TWIN PAY – PRIVACY POLICY

Twin Pay is committed to respecting your privacy and complying with all applicable data protection and privacy laws. In this Privacy Policy, we describe how we collect, use, share and protect your Personal Data.

As part of our commitment to you, we ensure that your Personal Data is accurate, confidential, and secure and allow you to access, correct, or erase your Personal Data. Please note that in order to offer our services, we transfer your Personal Data to United Kingdom and to certain service providers..

When you create an Account with us or use our Services, you agree to this Privacy Policy and the Terms and Conditions. Each time you use your Account or our Services, or provide us with information, the current version of this Privacy Policy and the Terms and Conditions govern the processing of your Personal Data.

If you do not agree with the terms of this Privacy Policy or the Terms and Conditions, please refrain from creating an Account or using our Services.

If you have any questions or comments about this Privacy Policy, please contact the relevant Data Protection Officer at the address listed in Section 15 below.

SPECIAL NOTICE REGARDING CHILDREN

Our Services are not directed to people under 16. We do not knowingly collect personal information from children under 16. If you become aware that a child has provided us with Personal Data without the proper consent, please contact the relevant Data Protection Officer at the address listed in Section 15 below and we will take steps to remove such information and terminate the account, as necessary.

Table of Contents

  1. Who processes your information?
  2. What information is processed?
  3. Why is your information processed?
  4. How is your information processed?
  5. With whom is your information shared?
  6. Where is your information transferred?
  7. How is your information kept safe?
  8. How long is your information retained?
  9. What rights do you have in regard to your information?
  10. Definitions.
  11. App store; Links to other websites.
  12. Applicable law.
  13. Changes to this Policy.
  14. Further questions.
  15. Contacts.

1. Who processes your information?

Your contract and Account may be with Twin Bank Ltd. or one of its subsidiaries. The applicable contract party depends on the country from which you open your Account and in which you conduct your Parking or Charging Sessions, as set out in the Terms and Conditions in greater detail.

Your Twin Pay contract party and Twin Bank Ltd., incorporated in the United Kingdom, are jointly responsible for the processing of your Personal Data, including in the context of the registration for and general use of the Services, product and system development including ensuring IT security, and for advertising and marketing purposes. The controllers have agreed among themselves who will fulfil specific obligations with respect to the data processing and shall work closely together. In particular, they will provide each other with the information necessary to fulfil their respective obligations and to enable the exercise of data subject rights.

You will have statutory protection in the applicable territories and this Privacy Policy is without prejudice to those statutory rights.

Twin Pay is committed to complying with all applicable privacy laws (“Data Protection Laws”), including without limitation the UK General Data Protection Regulation (“GDPR”) and the European General Data Protection Regulation (“UK GDPR”).

Facilities Operators for the locations where you park and/or charge process parts of your Personal Data which relate to the Parking and/or Charging Sessions at their parking and/or charging facilities and which, among other things, enable them to effect parking and/or charging validation, enforcement and fines. For information on additional processors of your Personal Data, see section 5 below.

2. What information is processed?

We only collect and process Personal Data that is required to create an Account and to offer the Services you request and to communicate with you.

You and anyone you authorise to use your Account provide some of this information directly when you create an Account, use a Service or contact us for support, including:

  • Mobile phone number
  • Vehicle license plate
  • Billing information (such as credit card and debit card numbers and expiry dates) (NOTE: We do not store CVV/CVV2 security numbers on our servers.)
  • Password
  • Transaction data (such as Parking and/or Charging Session date, time, duration, location number and amount paid)
  • Customer support issue details
  • Email address

In some cases, for example when you permit another party, such as your employer, to pay for parking and/or charging sessions on your Account through linking your Account to theirs and adding their payment method to your Account, we ask you or the owner of the payment method to provide your:

  • Profession
  • Professional affiliations membership
  • Work email address
  • Unique username
  • Work mobile phone number
  • Job Title
  • Department
  • Office Name
  • Employee Cost centre

