Privacy policy and cookies

Version 3 Date 21 May 2018

With this policy (hereinafter, the “Privacy and Cookies Policy”), the privacy and cookies policy of the web platform https://elparking.com/ (hereinafter, “the Platform”) is regulated under the ownership of ElParking Internet S.L. (hereinafter, "ElParking "), corporation with VAT Number (CIF) B37546538, and registered in the Mercantile Register of Salamanca, volume 461, book 0, folio 207 sheet S.A.-15969, 1st entry, with postal address at C/ Albacete, 3 1ª planta, Edif. Mizar 28027 Madrid, Spain, and contact email address for the purpose of this policy: privacidad@elparking.com.

1. USE, PURPOSE AND APPLICABLE LEGAL SYSTEM

The Platform is a mechanism of interaction, communication and support that ElParking offers internet users in order to offer them sufficient, legal and suitable information regarding its products, services and initiatives related to its legitimate economic and business activities, which are governed by the applicable Spanish regulations and, which concerns:

  • The core provision of information society services by the Law 34/2002, of 11 July, on information society and e-commerce services.
  • The processing of personal data, according to current Spanish and European regulations on the protection of the personal data of individuals. In particular, it shall directly apply from 25/05/2018, the (EU) Regulations 2016/679 of the European Parliament and Council, of 27 April 2016 (hereinafter, the “GDPR”), in accordance with the provisions in this regulation.

In any case, the user agrees to make appropriate and lawful use of the Platform as well as the content, products and services available through it, in accordance with the applicable legislation at all times, where applicable, the General Terms & Conditions (GTC) signed by the client and/or user and ElParking, as well as this policy.

The user is similarly obliged to adopt the necessary security measures to maintain the confidentiality of the access and verification systems established in relation to the Platform, therefore, ElParking will be released from any liability for negligence, carelessness or improper use by the user or any third party in this area.

Similarly, the user of the Platform specifically agrees to the following:

  • Guarantee the authenticity, accuracy, actuality and precision of all the data that is communicated to ElParking, making the user the sole person responsible in the contrary.
  • Use the data exclusively for the purposes and functionalities available for this purpose by ElParking, presenting such features as they are by ElParking, being forbidden for the user to use the Platform for any other purpose or means.
  • Use the Platform legally and legitimately, avoiding an unauthorised, fraudulent, illegal or illegitimate use of it and/or of the content and information available through it, avoiding infringing this policy and the applicable regulations, and to damage the legitimate rights and interests of ElParking, or of any other third party that may be affected as a result of such activity.
  • Do not damage the systems or elements associated to the Platform, its suppliers or third parties, or try to breach the security measures or authentication of them, carry out an action that may cause a disproportionate or unnecessary saturation in the infrastructure or the environment of communications related to the Web Platform and, including, the App related to it (ElParking Service App) and, overall, with the Service, attacking it in any way. ElParking will be able to adopt as many preventive or corrective measures necessary to protect its interests in order for the Web Platform, associated applications, the specific Service and features available in each case to operate properly.
  • Do not introduce or to disseminate computer viruses or malware via the Platform which is likely to cause damages.
  • Do not attempt to access, use and/or manipulate the data of ElParking, or the data under its responsibility, or that of third-party suppliers and of other users.
  • In particular, and intended to be indicative rather than exhaustive, the user agrees to not transfer, disseminate or offer third parties information, data, content, messages, that may constitute as a violation of the rights of ElParking or of third parties.
  • Access without authorisation or interact with a false identity, supplanting or not the identity of third parties or using a profile or carrying out any other action that may create confusion or mislead about the correct identification of the user in question.

2. USERS

This privacy and cookies policy is aimed at users of the Platform regarding the processing of their personal data.

Users that contract services or products available through the Platform or, where applicable, download the mobile applications (app) that may be associated to them will be subject to specific terms and conditions, as well as processing of their personal data. Therefore, before contracting any product or service of ElParking, and, including, downloading any system, platform or mobile phone application (app) associated to these, we recommend that you read the terms, conditions and legal policies related to these products and services closely, including the conditions of use and/or download the indicated systems, platforms or applications.

