Vanguard Parking Charge Privacy Policy

July 2024

Introduction

Welcome to Vanguard Parking charge payment, a website for collecting parking charges (the “Website”). 

This Privacy Policy (“Policy”) explains how information about you is collected and used by Vanguard Parking Solutions Inc. (“Vanguard” or “we”, “us”, “our”). Vanguard operates this Website.

We are committed to complying with applicable data protection laws, including the Colorado Privacy Act (CPA).

The Website is not directed to individuals under the age of 18. We do not knowingly collect information or data from minors under the age of 18 or knowingly allow them to use the Website.

This Policy may be amended from time to time. We will post any change to this Policy on our Website at a reasonable time in advance of the effective date of the change, and we will also make efforts to proactively notify you by email of the changes if we have your email address.

Contact us

If you have any questions, comments or concerns regarding this Policy or our processing of your personal data, please contact us at Support@vanguardparking.co.

What we collect and why

Scenario

Purposes

Categories of information processed
When you pay your parking charge on our Website Online payment of your parking charges Full name, email address, Phone Number (optional), parking notice number, license plate number of the parked vehicle, details of transactions you carry out through our Websites and payment information (processed via third party payment processors such as Stripe). Vanguard does not store full credit card information on its servers.
Contacting us with an inquiry through our online contact form, by email or by phone
  • Responding to your inquiry
  • Our business development
 Your full name and email address, the subject of your inquiry and the content of your message, such as your parking charge notice number and vehicle license plate number.
When you provide us with your feedback and reviews
  • Responding to your feedback and reviews
  • Our business development
 Your full name, email address and the feedback or review.
When you enter a parking lot which has Vanguard system installed
  • Charge you for parking 
  • And/or for enforcement purposes

Pictures of the vehicle license plate

Pictures of car at the parking spot

Pictures of car entering and/or exiting the parking lot/garage

Methods and sources for collecting your personal data

We collect the personal data from several sources:

  • When you directly enter it through the website, by email or by calling us.
  • Automated cameras, when you enter a parking lot which has Vanguard system installed.
  • From our sub-processors helping us to operate the Website.
  • Through the device you use to access our Website.

Sharing your personal data

We will not share your information with third parties, except in the events listed below or when you provide us with your explicit and informed consent.

Scenario

Purposes

Third parties involved
We will share your information with our sub-processors who assist us with the internal operations of the Website. These companies are authorized to use your personal data in this context only as necessary to provide these services to us and not for their own promotional purposes Operating the Website and our business

Examples include AWS and Stripe

Subject to the additional policies such as:

https://aws.amazon.com/privacy/

https://stripe.com/privacy
To facilitate the transaction with the parking lot owner To facilitate transactions related to parking and parking violations, with Parking lot owners Parking lot owners.
If you abused your rights to use the Website or violated any applicable law while doing business with us. Responding to, handling, and mitigating suspected violations of law in connection with our business. Competent authorities, legal counsels, and advisors
If a judicial, governmental, or regulatory authority requires us to disclose your information. Complying with a binding request from a competent authority. Competent authorities.
If the operation of the Website or our business is organized within a different framework, or through another legal structure or entity. Enabling a structural change in the operation of the Website and our business. The target entity of the merger or acquisition, legal counsels, and advisors.

Data Retention and Security

We retain your information for as long as needed to operate the Website, and thereafter as needed for record-keeping matters.

We will retain your information for as long as needed to operate the Website. Thereafter, we will still retain your personal data as necessary to comply with our legal obligations, resolve disputes, establish, and defend legal claims and enforce our agreements. The overall period of retention is approximately 7 years.

We implement measures to secure your information

We implement measures to reduce the risks of damage, loss of information and unauthorized access or use of information, such as In certain areas of our Websites, as identified on the site, we use industry-standard SSL-encryption to protect data transmissions, access control procedures, network firewalls and physical security measures. However, these measures do not provide absolute information security. Therefore, although efforts are made to secure your personal data, there is no guarantee that it will be immune from information security risks.

Additional information for individuals in Colorado

If you are an individual residing in Colorado, we provide you with the following information pursuant to the Colorado Privacy Act (CPA).

We do not sell your personal data, do not process it for targeted advertising and do not process it profiling.

Categories of personal data (under the CCPA)

Specific types of personal data collected

Business Purposes under the CCPA for which the information is used
Identifiers  Name, email address
  • performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business
  • undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business;
Other personal data that identifies, relates to, describes, or is capable of being associated with, a particular individual  Payment information, telephone number (optional), vehicle license plate number
Consumer Commercial information Parking notices charged
Audio, electronic, visual, thermal, olfactory, or similar information License plate and vehicle pictures at the parking lot

Disclosures to third parties

The chart below explains the personal data we disclosed for a business purpose to third parties in the preceding 12 months.

Categories of personal data (under the CPA)

Categories of third parties to whom we disclose your information and the specific business or commercial purpose for the disclosure
Identifiers 
  • our sub-processors, who will use it only as necessary to assist us in the internal operations of our business and the Website, and not for their own promotional purposes.
  • Our customers, such as parking lot owners (but not payment information - Vanguard does not store full credit card information on its servers).
  • Competent authorities, legal counsels, and advisors if you abused your rights to use the Website or violated any applicable law in the course of doing business with us.
  • Judicial, governmental, or regulatory authority if they require us to disclose your information.
  • Target entity of the merger or acquisition, legal counsels, and advisors If the operation of the Website or our business is organized within a different framework, or through another legal structure or entity.
Other personal data that identifies, relates to, describes, or is capable of being associated with, a particular individual
Consumer Commercial information
Audio, electronic, visual, thermal, olfactory, or similar information

Your rights under the CPA if you are a resident of Colorado

Right to Opt-out

We do not use your data for online targeted advertising and we do not sell your personal information. Therefore, we do not currently respond or take any action with respect to opt-out requests, Global Privacy Control Signals or other mechanisms regarding selling of your personal data, processing it for targeted advertising or for profiling, as we do not partake in any of those activities.