You may also give us additional information when you choose to open your Account using information from third-party services you already have, including:

  • Your device settings and credentials
  • Credentials from a third-party app or platform

You may also choose to give us additional information to obtain a Service or receive communications from us including:

  • Name
  • Postal code
  • Location
  • Type of vehicle
  • Communication preferences
  • Any information related to your voluntary participation in our contests, promotions, and research, including demographic or occupation information that you choose to provide

You may stop providing us this additional information at any time by adjusting your Account settings in the App, on the Site or by contacting us. We also collect other data indirectly when our software interacts with your device and when we use technologies like cookies and error messages. This may include:

  • IP address and information about the device you use to access the Services
  • Media Access Control (MAC) address
  • Operating system name and version
  • Device manufacturer and model
  • Your language preferences
  • Type and version of your Internet browser
  • Name and version of the App you use
  • Site traffic data
  • Landing and exit page details
  • Details of your session between pages of the Site to provide a continuity of experience
  • Details of when you install and uninstall the App

Please see our Cookies Policy for more information.

3. Why is your information processed?

We process your information so that we can offer you our Services and communicate with you.

Contractual Relationship

When we process your Personal Data in relation to our Services (including, without limitation, for customer service, security messages, processing payments, sending receipts and reminders of parking and/or charging session expiry) and our related internal purposes (including administration, risk management, compliance, product development, research, debt collection, financial audit, security and record keeping), we rely on the lawful basis of having a contractual relationship with you.

Consent

When we process your information to communicate with you (including about our and our affiliate promotions, events occurring in localities where you recently parked and/or charged, and targeted advertising and marketing of services), we rely on your consent to process your Personal Data and we are committed to obtaining that consent in a legitimate way.

You can provide your consent in the App, on the Site or verbally to our authorised representatives. You will be asked specifically if you wish to opt-in to these communications and can choose whether to receive some, all, or none of these communications.

Unless the type of use is necessary for us to provide the Services, you will have the right to remove your consent at any time by logging in to your Account on the Site, in the App, or by contacting our Customer Support Centre or writing to your respective Data Protection Officer as listed in Section 15.

Subject to Data Protection Laws, we may collect, use, store, or share Personal Data without your consent in the following limited circumstances:

  • As instructed by local authorities in emergency situations that threaten an individual's life, health, or personal security (e.g., emergency warnings for tsunami or earthquakes).
  • When the Personal Data is available from a public source (e.g., a telephone directory).
  • To protect ourselves and other users from fraud.
  • To investigate an anticipated breach of an agreement or a contravention of law.
  • When such collection, use or disclosure is permitted or required by law.

Legitimate Interest

Where permitted by law, we will process your Personal Data on the basis of our legitimate interest—for example, when contacting you about new product offerings or conducting customer satisfaction surveys to enhance our services or sending you newsletters about parking and/or charging, vehicle or road use related service and security messages. For this type of processing, we will always consider the effect on your fundamental rights and freedoms, and if we believe the communication would infringe on your rights, we will not proceed. Twin Bank Ltd. acts on the basis of legitimate interest in the group-wide use of a central IT infrastructure (including for registration and processing of parking and/or charging transactions, product and system development, and ensuring IT security). You may opt-out of receiving such communications by contacting us or adjusting your Account settings.

4. How is your information processed?

We process your Personal Data only for the purposes for which we have a lawful basis. Some processing activities include:

