Privacy Policy Belgium

August 2021

We (“Indigo”, “Indigo Group”, “we”, “us”) respect the privacy of our users. We process personal data only for the purpose for which they were provided and in accordance with the European General Data Protection Regulation or the GDPR (2016/679/EU – hereinafter “GDPR”).

About us

Depending on the services we provide, one of the following companies of the Indigo Group shall be the controller for the processing of your personal data within the meaning of the GDPR:

  • Indigo Infra Belgium NV – Bijenstraat 21 – 9051 Sint-Denijs-Westrem – BE 0440.502.536
  • Indigo Park Belgium NV – Bijenstraat 21 – 9051 Sint-Denijs-Westrem – BE 0449.598.562
  • Société immobilière des parking Erasmes SA – Rue Royale 128 – 1000 Brussel – BE 0449.473.254
  • Turnhout Parking NV – Bijenstraat 21 – 9051 Sint-Denijs-Westrem – BE 0818.821.045
  • Parkeerbeheer Lier NV – Keizershof 10 – 2500 Lier – BE 0466.031.748
  • Parking 4040 SA – Rue des Mineurs 39-41 – 4040 Herstal – BE 0538.929.327
  • ParcBrux BVBA – Bijenstraat 21 – 9051 Sint-Denijs-Westrem – BE 0717.705.869
  • Parking Neujean SRL – Rue Royale 128 – 1000 Brussels – BE 0644.752.268

You can find the details of the relevant data controller on your retribution ticket/parking ticket, etc.

Indigo Park Belgium NV is the data controller for the processing that takes place as part of the camera surveillance in our car parks.

In certain cases, we provide parking services on behalf of car park owners (e.g. when Indigo manages the car park remotely through a control room as a backup or when Indigo carries out repairs to the owners’ infrastructure). When Indigo processes personal data in this context, it acts as a processor with regard to your personal data. This processing by Indigo on behalf of car park owners is governed by a processor agreement. The car park owners are the data controllers for these processing activities. We advise you to read their privacy policy.

When does this Privacy Policy apply?

This Privacy Policy applies to the processing of personal data by Indigo in the context of its services for cities and municipalities (e.g., parking management and the issuing of parking-, resident- and other cards) as well as in the context of its own services (operation of car parks, websites, etc.).

This Privacy Policy does not apply to the processing of personal data which takes place for purposes of selection and recruitment. A different privacy policy is available for these processing operations, which can be found at the following link.

What data do we collect?

On the one hand, Indigo offers services to cities and municipalities, which, depending on the case, may consist of the issuing of parking-, resident- and other cards or controlling of the payment of parking spaces and, if necessary, the issuing of retribution tickets. On the other hand, Indigo also offers its own services and manages its own car parks. The type of data processed by Indigo varies according to the type of services provided by Indigo and is explained below.

 

  • i. Services for Cities and Municipalities

    When issuing parking, resident, or other cards on behalf of a city or municipality, Indigo receives the following data:

    • Data which you provide to us or to your city or municipality  
      When you apply for a parking, resident, or another card, we collect the data which you provide to us directly (whether or not through our website) or which you provide to your city or municipality, such as (the exact data may vary by city or municipality):

      • Identification data, such as your surname, first name, and address (possibly with a copy of, or by reading your identity card, or through an identification application).
      • Email address.
      • Telephone number.
      • Company name.
      • Website.
      • VAT number.
      • Vehicle license plate.
      • Copy of the vehicle registration certificate.
      • If you are not the owner of the car: an employer’s certificate regarding the use of the vehicle through a leasing company, copy of the lease contract, certificate from a garage or motor vehicle association, insurance certificate.
      • Other certificates (e.g., certificate of the Medical Association, NIHDI-certificate, or employer’s certificate) with a view to, for example, the application for health care provider cards.

      When issuing parking tickets via parking machine on behalf of a city or municipality, Indigo receives the following data:

      •  

    • Data which you provide to us or to your city or municipality
      • Vehicle number plate.

      •  
      When Indigo takes care of the parking management on behalf of a city or municipality and can issue retribution tickets, Indigo receives the following data:
       

    • Data which you provide to your city or municipality
      In certain cases, such as the payment of a fee for occupancy of the public domain (e.g., when you want to carry out works or park a removal van), it can happen that we receive your personal data from the city or municipality in question.

