MPLA Service Data Processing and Privacy Guidelines

Data protection declaration for the operation of the MPLA application

This privacy statement was last updated on 19th of May 2023 and applies to citizens and residents of the European Economic Area and Switzerland.

This privacy statement explains how we handle the information we collect about you through web https://www.mpla.io and the MPLA mobile applications (together as „applications“ and each separately as „application“). We encourage you to read this privacy statement carefully. We comply with the requirements of data protection legislation when processing data. This means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this through this privacy statement;

  • we endeavour to limit the collection of personal data to personal data necessary for legitimate purposes;

  • where we require your consent, we will first seek your explicit consent to process your personal data;

  • we take appropriate security measures to protect your personal data and require them from parties who process personal data on our behalf;

  • we respect your right to access, correct or delete your personal data at your request.

If you have any questions or want to know exactly what data we hold about you, please contact us.

Purpose, data and retention period

We may collect or receive personal information for a number of purposes related to our business activities, which may include the following: Contact – via telephone, post, email and/or web forms – to inform you about application related news or new services.

We use the following information for this purpose:

  • Email address: The basis on which we may process this data is: Performance of an application service contract to which you are a party, i.e. in compliance with the Article 6(1)(b) of the GDPR.

  • Retention period: We retain this data until the service rendered by the application is terminated.

  • Sharing with other parties: We only share or provide this data to processors for the following purposes: Processors

Cookies

Our website uses cookies. For more information about cookies, please see our Cookie Policy.

Security

We are committed to the security of personal information. We take appropriate security measures to limit the misuse of personal information and unauthorised access to it. This ensures that only necessary persons have access to your data, that access to your data is protected and that our security measures are regularly reviewed.

Third party websites

This privacy statement does not apply to third party websites linked to our website. We cannot guarantee that these third parties process your personal data in a reliable or secure manner. We encourage you to read their privacy statements before using these websites.

Changes to this privacy statement

We reserve the right to make changes to this privacy statement. We encourage you to check this privacy statement periodically to familiarize yourself with any changes. In addition, we will proactively inform you whenever possible.

Access to and modification of your data

If you have any questions or want to know what personal information we have about you, please contact us. You can contact us using the information below. You have the following rights:

  • You have the right to know why your personal data is needed, what happens to it and how long it will be kept.

  • Right of access: You have the right to access your personal data that we know about.

  • Right to rectification: You have the right to complete, correct, have deleted or block your personal data at any time.

  • If you give us consent to process your data, you have the right to withdraw that consent and have your personal data erased.

  • The right to transfer your data: you have the right to request all your personal data from the controller and to transfer it in its entirety to another controller.

  • Right to object: you can object to the processing of your data. We will comply with this if there are no legitimate grounds for the processing.

Please ensure that you always clearly state who you are so that we can be sure that we do not alter or delete the wrong person’s data.

Making a complaint

If you are unhappy with the way we handle (a complaint about) the processing of your personal data, you have the right to lodge a complaint with the Data Protection Authority.


Processing of personal data

INFORMATION FOR DATA SUBJECTS ON PROCESSING WHEN PROVIDING PARKING SERVICES

on the processing of personal data within the meaning of Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter referred to as "GDPR")

PERSONAL DATA PROCESSOR

The processor of your personal data and the operator of this application is the company EasyPark Czechia s.r.o., registered office at Pernerova 697/35, Karlín, 186 00 Prague 8, ID No. 14106477, registered in the Commercial Register maintained by the Municipal Court in Prague under file No. C 360662 (hereinafter referred to as "EasyPark Czechia").

CONTROLLERS AND OTHER PROCESSORS OF PERSONAL DATA

In addition to EasyPark Czechia, your personal data is processed by the relevant controllers and possibly other entities to which your personal data may be disclosed, depending on the city or locality where you park. Below you will find an overview of the controllers and other potential processors, which are:

For the City of Prague:

  • Controller: City of Prague

  • Processors: Technická správa komunikací hl. m. Prahy, a.s., Řásnovka 770/8, Staré Město, 110 00 Prague 1, IČO 03447286; ALTRON Business Solutions, a.s., sídlem Novodvorská 994/138, Braník, 142 00 Prague 4, IČO 24230031; for itego a.s., sídlem Bílkova 6/8, Josefov, 110 00 Prague, ID 24230031; ELTODO, a.s., sídlem Novodvorská 1010/14, 142 00 Prague 4, ID 45274517; CORTEC s.r.o., sídlem at Na Groši 1344/5a, 102 00 Prague 10, ID 26725533 for Iterait a.s., sídlem Hybernská 1034/5, Nové Město, 110 00 Prague, ID 07405821

