Our privacy commitment to you includes ensuring the accuracy, confidentiality, and security of your Personal Data and allowing you to request access, to correct, or to erase your Personal Data. Please note that in order to offer our Services, your Personal Data will be transferred to Canada and to certain merchant service providers for processing.
SPECIAL NOTICE REGARDING CHILDREN
Our Services are not directed to people under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with Personal Data without the proper consent, please contact us at firstname.lastname@example.org and we will take steps to remove such information and terminate the account, as necessary.
1. Who processes your information?
The primary processor of your personal data is PayByPhone Technologies Inc. (“PayByPhone Inc.”) incorporated in Canada, irrespective of the country in which you reside or from which you provide Personal Data.
PayByPhone Inc. is subject to Canadian privacy laws, including the Canadian Personal Information Protection and Electronic Documents Act ("PIPEDA") and British Columbia’s Personal Information Protection Act (“PIPA”). PIPA, which came into effect on January 1, 2004, sets out the ground rules for how British Columbia businesses and not-for-profit organizations, like PayByPhone Inc. may collect, use and disclose Personal Data. The United Kingdom Data Protection Act 1998 (“DPA”) and the General Data Protection Regulation (“GDPR”) set out similar ground rules for the United Kingdom and Europe. PayByPhone is committed to complying with PIPEDA, PIPA, DPA and GDPR (“Data Protection Laws”). Collectively, PayByPhone Inc., PayByPhone Limited and PayByPhone Pty. Ltd. are referred to as “PayByPhone”.
2. What information is being processed?
PayByPhone collects data to offer you Services. We only collect and process Personal Data that is required to help you create an Account or for us to offer the very best Services possible.
You provide some of this information directly when you create an Account, use the PayByPhone Service, or when you contact PayByPhone for support. Some of that information includes:
- Mobile phone number
- Vehicle license plate
- Billing information (such as bank cards and expiry dates) (NOTE: We do not store CVV/CVV2 security numbers on our servers.)
- Postcode/zip code
- Transaction data
- Customer support issue
We do collect some sensitive Personal Data, in certain circumstances including:
- Professional affiliations membership
You may also voluntarily offer certain information to obtain a better service from us such as:
- Type of vehicle
- Communication preferences
We also collect certain data indirectly when you interact with PayByPhone’s Services by using technologies like cookies, error messages or usage data from our software interacting with your device and various software, including:
- IP address and information about the device you use to access the Services
- Media Access Control (MAC) address
- Operating system name and version
- Device manufacturer and model
- Internet browser type and version
- Name and version of the App you are using
- Site traffic data
- Landing and exit page
- Tracking your session between pages of the Site to provide a continuity of experience
Please see our Cookies Policy for more information.
We also sometimes obtain data from third parties (including parking operators, payment facilitators, and hardware/software manufacturers). For example, when you register a credit card or debit card with us to use the Service, we will use card authorisation and fraud screening services to verify that your card information matches other information that you may supply to us, and that the card has not been reported as lost or stolen.
3. Why is your information being processed?
We process your information so that we can offer you our Services and communicate with you.
When we process your Personal Data in relation to our Services (including for our records, dealing with customer requests, providing customer services, administration, statistical analysis, assessing financial standing, recovery and collection of debts, dealing with regulatory and compliance issues, transfer of the PayByPhone business, security messages, informing you of the end of your parking session, processing payments, sending you receipts of Transactions) we rely on the lawful basis of having a contractual relationship with you.
When we process your information to communicate with you (including notifying you of our promotions, newsletter, details of events occurring in localities in which you have had a parking Transaction, vehicle or road use related services and security messages; targeted advertising and marketing of services), we rely on the lawful basis of consent to process your Personal Data and we are committed to obtaining that consent in a legitimate way.
Your consent can be provided orally through an authorized representative or it can be provided by you directly in the App or on the Site. You will be asked specifically if you would like to opt in to each of these communications and you can choose whether to receive some, all or none of these communications.
You will always have the right to remove your consent from any such processing subject to certain allowable exceptions (e.g., the Personal Data is necessary to provide the service or product, or the withdrawal of your consent would frustrate the performance of a legal obligation) (more on this below) at any time thereafter, by logging in to your Account, on the Site, in the App or by calling Customer Support to change your preferences. You will be given an opportunity to unsubscribe each time we communicate with you. Note that your decision to withhold or withdraw your consent to certain uses of Personal Data may restrict our ability to provide a particular service or product.