In any case, it is noted that this Platform is aimed at users over 18 years of age, its use being forbidden to minors.

Personal data and information that is provided by users that intend to browse or register on the Platform should be:

  • Sufficient, although adjusted, limited and provided for legitimate processing purposes informed by ElParking, with maximum respect to the principles of purpose limitation and personal data minimisation (Articles 5.1 Sections b) and c) of the GDPR).
  • Exact, updated and accurate, in order to be able to properly verify the identity, capacity and, where applicable, representation of the user concerned, as well as be able to adjust, in each case, the data processing that is done to the specific needs and the real situation of users. All of this in view of the principle of accuracy of personal data (Article 5.1 Section d) of the GDPR).

Users will be fully responsible for the proper use of their user accounts and of the passwords associated to them. If the registered user believes that the security of their account and associated passwords has been compromised they should immediately contact ElParking through the contact details available at the beginning of this policy and to report the corresponding situation or incident so that ElParking can adopt the corresponding measures that are appropriate from the moment that the communication is made by the user. All responsibility for the damages associated to an improper usage and personal management of the associated accounts and passwords will fall on the owners of these accounts, completely exempting ElParking as a result of the above.

3. RIGHT TO INFORMATION

In compliance with the current regulations protecting personal data, and taking particular account of Articles 12 to 14 of the GDPR, you are informed of the following:

  • That the person responsible for processing is ElParking Internet, S.L. https://elparking.com/ with VAT Number (CIF) B37546538, with postal address C/ Albacete,3 1ª planta, Edif. Mizar 28027 Madrid, Spain, and contact email address for the purposes of this policy: privacidad@elparking.com
  • That the personal data that users provide through the Platform will be processed for the purpose specified in this privacy and cookies policy and, where applicable, on the different data forms available on the Platform. In this regard, the collection of data through the Platform refers to the following processing purposes:
    • To enable browsing for users, allowing with it the access, including, in a customised way, to the information and to content available on the Platform, including, information on promotional or advertising campaigns aimed at contracting products and services of ElParking, or of third party companies which ElParking is related to. Such access is understood without prejudice to the onerous character of the specific content, services and products that are offered through the Platform and that the users will be able to contract if they wish.
    • Produce user/consumption profiles associated with the browsing and traffic data collected through the Platform in order to be able to offer users more suitable information, promotions or advertising to their specific preferences or interests.
    • To meet specific requests that users may make in this area.
    • To develop statistical processing, or to produce market research studies by ElParking in order to improve knowledge, including, through anonymisation or pseudonomisation, around the consumer habits and profiles of the users that browse the platform. In the event of proposing Big Data projects in this area, ElParking will adopt as many pre- and post-protective measures that are applicable in accordance with current regulations, including, the possible anonymisation of its personal data applying, for this, suitable available technologies at its disposal. Therefore, in this area, anonymisation and pseudonomisation processes will also be carried out for the best protection of your personal data.
    • To apply relevant security, technical and/or organisational measures for the personal data of users as appropriate in view of risks detected regarding their rights at all times by ElParking, including, personal data encryption and other measures that may involve certain processing of the data of the Platform's users.

In case you do not agree with these processing purposes, we urge you to immediately leave our Platform. Otherwise, for example, by accepting this policy, or simply continuing to browse the Platform, prior knowledge of the information contained in this policy, it will be understood that the user unequivocally consents to the previously informed processing purposes. In this regard, you should also refer to the provisions in Section 4 of this policy relating to the consent and the rights of users in this area.

