Parking management system

Parking Management – GDPR Information: Version 23.05.2023

These notes describe how we [Hochkar & Ötscher Tourismus GmbH – Address: Göstling 46, 3345 Göstling/Ybbs] process your personal data in connection with our parking management system (pursuant to Art. 13 (1) GDPR).

1. Purposes of Data Processing
We will process your personal data for the following purposes:
a) Parking space management, including the automation and acceleration of services for vehicles for which a parking ticket has been booked.
b) Monitoring compliance with the parking regulations (e.g. parking across two spaces).
c) Ensuring lawful use of parking tickets (e.g. exceeding permitted parking time).
d) Protection of facilities (e.g. vandalism prevention).
e) Documentation, investigation, and enforcement (legal action) in cases of misuse of parking spaces (e.g. use without payment).
f) Relocation (“re-parking”) of vehicles.

We collect this data through:

  • Data provided by you for the creation of the parking contract (personalized day ticket in connection with the parking ticket).
  • The license plate number entered by you when purchasing the day ticket or provided at the ticket counter.
  • Analysis of license plate data.

Information about image recording and license plate recognition is provided in accordance with legal requirements.

2. Legal Basis for Processing

  • For billing parking fees in connection with the parking ticket, the legal basis is the performance of a contract (Art. 6 (1)(b) GDPR).
  • For the recording of license plates within our parking management system, the legal basis is the legitimate interest of the controller (Art. 6 (1)(f) GDPR), which lies in achieving the purposes listed under point 1 (a–f). You have the right to object to this processing pursuant to Art. 21 (1) GDPR on grounds relating to your particular situation.
  • For recognizing individual license plates to automate and accelerate the service for vehicles registered on the whitelist, the legal basis is also the legitimate interest of the controller (Art. 6 (1)(f) GDPR), which consists in efficiently implementing our parking management.

3. Retention Period
a) Customer Data:
Your personal data will only be retained for as long as necessary to fulfill the contract and achieve the purposes listed under point 1.
• See Data Protection Notice – Online Shop
b) Image Processing (“Video Surveillance”):
Recorded data (license plate numbers) are deleted after a maximum of 48 hours, unless they are required for the realization of the underlying protective or evidentiary purpose.

As a general principle, we store as little data as possible – typically only for as long as the vehicle remains on site. That means: entry capture → exit capture → deletion of license plate.
In control cases, data are buffered for an additional 24 hours to enable traceability. That means: entry capture → exit capture + 24 hours → deletion.
If a vehicle has not exited, a maximum parking duration of 48 hours applies. License plates remaining beyond that period, or where the exit was not recognized, are automatically deleted after 48 hours.
The only exceptions are “registered” license plates (e.g. long-term parkers, employees) and plates with valid tickets (see Data Protection Notice – Online Shop). Data for long-term parkers are stored indefinitely until revocation, while ticket-related data remain stored for the ticket’s validity period, subject to the same retention rules.

Personal data, including license plate numbers, collected and stored by the controller in connection with a vehicle relocation or unauthorized parking without a ticket, will be deleted immediately once the purpose of processing (the controller’s legitimate interest in documentation, investigation, and legal enforcement — including civil claims or defense against damage claims) has been fulfilled and no statutory retention obligation prevents earlier deletion.