Subject to Data Protection Laws, we may collect, use or store Personal Data without your consent in the following limited circumstances:
- As instructed by local authorities in emergency situations that threaten an individual's life, health, or personal security such as emergency warnings for tsunami or earthquakes.
- When the Personal Data is available from a public source (e.g. a telephone directory).
- To protect ourselves and other users from fraud.
- To investigate an anticipated breach of an agreement or a contravention of law.
- When such collection, use or disclosure of Personal Data is permitted or required by law.
There are times when we will process your Personal Data on the lawful basis of our legitimate interest, for example when contacting you about new product offerings and conducting customer satisfaction surveys to enhance the provision of our services. For this type of processing, we will always take into consideration the effect of such processing on your fundamental rights and freedoms, and if we believe that the communication would be an infringement on your rights, we will not proceed with that communication.
4. How is your information being processed?
We only process your Personal Data where necessary to fulfil the purposes identified herein.
Some processing associated with the purpose of providing you our Services include:
- Creating your Account.
- Operating the Service.
- Providing you with navigation services to your parking location.
- Providing you with parking information at or near you or at your location.
- Sending you notifications of the end of your parking session.
- Facilitating, processing, and keeping a record of your Transactions.
- Serving as the merchant of record for certain Transactions.
- Collecting or attempting to collect any unpaid amounts owed by you.
- Sending you the receipt for your Transactions.
- Providing you with your parking history.
- Facilitating communication between you and PayByPhone.
- Providing you customer support.
- Cooperating with the relevant authorities (for example: regarding your Parking Penalties).
- Analyzing and monitoring App and Service usage and make improvements, enhancements and customizations to your experience.
- Investigating and resolving outages, malfunctions, or problems that you may be having with our App or Services.
- Ensuring the security of the App and Services, preventing fraud, and enforcing our policies.
- Complying with any applicable law and assisting law enforcement agencies under applicable law.
- Working with you to terminate your Account and retaining only your Personal Data when we are required to retain such information by law or pursuant to our other agreements.
- Responding to any dispute, or legal proceeding of any kind between you and PayByPhone.
- Providing required reports to our financial partners or service providers.
- Performing other activities with your consent.
Some processing associated with the purpose of communicating with you include:
- Sending you updates, notices, announcements, and additional information related to our Services.
- Conducting surveys, contests, questionnaires, discounts or rewards programs, sweepstakes, or promotions for ourselves.
- Sending you marketing, advertising material, and other content and provide you with information and advertisements about offers, discounts and other services relevant to you, or that we believe you may find interesting.
- Sending you updates, notices, announcements, and additional information related to other products and services or those of our Affiliates or those of other third parties.
- Conducting surveys, contests, questionnaires, discounts or rewards programs, sweepstakes, or promotions on behalf of our Affiliates or third parties.
6. With whom is your information being shared?
We will never use or disclose your Personal Data for any additional purposes unless we have a lawful basis to do so.
We will not sell, rent, license or exchange your Personal Data customer lists or your Personal Data to other parties outside of PayByPhone, except as otherwise provided herein.
No Personal Data will be shared with third party advertisers or partners without your permission, except as otherwise provided herein.
PayByPhone is required to share some of your Personal Data with third parties in order to offer the Services to you, including:
- Sending your vehicle information to parking operators and parking enforcement agencies to confirm your parking sessions.
- Sending some information to third party service providers that help us to operate our Services including but not limited to: website hosting, data warehousing, data analysis, event logging, information technology, customer service, user analytics, email delivery, messaging, auditing, debt collecting.
- Sending your credit or debit card payments to our payment processors.
- Sending some information to police, security forces, competent governmental, intergovernmental or supranational bodies, competent agencies, departments or regulatory, self-regulatory authorities or organisations or other third parties that we in good faith believe it is appropriate to cooperate with in relation to investigations of fraud or other illegal activity or potential illegal activity, or to conduct investigations of violations of our Service Terms and Conditions.
- Sending some information to auditors in connection with independent audits of our financial statements and operations. However, these auditors cannot use personally identifiable information for any secondary purposes.
- Sharing your Personal Data with a potential purchaser of PayByPhone (or the majority of its assets), or a merger, reorganization, or internal acquisition.
- Sending information to our Affiliates, including for example members of the Volkswagen Group, as allowed by law. Any Personal Data relating to you that we provide to our Affiliates will be treated by those Affiliates in accordance with this Policy and we are responsible for the management of the jointly-used Personal Data.
- We may disclose aggregated statistical data for statistical or public relations purposes. For example, we may disclose that a specific percentage of our users drive a blue car. However, this aggregated information is not tied to personal information.