  • That the legitimate basis for processing is, primarily, the consent of the user, in a way that, once informed of this policy, if the user accepts it, or simply continues to browse the Platform it will be understood that the user provides its unequivocal consent to the processing of its personal data for the stated purposes. Therefore, if a user does not agree with this policy or with the informed processing purposes, as already stated, the user is urged to discontinue browsing and immediately leave the Platform. In the event of a specific request or contract by users of certain content, products or services through the Platform, the main basis for processing will be that regarding the necessary application of pre-contractual measures at the request of the interested party, if it applies, or that regarding the execution of a contract in case the user finally contracts the corresponding content, product or service.
  • That, in general, the personal data of users collected through the Platform will not be disclosed to third parties without first informing the users about which specific data will be disclosed, the identity or the type of recipients of its data, of its activity and of the specific processing purposes to those which these recipients will be able to allocate its data. For this reason, we inform you that your personal data may be disclosed to third parties in the following cases and circumstances:
    • Personal data associated with specific requests from the users for further information and/or regarding the adoption of possible pre-contractual measures by third parties related to ElParking, or that may be strictly necessary for the proper contracting by the users of the content, products or services offered by such third parties through the Platform.
    • Personal data strictly needed for purely administrative and internal purposes to other companies that are part of the Group of companies which ElParking (GROUP EYSA) belongs to, in particular, Estacionamientos y Servicios, S.A.U., with registered office at Calle Cardenal Marcelo Spínola, 28016 Madrid and with VAT Number (CIF) A-28385458, http://eysaservicios.com/, having a legitimate interest in transmitting this personal data for such purposes within the aforementioned business group.

Aside from these cases, the personal data of users will not be disclosed to any other third party, unless the consent of the user has been obtained or, where applicable, any other legitimate basis for processing in accordance with Article 6 of the GDPR such as, for example, the proper fulfilment of a legal obligation by ElParking (lawfulness of the processing).

  • That, overall, no international transfers of their personal data are planned, adopting the necessary measures in this area. Notwithstanding the above, the possible transfer of their personal data for the purpose of enabling the online payment through the company Stripe Inc is highlighted which offers appropriate guarantees as it has a valid Privacy Shield certificate, which can be checked on the following link: https://www.privacyshield.gov/participant?id=a2zt0000000TQOUAA4&status=Active.
  • That, in accordance with Article 30 of the Spanish Commercial Code, if it concerns the user of a client of ElParking, after the relationship between the parties is completed, their personal data will be stored by ElParking for a period of six years. If it does not concern a client, the user's data will be stored for the time strictly necessary to allow them to properly browse, access and enjoy the content, products and services available on the Platform that it requires or visits, all of this, in line with this privacy and cookies policy and the applicable legislation in each case.
  • That they will be able to exercise their rights of access, rectification, suppression, limitation of the processing, portability of data and opposition, by writing to the email address privacidad@elparking.com with the Ref. “Exercise Rights” attaching a copy of their national identification card or equivalent identification document (passport, N.I.E, etc.). If they do not believe that their personal rights have been met, they may present a complaint to the relevant control authority, in this case, the Spanish Data Protection Agency, being recommendable that, previously, if deemed necessary, to contact for these purposes the Data Protection Officer (DPO) designated by the Group of Companies EYSA, which ElParking belongs to, and whose contact details are indicated in Section 9 of this policy.

4. CONSENT OF THE INTERESTED PARTY

By accepting this policy, the user gives their unequivocal, free and informed consent to process their personal data for the processing purposes described in Section 3 of this privacy and cookies policy. In the case of cookies, in particular section 7 of this policy should be observed.

The user will have the capacity to choose the processing and destination of their data, according to their specific interests and needs in each case, in a way that, when the processing is based on their consent, they will have the right to withdraw it at any time, although this withdrawal will not affect in any way the lawfulness of the prior processing done by ElParking. For these purposes, we remind you that you may contact us by email at any time: privacidad@elparking.com.

When the processing of personal data is for direct advertising or marketing purposes, the user will have the right to oppose at all times to the processing of the personal data that concerns them, including profiling insofar as it relates to the aforementioned marketing. They will be able to exercise the personal rights described in Section 3 of this policy as referred to in this section. ElParking will ensure to remind and enable users to properly exercise their rights to oppose in each commercial communication that may be sent to them in this area. Similarly, the user may oppose the processing of their data for statistical purposes in the terms described in Section 21.6 of the GDPR.

