Privacy Policy

Home » Privacy Policy

Your trust is essential to us. Therefore, one of our company’s objectives is to ensure transparency and clarity in our relationship with you.

This website is managed by IPARK ESTACIONAMIENTOS Y SERVICIOS DE MOBILIDAD S.A.U.

  1. WHO IS RESPONSIBLE FOR THE PROCESSING OF YOUR DATA.
    1. Contact details of the person in charge:
      1. Name: IPARK ESTACIONAMIENTOS Y SERVICIOS DE MOBILIDAD S.A.U. (hereinafter referred to as the Entity)
      2. Registered office: Camino de las Ceudas 2, Planta 1, Oficina 0, 28232 Las Rozas (Madrid)
  • VAT NO: A01516640
  1. Contact details of the Data Protection Committee: you can contact us by e-mail: cumplimiento@ipark.es
  1. SCOPE OF THE POLICY

When you access and use this website, participate in any activity organised by us, or use any other means that involves the processing of personal data, you agree to accept this Privacy Policy, as well as the provisions contained in the Legal Notice and the Cookies Policy.

The COMPANY provides you with information so that, prior to filling in your personal data, you can access the Privacy Policy and any other relevant information on Data Protection.

This Privacy Policy may be modified by the owner of the website when necessary, but we will communicate it to you through the website or by other means so that you can be aware of it and continue to use our “Services”.

By continuing to use our “Services” after we have notified you of such changes, you agree to such changes, except where express consent is required.

  1. FUNDAMENTAL PRINCIPLES
  • We will never ask for personal information unless it is actually necessary to provide the services that are requested.
  • We will never share users’ personal information with anyone, except as provided in this Privacy Policy, to comply with the law, or with your express permission.
  • We never use your personal data for any purpose other than that expressed in this privacy policy.
  • We will never alter or modify the personal data provided to us by users, which will be kept accurate, complete and up to date only for as long as is necessary to fulfil our contractual obligations.
  1. FOR WHAT PURPOSE DO WE USE YOUR PERSONAL DATA?

We may process personal data collected from this website and/or by users of any of the websites of the ENTITY GROUP for the following purposes:

  1. BOOKINGS: The personal data you provide will be processed for the purpose of completing and administering your online bookings, which is essential to present the service. This includes sending communications related to the booking, such as confirmations, modifications and reminders.
  2. CONTACT: The personal data you provide us with through the contact form available on the websites of the companies in the GROUP’S GROUP will be processed for the purpose of managing communication, scheduling meetings, providing information on products and solutions, dealing with media requests and responding to any queries or comments you send us.If necessary, the data may be shared with companies of the GROUP OF THE COMPANY to which the consultation is addressed or in order to comply with the legal obligations applicable to the COMPANY.
  3. INVOICES: The personal data provided by users for the purpose of issuing invoices corresponding to the services contracted will be used solely and exclusively for this purpose.
  4. IPARK ACCOUNT: Users can create an account on our website or APPs. We will use the information you provide us to administer, as well as for better service, such as accessing your purchases, invoices, renewals, changing registration, among others.
  5. EMPLOYMENT: The personal data of users who wish to participate in our recruitment processes are collected through the “EMPLOYMENT” section made available to the public through the group’s web pages. The data provided will be processed for the purpose of managing the receipt of CVs sent to the COMPANY, as well as for the purpose of analysing the professional profile of the candidate and, where appropriate, to enable participation in the personnel selection processes of the COMPANY and, where appropriate, of companies in the GROUP OF THE COMPANY. This data will be kept for a maximum period of two years, with the consent of the candidate users, so that they can be contacted in the event that new vacancies arise. To this end, Users may exercise their rights regarding data protection through the channels established in this policy privacy .
  6. REGISTRATION FOR EVENTS. The personal data of users who are interested in participating in any of the events, whether in person or online, will be processed by the COMPANY or any other third party participating in the same, in order to process the request made by the user and, where appropriate, to carry out the actions that are necessary in relation to the organization and management of the registration of the event that was requested.
  7. SATISFACTION SURVEYS. The COMPANY carries out personalised surveys to assess the level of satisfaction of its customers with the services provided by them or any of the companies of the GROUP OF THE COMPANY, as well as those attending any event organised by the COMPANY.
  1. PROMOTIONS: The personal data of users collected through the registration of the user as a participant in any of the Promotions (eg, contests, sweepstakes, etc.) made available by the COMPANY on its websites, will be processed for the purpose of managing the development of the promotion in question, communicating the winner/s of the promotion, delivering the corresponding prize to the winner/s, as well as to manage compliance by the COMPANY of all legal and tax obligations applicable to it in its capacity as the organiser of the promotion in question.In any case, the processing of data will be carried out in accordance with the terms and conditions set out in the Promotional Terms and Conditions, which may establish other specific purposes of processing depending on the promotional mechanics. The COMPANY will make available in any case the Legal Promotional Terms and Conditions that users may consult prior to participating in the promotion and which must be accepted by users prior to participating in the promotion.Where the user chooses to register for the Promotion through the social connectors of social networks where the user has a personal account, (e.g., Facebook, X (formerly Twitter), Instagram, etc.), the personal data and information that the user authorises the social networks to provide to the COMPANY, by clicking on the corresponding acceptance button, will be processed by the COMPANY for the preparation and analysis of profiles and the application of segmentation techniques for commercial, promotional or advertising purposes, cross-referencing with the database of customers and users and enriching it, all with the aim of optimizing and improving the delivery of advertising, promotional or commercial information that the COMPANY carries out, as well as to provide the user with appropriate information according to their tastes, hobbies or preferences.
  1. Commercial, promotional or advertising communications of products and services of the COMPANY and of the companies that are part of the GROUP OF THE COMPANY: The personal data of users may be processed by the COMPANY in order to send advertising, promotional or other information that may be of interest to them, by post, email, SMS, instant messaging and other means of electronic communication, only if the user has consented to this purpose of data processing, by expressly accepting the box for commercial, promotional or advertising communications.