- We also share some Anonymized Data with third party partners who use the Anonymized Data to create Mobility-Related Analytics including for example, Parking Analytics & Predictive Occupancy as well as Parking Availability reports.
The sharing of your Personal Data in the cases outlined above is required for PayByPhone to offer you its Services and precautions (such as agreements with data security and protection clauses that are in line with the Data Protection Laws) and are always put in place.
7. Where is your information being transferred?
In order to provide our Services to you, we will transfer your Personal Data to PayByPhone in Canada, irrespective of the country in which you reside or from which you provide Personal Data.
The transfer of your Personal Data is done in a secure way and in compliance with Data Protection Laws.
If you are using the service in Australia, we may also transfer your Personal Data to PayByPhone Limited in the United Kingdom.
We may also transfer your Personal Data to third party suppliers to provide part of our Service to you. Some of these providers may be based in countries outside of Europe. We take steps to ensure that any third-party service provider provides adequate protection for your Personal Data by entering into agreements with them that contain data protection clauses that are in line with the Data Protection Laws.
Your personal information may be accessible to regulatory, law enforcement and national security authorities of those jurisdictions, and may be subject to disclosure in accordance with the laws of those countries.
8. How is your information kept safe?
Though data transmission over the Internet cannot be guaranteed as 100% secure, we are committed to the security of your Personal Data and have put appropriate technical and organisational protection measures in place in order to protect your Personal Data from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks.
PayByPhone undertakes that the following security measures will be followed to ensure that your Personal Data is appropriately protected:
- All Personal Data is stored electronically on an encrypted database of PayByPhone protected by a firewall.
- The PayByPhone Service is hosted in a secure server environment that uses a firewall and other advanced technology to prevent interference or outside access.
- Physical access to the database where Personal Data is stored and the servers where the PayByPhone Service is hosted is protected by 24/7 guards who only allow authorised personnel access to the database, such personnel is limited to those that need access.
- PayByPhone complies with PCI DSS Level-1 with a robust security process for payment card data and other Personal Data; including prevention, detection and appropriate reaction to security incidents.
- Parking transactions processed through our Services are encrypted using x-bit (for example 128-bit) secure sockets layer (SSL).
- PayByPhone uses appropriate security measures when destroying customers’ Personal Data such as deleting electronically stored information.
We will continually review and update our security policies and controls as technology changes to ensure the ongoing security of your Personal Data.
9. How long is your information retained?
PayByPhone will retain your data in accordance with Data Protection Laws.
If you create an Account with us or use our Services, we will retain your Personal Data (including information related to each parking session and for each of your Transactions) for only so long as is reasonably necessary to fulfil the identified purposes for which the information was collected or as required for legal purposes.
If you create an Account with us, we will retain your Personal Data as long as you have that Account. If you choose to close your Account, we will mark your Account in our database as "Closed," but may have to keep a certain amount of information in our database for as long as is required to comply with our legal obligations or 7 years, whichever is shortest.
10. What rights do you have with regards to your information?
You have the right to request access to your Personal Data and to know how PayByPhone uses your Personal Data and to whom it has been disclosed, subject to certain limited exceptions.
You can assert this right by accessing your personal Account on the PayByPhone website (currently at www.paybyphone.co.uk). You may also contact us with a Personal Data access request and we will take all reasonable steps to assist you with any legitimate request for access, but the actual control of Personal Data and other customer data will be with PayByPhone.
Any request to access Personal Data must be made to PayByPhone in writing and provide sufficient detail to identify the Personal Data that you seek.
PayByPhone will make the requested information available within 30 business days or provide written notice of an extension where additional time is required to fulfil the request. It may be the case that PayByPhone may not be in a position to respond to a data access request. If a request is refused in full or in part, we will notify you in writing, providing the reasons for refusal and the recourse available to you.
You have the right to make sure that the Personal Data that we have concerning you is accurate.
We make reasonable efforts to ensure that all of our users’ Personal Data is kept accurate and complete. If you are a registered user of our Services, we provide you with tools to access or modify the Personal Data you provided to us and associated with your Account. You may also request correction of your Personal Data in order to ensure its accuracy and completeness.
Any request to correct Personal Data must be made in writing and provide sufficient detail to identify the Personal Data and the correction being sought. If your Personal Data is demonstrated to be inaccurate or incomplete, we will, so far as practicable, and as soon as practicable, correct your Personal Data as required and send the corrected information to any organization to which we disclosed the Personal Data in the previous year. If the correction is not made, we will note your correction request in your file.