 

In any case, ElParking may impede the usage of the Platform and services, content and features associated with this in case the user does not accept this policy, or does not consent to the processing of their personal information as set out in the policy.

The acceptance of this policy is independent to the possible acceptance of the specific legal terms and conditions that may govern the specific contracting by the users of the services and products available through the Platform.

5. SECURITY

ElParking has adopted and applies the security levels required by the applicable legislation regarding personal data under its responsibility, according to the corresponding risk approach carried out, and ensures to install and/or apply technical or organisational means and measures of additional protection to reinforce the overall security of the processing with personal data, systems, communications environment and corporate organisation, as well as to guarantee the due protection against unauthorised or illicit processing and against its loss, destruction or incidental damage (principle of integrity and confidentiality). However, the user must be aware that the online security measures are not, in any way, impregnable and respond to the state of technology at all times and to its cost of implementation.

For these purposes, the criteria of application and security measures, and other security obligations associated with the GDPR, will be especially considered, with special attention to Article 32 of the GDPR.

6. DUTY OF SECRECY AND CONFIDENTIALITY

ElParking agrees to comply with the duty of secrecy and confidentiality regarding the personal information and data provided by users of the Platform, and that it is under its control and responsibility, in accordance with the applicable legislation and the corresponding risk approach at all times.

7. COOKIES POLICY

As the Recital 30 of the GDPR establishes, individuals can be associated with online identifiers provided by their devices, applications, tools and protocols such as internet protocol addresses, login identifiers in the form of “cookies” or other identifiers, such as radio frequency identification tags. This can leave traces that, in particular, when combined with unique identifiers and other data received by servers, can be used to produce profiles of the individuals and to identify them. For this reason, ElParking has a cookies policy consistent with the applicable regulations.

7.1. Applicable regulations:

Article 22 of Law 34/2002, of 11 July, on services of the information society and e-commerce (LSSICE), regarding the rights of recipients in commercial communications via electronics, the service providers can only use storage and data retrieval devices in terminal equipment of the recipients, when they have given their informed prior consent.

For this purpose, these recipients and end users should be offered clear and complete information on its use, in particular, on the data processing purposes, in accordance with personal data protection regulations. Therefore, when it is technically possible and efficient, the recipient's consent to accept the processing of the data will be provided by using the relevant settings of the browser or of other applications.

The above shall not impede the possible technical storage or access for the sole purpose of performing the transmission of a communication by an electronic communications network or, insofar as is strictly necessary, for the provision of a service of the information society expressly requested by the recipient.

7.2. User's consent and cookies: general rule and exception.

Overall, when the installation and/or use of cookies involves the processing of personal data, be its own or third-party cookies, session or persistent, ElParking, as responsible for the processing, will provide the necessary information in this area and will obtain the user's prior informed consent to install and/or to use them.

The only exceptions include the consent to cookies that exclusively allow the communication between the user's equipment and the network and, strictly, cookies used to provide a service requested by the user. For example, "technical cookies" would be exempt (e.g. those needed for the same browsing on the platform or application); “customisation or configuration” cookies (e.g. that allow the page to recognise the user's language, etc.); and “security” cookies (e.g. to detect wrong and repeated attempts to connect to a site).

7.3. Are cookies used on the Platform? What are they?

The Platform uses cookies, meaning, files or devices that are downloaded onto the user's terminal equipment (personal computer, a smartphone, a tablet, mobile handsets and devices, etc.), regardless of its character, and with the main purpose of guaranteeing the correct functioning of the Platform (to remember the selected language, and similar functions). So, in general, and without prejudice to the following provisions, cookies will enable browsing on the Platform, as well as certain utilities and services on it, so be advised that their disablement or blocking may affect browsing or the correct or broad use of the Platform by the user.

7.4. What cookies does the Platform use?

Cookies can be own and third-party. Own cookies are those that are sent or used on the user's terminal equipment from the Platform (editor) who manages them, whereas third-party cookies are those that are sent or used on the user's terminal equipment from other domains or equipment that is not managed by the Platform (editor), but by another company that processes the data obtained from the cookies.

