Privacy Policy
Last updated: April 2026
1. Introduction
At Parkyng ("us", "we", "our" or the "Company") we value your privacy and the importance of safeguarding your data. This Privacy Policy (the "Policy") describes our privacy practices for the activities set out below. As per your rights, we inform you how we collect, store, access, and otherwise process information relating to individuals. In this Policy, personal data ("Personal Data") refers to any information that on its own, or in combination with other available information, can identify an individual.
We are committed to protecting your privacy in accordance with the highest level of privacy regulation. As such, we follow the obligations under the below regulations:
- Canada's Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial legislations
- Quebec Law 25
- The EU's General Data Protection Regulation (GDPR)
- Brazil's Data Protection Legislation (LGPD)
- California's Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA) and CalOPPA
- Colorado Privacy Act (CPA)
- Utah Consumer Privacy Act (UCPA)
- Connecticut Data Privacy Act (CTDPA)
- Virginia Consumer Data Protection Act (VCDPA)
- Texas Data Privacy and Security Act (TDPSA)
- Oregon Consumer Privacy Act (OCPA)
- Montana Consumer Data Privacy Act
- Delaware Personal Data Privacy Act
- Nebraska Data Privacy Law
- New Hampshire Data Privacy Act
- New Jersey Data Privacy Act
- Minnesota Consumer Data Privacy Act
- Maryland Online Consumer Protection Act
- Kentucky Consumer Data Protection Act (KCDPA)
- Tennessee Information Protection Act (TIPA)
- The Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA)
- Indiana Consumer Data Protection Act (INCDPA)
- Iowa Consumer Data Protection Act (ICDPA)
- South Africa's Protection of Personal Information Act (POPIA)
- Switzerland's Federal Act on Data Protection (FADP / nDSG)
- Saudi Arabia's Personal Data Protection Law (PDPL)
Scope
This Policy applies to the Parkyng website, domains, applications, services, and products accessible at parkyng.tech.
This Policy does not apply to third-party applications, websites, products, services or platforms that may be accessed through links we may provide to you. These sites are owned and operated independently from us, and they have their own separate privacy and data collection practices. Any Personal Data you provide to these websites will be governed by the third party's own privacy policy. We cannot accept liability for the actions or policies of these independent sites.
Processing Activities
This Policy applies when you interact with us by doing any of the following:
- Make use of our platform and services as a registered user
- Visit any of our websites that link to this Privacy Policy
- Contact us by any means including email or our contact form
2. Personal Data We Collect
What Personal Data We Collect
When you register for or use Parkyng, we collect the following categories of Personal Data:
- Account Information — your full name, company name, email address, and hashed password
- Payment Information — billing details processed by Stripe (we do not store card numbers)
- Listing and Transaction Data — parking listings you create, RFQs you submit or receive, credit purchases
- Usage Data — pages visited, features used, and actions taken within the platform
- Technical Data — IP address, browser type, device information, time zone, and session timestamps
- Communications — messages exchanged via the platform's RFQ and reply system
How We Collect Your Personal Data
We collect Personal Data from the following sources:
Directly from you, when you:
- Create an account on our platform
- Create or respond to parking listings or RFQs
- Purchase credits via Stripe
- Update your profile or notification preferences
- Contact us with an inquiry or to report a problem
Automatically, as you use our platform:
- Session cookies that maintain your authenticated session (see our Cookie Policy)
- Server logs including IP address, timestamps, and pages accessed
From third parties:
- Payment confirmation and billing data from Stripe upon successful purchase
- Transactional email delivery data from Brevo (email open/delivery status)
3. Purpose and Legal Basis for Processing
We collect and use your Personal Data for the following purposes and on the following legal bases:
| Purpose | Legal basis |
|---|---|
| Provide and operate the Parkyng platform | Performance of a contract |
| Process credit purchases and payments | Performance of a contract |
| Verify your identity and email address | Performance of a contract / Legitimate interest |
| Send transactional emails (verification, RFQ notifications, alerts) | Performance of a contract |
| Maintain platform security and prevent fraud | Legitimate interest |
| Improve and develop our products and services | Legitimate interest |
| Send marketing communications (with your consent) | Consent |
| Comply with legal obligations | Legal obligation |
4. Third-Party Tools and Processors
We use the following third-party service providers to operate our platform. Each is engaged as a data processor acting on our instructions and is bound by appropriate data processing agreements:
| Provider | Purpose | Data location |
|---|---|---|
| Neon (PostgreSQL) | Database hosting — stores all account and platform data | EU / USA |
| Brevo | Transactional email delivery (verification, notifications) | EU |
| Stripe | Payment processing and billing | EU / USA |
| Infomaniak | Web hosting and server infrastructure | Switzerland |
5. International Data Transfers
Parkyng is headquartered in Switzerland. Your Personal Data may be transferred to and processed in countries outside your own, including within the European Economic Area (EEA) and the United States. Where such transfers occur, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission and, where applicable, reliance on adequacy decisions.
