Privacy Notice

1. Introduction

This privacy notice sets out how Anprodata (“we”, “our”, “us”) collects, uses, and safeguards personal data in the course of providing car park management and parking enforcement services. We are committed to protecting the privacy and security of personal information in compliance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all other applicable data protection legislation.

2. About Us

Anprodata (Company Registration Number: 10161734) is registered at Fulford House, Newbold Terrace, Leamington Spa, CV32 4EA. For the purposes of data protection law, we are the “data controller” of the personal data we process.

3. The Data We Collect

We may collect and process the following categories of personal data:

  1. Vehicle Data: Vehicle registration mark (VRM), make, model, and colour.
  2. Image Data: Still images or video footage captured by Automatic Number Plate Recognition (ANPR) cameras or enforcement officers. These may include images of vehicles and, in some cases, their occupants.
  3. Contact Information: Name, address, email address, and telephone number. This information may be obtained from the DVLA in cases of non-compliance with parking terms.
  4. Financial Data: Records relating to payments and account management. We do not retain full credit or debit card details.
  5. Correspondence Data: Information provided to us in appeals, complaints, or any other communication.

4. How We Collect Your Data

We collect personal data from the following sources:

  • Directly from you: For example, when you make a payment, submit an appeal, or contact us with an enquiry.
  • From the DVLA: Where a Parking Charge Notice (PCN) remains unpaid, we may request the registered keeper’s details as an accredited member of the International Parking Community (IPC).
  • From third parties: Such as landowners, hire car companies, police, or debt recovery agencies where relevant.

5. How We Use Your Data

Your personal data is processed for the following legitimate purposes:

  • Parking enforcement: Issuing and managing PCNs where parking terms and conditions are breached.
  • Debt recovery: Pursuing unpaid charges, which may include obtaining details from the DVLA and referring cases to approved debt recovery agencies.
  • Appeal management: Reviewing and responding to appeals against PCNs.
  • Crime prevention and detection: Sharing data with law enforcement where necessary for the investigation of crime or fraud.
  • Operational management and analytics: Using anonymised or aggregated data for statistical analysis and service improvement.

6. Legal Basis for Processing

We rely on the following lawful bases under UK GDPR:

  • Legitimate Interests: For the enforcement of parking terms, recovery of unpaid charges, and management of our operations.
  • Legal Obligation: To comply with statutory requirements or respond to lawful requests from regulatory and law enforcement authorities.
  • Contract: Where processing is necessary for the performance of a contract, such as the provision of a paid parking permit.

7. Data Sharing and Disclosure

We may share your personal data with:

  • DVLA: To obtain registered keeper details in compliance with our trade association membership.
  • Third-party service providers: Including payment processors, debt recovery agencies, solicitors, and other professional advisers.
  • Law enforcement and regulators: Such as the police or the Information Commissioner’s Office (ICO) where required by law.
  • Accredited Trade Associations: For auditing and compliance monitoring under the relevant codes of practice.

8. Data Retention

We will retain personal data only for as long as necessary for the purposes for which it is collected:

  • Unpaid Charges: Retained for up to six years to enable resolution or legal action.
  • Cancelled/Voided Charges: Data is removed within 60 days of cancellation.
  • Images (ANPR/CCTV): Deleted once they are no longer required, and in any event where no breach has occurred, within a defined period.

9. Your Rights

Under UK GDPR, you have the following rights:

  • To be informed about how we process your personal data.
  • To request access to the personal data we hold about you (Subject Access Request).
  • To request correction of any inaccurate or incomplete data.
  • To request erasure of your data, subject to legal limitations.
  • To request restriction of processing.
  • To object to processing where it is based on legitimate interests.
  • To request transfer of your personal data to another service provider (data portability).

  • To object to automated decision-making and profiling.

  • To exercise any of these rights, please contact us using the details in section 13.

10. Security of Your Data

We apply strict security measures to prevent personal data from being lost, accessed, altered, or disclosed without authorisation. Access is limited to employees and authorised third parties who require the information for legitimate business purposes.

11. Complaints

If you have concerns about how we process your personal data, please contact us in the first

instance. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s supervisory authority for data protection.

12. Updates to This Notice

We may update this privacy notice from time to time. The most recent version will always be

published on our website.

13. Contact Us

If you have any questions about this privacy notice or wish to exercise your data rights, please contact our Data Protection Officer:

Email: info@anprodata.co.uk

If you remain dissatisfied, you can contact the Information Commissioner’s Office:

  • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
  • Telephone: 0303 123 1113
  • Website: www.ico.org.uk

14. Version Control

These Terms & Conditions were last reviewed and updated on 31/10/2025.
ANPRODATA reserves the right to update them at any time, and all revisions will be posted on this page.

← All Policies

Next Policy →

Complaints Policy