  • Other Entities: Prague City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the Statutory City of Brno:

  • Controller: Statutory City of Brno

  • Processors: Brněnské komunikace a.s., Renneská třída 787/1a, 639 00, Brno – Štýřice, IČ 607 330 98, DIČ CZ607 330 98; ALTRON Business Solutions, a.s., Novodvorská 994/138, Braník, 142 00 Prague 4, IČO 24230031; RDT s.r.o., Biskupcova 1762/78, 130 00 Prague 3, IČO 27583104

  • Other Entities: Brno City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the City of Břeclav:

  • Controller: City of Břeclav

  • Processors: FT Technologies, a.s., U sokolovny 253, 783 14 Bohuňovice, IČO 26833620

  • Other Entities: Břeclav City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the City of Kolín:

  • Controller: City of Kolín

  • Processors: Spel a.s., Třídvorská 1402, 280 02 Kolín, IČO 00473057

  • Other Entities: Kolín City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the Statutory City of Liberec:

  • Controller: Statutory City of Liberec

  • Processors: FT Technologies, a.s., U sokolovny 253, 783 14 Bohuňovice, IČO 26833620

  • Other Entities: Liberec City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the City of Příbram:

  • Controller: City of Příbram

  • Processors: FT Technologies, a.s., U sokolovny 253, 783 14 Bohuňovice, IČO 26833620

  • Other Entities: Příbram City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the Statutory City of Zlín:

  • Controller: Statutory City of Zlín

  • Processors: Incinity, s.r.o., Hasičská 397, 763 02 Zlín – Louky, IČO 04613376

  • Other Entities: Zlín City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

For the City of Trenčín (Slovakia):

  • Controller: City of Trenčín

  • Processors: FT Technologies, a.s., U sokolovny 253, 783 14 Bohuňovice, IČO 26833620

  • Other Entities: Trenčín City Police and other public authorities or individuals to whom the controller is obliged to provide personal data by law.

SCOPE OF PERSONAL DATA PROCESSING

We only process the data that we strictly need in order for you to be able to use the parking services you are interested in. However, this only includes the registration number of the vehicle (without verification) and the e-mail contact address (also without verification). This personal data is processed in relation to a specific parking session. We also process data about the means of payment you use, but only in tokenised (i.e. incomplete) form.

PURPOSE OF PROCESSING PERSONAL DATA

The purpose of the processing of personal data is primarily to issue, record and manage parking permits in the context of the operation of paid parking zones. EasyPark Czechia processes your personal data to ensure payment for the issuance of a parking permit and in terms of internal processes to comply with the obligations arising from the relevant legislation.

STORAGE OF PERSONAL DATA

We retain personal data for as long as necessary to provide our services or for other necessary purposes, in particular to comply with our legal obligations and contractual commitments.

Due to tax regulations, we are obliged to keep tax documents and records with the relevant data for 10 years from the end of the tax year in which the transaction took place. Exceptionally, for example in the case of litigation, your personal data may be processed for a longer period of time, in particular due to the statute of limitations.

METHOD OF PROCESSING PERSONAL DATA

Personal data will be processed manually by employees or other persons under contract with EasyPark Czechia, as well as by automated means, however we do not use automated decision-making that may affect your rights.

SECURITY OF PERSONAL DATA

For more information on how EasyPark Czechia secures your personal data, please click here.

LEARNING

The provision of personal data is voluntary. Failure to provide personal information is a barrier to the issuance of a parking permit. You have the right: (i) to request the controller to provide you with information about the processing of your personal data; (ii) for the controller to correct inaccurate personal data concerning you without undue delay and, taking into account the purposes of the processing, to complete incomplete personal data, including by providing a supplementary statement; (iii) for the controller to delete personal data concerning you without undue delay, and the controller is obliged to delete the personal data without undue delay if one of the grounds under Art. 17 of the GDPR; (iv) the controller to restrict the processing of personal data in the cases set out in Article 18 of the GDPR; (v) to obtain the personal data concerning you that you have provided to the controller in a structured, commonly used and machine-readable format and the right to transfer such data to another controller in the cases set out in Article 20 of the GDPR.

If you believe that there has been a breach of the law in relation to the protection of your personal data, you have the right to lodge a complaint with a supervisory authority. The supervisory authority in the Czech Republic is the Office for Personal Data Protection.

Contact details

  • EasyPark Czechia s.r.o.
    Pernerova 697/35, 186 00 Praha - Karlín

  • Phone for MPLA Service: +420 734 204 320

  • E-mail for MPLA Service: info@mpla.io