ENTITY informs that the communications to be sent may relate both to the ENTITY and to the companies of the GROUP OF THE ENTITY.

Likewise, the COMPANY informs that, in order to optimize and improve the sending of advertising, promotional or commercial information, as well as to offer the user appropriate information according to their tastes, hobbies or preferences, it may process data consisting of the development and analysis of profiles and apply segmentation techniques for commercial and advertising purposes, which will be carried out both with data provided by the interested party through the registration forms and with data derived from the navigation and use that the user makes of the web pages of the COMPANY (internal data), and with data collected through social networks in the event that the user authorizes that such data be provided to the COMPANY by the social networks (e.g., the user authorizes that such data be provided to the COMPANY by the social networks).e.g., Facebook, X (formerly Twitter), Instagram, etc.), through which the user logs in or registers (external data).

The user may object at any time to the processing of his/her data for advertising or promotional purposes by the COMPANY, including the development and analysis of profiles in the terms described above, using the channels provided for this purpose by the COMPANY.

  1. WITH WHOM DO WE SHARE YOUR DATA?

As a company with international reach, the COMPANY manages the disclosure of users’ personal data, both internally and with specific third parties. This transfer of information includes external service providers, other external agents and is carried out in situations related to commercial transactions and legal requirements.

Users’ personal data is shared in the following circumstances:

  1. Collaboration with External Service Providers: The ENTITY shares data with external entities to fulfill requests, respond to enquiries, validate promotions, offer samples, facilitate participation in sweepstakes and enable various functionalities through their web platforms. These providers perform tasks on behalf of the ENTITY, such as hosting or operating its websites, payment processing, data analysis, customer service, postal or delivery services, as well as managing promotions. Although they access personal data necessary for their work, they are not authorised to use it for other purposes. They must comply with the guidelines in this Privacy Notice and with applicable data protection laws and regulations.
  2. Relationship to Other Third Parties: User data is used or shared by the ENTITY with sponsors, advertisers, ad networks, ad servers, social networks, analytics companies and other third parties for activities related to marketing, promotions, data enrichment and product disclosures.
  3. Business Transfers: The ENTITY may use or share User Data within the ENTITY Group for business and operational purposes. In the course of its business, the ENTITY may acquire or sell assets, subsidiaries or business units. In these transactions, users’ personal data are usually considered transferable assets, although they remain subject to the terms previously set out in existing Privacy Notices, unless users give their explicit consent. [ *]
  4. Disclosure for Legal Requirements: the COMPANY may transfer and disclose personal data of users to third parties:
    1. To comply with legal obligations.
    2. When it is believed in good faith that an applicable law requires it.
    3. At the request of government authorities in ongoing investigations.
    4. To verify or enforce compliance with the “Terms of Use” or other relevant policies.
    5. To detect and protect against fraud, technical or security vulnerabilities.
    6. To respond to emergency situations; or
    7. To protect the rights, property, safety, or security of third parties, visitors to the T ENTITY website, the T ENTITY or the general public
  5. WHERE DOES THE PERSONAL DATA WE PROCESS COME FROM?

