GDPR Compliance
Last updated:
At Parklist, we are committed to protecting your personal data and respecting your privacy. This GDPR Compliance Statement explains how we comply with the General Data Protection Regulation (EU 2016/679) and the rights you have as a user.
1. Data Controller
Parklist acts as the “data controller” for personal data collected through our website, mobile application, and related services. This means we determine the purposes and means of processing your personal data.
2. Legal Basis for Processing
We process personal data only when we have a lawful basis under GDPR, including:
- Consent – when you voluntarily provide information or agree to marketing communications.
- Contract – when processing is necessary to provide services you have requested (e.g., booking parking).
- Legal obligation – when required to comply with tax, accounting, or regulatory requirements.
- Legitimate interests – when processing is necessary for our operations and does not override your rights (e.g., fraud prevention, service improvements).
3. Data We Collect
- Account details (name, email, phone number)
- Booking and payment information
- Communication history with our support team
- Technical data (IP address, browser type, device info)
4. Your Rights Under GDPR
As a user located in the European Union (EU) or European Economic Area (EEA), you have the following rights:
- Right of access – request a copy of your personal data we hold.
- Right to rectification – correct incomplete or inaccurate data.
- Right to erasure – request deletion of your data (“right to be forgotten”).
- Right to restriction – limit how your data is processed.
- Right to data portability – receive your data in a structured, commonly used format.
- Right to object – object to processing based on legitimate interests or direct marketing.
- Right to withdraw consent – withdraw consent at any time without affecting prior processing.
5. Data Security
We implement appropriate technical and organizational measures to protect your data from unauthorized access, loss, misuse, or disclosure. These include encryption, secure servers, and access controls.
6. Data Retention
We keep your personal data only as long as necessary to provide our services and fulfill legal obligations. When no longer needed, data is securely deleted or anonymized.
7. International Data Transfers
If we transfer personal data outside the EU/EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses or equivalent legal mechanisms.
8. Third-Party Processors
We may share personal data with trusted service providers (e.g., payment processors, IT hosting providers) under GDPR-compliant agreements to ensure data protection.
9. Contact & Complaints
If you have questions about how we handle your data or wish to exercise your rights, please contact us at:
If you believe your rights under GDPR have been violated, you have the right to lodge a complaint with your local Data Protection Authority (DPA).
10. Updates to This Statement
We may update this GDPR Compliance Statement from time to time. We encourage you to review it regularly for changes.