Switzerland has been recognised by the EU as providing an adequate level of data protection. Transfers from Switzerland are governed by the Swiss Federal Act on Data Protection (FADP).
6. Sharing and Disclosure
We do not sell your Personal Data. We share your Personal Data only in the following circumstances:
- Service providers — third-party processors listed in Section 4, acting under our instruction
- Legal requirements — when required by law, court order, or government authority
- Protection of rights — to prevent fraud, enforce our terms, or protect the safety of our users
- Business transfers — in the event of a merger, acquisition, or asset sale, with prior notice to you
- Counterparties — when you unlock a seller contact, limited contact details are disclosed to the unlocking party, as the core function of the service
7. Cookies
We use a single strictly necessary session cookie (parkyng_session) to maintain your authenticated session. We do not use advertising or analytics cookies. For full details, please see our Cookie Policy.
8. Retention and Deletion
We retain your Personal Data only for as long as necessary to fulfil the purposes for which it was collected, or as required by applicable law:
- Account data is retained for the duration of your account and deleted within 30 days of account deletion
- Session records are invalidated after 30 days of inactivity or upon logout
- Payment records are retained for 10 years as required by Swiss accounting law
- Server logs are retained for up to 90 days for security and diagnostic purposes
9. How We Keep Your Data Safe
- All data in transit is encrypted using TLS (HTTPS)
- Passwords are hashed using scrypt with a unique salt — they are never stored in plain text
- Session tokens are stored as SHA-256 hashes in our database
- Database access is restricted to application-level credentials with least-privilege principles
- Third-party processors are required by contract to maintain appropriate security measures
- In the event of a Personal Data breach, we will notify affected individuals and the relevant supervisory authority as required by law
10. Children's Privacy
Parkyng is a B2B platform intended exclusively for professionals in the aviation industry. We do not knowingly collect Personal Data from individuals under the age of 18. If you believe a minor has provided us with Personal Data, please contact us immediately.
11. Your Rights
Depending on your location and applicable law, you may have the following rights regarding your Personal Data:
Right to Access
Request a copy of the Personal Data we hold about you.
GDPR Art. 15 · PIPEDA · CCPA · FADP
Right to Rectification
Request correction of inaccurate or incomplete Personal Data.
GDPR Art. 16 · PIPEDA · FADP
Right to Erasure
Request deletion of your Personal Data, subject to legal retention obligations.
GDPR Art. 17 · CCPA · FADP
Right to Restriction
Request that we restrict processing of your data in certain circumstances.
GDPR Art. 18
Right to Portability
Receive your data in a structured, machine-readable format.
GDPR Art. 20 · PIPEDA · FADP
Right to Object
Object to processing based on legitimate interests.
GDPR Art. 21
Right to Opt Out
Opt out of any sale or sharing of your data (we do not sell data).
CCPA/CPRA · CPA · VCDPA
Right to Withdraw Consent
Withdraw consent at any time where processing is based on consent.
GDPR · FADP
Right to Lodge a Complaint
File a complaint with your local data protection authority.
GDPR Art. 77 · FADP
EEA residents may contact their national data protection authority. A full list is available at edpb.europa.eu. Swiss residents may contact the Federal Data Protection and Information Commissioner (FDPIC).
12. Changes to This Policy
We may update this Policy from time to time. When we do, we will post the revised version on this page with an updated date. For material changes, we will notify registered users by email. Continued use of the platform after changes are posted constitutes acceptance of the updated Policy.
13. Contact Us
To exercise any of your rights, request deletion of your data, unsubscribe from communications, or ask a question about your data privacy, please contact us: