The primary processor of your personal data will be PayByPhone Technologies Inc (“PayByPhone Inc”) incorporated in Canada. If you register from within the United Kingdom/from a United Kingdom telephone number to use the “PayByPhone” system your contract and account will be with PayByPhone Limited (“PayByPhone”). If you register from within Australia or New Zealand /from an Australian or New Zealand telephone number to use the “PayByPhone” system your contract and account will be with PayByPhone Pty. Ltd. (“PayByPhone”).
A chosen merchant service provider may also access your personal data for purposes of processing payments.
PayByPhone, is committed to providing its customers with exceptional service. As providing this service involves the collection, use and disclosure of some Personal Information about customers, protecting their Personal Information is one of PayByPhone’s highest priorities.
PayByPhone Inc is subject to Canadian privacy laws, including the Canadian Personal Information Protection and Electronic Documents Act (“PIPEDA”) and British Columbia’s Personal Information Protection Act (PIPA). PIPA, which came into effect on January 1, 2004, sets out the ground rules for how British Columbia (“B.C.”) businesses and not-for-profit organizations may collect, use and disclose Personal Information. The United Kingdom the Data Protection Act 1998 (“DPA”) sets out similar ground rules for the United Kingdom. PayByPhone is committed to complying with PIPEDA, PIPA and the DPA.
“Personal Information” or “personal data” -means information from which an individual can be identified; for example PayByPhone collects cell/mobile phone number, vehicle licence plate and credit or debit card details Personal Information does not necessarily include Contact Information (described below).
“PayByPhone ” means PayByPhone Limited and PayByPhone Technologies Inc.
Policy 1 – Collecting Personal Information
1.1 Unless the purposes for collecting Personal Information are obvious and the customer voluntarily provides his or her Personal Information for those purposes, we will communicate the purposes for which Personal Information is being collected, either orally or in writing, before or at the time of collection.
1.2 We will only collect and process customer Personal Information that is necessary to fulfil the following purposes:
- To allow customers to pay for parking with their cell phone (mobile phone), including the following details:
- Cell Phone Number
- Vehicle License Plate
- Visa or MasterCard credit cards or Maestro or Delta debit cards number
- Mailing Address
- For our own records, dealing with customer requests, providing customer services, administration, statistical analysis, marketing our services, assessing financial standing, recovery and collection of debts, dealing with regulatory and compliance issues, transfer of the PayByPhone business
- For processing payments, for which we currently use CreditCall, Pay360 by Capita, Capita and Ogone by Ingenico
Policy 2 – Consent
2.1 We will obtain customer consent to collect, use or disclose Personal Information (except where, as noted below, we are authorized to do so without consent).
2.2 Consent can be provided orally through an authorized representative or it can be implied where the purpose for collecting using or disclosing the Personal Information would be considered obvious and the customer voluntarily provides personal information for that purpose.
2.3 Subject to laws applicable in the Country you register from which may require you to “opt-in” to unsolicited communications or other processing of Personal Information consent may also be implied where a customer is given notice and a reasonable opportunity to opt-out of his or her Personal Information being used for mail-outs, the marketing of new services or products, fundraising and the customer does not opt-out.
2.4 Subject to certain allowable exceptions (e.g., the Personal Information is necessary to provide the service or product, or the withdrawal of consent would frustrate the performance of a legal obligation), customers can withhold or withdraw their consent for PayByPhone to use their Personal Information in certain ways. A customer’s decision to withhold or withdraw their consent to certain uses of Personal Information may restrict our ability to provide a particular service or product.
2.5 Subject to DPA we may collect, use or disclose Personal Information without the customer’s knowledge or consent in the following limited circumstances:
- When such collection, use or disclosure of Personal Information is permitted or required by law;
- In an emergency that threatens an individual's life, health, or personal security;
- When the Personal Information is available from a public source (e.g. a telephone directory);
- When we require legal advice from a lawyer;
- For the purposes of collecting a debt;
- To protect ourselves from fraud;
- To investigate an anticipated breach of an agreement or a contravention of law or, in the United Kingdom, as otherwise permitted under the DPA.
Policy 3 – Using and Disclosing Personal Information
3.1 We will only use or disclose customer Personal Information where necessary to fulfil the purposes identified herein or otherwise identified at the time of collection or for a purpose reasonably related to those purposes such as:
- To conduct customer surveys in order to enhance the provision of our services;
- To contact our customers directly about PayByPhone products and services that may be of interest;
3.2 We will not use or disclose customer Personal Information for any additional purpose unless we obtain consent to do so.
3.3 We will not sell customer lists or Personal Information to other parties, although we have a commercial arrangement with PayByPhone Inc.
