)
Introduction
This page contains information about the General Data Protection Regulation (2016/679) (GDPR) and how EasyPark handles personal data.
What is GDPR?
GDPR is a regulation adopted by the EU to harmonize rules for the processing of personal data across the EU/EEA. GDPR specifies requirements for companies and organizations that handle personal data and establishes rights for individuals.
What constitutes personal data?
Any information related to a natural person that can be used to directly or indirectly identify the person is considered personal data, such as names, photographs, phone numbers, email addresses, vehicle registration plates, and GPS coordinates.
What is a data subject?
A data subject is a person to whom the personal data relates.
What is a data controller?
A data controller is a person (either alone or with others) who determines the purposes and means of processing personal data.
What is a data processor?
A data processor is a physical or legal person, public authority, agency, or other body that processes personal data on behalf of the data controller.
Are there specific rules businesses must follow to ensure compliance?
Article 5 of the EU GDPR stipulates that personal data must be:
Processed lawfully, fairly, and transparently
Collected for specified, legitimate, and explicit purposes
Adequate, relevant, and limited to what is necessary
Accurate and kept up to date. Only for as long as necessary, and not longer
Processed in a manner that ensures appropriate security of personal data
Does GDPR apply in countries outside of the EU/EEA?
GDPR applies not only to organizations located in the EU/EEA but also to businesses and organizations located outside of the EU, if they offer goods and services to EU/EEA citizens and thus process personal data. Therefore, GDPR applies to any company or organization that processes personal data of data subjects residing in the EU or EEA, regardless of the company's location.
How does EasyPark handle my personal data?
For further information on how EasyPark processes personal data, please refer to our privacy policy.
What security measures has EasyPark implemented to protect personal data?
EasyPark has implemented an Information Security Management System (ISMS) in accordance with ISO 27001. Additionally, EasyPark has appointed a responsible person for information and IT security and established internal controls as part of the ISMS.
Does the data subject need to give consent to the data controller?
A business or organization must have legal grounds to process a person's personal data. A legal ground for processing personal data is, for example, that processing is necessary to fulfill a contract with the data subject, to fulfill a legal obligation, or if the data subject has given consent to the processing. The data subject must be informed about how their personal data is processed and, where applicable, consent must be obtained for processing. A full description of EasyPark’s processing of your personal data and the legal grounds for processing can be found in EasyPark's privacy policy.
Does EasyPark use suppliers who process personal data?
Yes, EasyPark contracts with suppliers who perform services for EasyPark. EasyPark has entered into data processing agreements with all suppliers who process personal data on behalf of EasyPark.
DPO contact information
Contact details for our Data Protection Officer (DPO): dpo@easypark.net