Parkstory is a solution for managing driver access to full automated car park facilities.
No regulations or legal references exists to specify the conditions for processing, storing and securing data relating to parking management activities.
Under these conditions, the Parkstory’s editor considers that only the measures or general concepts of the GDPR provides instructions or directions in the design of its solution.
This page aims to inform users and clients of Parkstory solution about the processing, security, and retention of their personal data in compliance with the GDPR requirements.
The mechanisms, described in this page, specify the scope of the private data used for parking operations and guarantee to the end-users the control and the security over their data (accessibility, removal).
Parkstory reserves the right to amend the present document in compliance with legal requirements or the evolution of the implemented Parkstory Users Interface (PUI) versions (browser and mobile device).
1 – Contacts
The Software Editor (and Publisher) is responsible for the hosting, architecture, workflow, content, and the structure of the Parkstory solution. The publisher declines all legal responsibility for the data entered either by operators or end users or outside of the expected use for the PUI.
A – Software Publisher:
Parkstory GmbH
Am Tucherpark 4
80538 München
Germany
Website: www.parkstory.com
Email: contact@parkstory.com
B – Parkstory Data Protection Officer
If you have any questions about data protection, please contact the DPO, whose contact details are given below:
Email: contact@parkstory.com
2 – Hosting and service providers
A – Main Parkstory system
Parkstory cloud
The Parkstory solution is a cloud hosted solution which interacts with local operations servers. Users are only given access to the PUI through a Web management portal or a mobile app which contains limited private information.
The PUI is hosted on the Microsoft Azure cloud. Parkstory solution mainly focuses on concepts used with Microsoft Azure as main Cloud Service Provider (CSP), but the same principles apply to other CSPs that may be involved in a project.
Parkstory built its services on datacenters located in the EU. Doing so ensures that all data is being stored and processed within the geographical boundaries of a country that adheres to the GDPR.
Parkstory local servers
Local operation servers only control the parking activity. The communication between the Parkstory local web server with the servers that manage the mechanical part of the parking enables to:
- Give instructions to the parking (move a vehicle, activate the e-charging, interact with the drivers).
- Collect information about operations and incidents for supervision.
All local servers are grouped together in a single room that is inaccessible and locked to the public. The access to local servers is restricted to a few authorised persons in charge of maintenance such as the facility manager or representatives of the parking owner.
Mechanical servers
A server manages the recharging of electric cars. It does not host any personal data.
A server pilots all the operational aspects of the parking: automatic machines, incidents, and interactive screens for users.
B – Service provides
App stores
The PUI mobile version is available on online platform operated by other service providers (so-called ‘app stores’). In this context, the data protection notices of the respective app stores apply in addition to our data protection notices. This applies in particular with regard to the procedures used on the platforms to measure reach and interest-based marketing as well as any obligation to pay costs.
Processed data types: contact data (e.g. email, telephone numbers), Meta/communication data (e.g. device information, IP addresses).
For more information, please refer to the Privacy Policy of the two hosts:
- Apple App Store: https://www.apple.com/legal/privacy/de-ww/
- Google Play: https://policies.google.com/privacy
Firebase
Secured access to the PUI is facilitated by using Firebase for mobile (Android, IOS) or browser. Agreement from the end-user is required to create an account and get access to the PUI. Without it, no access will be given to the PUI.
Firebase does not precise in which country the service provide stores the data. However, it specifies that the servers are located in regions that comply with the GDPR (European Union, UK, Switzerland, US). It mentions that Firebase may process and store the data anywhere Google or its agents maintain facilities. Potential facility locations vary by service but always in compliance with the Standard Contractual Clauses for relevant data transfers (SCC) from the European Union on last 04/06/2021 that Google agreed. See link Firebase: Standard Contractual Clauses (google.com)
Stripe
Parkstory uses Stripe, as payment solution, to collect e-charging and / or parking fees.
- Transactions made in Europe are processed in Ireland and the United Kingdom with the support of entrusted Sub-Processors and Service Providers.
- Stripe acts as an intermediary between Parkstory and the user’s bank.
The PUI just sends a transaction number to Stripe with the email of the end-user and the amount to be paid. When the payment is validated, Stripe sends back the same transaction ID with the payment confirmation.
The use of Stripe as third-party payment solution requires the acceptance of their conditions. These are not defined by / customized for Parkstory.
Banking information (BIC, IBAN) are not stored in the Parkstory solution. Transactions are carried out by means of secured authorisation between the user and the payment service provider, outside the PUI.
3 – Parkstory Users Interface
The PUI is available in two forms. Access depends on professional or private use of Parkstory car facilities:
- Mobile application, specially designed for drivers to access to the parking. The app mainly contains data maintained by the user him/herself (identity, personal vehicles, reservations), and offers reduced functionality to the parking and some additional features granted by the operator.
