General Data Protection Regulation (GDPR)

Your privacy is important to us. This page explains how we collect, use, and protect your personal data in compliance with GDPR.

Introduction

This Privacy Policy (“Policy”) clearly describes how the Sword Services Greece S.A. (hereinafter referred to as “we,” “us,” or “the Company”) respects the privacy of our Customers and all individuals who use Parkbuddy Services. This Policy applies to Personal Data we handle while providing our hosted Parking Management System (Parkbuddy), however does not apply to third parties we do not own or control or to individuals that we do not employ or manage and forms part of our Terms of Use This Policy is stating how we collect, use, protect or otherwise handle your Personal Data in compliance with all the applicable Data Protection Legislation. Personal Data is stored securely on our hosted platform and used only for the purposes it was collected unless you provide consent for other uses.

  • Data Protection Legislation means (i) the GDPR and any national implementing laws, regulations, and secondary legislation, as amended or updated from time to time, in the European Union and then (ii) any successor legislation to the GDPR.
  • GDPR refers to the General Data Protection Regulation (EU 2016/679).

Unless otherwise defined herein, the terms used in this Policy shall have the meaning assigned to them under the applicable Data Protection Legislation. References to Personal Data refer specifically to any Personal Data provided to Parkbuddy.

Where Parkbuddy processes Personal Data on behalf of the Customer in connection with the performance of its contractual obligations under their Agreement, the parties acknowledge and agree that: the Customer shall act as the Data Controller (or, where applicable, as a Data Processor), and Parkbuddy shall act as the Data Processor (or, where applicable, as a Service Provider). In such instances, both parties shall comply with all the obligations applicable to them under the Data Protection Legislation and do not limit or replace any statutory obligations imposed by such legislation. The details regarding the subject matter, nature, purpose, duration of processing, and the categories of Personal Data and Data Subjects are further specified as below.

The Customer is responsible for ensuring that all necessary notices have been provided and all required consents or other lawful bases for processing have been obtained, thereby enabling the lawful transfer and processing of Personal Data by the Parkbuddyfor the purposes and duration specified in their Agreement.

By providing us with information, you accept and agree to the practices described in this Policy, which set out the following:

  • What Personal Data we collect,
  • Where we obtain the Personal Data from,
  • What we do with that Personal Data,
  • Who we transfer that Personal Data to,
  • How we uphold your data protection rights, and
  • How we comply with the Data Protection Legislation.

If you do not agree with any part of this Policy, then we cannot provide Parkbuddy's Services to you, and you are politely requested to stop using the Services and deactivate your account.

You can find out more about how to deactivate your Parkbuddy account at [email protected].

Processing and Type of Personal Data We Collect

Company shall, in relation to any personal data processed in connection with the performance of its obligations under any agreement with the Customer, process that personal data only on the written instructions of the Customer unless Company is required by the laws of any member of the European Union or by the laws of the European Union applicable to Company to process personal data (“Applicable Laws”). Where Company is relying on laws of a member of the European Union or European Union law as the basis for processing personal data, Company shall promptly notify the Customer of this before performing the processing required by the Applicable Laws unless those Applicable Laws prohibit it from so notifying the Customer; ensure that it has in place appropriate technical and organisational measures to protect against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data, appropriate to the harm that might result from the unauthorised or unlawful processing or accidental loss, destruction or damage and the nature of the data to be protected, having regard to the state of technological development and the cost of implementing any measures (those measures may include, where appropriate, pseudonymising and encrypting personal data, ensuring confidentiality, integrity, availability and resilience of its systems and services, ensuring that availability of and access to personal data can be restored in a timely manner after an incident, and regularly assessing and evaluating the effectiveness of the technical and organisational measures adopted by it); ensure that all personnel who have access to and/or process personal data are obliged to keep the personal data confidential; not transfer any personal data outside of the European Economic Area unless following conditions are fulfilled: the Customer or Company has provided appropriate safeguards in relation to the transfer, the data subject has enforceable rights and effective legal remedies, and Company complies with its obligations under the Data Protection Legislation by providing an adequate level of protection to any personal data that is transferred; assist the Customer, at the Customer’s cost, in responding to any request from a data subject and in ensuring compliance with its obligations under the Data Protection Legislation with respect to security, breach notifications, impact assessments and consultations with supervisory authorities or regulators; notify the Customer within undue delay on becoming aware of a personal data breach.