      •  

    • Data which Indigo collects itself
      We issue retribution tickets on behalf of several cities and municipalities. You can get a retribution ticket if you choose not to pay for your parking space in a paying zone or if you illegally use a parking space without a valid permit or parking ticket. These findings are made either on the spot or via scan car or scan scooter. The number plate, the brand and color of the car, the date and place of the finding, and photographs are kept as proof.

      You have to pay the amount on the retribution ticket by a certain date. This can be done through various payment systems, which also process your data if necessary.

      •  

    • Data which Indigo receives from public sources, such as the Vehicle Registration Service (DIV)
        If you do not pay a retribution ticket, we can request your personal data, such as your surname, first name, and the address of the number plate owner, from the DIV service, on the basis of, inter alia, the Deliberation of the Sectoral Committee for the Federal Government no. 13/2016 and 02/2016 of 21 January 2016.

    •  

  • ii. Indigo’s Own Services

    In the context of its own services (management of car parks, bike rental, etc.), Indigo receives the following data:

    • Data which you provide to us yourself
      We only receive the data which you provide to us yourself when you register online for our newsletter, fill out our contact form, request an offer or a subscription through specific request forms, or when you make other requests for one of our services, whether or not through your customer portal.
       
      In these cases, we may process the following data:

      • Identification data, such as your surname, first name, and address (possibly on presentation of, or through a scan of your identity card, or through an identification application).
      • Email address.
      • Telephone number.
      • Company name.
      • Website.
      • VAT number.
      • Vehicle number plate.
      • Copy of the vehicle registration certificate.
      • Employer’s certificate regarding the use of the vehicle through a leasing company.

      When you rent a bicycle in one of our car parks, we ask you to present your identity card.

      •  

    • Data which we receive from your employer
      If your parking subscription is paid by your employer, it is possible that we receive (some of) the above data from your employer.

      •  

    • Data which we collect automatically via Automatic Number Plate Recognition (ANPR) and via camera surveillance.
       
      Our car park systems identify the number plate of your car to allow us to better serve you. This means that when you present your vehicle at the entry or exit, the barrier will open automatically when reading your number plate if you have paid for your parking session. This ensures, for example, that possible waiting times are reduced or avoided.
       
      Surveillance cameras are also installed in our car parks to secure and protect them.

      •  

    • Data that we may collect automatically via recordings of conversations over the intercom in the context of quality purposes.

      •  

    • Data which we collect automatically on our websites
      We use cookies when you visit our websites or use apps. On your first visit to our website, you will be asked for your permission to place cookies by means of a banner.

For what purpose and on what basis do we use your personal data?

  • i. Services for cities and municipalities

    In the context of our services to cities and municipalities, we use your data for the following and related purposes:

    • To be able to process your application for a parking-, resident- or any other card, check the data provided by you (e.g. your identity) at the time of application of the card for approval in accordance with the applicable regulations, and to create, send and manage the requested card.
    • To be able to register you as a user on our website in order to apply for parking-, resident- and other cards.
    • To be able to check whether you have paid for your parking session and, if necessary, to issue a retribution ticket.
    • To collect the unpaid retribution tickets, parking taxes, parking retributions or parking fees and, if necessary, report about this to the city or municipality.
    • To manage disputes and complaints and, if necessary, to report about this to the city or municipality.
    • To make analyses of the use of our services for cities and municipalities. In doing so, we use aggregated and anonymized data as much as possible.

    Indigo will not use data received as part of its services for cities and municipalities for direct marketing purposes.

    The processing taking place in the context of our services to cities and municipalities takes place on the basis of the performance of our task carried out in the public interest that cities and municipalities have entrusted to us under a concession agreement or another contract. When you create a profile on our website to apply for parking cards, processing takes place on the basis of an agreement which you conclude with Indigo. The processing carried out in the context of anonymized and aggregated statistical analyses of our services is based on our legitimate interest to evaluate and improve our range of services. Indigo also has a legitimate interest to invite persons using its services for cities and municipalities to participate in satisfaction surveys. When we take a copy of your identity card or when we read in your identity card, this processing is based on your consent.

    •  

  • ii. Indigo’s own services

    In the context of our parking services, we use your data for the following and related purposes:

    • For sending administrative documents relating to the services requested by you.
    • To be able to process your application for a parking subscription, check the data provided by you (e.g. your identity), to create and manage the requested subscription.
    • To be able to provide you with an answer when you contact us through our contact form.
    • To be able to ensure a fast and efficient service to you at the entries and exits of our car parks.
    • To secure and protect our car parks and our corporate assets.
    • To provide you with information about our services and activities (e.g. to invite you to special promotions or free events).
    • To invite you to participate in a satisfaction survey about our services.
    • To manage disputes and complaints.
    • To make analyses of the use of our car parks and other services. We use aggregated and anonymized data as much as possible.
    • To improve and secure our websites.