  • Creating your Account.
  • Operating the Service.
  • Sending you notifications of the end of your parking session.
  • Facilitating, processing, and recording your Transactions.
  • Serving as the merchant of record for certain Transactions.
  • Collecting or attempting to collect any unpaid amounts owed by you.
  • Sending you receipts for your Transactions.
  • Providing you with your parking/charging history.
  • Facilitating communication between you and Twin Pay.
  • Providing customer support.
  • Cooperating with relevant authorities (e.g., regarding your Parking and/or charging Penalties).
  • Analyzing and monitoring App and Service usage and making improvements, enhancements, and customizations to your experience.
  • Investigating and resolving outages or issues with our App or Services.
  • Ensuring the security of the App and Services, preventing fraud, and enforcing our policies.
  • Complying with applicable law and assisting law enforcement agencies.
  • Working with you to terminate your Account and retaining only your Personal Data when legally required.
  • Responding to disputes or legal proceedings between you and Twin Pay.
  • Providing required reports to our financial partners or service providers.
  • Creating anonymized data sets for internal, external, commercial, and analytical purposes.
  • Performing other activities with your consent.

Some processing for communicating with you includes:

  • Sending updates, notices, announcements, and additional information related to our Services and events in localities where you recently parked and/or charged.
  • Conducting surveys, contests, questionnaires, discounts, rewards programs, sweepstakes, or promotions for ourselves.
  • Sending marketing and advertising material and providing information about offers, discounts, and other services relevant to you.
  • Sending updates and additional information related to products and services of our affiliates or third parties.
  • Conducting surveys or promotions on behalf of our affiliates or third parties.

5. With whom is your information shared?

We will never use or disclose your Personal Data unless we have a lawful basis to do so. We do not sell your Personal Data to parties outside of Twin Pay/Twin Bank Ltd. We will not rent, license, or exchange customer lists or your Personal Data to other parties outside of Twin Bank Ltd, except as described below.

No Personal Data will be shared with third parties except as required to provide our Services or as you specifically consent. We may:

  • Send your vehicle information to parking/charging operators and enforcement agencies to confirm your sessions.
  • Share information with third party service providers (e.g., for hosting, data analysis, customer service).
  • Send your payment details to our payment processors.
  • Disclose information to police, security forces, or regulatory bodies as required by law or for fraud investigations.
  • Share information with auditors for independent audits (auditors cannot use personal data for secondary purposes).
  • Share your Personal Data with a potential purchaser of Twin Pay or in connection with a merger or reorganization.
  • Provide aggregated statistical data that is not linked to personal information.
  • Share anonymized data with third party partners for mobility-related analytics.
  • Link your Account with another party’s payment method (with your permission) for verification and reporting purposes.

6. Where is your information transferred?

We will transfer your Personal Data to Twin Pay in the UK, irrespective of your location. The transfer is conducted securely in compliance with Data Protection Laws such as GDPR and UK GDPR. We may also transfer your Personal Data to third party suppliers in other countries, provided they adhere to Data Protection Laws and offer appropriate safeguards. Your personal information may be accessible to regulatory, law enforcement, and national security authorities in those jurisdictions.

7. How is your information kept safe?

We have implemented appropriate technical and organizational measures to protect your Personal Data from unauthorized access, collection, use, disclosure, modification, or disposal. Twin Pay commits to the following security measures:

  • All Personal Data is stored on an encrypted database protected by a firewall.
  • The Twin Pay Service is hosted in a secure server environment that employs advanced security technology.
  • Physical access to the database and servers is restricted and monitored by 24/7 guards who allow access only to authorized personnel.
  • Twin Pay complies with PCI Data Security Standard Level-1 for handling payment card data and other Personal Data.
  • Parking and/or charging transactions are encrypted using secure sockets layer (SSL) technology.
  • We use secure methods for destroying Personal Data when it is no longer needed.

We continually review and update our security policies as technology evolves to ensure the ongoing protection of your Personal Data.

8. How long is your information retained?

Twin Pay will retain your Personal Data in accordance with Data Protection Laws. We will retain your data only as long as is necessary to fulfill the purposes for which it was collected or as required by law. If you create an Account, your Personal Data will be retained for the life of your Account. If your Account is closed or inactive for more than 3 years, it will be marked as "Closed," though some data may be kept for up to 7 years, whichever is shorter.