We process Personal Data when:

  • Necessary to provide Services, operate the Platform, and ensure security.
  • Based on legitimate interests not overridden by Individuals rights.
  • Individuals provide consent for specific purposes.
  • Required to comply with legal obligations.

You can withdraw consent at any time. Where processing relies on legitimate interests, you may object, though this but may affect your ability to use the Parkbuddy's provided Services.

The Personal Data we collect depends on the services you choose and the channels. Personal Data may include IP address, name, company, email address, car plate/model/color and individual parking schedule, (or any other? information). The reason Parkbuddyasks you for personal information is to help administer its online services and ensure you get the best service possible.

For communication and informational purposes, the Parkbuddy collects, processes and retains information about you when you visit “Name webpage” to access protected information on our platform so we can follow up with you after your visit. Information that may be collected consists of IP address, name, email address, company.

Important Notes:

  • We do not collect payment/billing data as it is collected directly by our third-party payment provider
  • We do not market to children under the age of 16 years old
  • We do not collect sensitive information or any information that may constitute special category of Personal Data under the purposes of Data Protection Legislation

Purpose of the Collected Data

We use the information collected about you, to:

  • Personalise your experience and deliver relevant content and offers
  • Respond to inquiries and send communications
  • Process transactions efficiently
  • Request ratings and reviews
  • Improve and optimise Parkbuddy's Services through analytics and performance monitoring
  • Provide, maintain, and enhance Parkbuddy's Services
  • Delivering customer support
  • Prevent unauthorised use, abuse, or illegal activity
  • Ensure proper functioning for technical and security purposes, such as diagnosing server issues, and maintaining the integrity and security of Parkbuddy's systems
  • Analyse trends, monitor usage, and gather demographic insights
  • Use data as described at the time of collection or elsewhere in this Policy

Parkbuddy will process Personal Data only for the purposes for which it was originally collected, as specified under the Agreement with the Customer, in this Policy or as otherwise lawfully communicated to the data subjects. If Parkbuddy intends to process Personal Data for a purpose that is different from, but related to the original one, it will first assess whether such further processing is permitted under the applicable Data Protection Legislation. Where the new purpose is not reasonably related to the initial purpose or lacks a valid lawful basis, Parkbuddy will take the necessary steps to ensure compliance, including providing prior notice to data subjects and, where required, obtaining their explicit consent before proceeding with the processing.

Aggregate Data

Parkbuddy may collect non-personal information in the form of aggregate or statistical data that does not, on its own, identify individual users. Such information may include data on how visitors interact with Parkbuddy's Services—for example, the total number of visits, the frequency of access to specific pages, or the domain names of users’ internet service providers.

The collection and analysis of this aggregate information enableParkbuddy to identify patterns, monitor performance, and gain insights into how Parkbuddy's Services are used. By examining these overall trends rather than individual user activity, Parkbuddy's enhancing its ability for best functionality, improving user experience, and optimising the quality and relevance of theParkbuddy's Services provided.

This type of information does not constitute Personal Data under applicable Data Protection Legislation, as it does not allow the identification of any specific individual.

How We Collect Your Personal Data

Parkbuddy collects Personal Data through both direct interactions with individuals and indirect means arising from the use ofParkbuddy's Services and third-party integrations.

Direct Collection:

  • Access or browse our website
  • Complete forms, registering, or updating account details
  • Interacting with chat widgets or pop-ups
  • Using the Platform to search/host parking, make bookings, post reviews, or communicate
  • Linking third-party accounts (e.g., Facebook)
  • Direct communication with us
  • Register to use the Services
  • Use the Services, or another application that the Services are embedded in
  • Contact the Support team
  • Use your work PC to access the Services
  • You pass through a security checkpoint at one of our customers’ premises

Indirect Collection:

  • Log Data: Automatic server records (IP, date/time, device/browser info, navigation data, pages viewed, time spent).
  • Third-Party Social Plugins: Interaction with social features may share activity with the third-party provider.

