)
Introduction
On this page, we have gathered information about the General Data Protection Regulation (GDPR) (2016/679) and how EasyPark processes personal data.
What is GDPR?
GDPR is a regulation adopted by the EU to harmonize personal data processing rules across the EU/EEA. It outlines the requirements for businesses and organizations processing personal data and defines individuals' rights.
What qualifies as personal data?
Any information related to an individual that can directly or indirectly identify them is considered personal data. Examples include names, photos, phone numbers, addresses, emails, car license plates, and GPS coordinates.
What is a data subject?
A data subject is an individual whose personal data is being processed.
What is a data controller?
A data controller is a person or organization that (alone or jointly with others) determines the purposes and methods of processing personal data.
Are there specific rules companies must follow to ensure compliance?
Article 5 of the EU GDPR states that personal data must be:
Processed lawfully, fairly, and transparently
Collected only for specified, explicit, and legitimate purposes
Adequate, relevant, and limited to what is necessary
Accurate and kept up to date, stored only for as long as necessary
Processed in a way that ensures appropriate security
Does GDPR apply outside the EU/EEA?
GDPR applies not only to organizations within the EU/EEA but also to businesses and organizations outside the EU/EEA that process personal data. This means GDPR applies to any company handling the personal data of individuals residing in the EU/EEA, regardless of where the company is based.
How does EasyPark process my personal data?
For more details on how EasyPark handles personal data, please refer to our Privacy Policy.
What security measures has EasyPark implemented to protect personal data?
EasyPark has implemented an Information Security Management System (ISMS) in compliance with the ISO 27001 standard. Additionally, EasyPark has appointed a Chief Information Security Officer and established internal controls within the ISMS framework.
Does a data subject need to give consent to the data controller?
A company or organization must have a legal basis to process an individual's personal data. A legal basis can include the necessity to fulfill a contract with the data subject, compliance with legal obligations, or obtaining the data subject's consent. The data subject must be informed of how their personal data will be processed, and if consent is required, it must be obtained. A complete description of EasyPark’s data processing and legal basis can be found in EasyPark’s Privacy Policy.
Does EasyPark use third-party providers to process personal data?
Yes, EasyPark has contracts with providers that perform services on behalf of EasyPark. All providers processing personal data for EasyPark have signed a Data Processing Agreement (DPA).
Contact Information for the Data Protection Officer (DPO)
For any privacy-related inquiries, you can contact our DPO at dpo@easypark.net.