9. What rights do you have with regards to your information?

Under applicable Data Protection Laws, you have the right to request access, rectification, or erasure of your Personal Data. You may also object to or restrict processing of your data. Requests must be made in writing to your local Data Protection Officer as detailed in Section 15.

Access

You have the right to request access to your Personal Data, to know how we use it, and to whom we have disclosed it.

Rectification

You have the right to ensure that your Personal Data is accurate and complete. You may request corrections if your data is inaccurate.

Erasure

You have the right to request the erasure of your Personal Data. If you delete your Account or request erasure, we will use commercially reasonable efforts to remove your data, although certain legal obligations may require us to retain some information.

Withdraw Consent

When processing is based on consent, you may withdraw your consent at any time—for example, by changing your Account settings, clicking “Unsubscribe” in emails, adjusting mobile device settings, or modifying your Cookies settings. Please note that withdrawing consent may affect the Services available to you.

Lodge a Complaint

You have the right to communicate any issues regarding your Personal Data with Twin Pay. Please direct any complaints to the appropriate Data Protection Officer as detailed in Section 15.

10. Definitions

  • Account: The Twin Pay parking service account you open via the App, Site, or Customer Support Centres.
  • Anonymized Data: Aggregated or statistical information that does not identify a specific user.
  • ANPR: The automatic number plate recognition feature that identifies an opted-in vehicle, records entry and exit times, and calculates parking/charging costs.
  • App: The Twin Pay mobile parking/charging payment application and any other applications we may develop.
  • Cookies: Small data files stored on your device by your browser or associated applications.
  • Data Protection Officer: The individual responsible for ensuring Twin Pay complies with this Privacy Policy and applicable privacy laws.
  • Facilities Operator: The operator of a parking or charging facility offering the Twin Pay service.
  • Parking Penalties: Fines, tickets, or penalties incurred due to parking or charging violations.
  • Parking/Charging Session: The service provided at a facility, including details such as location, license plate, session times, and associated payments.
  • Payment Information: Data necessary to process payments (e.g., credit/debit card numbers, digital wallet data).
  • Personal Data: Any information relating to an identified or identifiable natural person.
  • Services: All services offered by Twin Pay, including the App, Sites, APIs, and related functionalities.
  • Site: All websites operated by Twin Pay, including www.twinpay.co.uk and its successors.
  • Terms and Conditions: The agreement governing your use of our Services.
  • Transactions: Any payment-related activity using our Services.

11. App store; links to other websites

Your app store (e.g., iTunes or Google Play) may collect certain information in connection with your use of the App, such as Personal Data, Payment Information, geolocational data, and other usage-based data. We have no control over such collections, which are subject to the respective third party’s privacy policies.

Some pages on our Site and in our App include links to third-party websites. These sites have their own privacy policies and we are not responsible for their practices. Please review those policies before providing any personal information.

12. Applicable law

All matters related to this Privacy Policy shall be governed by the laws of the jurisdiction in which the Twin Pay entity with whom you have a contract is domiciled, excluding any conflict of laws principles. In the case of Twin Bank Ltd., the relevant jurisdiction is the United Kingdom (subject to the provisions of the Consumer Protection Act 2015 applicable to UK residents). Notwithstanding the above, you agree that Twin Pay may seek equitable relief in any jurisdiction, and that you will comply with all local laws, rules, and regulations, including those applicable to online conduct.

13. Changes to this policy

We may amend, update, modify, replace, or revise this Privacy Policy at any time by posting changes on our Site. All such changes are effective immediately upon posting. All references in this Privacy Policy to the Terms and Conditions, Legal Notice, and other Services matters will be updated accordingly.

14. Further questions

If at any time you would like to contact us with your views about our privacy practices or with any enquiry relating to your personal information, please do so by emailing us at the addresses listed below.

15. Contacts

Contact information for Twin Pay Data Protection Officer:
Location:
Parkfield House
118-120 Alderson Road
Sheffield, S2 4UD
Email: [email protected]
Twin Pay is owned by Twin Bank Ltd
Last updated: 01/01/2022