Retention of Personal Data

The period for which we retain Personal Data varies according to the purpose of that information. In some cases, there are legal requirements to keep Personal Data for a minimum period. We will retain them as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements with the Customer. Unless specific legal requirements dictate otherwise, we will retain Personal Data no longer than is necessary for the purposes for which the Personal Data were collected and processed (as described above). Following termination of the provision of the Services, your Personal Data shall be retained for as long as is necessary and permissible in accordance with statutory limitation periods.

The following are the terms of our data retention policies and procedures:

  • 2 years from last contact for prospects not listed as customer contacts.
  • Duration of the contract for customers.
  • Immediately deleted upon account closure.
  • 2 years for usage data (e.g., statistics).
  • 24 months for site access data via barrier triggers.
  • Upon termination of the Agreement or expiry of the relevant Subscription, we may destroy or dispose of Customer Data unless a written request for delivery of the most recent backup is received within 30 days of termination/expiry.

Transfer of Personal Data

We or our third-party service providers "Providers" will not transfer Personal Data outside the European Economic Area (EEA) unless it has been ensured that appropriate safeguards and/or agreements are in place, that enforceable rights and effective legal remedies are available to data subjects, and that the transfer complies with applicable Data Protection Legislation by processing it in a territory which the European Commission has determined provides an adequate level of protection for personal data or we will rely on the Standard Contractual Clauses approved by the European Commission. In general, we ensure that all international transfers comply with applicable laws. The Customer is responsible for data accuracy, legality, and obtaining consent.

Providers

We may engage carefully selected Providers to support the operation, maintenance, and delivery of Parkbuddy's Services. These Providers may perform functions such as data hosting, payment processing, customer support, analytics, security monitoring, or communication facilitation on behalf of the Company.

Each Provider is appointed only after a due diligence assessment confirming their ability to implement appropriate technical and organisational measures to ensure that Personal Data is processed securely and in accordance with applicable Data Protection Legislation. Such Providers act under a written agreement that binds them to confidentiality, data protection, and processing obligations equivalent to those imposed on Parkbuddy under this Policy.

Where Providers act as sub-processors, we remain responsible for their performance and for ensuring that they process Personal Data as agreed and solely for the specified purposes. Providers are not authorised to use Personal Data for their own purposes, nor to disclose or transfer it to unauthorised parties.

Data Protection Rights

You have the right to:

  • Request information about Personal Data we hold
  • Access your Personal Data
  • Correct inaccurate or incomplete data
  • Request deletion of Personal Data
  • Object to processing based on legitimate interests or for direct marketing
  • Object to automated decision-making including profiling
  • Request restriction of processing
  • Request data portability
  • Withdraw consent for specific processing

In case you want to exercise any of your rights please contact [email protected].

Cookies

This Section explains what cookies are and how Parkbuddy uses them, the types of cookies Parkbuddy uses i.e., the information Parkbuddycollects using cookies and how that information is used, and how to manage the cookie settings.

Cookies are small text files that are used to store small pieces of information. They are stored on your device when the website is loaded on your browser. These cookies help us make the website function properly, make it more secure, provide better user experience, and understand how the website performs and to analyse what works and where it needs improvement.

As most of the Services, Parkbuddy uses first-party and third-party cookies for several purposes. First-party cookies are mostly necessary for the website to function the right way, and they do not collect any of your personally identifiable data.

The third-party cookies used on our website are mainly for understanding how the website performs, how you interact with our website, keeping Parkbuddy's Services secure, providing advertisements that are relevant to you, and all in all providing you with a better and improved user experience and help speed up your future interactions with our website.

You can change your cookie preferences any time. In addition to this, different browsers provide different methods to block and delete cookies used by websites. Individuals can change the settings of your browser to block/delete the cookies. Listed below are the links to the support documents on how to manage and delete cookies from the major web browsers.

Chrome
Safari
Firefox
MS Edge

If you are using any other web browser, please visit your browser's official support documents.

Contact Us

If there are any questions regarding this Policy, please send an email to [email protected].