Third-party cookies can be session or persistent. The first are cookies designed to obtain and store data while the user accesses the Platform with the main purpose of storing information with the sole interest of storing for the provision of the service requested by the user on one occasion. However, with the second kind, the data continues to be stored on the user's terminal and can be accessed and processed during a period defined by the person responsible for the cookie.

Cookies can also be technical when allowing the user to browse on the Platform and use the different options or services available on the platform. For example, to control the traffic and the communication of data, to identify the session, to access parts with restricted access, to remember elements that involve a contractual request, to use security elements when browsing, to store content to share videos or sound or to share content on social networks.

They can also be customisation cookies, referring to those that allow the user to access the service with some predefined characteristics according to certain criteria associated with its own terminal, for example, the type of browser used to access the service, the regional settings where the service is being accessed from, etc.

Equally, they can have a statistical or informative purpose for the editor regarding the specific use that users carry out on its Platform and of the content or services available on it.

Here is a SUMMARY TABLE on the specific cookies that ElParking currently uses on the Platform:

Type Name Domain Expires Description
Advertising __gads doubleclick.net 6 months Cookie for analysing website use.
Advertising IDE doubleclick.net 2 years Cookie for analysing website use.
Advertising cto_lwid doubleclick.net 1 year Cookie for analysing website use.
Advertising DSID doubleclick.net 6 months Cookie for analysing website use.
Session PHPSESSID elparking.com In each session Cookie for tracking PHP sessions.
External __stripe_mid elparking.com 1 year Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session _csrf elparking.com In each session Cookie for detecting fake ID in requests.
Analytics _dc_gtm_UA-62450334-3 elparking.com 1 minute Cookie for Google Tag Manager
Analytics _ga elparking.com 2 years It is used to distinguish users.
Analytics _gat_UA-62450334-3 elparking.com 10 minutes Cookie for Google Tag Manager
Analytics _gid elparking.com 1 day Google cookie. It is used to distinguish users.
Session fonce_current_user elparking.com 30 minutes Cookie for Google Analytics
Session fonce_current_day elparking.com 30 minutes Cookie for Google Analytics
Session i18next elparking.com In each session Cookie for identifying the user's language.
Analytics 1P_JAR google.com 6 months Cookie used by Google for storing user preferences and information when viewing pages with Google Maps.
Analytics APISID google.com 2 years Google cookie for analysing website use.
Advertising AID google.com 2 years Google cookie for analysing website use.
Analytics CONSENT google.com Never Google cookie for verifying consent to the use of Google account data in another application.
External DV google.com 6 months Cookie used by Google for storing user preferences and information when viewing pages with Google Maps.
Advertising DSID google.com 6 months Google cookie. It is used to distinguish users.
Analytics G_ENABLED_IDPS google.com Never Cookie for analysing website use.
Analytics HSID google.com 2 years They contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time.
External NID google.com 2 years Cookie used by Google for storing user preferences and information when viewing pages with Google Maps.
External OGPC google.com 1 week Cookie used by Google for storing user preferences and information when viewing pages with Google Maps.
Advertising OTZ apis.google.com 1 month Cookie for analysing website use.
External SAPISID google.com 2 years Cookie used by Google for storing user preferences and information when viewing pages with Google Maps.
External SID google.com 2 years Cookie used by Google for storing user preferences and information when viewing pages with Google Maps.
Session SIDCC google.com Never They contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time.
Session SSID google.com 2 years They contain digitally signed and encrypted records of a user’s Google account ID and most recent sign-in time.
Analytics _ga stripe.com 2 years Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session __stripe_orig_props stripe.com 1 year Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session cid stripe.com 10 minutes Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session country stripe.com Never Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session machine_identifier stripe.com Never Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session machine_identifier stripe.com Never Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Session private_machine_identifier stripe.com 10 days Stripe cookie. It is used to identify a user during monetary transactions and payment processes.
Analytics TSNGUID newrelic.com 1 year Cookie for analysing website use.
Analytics _ga newrelic.com 2 years Cookie for analysing website use.
Analytics _gid newrelic.com 1 day Cookie for analysing website use.
Analytics __qca newrelic.com 1 month Cookie for analysing website use.
Analytics __ar_v4 newrelic.com 6 years Cookie for analysing website use.
Analytics _mkto_trk newrelic.com 1 year Cookie for analysing website use.
Analytics ajs_*_id newrelic.com 1 year Cookie for analysing website use.
Analytics ei_client_id newrelic.com 1 year Cookie for analysing website use.
Analytics intercom-id-cyym0u3i newrelic.com 20 years Cookie for analysing website use.
Analytics login_service_login_newrelic_com_tokens newrelic.com 20 years Cookie for analysing website use.
Analytics optimizelySegments newrelic.com 10 years Cookie for analysing website use.
Analytics optimizelyEndUserId newrelic.com 10 years Cookie for analysing website use.
Analytics optimizelyBuckets newrelic.com 10 years Cookie for analysing website use.
Analytics fr facebook.com 10 days Facebook cookie for monitoring traffic.
Analytics datr facebook.com 10 days Facebook cookie for monitoring traffic.
Analytics sb facebook.com 10 days Facebook cookie for monitoring traffic.

