This privacy statement governs the processing of personal data by Park & Fly Eindhoven B.V., Luchthavenweg 67b, 5657 EA Eindhoven, registered with the Netherlands Chamber of Commerce under number 17234885, ‘the Controller’ herein, also referred to below as ‘us’ or ‘we’ or ‘Park & Fly’. If you visit our website, or purchase any of our products or services, we will process your personal data. We do this to provide you with as much assistance as possible and to achieve our goals.
In this statement we explain the purpose for which, and manner in which, we process your personal data and how you can exercise control over this.
What do we do?
Park & Fly operates car parks around Eindhoven Airport and offers parking facilities via the internet at various airports in the Netherlands and Germany.
We communicate with partners, customers, and our network, for example, by means of newsletters, social media, and websites. Via these marketing channels, personal data such as names, e-mail addresses and browsing history is collated to enable us to provide you with the best information possible about the services of Park & Fly.
What personal data do we process?
Personal data is information that identifies your personal identity and tells something about who you are. We ‘process’ this data when we store it, access it, share it, forward it, or delete it, etc. If you enter into a contract with Park & Fly and/or register yourself to receive e-mails or request quotations or other information via the website or possibly by telephone, we will ask you to complete your company information and/or contact details.
We can also combine the information that you yourself provide on our website or over the phone with already obtained information and information that we obtain automatically from using cookies and other technical means, subject to your consent. For example, we can obtain your IP address, your browsing history on our website, the operating system you use, or what you download from the site. In other words, all information that we can connect with you, even indirectly.
The actual personal data that we process is:
• Telephone number
• E-mail address
• Contact history
• Browsing history
• If you receive e-mails from us, we will record your interactions (website visits and clickstream data)
• Invoicing and payment data
We do not process special personal data such as creed or religious belief, race, political or sexual preferences, criminal-law data, trade-union membership, or biometric/genetic or medical history without your express permission.
Why do we process your personal data?
Our goal is to supply you with products and/or services, so we use your personal data primarily to communicate with you and identify you. This means that we use this data for the purposes of drawing up the contract you enter into with us, such as the processing of financial data when you pay for a product, the creating and updating of an account, or if you wish us to telephone you about any question about any service that we supply. The legal basis for this is set out in Article 6 (1) (b) of the General Data Protection Regulation (the GDPR).
In addition, for the purposes of our marketing activities, we will also use your personal data if we consider this could be relevant to you as our customer. For example, we could target our offers and advertisements to you on the basis of your interests as far as you have disclosed these to us, or so that you can participate in promotions or events. We can also use it for sending newsletters and for social media purposes. The legal basis for this is set out in Article 6 (1) (f) of the GDPR.
Lastly, it is possible that we are under a legal obligation to process your personal data. For example, we will process financial data to comply with our accounting obligations. The legal basis for this is set out in Article 6 (1) (c) of the GDPR.
We may send you newsletters by e-mail relating to the products and services you have previously bought from us. In the event that we would like to contact you about other products or services, we would first ask your permission for this. You can withdraw any such permission at any time by checking the ‘opt-out’ box at the end of the newsletters. Your e-mail address will then be placed in a separate list so that we know that you do not wish to be contacted by e-mail.
Obligation to supply data
If we ask you to supply personal data we will inform you each time whether it is necessary or mandatory for you to supply this data and what the consequences, or potential consequences, will be if this information is not supplied. This is always on the basis that Park & Fly does not process more personal data than is necessary for the purposes described above.
Exchange with third parties
We never supply, sell, or lend your personal data to third parties unless we are required to supply it by law, or if you have given your permission for this. To provide our services we engage service providers. These are not ‘third-party recipients’ but ‘processors’. These processors do not use this data for their own purposes and they process personal data only in compliance with the instructions from Park & Fly.
The processors that we engage are:
NAME - DESCRIPTION OF PROCESSING
MailChimp - E-mail marketing software which stores personal data and sends personal e-mails.
Office 365 – Collection of internet services within which personal data is exchanged. This data is then deleted from the service.
Google Analytics - Google Analytics is a Google service that enables statistics from a website to be collated and then reproduced in detail.
Online Success - Lead marketing software by which website visits can be supplemented with commercial data on the basis of an IP address.
Parkres – Booking system
Cardgate - Online payment system
Kiyoh – Independent customer evaluation
SMS services - SMS service
Trengo – Customer communications via live chat
Data within/outside the EEA
[WITHIN/OUTSIDE] Your personal data could be processed by us, or by the service providers we engage, both within the EEA and outside. Currently, data is processed in the following countries: the United States of America and the Netherlands. For these countries we have agreed separate security measures to ensure that your personal data is secure in both countries.
Automated decision-making and profiling
Park & Fly does not utilize automated decision-making and/or profiling.
We do not store your personal data for longer than necessary for one of the purposes described above. Under the law there are different storage periods, but you may assume that after two years following your last contact with Park & Fly all your personal data will be deleted insofar as there is no further necessity to process it. We may choose to anonymize the data rather than delete it if this is needed, example, for our statistical analyses.
Securing of personal data
Park & Fly has adopted appropriate technical and organizational measures to secure personal data against loss or any other form of unlawful processing, including:
• Our website and software is SSL certified which means that visitors and users are guaranteed that data, including personal data, is sent via browsers via https, which ensures that the data is coded and secured. SSL (Secure Sockets Layer) is also used, for example, for online transactions (with credit cards).
• Park & Fly has adopted extensive measures covering the procedure to be followed in the case of a data breach. But even more importantly: it has various technical and organizational measures in place to prevent any data breach. We employ reliable systems to comply with privacy legislation regarding the sending of e-mails. We have also entered into data processor contracts with our suppliers. The booking system within which we store the personal data of our customers also complies with privacy legislation and we do not store more information than is necessary. Our website is managed by a reliable hosting party and we ensure there are regular updates of the booking system we use.
If we process any of your personal data you have the right to exercise control over this processing as part of your right to privacy. For example, you may request access to the personal data pertaining to you that we have stored, and we can rectify this data for you if you notice a mistake. We can also grant your request to object to, or erase, personal data if the processing is no longer justified, or our manner of processing not justified.
Whatever your request, please contact us and we will assist you free of charge. Our contact details are set out below. Please bear in mind that we cannot always comply with a request because our processing of the personal data may be necessary where, for example, we have not yet finalised the contract, or if we are required under national legislation to store any financial data. In such cases the burden of proof lies with Park & Fly and we will explain to you why we are under any such obligation. In cases where you withdraw your consent to, or object to, direct marketing, we will always comply with such a request. Finally, you have the right to have your data transferred provided that this is technically feasible and we are not faced with a disproportionate cost in carrying out this request.
Finally, we would like to make clear that our role as ‘Controller’ requires us to verify the identity of any person making such requests, and we can therefore ask you for further information. In any event we will respond to every request within four weeks.
Park & Fly reserves the right to make changes to this privacy statement from time to time. Any changes will be implemented on this page. The most recent changes were implemented on 21 June 2018. These changes are announced on our website. Park & Fly can process your personal data for new purposes that have not yet been disclosed to you. In such a case, we will contact you before using your personal data for such new purposes, to notify you of the changes for protecting personal data, and to give you the opportunity to refuse permission for such processing.
Park & Fly Eindhoven BV.
5657 EA Eindhoven
General contact number: 040-2350273