PRIVACY POLICY

(In force as from 14.09.2018)

 

 

 

The PayPark application is a mobile application that provides the opportunity to pay and manage the stay of vehicles in paid parking areas on the territory of different municipalities in the Republic of Bulgaria.

This policy defines the types of personal data processed when using the PayPark mobile application and the services provided through the application (the Service) as well as the purposes and means of processing .

Controller of the personal data handled by the mobile application PayPark is " TERA COMMUNICATIONS" AD , UIC: 131384920 , with headquarters and management address in Sofia, 103, Cherni Vrah Blvd.

The Data Protection Officer will answer all Your questions concerning the processing and protection of personal data and will make exercising Your rights as a subject of personal data easy and understandable. The address for direct contact with the DPO is email: dpo@teracomm.bg .

 

What data we process, for which purposes and on what basis:

 

1. Based on Your explicit consent, expressed by allowing the application to access Your device data or by deliberate action - manually inputting data about the use of a particular functionality:

• Location :

- Geolocation – only after You allow the app to access location information for the device, on which the app is installed, using the "Use My Location " functionality, we collect accurate location data for Your device.

- Location History - to allow viewing of the last parking spots ;

At any time, You have the option to end the application access to the location data, as well as delete the history.

• Vehicle information, added or edited in the application, when the data provided is intended to facilitate use of the Service (eg. inputing the name of the car to be distinguished from other vehicles). You have the ability to edit or delete this information at any time.

 

2. On a contractual basis for provision of the Service we process the following personal data:

 

• Registration number of the vehicle (plate number), required for payment of parking fees or performing a check for vehicles which have been lifted/displaced by traffic administration.

 

• Information about means of payment : We may collect information for the purposes of facilitating payments for parking in the blue / green zone   - when You select a payment method "By card" we collect data for Your credit or debit card, expiry date of the card and cardholder's name ; The processing of this personal data is necessary to provide this payment service  and therefore is on a contractual basis . If You do not provide this information, You cannot use the option for payment by credit / debit card.

 

• MSISDN (phone number) : we collect information about the phone number on which the application is installed for the purposes of facilitating the mobile payment through sending a SMS . The processing of the data for the telephone number is necessary for the provision of the mobile payment service via SMS and therefore is on a contractual basis .

 

• Identification data of the device, on which the application is installed

 

• Vehicle Location - For the purposes of using the functionality "Check for displaced Vehicle"

 

Third parties to which we provide your personal data:

• mobile operators - for the purposes of SMS payments to the extent that their cooperation is necessary for charging Your phone bill;

• suppliers of payment services for carrying out the functionality of payment by card and for accounting purposes as required by law;

• the relevant municipal administration that serves the paid parking area - for the purpose of checking by the municipal officials whether a payment has been made for the registration number of your vehicle;

• Google LLC, Google Ireland ltd. and other affiliates of Google LLC for the purposes of depiction of the active and/or historic data regarding the location of the МyKi™ Device and the paired devices on a map, provided by Google LLC. The privacy policy of Google LLC is accessible at the address: http://www.google.com/policies/privacy

• state bodies and institutions in connection to checks and probes performed by them in compliance with the legal requirements and restrictions.

• Affiliated parties of TERA COMMUNICATIONS S.A.  in a connection with usage of shared technical and human resources, transformations and others.

 

In regards to private individuals, we require and pay attention that the above stated third parties apply all required technical and organizational measures for protection of such data.

 

The Data is processed in regards of the following time limits:

 

• • Data processed for the purpose of providing the Service – by default until the application PayPark is deleted; the registration numbers of the vehicles combined with the pseudonymized identification data of the mobile devices on which the PayPark application has been installed, are being kept for up to one year from receipt for utilization of subsequent use of the application.

  • Data provided on the basis of consent, incl. location data - until it is withdrawn, as provided, including through the settings of the application or the mobile device to which it is installed or deleted, as applicable) to the extent this data is required for the use of a certain functionality of the mobile application.

 

Following expiration of the above stated time limit, the data is deleted and may not be retrieved and used any longer. The data shall not be deleted but shall continue to be processed only for the purposes of protection of our legitimate rights and interests or in compliance with our legitimate obligations, in the event that as of the date of expiration of the above stated time limit there is pending court, administrative and pre-court proceedings – until its termination.

 

Your rights as a data subject:

1. • Right to access, including right to copy data undergoing processing:

• At any time you have the right of information in regards to your personal data processed by us. You may contact us and after filling out a written request form and verifying your identity the requested information will be provided to you;

 

1. • Right to rectification of inaccurate personal data:

• You have the right to request correction and/or supplementation of your personal data when the data is incorrect and/or incomplete. This you can accomplish via your profile in the Myki mobile application or by contacting us, filling out a written request form and verifying your identity

1. • Right to erasure („The right to be forgotten“) in the following cases:

• Removal of the need to process;

• Withdrawal of consent when the processing of the data is on the legal bases of provided consent;

• Illegal data processing;

• Legal obligation to delete;

The right to be forgotten is not an absolute right and might not be respected in cases provided for by law and because of a lack of reliable verification of your identity.

1. • Right of limiting processing when:

• The veracity of data is disputed, for the period for which their veracity should be checked; or

• Processing of data is without legal ground, but instead of deletion on our part, you want their restricted processing; or

• Need for data concerning establishment, exercise or protection of your legal claims; or

• Objection has been submitted as regards data processing pending check as to the legality of the grounds of the administrator.

In case of correction, deletion or restriction of processing, we will notify every recipient to whom personal data has been disclosed unless this is impossible or requires disproportionately huge efforts.

1. • Right of transferability of the data;

• we provide the data directly to you

• at your request and technical possibility, the data is provided to another controller of your choice

1. • Right to object to the processing based on legitimate interest:

• You have the right to object to the processing of your personal data when the processing is based on legitimate interest of the Controller or a third party. ALLTERCO ROBOTICS EOOD will not continue processing your data, accept if there is a proof of founded legal basis for the continuation of it, which overrides your interests, rights and freedoms or the processing is required for the establishment, exercise or defence of legal claims.

1. • Right to lodge a complaint with a supervisory in the Member State of your habitual residence, place of work or place of the alleged infringement if you considers that the processing of personal data relating to you infringes GDPR.

 

You may exercise the aforementioned data subject rights after filling out a written predefined request form which you may receive from the business address of the Controller or via electronic means after contacting the data protection officer and filling out the electronic form which you will receive in response.

qnko