    The data processing which takes place in the context of our own parking services is always based on a legal ground. This is, depending on the case:

    • Your consent, e.g. when you subscribe to our newsletter or when we read in or copy your identity card. In this case, you always have the right to withdraw your consent at a later date. In all our newsletters, you will find a link which you can use to unsubscribe from our information.
    • The performance of an agreement which you or your employer conclude with us, or the measures preceding the conclusion of the contract, e.g. when you take out a parking subscription with us.
    • The pursuance of a legitimate interest of Indigo, e.g. to guard our buildings by means of camera surveillance, to inform our customers about our activities and services and to invite them to participate in satisfaction surveys, to make statistical analyses about the use of our car parks and services and improve services, to secure our car parks or to improve and secure our websites.

With whom do we share your personal data?

In the context of our services to cities and municipalities (e.g. when we receive an application for a parking card from you), we also transmit your data to your city or municipality (e.g. to be able to process the application, manage complaints, etc.).

Indigo is selective in the parties to whom it further discloses your personal data and selects them carefully. In all cases, we strive to ensure that sufficient guarantees for the protection and confidentiality of your data are agreed upon.

Your personal data will be stored on servers of Indigo or other companies of the group. The Indigo servers are located in Belgium, France or other countries of the European Union (EU). Your data may therefore be transmitted, stored and processed in Belgium, France or other countries within the EU.

In the following cases, we may disclose (some of your) personal data to third parties:

  • Cities and municipalities in the context of our services to cities and municipalities.
  • Car park owners to whom we provide parking services.
  • Companies that are part of the group to which Indigo belongs.
  • IT-service providers offering technical support.
  • Certain processors acting on our behalf, such as marketing and communication companies.
  • Ombuds services, in the context of any questions or complaints about our services.
  • Bailiffs, lawyers, advisers or insurers: in certain cases, Indigo may transmit your personal data to lawyers, external advisers or insurers if this proves necessary to defend Indigo’s interests in court or to provide advice, e.g. in the event of damage or accidents.
  • Authorities: depending on the situation, it is possible that we will transmit your personal data to police, judicial or other supervisory authorities if we believe that a law, regulation or other legal request or order obliges us to do so.
  • Potential subsequent acquirers of the company: in the event that all or part of our business is taken over by a third party, your information will be transferred to the acquirer.

How do we protect your personal data?

We have taken appropriate technical, administrative and organisational measures to protect personal data against loss or other forms of unlawful processing. These measures ensure a level of security appropriate to the data we process.

Our employees are trained to handle personal data correctly. We only give access to your personal data to employees who need the information to perform their tasks properly.

What Are Cookies Used For on Our Site?

The cookies we issue

Subject to your settings, when you connect to our Site, we may install various Cookies on your Terminal.

These are:

 

  • “Necessary cookies”: these are essential in order to provide you with the Services available on our Site and to use some of their functions, in particular to access certain secure areas (Personal Account). Without these cookies, the tools required to meet the needs of the Service (creation of and access to a Personal Account, recording of bank details) could not be provided.
  • “Technical cookies”: these are used throughout your browsing experience, to make it easier and to perform certain functions. They enable us, for example, during the period of validity of the Cookie concerned, to memorize the answers given in a form, to recognize the browser of your Terminal, or even your preferences in terms of language or the presentation of our Site.

The cookies we issue are used for the purposes described in article 3.3 of this Policy, subject to the settings made by you, which result from the parameters of the browser software used when you visit our Site.

The cookies we issue are used for the following purposes:

 

  • to compile statistics on the use of and visits to our Site;
  • to improve our Site and Services;
  • to adapt the presentation of our Site to the display preference of your Terminal (language used, display resolution, operating system used, etc.) during your visits to our Site;
  • to store information relating to a form previously filled in on our Site;
  • to access personal areas of our Site, such as your personal account;
  • to implement security measures.

subject to the settings made by you, which result from the parameters of the navigation software used during your visit to our Site.

Cookies issued by our partners

As a result of third-party applications integrated into our Site, certain Cookies may be issued by our Partners enabling them, during the period of validity of their Cookies, to collect browsing information relating to the browsers consulting our Site.