You have the right to obtain from PayByPhone the erasure of Personal Data concerning you.
At any time, you may delete your Account and uninstall the App. You may also request that PayByPhone erases the Personal Data that concerns you.
Any request for the erasure of Personal Data must be made in writing and provide sufficient detail to identify the Personal Data and the erasure being sought.
PayByPhone will respond to all requests for erasure within a reasonable amount of time or provide written notice of an extension where additional time is required to fulfil the request.
In the event that you delete your Account and the App or request erasure of your Personal Data, we will use commercially reasonable efforts to remove your Personal Data from our files, however, we may no be able to delete some of your Personal Data to the extent that such Personal Data is still necessary in relation to the purposes for which they were collected, or in relation to a legal obligation of PayByPhone and we may also retain, use, and share your Anonymized Data that we previously collected prior to your deletion of your Account.
Withdraw consent (when processing is based on consent)
As mentioned above, when PayByPhone is relying on consent as the lawful basis for processing your Personal Data, you may remove such consent at any time, example of this include:
- For certain types of SMS texts or email, you can change your preferences in your Account permissions via the settings in the App.
- For emails, you may click on the "Unsubscribe" link in the email.
- For push notifications, you can only change the setting on your mobile device.
- For Cookies on the Site, you can follow your browser’s instructions.
- For location, you can change your location access to our App using your mobile device settings.
Please note that changing your consent will change our use of your Personal Data as part of the Services which may result in a change in your experience.
Lodge a complaint
You have the right to communicate with PayByPhone about any issues that you may have relating to your Personal Data.
You may also write to the Information and Privacy Commissioner of British Columbia or the Information Commissioner in the United Kingdom.
- Account - The PayByPhone wireless parking service account opened by you on in the App, the Site or by calling our Customer Support Center.
- Anonymized Data - Anonymous, statistical, or aggregated information, on a de-identified basis (such as anonymous location information, enrollment numbers, demographic group information, etc.), in a form that does not enable the identification of a specific user.
- App - The PayByPhone mobile parking payment application and other applications that we may develop.
- Cookies - The small data files on your computer or other device which consist of cookies, pixel tags, e-tags, "flash cookies," or other local storage provided by your browser or associated applications.
- Parking Penalties - Parking fines, violations, tickets, and citations; penalties; your vehicle being wheel booted, your car being towed, or impounded; and other enforcement of vehicle parking requirements.
- Payment Information - Information, including information of any type necessary to process payments in connection with any Transaction, related to payments via the Payment Methods.
- Payment Methods - Acceptable methods of payment, including MasterCard, Visa, American Express, and Discover credit cards; PayPal; digital wallets; Apple Pay, Android Pay; debit cards; and any other payment methods accepted in the future.
- PCI DSS - PCI Data Security Standard.
- Personal Data - Information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier. Note that not all personal information that is shared with PayByPhone is considered Personal Data.
- Services - Our App, Sites, APIs, backend technologies, products, services, content, features, functions, applications, IVR System, and any future updates, changes or additions thereto.
- Site - All PayByPhone operated websites including without limitation https://www.paybyphone.com, https://www.paybyphone.fr, https://www.paybyphone.co.uk, https://www.paybyphone.ch, as well as any successors to such sites.
- Terms and Conditions – Our Terms and Conditions which are accepted and agreed to by you when you open an Account or use the Services and which govern your use of the App and Services.
- Transactions – Any time you start, pay for, complete or make a parking session transaction using our App or Services.
- Use - Utilizing our Services in any manner, including, for example, using the App, visiting the Site, calling customer service.
11. Links to other websites
Some pages on our websites include links to third party websites. These third-party sites are governed by their own privacy statements, and we are not responsible for their operations, including but not limited to their information practices. You should review the privacy statement of those third-party sites before providing them with any personally identifiable information. PayByPhone is not responsible for the processing of Personal Data on those third-party sites. We strongly advise you not to share any personal information about your Account including your account number or password on any social media site.
12. Applicable law
13. Changes to this policy
14. Further questions
If at any time you would like to contact us with your views about our privacy practices, or with any enquiry relating to your personal information, you can do so by emailing us at email@example.com.
Contact information for PayByPhone Technologies Privacy Officer:
PayByPhone Technologies Inc
1168 Hamilton Street
Privacy Officer (UK)
17A The Broadway
Privacy Officer (Australia and New Zealand)
PayByPhone Pty Ltd
69 New Street
PayByPhone is owned by Volkswagen Financial Services AG
Effective date: 2018-05-25