The data that the COMPANY processes as a result of the interactions made by the user through our website come from the following sources:

  • Data provided by the user by filling in the forms made available by the COMPANY, by filling in the spaces made available for participation in promotions managed by the COMPANY, by sending emails or by any other means by which the user communicates with the COMPANY.
  • Data generated as a result of the user’s browsing and use of the GROUP’s websites.
  • Data generated as a result of the development, processing and maintenance of the relationship between the user and the COMPANY.
  • Third-party data provided by the user.
  • Data obtained from external sources (e.g. social media, etc.).

 

The COMPANY may process personal data of the following types, depending on the relationship established with the user:

  • Identification data (e.g. name and surname, e-mail address, postal address, telephone number, image, number plate, etc.).
  • Connection, geolocation and/or navigation data (e.g. location data, device identification number or advertising ID, etc.).
  • Financial and transaction data (e.g. your payment or card details, booking information, etc.)
  • Academic or professional data and/or employment details (e.g. data contained in your CV).
  • Data on personal characteristics and social circumstances (e.g. age, date of birth, etc.).
  • Navigation and location data (e.g. use of the ENTITY’s web pages, sections visited, data provided by the user through social networks when indicating their location, etc.).
  • Health data and/or other types of data. Such categories of data will be processed only in the event that, voluntarily, the user has included this type of information in the event that he/she has some kind of special need, for example, due to limited mobility, is going to attend an event or receive the services of the Entity and requires adaptations. In any case, the COMPANY will apply the appropriate security measures in accordance with the type of data processed in each case).

Please note that when you are asked to provide your personal data to access any functionality or service of the Platform, you will be informed which fields are mandatory, as such information is necessary in order to provide you with the service or to allow access to the relevant functionality. You should note that if you choose not to provide us with such data, you may not be able to complete the user registration or enjoy the services or functionalities offered.

  1. WHAT IS THE LEGAL BASIS FOR THE PROCESSING OF YOUR PERSONAL INFORMATION?

The COMPANY processes the personal data provided by users of its websites and APPs in accordance with the following legitimate bases, depending on the type of data provided by the user, as well as the interactions that the user enters into with the COMPANY:

  • Consent: Personal data will be processed when the data subject has given his or her explicit consent for one or more specific purposes.
  • Execution of the contractual relationship: The processing of data is necessary for the proper performance of a contract to which the data subject is a party, or for the implementation of pre-contractual measures at the request of the data subject.
  • Compliance with legal obligations: The companies belonging to the GROUP OF THE ENTITY are obliged to process personal data when required to do so in order to comply with current legal regulations.

 

  • Legitimate interest: this includes, among other things, maintaining professional contact, sending commercial communications related to the products and services of the Controller, as well as improving them to meet the user’s expectations.
  1. HOW LONG WE WILL KEEP YOUR PERSONAL INFORMATION

The period of conservation of personal data will vary depending on the service / treatment that you may contract. In any case, your data will be kept for the duration of the commercial / contractual relationship. Once this has ended, we will keep your data blocked during the prescription periods of the obligations that may have arisen from the processing and/or the applicable legal periods, remaining at the disposal of the competent authorities for the attention of the possible responsibilities arising from the processing.

By way of example and without limitation, we indicate some of the conservation periods.

  • When there is a contract that binds us, the COMPANY will keep the data provided for the time necessary to comply with the contractual relationship and, in any case, during the limitation periods required by current legislation. The data will be subsequently deleted in general, except if it is necessary to keep them in order to comply with any legal provision or administrative and/or judicial requirement.
  • In the event that we receive your CV to work with us, the COMPANY will process personal data strictly during the recruitment period, unless we are expressly authorised to process it for a longer period for subsequent processes. Thus, the data of any unsuccessful candidate will be kept for a maximum period of one (1) year from the end of the selection process or from the time you sent us your CV voluntarily.
  • As long as it complies with legal requirements, we will process your contact data for as long as necessary to deal with and manage the queries you make to us through the “Contact” section of the Website as well as to deal with requests for information, complaints or claims, for as long as it is necessary to deal with and answer the reason for your contact. In addition, we will keep your data blocked during the periods of limitation of the obligations arising from the processing of the data, remaining at the disposal of the competent authorities to meet possible liabilities arising from the processing.
  • We will process the personal data of users who receive our commercial communications until such time as they decide to unsubscribe or cancel their subscription. All our commercial communications by electronic means allow you to opt out of receiving further mailings. Once you decide to unsubscribe, we will remove your data from our systems immediately, unless there is a legal obligation to retain it for a further period.

 

  • We will process the personal data of APP users until such time as they decide to unsubscribe. Once you decide to unsubscribe, we will proceed to delete your data from our systems immediately, unless there is a legal obligation that requires its retention for an additional period.