These are:

 

  • “Web-analysis cookies” (or audience measurement): these cookies are used to collect information on how you use our Site. We use this information to generate reports and to help us improve our Site, make it more user-friendly and ensure that it functions correctly. These cookies collect information in anonymous form about your activity on our Site, including the pages you visit and the web page that linked you to our sites. These cookies are always set by our sites or third party domains.
  • “Third-party or social network integration cookies”: these cookies are used to integrate third-party functionalities on our Site. Cookies in this category may be set by third parties and include, but are not limited to, cookies set by social networks.

You may prevent the collection of information about you via these third-party cookies at any time by clicking on the corresponding links (see the “Your choices concerning cookies” article below).

The issue and use of Cookies by these Partners are subject to their own privacy protection policies. We inform you of the purpose of the cookies of which we are aware and of the means available to you to make choices with regard to these cookies.

Your choices regarding cookies

You can choose whether or not to accept cookies. However, refusing cookies will not allow you to benefit from all the features of our Site.

You can define your cookie preferences using the cookie acceptance tool available on the Site “Managing your cookie preferences”, or by modifying your browser settings so that cookies from our Site cannot be placed on your Terminal. To do this, you must follow your browser’s instructions (generally accessible in the Help, Tools or Browser Edition sections):

 

Necessary cookies
These cookies are essential for the correct use of the websites and their main functions, so they cannot be deactivated.
Name Provider Objective Retention Type Link
__cf_bm Vimeo.com This cookie is used to distinguish robots from humans 1 day HTTP cookie
JSESSIONID nr-data.net Keeps user settings configured through page requests Session HTTP cookie

 

Web-analysis cookies
The Matomo/Piwik audience measurement tool does not require the User’s consent to the deposit of analysis cookies.
Name Provider Objective Retention Type Link
_pk_id.* Piwik Matomo Collects statistics on user visits to the website, such as the number of visits, the average time spent on the site and which pages were consulted. 13 months HTTP Cookie https://matomo.org/docs/privacy/.
_pk_ses.* Piwik Matomo Used by Piwik Analytics Platform to track visitor page requests during the session. 30 minutes HTTP Cookie https://matomo.org/docs/privacy/.

 

You will find more about cookies on the APD Website.

How long do we keep your personal data?

We will not keep your data longer than necessary for the purpose for which they were received and will apply the following storage periods, as far as reasonably possible:

  • Data received in connection with the issuing of a parking card are in principle not kept for longer than 3 years after the year in which the parking card expired.
  • Data received in connection with the parking management and the management of unpaid retribution tickets, including the DIV data which we may request in this context, will be kept for a maximum of 18 months after payment of the full amount.
  • Data relating to our contracts and our own services will be kept for at least 7 years, for instance in order to comply with our legal obligations in this respect. Upon expiry of the storage period, we will in principle delete such data within 1 year of the expiry of that obligation.
  • Data to reply to a message which you have sent to us through our contact form will in principle be deleted within 18 months after our last correspondence.
  • Camera images are in principle kept for one month.
  • In principle, we do not store audio recordings of conversations over the intercom in the car park for longer than 12 months.

The above storage periods are subject to legal and contractual obligations or to complaints or disputes which require us to store and/or keep the data available for a longer period of time.

What are your rights?

You always have the right to withdraw your consent to the processing of your data, after which we will no longer process your data. The withdrawal of this consent shall not affect the lawfulness of our data processing based on your consent before its withdrawal.

You also have the right to have access to your personal data and the right to rectify your personal data. If you would like to know what personal data we process about you, you can submit a written access request. If your data are incorrect, incomplete or irrelevant, you can ask us in writing to have these data corrected or completed.

Furthermore, you have the right to erasure of your personal data, the right to restriction of the processing and the right to object to the processing of your data for direct marketing purposes or, under certain conditions, in other cases. Moreover, you have the right to transfer or make your data transferable. The exercise of certain rights may be subject to statutory conditions or exceptions. If you wish to exercise these rights, please send your request with a copy of the front of your identity card, passport or any other proof of identity to privacy.be@group-indigo.com. If your request relates to a number plate, we also ask you to provide a copy of a document that can link the number plate to you. We ask you for this proof to ensure that we respect the protection of your personal data and do not forward them to a third party.

Furthermore, you always have the opportunity to lodge a complaint with the Data Protection Authority (Drukpersstraat 35 – 1000 Brussels – contact@apd-gba.be).

Contact

For more information about this Privacy Policy or for questions regarding the processing of your personal data, please contact Indigo’s Data Protection Officer at privacy.be@group-indigo.com.

Amendments

We reserve the right to amend this Privacy Policy at any time. The amendments will take effect on the announced date of entry into force.