Privacy Policy

Last updated: 8 December 2025

Information about the Personal Data Controller

The Park Aid website and mobile application (the Platform) fully comply with the requirements of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, repealing Directive 95/46/EC (the “Regulation”), effective as of 25 May 2018, as well as the Bulgarian Personal Data Protection Act (PDPA).

By using the Platform, you accept and undertake to comply with this Personal Data Protection Policy, the Cookies Policy, and the General Terms and Conditions of Park Aid.

Legal Grounds for Processing Personal Data

We process your personal data on the following grounds:

  • A legal obligation expressly provided by law;
  • Your explicit consent – the purpose is specified in each individual case;
  • A statutory obligation.

The following sections describe how your personal data are processed depending on the applicable legal basis.

Processing for the Performance of a Contract or Pre-Contractual Relations

We process your personal data in order to perform contractual and pre-contractual obligations and to exercise our rights under contracts concluded with you.

Purposes of processing:

  • As described in the General Terms and Conditions for use of the Platform;
  • Where required by law.

We use an SSL certificate to ensure secure transactions for our customers. The certificate provides an encrypted connection between you and the Platform when you enter your personal data.

Processing for Compliance with Legal Obligations

In certain cases, the law requires us to process your personal data. In such situations, we are obliged to do so, for example:

  • Obligations under the Anti-Money Laundering Act;
  • Fulfillment of obligations related to distance selling and off-premises sales under the Consumer Protection Act;
  • Provision of information to the Consumer Protection Commission or third parties as required by the Consumer Protection Act;
  • Provision of information to the Commission for Personal Data Protection in connection with obligations under personal data protection legislation;
  • Obligations under the Accounting Act, the Tax and Social Security Procedure Code, and related legislation for lawful accounting;
  • Provision of information to courts and third parties within judicial proceedings;
  • Verification of age when shopping online;
  • Verification of a motor vehicle driving license.

Personal data collected under a legal obligation are deleted once the obligation to collect and store them has been fulfilled or ceases to apply, for example:

  • Accounting data – 11 years;
  • Obligations related to providing information to courts and public authorities – 5 years.

Where legally required, we may disclose your personal data to competent public authorities, natural or legal persons.

Processing Based on Your Consent

Consent constitutes a separate legal basis for processing your personal data. The purpose of processing is specified in the consent and does not overlap with the purposes described in this Policy.

If you provide consent, and until it is withdrawn or contractual relations with you are terminated, we may prepare tailored offers for products and services.

Data processed on this basis are deleted upon your request or one (1) year after their initial collection.

We may use your contact details to communicate with you via email or other electronic means (such as website messages, text messages, messaging apps, or remote detailing services) to deliver marketing communications related to services, products, or events of interest to you. Marketing communications by email, electronic means, or phone calls are sent only with your explicit consent.

  1. Personal Information We Collect

1.1 Information Required to Use the Park Aid Platform

We collect personal information when you use the Platform. Without it, we may not be able to provide all requested services. This includes:

1.1.1 Contact, Account, and Profile Information

First name, last name, phone number, postal address, email address, date of birth, and profile photo, depending on the features used.

1.1.2 Identity Information

Where appropriate, we may request an image of your official identity document (in accordance with applicable law), additional verification information, and/or a selfie for identity verification.

1.1.3 Payment Information

Such as payment account or bank account details. If you are not a Park Aid user, we may receive payment information related to you when another user provides your payment card details to complete a reservation.

1.2 Information You Choose to Provide

This may include:

  • Additional profile details such as gender, preferred language(s), city, and personal description;
  • Other information provided through forms, surveys, community forums, promotions, communications with support, address books, location sharing, or experience feedback, including health information if you choose to share it.

1.3 Information Collected Automatically

Including:

  • Geolocation data (precise or approximate);
  • Usage data (searches, reservations, interactions);
  • Device information (IP address, hardware/software data, crash data);
  • Cookies and similar technologies;
  • Payment transaction details.

1.4 Information from Third Parties

Including:

  • Third-party applications (e.g., Google, Facebook);
  • Public record and background check providers where legally permitted;
  • Complaints submitted by parking space owners, guests, or third parties;
  • Financial institutions;
  • Other lawful sources for fraud prevention, risk assessment, and security.

1.5 Video Recordings

Park Aid may obtain access to video recordings from property owners upon legitimate requests by supervisory or regulatory authorities. These include images recorded through video surveillance and equipment located on the rented property or its access points.

  1. How We Use the Information We Collect

2.1 Providing and Improving the Platform

Including access, payments, communication, processing requests, analytics, customer support, notifications, personalization, and service improvement.

2.2 Protecting the Platform and Community

Including fraud detection, identity verification, compliance with legal obligations, dispute resolution, enforcement of agreements, eligibility determination, and risk assessment.

Automated processes may restrict or suspend access if risks are detected. You may challenge such decisions by contacting us.

2.3 Advertising and Marketing

Including sending promotional messages, managing campaigns, referrals, events, and analyzing preferences (only with consent where required).

2.4 Reviewing Communications

Communications may be reviewed or analyzed for fraud prevention, security, legal compliance, product improvement, and customer support. We do not sell or analyze messages for third-party marketing.

2.5 Payment Services

Including fraud prevention, legal compliance, enforcement of payment terms, and service improvement.

  1. Data Sharing and Disclosure

3.1 With Your Consent or Direction

Including third-party applications, insurance claims, promotions, and financing options.

3.2 With Whom We Share Data

  • Other members;
  • Parking space management entities;
  • Service providers and contractors;
  • Corporate affiliates.

3.3 Legal and Business Purposes

Including public profiles, legal compliance, disclosures to authorities, tax reporting, licensing, notifications, and business transfers.

  1. Third-Party Partners and Integrations

You may connect your account with third-party services. Data sharing is subject to your settings and the privacy policies of those third parties, including Stripe.

  1. User Rights

Users have all rights under Bulgarian and EU law, including:

  • Right to information;
  • Access;
  • Rectification;
  • Erasure (“right to be forgotten”);
  • Restriction of processing;
  • Data portability;
  • Objection;
  • Protection against solely automated decision-making;
  • Judicial or administrative remedies.

Users may lodge complaints with the Commission for Personal Data Protection or competent Bulgarian courts.

  1. Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy in accordance with applicable law. Updates will be published and the “Last updated” date revised. Material changes will be communicated by email at least 30 days in advance. Continued use of the Platform constitutes acceptance of the updated Policy.