7.5. Who uses cookies?

The information obtained from cookies that are used on the Platform can be used, both by the Platform's owner, and by a third party that provides a service to this owner.

7.6. Managing and configuring cookies.

From the information provided in this policy, we provide you information on how you can manage the cookies used on the Platform with the different options that most common browsers offer.

You can manage the use of cookies, including their blocking, which will depend on the browser installed on your computer. Below is information on how to manage cookies through the following links:

Google Chrome:

https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=es

Mozilla Firefox:

https://support.mozilla.org/es/kb/impedir-que-los-sitios-web-guarden-sus-preferencia

Microsoft Internet Explorer:

https://support.microsoft.com/es-es/help/17442/windows-internet-explorer-delete-manage-cookies

8. VALIDITY AND MODIFICATION OF THE PRIVACY AND COOKIES POLICY

The current policy is valid from 21 May 2018. ElParking reserves the right to modify this policy, to adapt it to future new applicable legislative, doctrinal or jurisprudential developments, or for technical, operational, commercial, corporate and business reasons, informing users prior and reasonably of the changes made whenever possible. In any case, it is recommended that, each time you access the Platform to read this policy in detail, as any modification will be published on it. Similarly, ElParking will inform users personally and prior to the expected changes in this policy, before it comes into force, provided that it is technically and reasonably possible, in particular, when these are considered to be registered users or clients of ElParking.

9. DATA PROTECTION OFFICER (DPO)

Our commitment to the protection of our users' personal data has led to the appointment of a Data Protection Officer (DPO) in the EYSA Group, which ElParking belongs to, which is, Ms. Mar Prieto González. If they wish, users may contact the DPO regarding all matters relating to the processing of their personal data and to exercise their rights according to the GDPR. You can contact our DPO via the following contact details:

Postal address: calle Albacete 3, Edificio Mizard 1ªplanta, 28027 Madrid.

Contact email: privacidad@eysaservicios.com

10. COMPETENCE AND APPLICABLE JURISDICTION

In general, any controversy and conflict will be subject to, on a preferential basis by the parties, the knowledge of them for the purposes to obtain an amicable solution and to agree using, to these purposes, regarding ElParking, the legal contact channel (or data protection officer, in the event of being appointed) described in Section 9 of this policy.

If this is not possible, in general, and meeting the criteria in the GDPR to determine the competence of the leading or main authority in order, the knowledge of any conflict, controversy or complaint regarding this privacy policy, at least, through administrative channels, is informed that such authority will be the Spanish Data Protection Agency (AEPD), to in any case address Article 56 of the GDPR. Regarding the right to the effective legal remedy against ElParking in such cases, Article 79.2 of the GDPR shall apply, exercising the action that corresponds before the competent Spanish courts as ElParking is a company located in Spain.