- Management Web portal for Back Support Users (Parkstory admins, Holding managers, Facility managers, User groups and / or Fleets admins). Access to management functions is limited according to manager profiles. If a driver is invited to join an users group, he / she will be also able to access the portal to consult his / her data.
Data entered from either form of the PUI is stored in a common database. BSU has access to user data only for the purpose of supporting and managing the parking activity.
4 – Data
A – Nature of the private collected data
The PUI collects the following private information:
DATA | REASON / USE | VISIBILITY |
Name / Surname |
The truthfulness of the information given by the user is not verified. Due to the existence of a Parkstory community, users are asked to record their real names. This means that the use of pseudonyms is not permitted. Only the first name and the first letter of the surname are displayed on the parking screens when entering, dropping off and collecting the vehicle. |
App Portal Parking |
Email address |
Authenticates user / Primary ID key When an account is created, a confirmation email is sent to the registered address to ensure its authenticity. |
App Portal |
Phone | Support users |
App Portal |
Disability / priority | Directs driver to an adapted for disability lounge facility |
App Portal |
Main language | Displays the user’s language on the parking screens |
App Portal |
Car’s license plate | Speeds up entry to the car park by automatic vehicle recognition |
App Portal |
Reservations and payment history | Information for end-users is visible for 2 months then no more visible. | App |
B – Security
Encryption
Microsoft Azure encrypts data at rest using AES-256 encryption keys. Some resources that do not qualify for this method are secured with similar mechanisms, which does not allow for potential intruders to see in clear the full content of the information.
Microsoft Azure encrypts data in transit using TLS encryption.
Authentication
The access to the app or management portal is secured through a login (mail address) / password. While creating an account, a mail is sent to the user to validate the account creation before accessing for the first time to the PUI and ensure about the user commitment.
User profiles
The PUI integrates several types of user profile depending on the parking. Access rights and restrictions on these profiles are managed from the portal. The PUI counts 6 profiles:
End-users (EU) | Parking users, main users of the mobile app |
Group Admins (GA) | End-users with advanced functionalities for managing user groups through the mobile app and the web portal. |
Local Admin (LA) |
Users appointed by customers in charge of supporting end-user accesses: § Manage user groups and fleets (memberships and access validity) § Supervise parking activity through Dashboard § Allocated parking places management (fixed places for visitors and / or staff) |
Facility Manager (FM) |
Local parking operator, responsible for the whole facility management and technical support: § Activate new customers and accesses (local administrators) § Allocate a fixed amount of parking places available for each customer Appoint the local admins and the facility managers |
C – Retention
See section about User rights
D – Outputs
QR codes
The solution generates QR codes to get access to the car facility and to identify a user. The QR code contains limited info related to the holder, such as end-user´s surname and the first letter of his / her name and his / her user group.
Cookies
Cookies simplify the Web portal access. The first time the user will access to the management portal, an authorisation to create the cookies on the user’s computer is requested. User can accept or refuse them.
Log files
The PUI collects data on every access to the server (so-called server log files). The server log files may include date and time of access, data volumes transferred, notification of successful access, browser type and version, the user’s operating system, and, as a rule, IP addresses and the requesting provider.
Logs are kept locally for 6 months before being automatically purged.
5 – User rights
A – Consent
Agreement
The user accepts the collecting / recording of basic data limited to his/her identity, vehicle attributes and the use of the facilities.
He / she also authorizes the archiving of their data as part of the operation of the car facilities and the possible use of their usage data mainly for support operations.
When opening the account, a confirmation in the form of checkmarks is necessary for approving the creation of the account and the operation conditions.
Revocation
End users of the PUI may revoke their consent at any time from the application. As soon as the user declines his / her agreement for the operational part, the impossibility of using his / her data no longer makes it possible to supervise the activity of the facilities. He / she is then asked to confirm the closure of his / her user account. There is however one exception: the account removal will be effective only if no paid service remains due.
B – Right to be forgotten
The “right to be forgotten” concept is to delete all information relating to a user’s identity either at their request or after a defined period of inactivity. However, this removal must not affect the operation of the parking.
The PUI integrates the right to be forgotten in two forms:
- The integration of an automatic procedure when inactivity is detected on the account after a predefined period of time.
- The possibility given to the end user to delete their account at any time.
Automatic procedure
The automatic procedure is based on two-stages: anonymization (archiving) of data to guarantee visibility of car park operations after 2 years, followed by definitive deletion of archived data after 5 years.
Anonymization guarantees data integrity:
- Closed subscriptions are archived and no longer linked to a user account
- Personal account data is encoded and made inaccessible to any user
Manual procedure
The PUI enables the connected end-user to delete his / her own account. A delete button is accessible directly in the user profiles. Its activation leads to the deletion of:
- All personal data and private fleet(s)
- All memberships from user groups / fleets and grants
- All subscriptions
- The permanent closure of your account
Deletion is not possible if:
- Paid services are still due (subscription, electric charging).
- The vehicle is still present in the parking.