 

  • The COMPANY will retain your personal data processed as a result of browsing the Website, until you revoke your consent to do so, as provided in our Cookies Policy and, in any case, for a period of 1 year . After this time, we will again request your consent to the use of Cookies when accessing the Website .
  1. HOW YOU CAN EXERCISE YOUR RIGHTS

As the right holder of your personal information, you have control over that data. In this way, we also ensure that the information is accurate and truthful.

The rights that can be exercised are

  • Right of Access: you may consult whether we are processing personal data concerning you in the COMPANY.
  • Right of Rectification and Deletion: you may access your personal information and request the rectification or deletion of your data when it is inaccurate or no longer necessary for the purposes for which it was collected.
  • Right of opposition: you may oppose the processing of your data, unless, for compelling legitimate reasons, or in the exercise or defence of possible claims, we keep them duly blocked for the corresponding periods for as long as the legal obligations subsist.
  • Right to restrict processing: you may request the limitation of the processing of your personal information while the accuracy or lawfulness of your data is being challenged, during the exercise or defence of possible claims or litigation.
  • Right of portability: you may request portability of the data you have provided to us to another data controller, in certain circumstances.

 

You may exercise your rights free of charge.

How can you complain to the Supervisory Authority?

If a user considers that there is a problem with the way in which the COMPANY is processing their data, they can address their complaints to the Data Protection Committee cumplimiento@ipark.es or to Camino de las Ceudas, 2 Planta 1 Oficina O. 28232 Las Rozas (Madrid).) or to the corresponding data protection supervisory authority, being the Spanish Data Protection Agency in the case of Spain and the Comissão Nacional de Proteção de Dados

 

  1. SECURITY

We maintain the highest levels of security required by law to protect your personal data against accidental loss and against unauthorised access, processing or disclosure, taking into account the state of technology, the nature of the data stored and the risks to which it is exposed. When we receive your data, we use rigorous procedures and security features to prevent unauthorised access.

The actions described in this section and aimed at ensuring a level of security appropriate to the risk identified shall include, if necessary, the following measures:

  1. Pseudonymisation and encryption of personal data.
  2. Measures capable of ensuring the continued confidentiality, integrity, availability and resilience of processing systems and services.
  3. Measures capable of restoring availability and access to personal data quickly in the event of a physical or technical incident.
  4. Existence of a process of regular verification, evaluation and assessment of the effectiveness of technical and organisational measures to ensure the security of processing.
  5. Periodic assessment of the risk of accidental or unlawful destruction, loss or alteration of, or unauthorised disclosure of or access to, personal data transmitted, stored or otherwise processed.
  6. Measures to ensure that any person acting under the authority of the ENTITY who has access to personal data can only process such data on the instructions of the ENTITY.
  1. CONFIDENTIALITY

The personal data that may be collected will be treated with absolute confidentiality, undertaking to keep them secret and guaranteeing the duty to store them by adopting all the necessary measures to prevent their alteration, loss and unauthorised processing or access, in accordance with the provisions of the applicable legislation.

  1. ACCEPTANCE AND CONSENT

The user declares to have been informed of the conditions on the protection of personal data, accepting and consenting to the processing of the same by the COMPANY in the manner and for the purposes indicated in this privacy policy.

  1. CHANGES TO THE PRIVACY POLICY

The COMPANY reserves the right to modify this policy to adapt it to new legislation or case law, as well as industry practices. In such cases, the COMPANY will announce on this page the changes introduced reasonably in advance of their implementation whenever possible.

  1. RESPONSIBILITY

The user shall be solely responsible for the completion of forms or any form of communication to the COMPANY with false, inaccurate, incomplete or outdated data.

  1. COOKIES

Our website uses cookies to collect information about how you use the Website. For more detailed information on how ENTIDAD uses cookies, please see Cookies Policy

  1. DATA TRANSFERS TO THIRD COUNTRIES

In the case of collaboration with suppliers who may have access to your data and who will process such data in the name and on behalf of the COMPANY, an exhaustive process of verification of compliance will be followed, in order to ensure adequate control of data protection. In addition, a contract will be signed in which these suppliers undertake to implement appropriate technical and organisational measures and to process the personal data only in accordance with the documented instructions of the joint controllers. If any of the data processors are located outside the European Economic Area, the joint controllers shall sign Standard Contractual Clauses with them, which shall provide adequate guarantees and protect the access that such third parties may have to their data at all times.

Latest version October 2024

© IPARK ESTACIONAMIENTOS Y SERVICIOS DE MOVILIDAD S.A.