Policy 4 – Retaining Personal Information
4.1 If we use customer Personal Information to make a decision that directly affects the customer, we will retain that Personal Information for at least one year unless the DPA requires us to dispose of or destroy this information earlier than that so that the customer has a reasonable opportunity to request access to it.
4.2 Subject to policy 4.1, we will retain customer Personal Information only as long as is reasonably necessary to fulfil the identified purposes or a legal requirement.
Policy 5 – Ensuring Accuracy of Personal Information
5.1 We will make reasonable efforts to ensure that customer Personal Information is kept accurate and complete.
5.2 Customers may request correction to their Personal Information in order to ensure its accuracy and completeness. A request to correct Personal Information must be made in writing and provide sufficient detail to identify the Personal Information and the correction being sought.
5.3 If the Personal Information is demonstrated by the customer to be inaccurate or incomplete, we will so far as practicable correct the information as required and send the corrected information to any organization to which we disclosed the Personal Information in the previous year. If the correction is not made, we will note the customer’s correction request in the file.
Policy 6 – Securing Personal Information
6.1 We are committed to ensuring the security of customer Personal Information in order to protect it from unauthorized access, collection, use, disclosure, copying, modification or disposal or similar risks.
6.2 PayByPhone Inc undertakes that the following security measures will be followed to ensure that customer Personal Information is appropriately protected:
- All Personal Information data will be stored electronically on an encrypted database of PayByPhone Inc protected by a firewall. Physical access to the database will be protected by 24/7 guards who will only allow authorised personnel access to the database, such personnel will be limited to those that need access.
6.3 PayByPhone Inc will use appropriate security measures when destroying customer’s Personal Information such as deleting electronically stored information.
6.4 PayByPhone Inc will continually review and update our security policies and controls as technology changes to ensure ongoing Personal Information security.
6.5 VUK has access to certain of the Personal Information but not to credit card details of customers and all of VUK’s access is password – protected to individuals and such access is able to be tracked by PayByPhone Inc.
Policy 7 – Providing Customers Access to Personal Information
7.1 Customers have a right to access their Personal Information, subject to limited exceptions. We will take all reasonable steps to assist customers in any legitimate access requests but the actual control of Personal Information and other customer data will be outside our direct control and with PayByPhone Inc.
7.2 A request to access Personal Information must be made to us and/or PayByPhone Inc in writing and provide sufficient detail to identify the Personal Information being sought.
7.3 Upon request, we will also tell customers how we and/or PayByPhone use their Personal Information and to whom it has been disclosed if applicable.
7.4 We or PayByPhone will make the requested information available within 30 business days, or provide written notice of an extension where additional time is required to fulfil the request.
7.5 A minimal fee may be charged for providing access to Personal Information. Where a fee may apply, we or PayByPhone Inc will inform the customer of the cost and request further direction from the customer on whether or not we or PayByPhone Inc should proceed with the request.
7.6 If a request is refused in full or in part, we or PayByPhone Inc will notify the customer in writing, providing the reasons for refusal and the recourse available to the customer.
Policy 8 – Questions and Complaints: The Role of the Privacy Officer or designated individual
8.2 Customers should direct any complaints, concerns or questions regarding PayByPhonecompliance in writing to the Privacy Officer. If the Privacy Officer is unable to resolve the concern, the customer may also write to the Information and Privacy Commissioner of British Columbia or the Information Commissioner in the United Kingdom.
Policy 9 – Cookies
Policy 10 – Access
You can access information held about you and request changes by accessing your personal Account on the PayByPhone website (currently at www.paybyphone.com).
Policy 11 – Export and transfer
In order to provide our services to you, if you are using the service outside of Canada, as well as being processed in the country where you are located, we will transfer your Personal Information to PayByPhone Inc in Canada.
If you are using the service in Australia, we may also transfer your Personal Information to PayByPhone Limited in the United Kingdom.
If you communicate with us via email your Personal Information may also be transferred to and via our service provider located the USA.
We may also transfer your Personal Information to service providers acting on our behalf in Canada and the UK.
We take steps to ensure that any service providers provide adequate protection for your Personal Information.
Your personal information may be accessible to regulatory, law enforcement and national security authorities of those jurisdictions, and may be subject to disclosure in accordance with the laws of those countries.
Contact information for PayByPhone Technologies Privacy Officer:
PayByPhone Technologies Inc
Privacy Officer (UK)
1 The Boulevard
Welwyn Garden City
Privacy Officer( Australia and New Zealand)
PayByPhone Pty Ltd
General: +61(0) 3 9592 8906
69 New Street