Right to access the personal data we collect and maintain about you

You have the right to access: 

  • All the personal data we have collected and maintained about the you that are the subject of the request
  • Any personal data that our processors obtained from us in providing services to us.

Right to correct inaccurate personal data

If we receive a request from you to correct your information and we determine that corrected information you provide is accurate, we will correct inaccurate personal data that we maintain about you in our existing systems. If the data is stored in archive or backup systems, we may delay compliance with the correction request until that system is restored to an active system or is next accessed or used.

In determining the accuracy of the personal data that is the subject of your request to correct, we will consider the totality of the circumstances relating to the contested personal data. We also may require that you provide documentation to determine whether the personal data, or your requested correction to the personal data, is accurate.

We may deny your request to correct if we determine that the contested personal data is more likely than not accurate. If we make such determination, we will provide you a detailed explanation that includes enough facts to give you a meaningful understanding as to why we cannot comply with the request to correct your information, and document your requested correction to the personal data, any documentation requested from and provided by you in support of the correction request, and the reason for our determination that your documentation was not sufficient to support your position.

We may also respond to your request by providing instructions on how you may correct the personal data so long as the correction process is not unduly burdensome, meets the requirements under the applicable law, compliant with the timing requirements and enables the correction request.

Right to deletion

Subject to certain exceptions set out below, on receipt of a verifiable request from you, we will:

  • Delete your personal data from our existing systems or deidentify your personal data such that it cannot reasonably be used to infer information about, or otherwise be linked to, an identified or identifiable individual, or a device linked to such an individual; and
  • Using agreed upon technical, organizational, or other measures, or processes to instruct our processors to delete your personal data.

Please note that we may not delete your personal data if it is necessary to:

  • Delay the compliance with your deletion request with respect to an archived or backup system, until that system is restored to an active system or is next accessed or used.
  • If the personal data about you has been obtained from a different source other than you - by retaining a record of the deletion request and the minimum data necessary for the purpose of ensuring your personal data remains deleted from your records and not using such retained data for any other purpose.

If we comply with your request to delete your personal data, or cannot comply with some of your request to delete your personal data, we shall provide you with the categories of personal data that were not deleted along with any applicable exception. We shall not use the retained personal data for any other purpose than provided for by the applicable exception.

Right to Data Portability

You have the right to receive the personal data we have collected and maintain about the you through a secure method in a commonly used electronic format that, to the extent technically feasible, is readily usable and allows you to transmit the personal data to another entity without hindrance.

We may deny your request for data portability if it is in a manner that would disclose our trade secrets. In such cases, we will provide as much data as possible in a portable format without disclosing the trade secret.

Exceptions for Responding to Consumer Requests

Please note that we may not comply with your data right request when:

  • We are not reasonably capable of associating the request with the personal data.
  • It would be unreasonably burdensome for us to associate the request with the personal data.
  • We do not use the personal data to recognize or respond to you or associate the personal data with other personal data about you.
  • We do not sell the personal data to any third party or otherwise voluntarily disclose the personal data to any third party, except as otherwise authorized by you.
  • There is any conflict with federal or state law.
  • If we are exempted from complying under the Colorado Privacy Act, or required in accordance with the Data Rights requests retention obligations.
  • If we cannot authenticate your identity.
  • Due to any factual basis for our good-faith claim that compliance is impossible.
  • Due to any basis for a good-faith, documented belief that the request is fraudulent or abusive.
  • If you submit a Data Right request that is deficient in a manner unrelated to the Authentication process. In such case we will provide you or your Authorized Agent with information on how to submit the request or remedy any deficiencies in the request.
  • Complete the transaction for which the personal data was collected or otherwise perform a contract between you and us.
  • Exercise free speech, ensure the right of another consumer to exercise his or her right of free speech, or exercise another right provided for by law.

or 

  • Comply with an existing legal obligation. 

Authentication

Prior to fulfilling any of your rights above, we shall use commercially reasonable methods for authenticating your identity. If we ask for additional personal data to Authenticate your identity, we will only use personal data obtained to authenticate you as the Consumer submitting the Data Right request. 

If we would not be able to authenticate you using commercially reasonable efforts, we will not be able to comply with your request. In such case, we shall inform you that their identity cannot be authenticated, provide information on how to remedy any deficiencies, and we may request additional personal data if reasonably necessary to authenticate you.

You may also designate an authorized agent to make a request under the CPA on your behalf. To do so, you need to provide the authorized agent with written permission to do so and the agent will need to submit to us proof that they have been authorized by you. We will also require that you verify your own identity, as explained above.

If you would like to exercise any of your CPA rights as described in this Policy or would like to appeal any of our decision relating to your rights, please contact us by e-mail at: Support@vanguardparking.co. If we deny your appeal, you always have the ability to contact your attorney general if you have “concerns about the result of the appeal.