prevent the harm that might result from a breach of security. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
With regard to each of your visits to our site, we may automatically collect technical information, including the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; information about your visit, including the full Uniform Resource Locators (URL) click-stream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number. The information which we collect and store during normal use of the site is used to monitor and analyse how parts of the site are used. Please read more about this in our Cookie Policy.
Retention of your data
There are certain reasons why we keep some of your data. How long we keep your data for depends upon the type of data we hold and the purpose(s) for which it was collected and processed. We may hold some of your data with third parties, but where we do, we ensure these third parties also only keep the data only for as long as necessary and adhere to our retention policies.
We will store your personal data for no longer than necessary to support the purposes explained above. We keep the personal data we hold about you for up to a maximum of 6 years from the date of collection unless related correspondence or legal claims are on-going.
How long will we keep your personal data?
There are certain reasons why we keep some of your data. How long we keep your data for depends upon the type of data we hold and the purpose(s) for which it was collected and processed. We may hold some of your data with third parties, but where we do, we ensure these third parties also only keep the data only for as long as necessary and adhere to our retention policies.
We will store your personal data for no longer than necessary to support the purposes explained above. We keep the personal data we hold about you for up to a maximum of 6 years from the date of collection unless related correspondence or legal claims are on-going.
Your rights
In relation to the personal data which we may hold about you, you have the following rights:
• Be informed how we process your data as explained above
• Understand and have access to the information we hold about you
• Ask us to:
o To object to the processing of personal data
o To access personal data.
o To be informed about the processing of personal data.
o To request that the processing of personal data be restricted.
o To request that personal data is corrected if it is inaccurate.
o To ask that personal data be erased.
o To request to move, copy or transfer personal data (“Data Portability”).
o Rights relating to automated decision making, including profiling
​
If you are concerned about our processing of your data or if you have a privacy related query not answered by this policy, please contact our Privacy Team using the contact details below. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO). For further information, please refer to the ICO website, www.ico.org.uk.
Changes to our privacy policy
Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.
Contact details and further information
If you would like more information about how we process your data or if you wish to assert any of your rights set out above please contact our data protection privacy team by: email: DPO@ukparkingcontrol.com or write to us:
Data Protection Officer
UK Parking Control Limited
Union House, 111 New Union Street
Coventry
CV1 2NT.