Privacy Policy
Last updated: March 5, 2026 · 🇩🇰 Læs på dansk
1. Data Controller
The data controller for all personal data processed through the Legal Parking mobile application ("App") is:
- Company: Innova Apps
- Address: Tove Maës Vej 1, 1 TH, 2500 Valby, Denmark
- CVR: 45291154
- Email: support@innovaapps.ai
Innova Apps is the data controller under the EU General Data Protection Regulation (GDPR) and the Danish Data Protection Act (Databeskyttelsesloven) for all personal data processed by the App.
Key Point: Legal Parking processes personal data, including license plates, GPS coordinates, and payment references, to register your parking with Copenhagen's official system. We never sell your personal data. This policy explains exactly what we collect, why, and your rights.
2. Information We Collect
When you use Legal Parking, we collect and process the following categories of personal data:
- License plate numbers: Entered during vehicle registration, verified against the Danish Motor Register (DMR), stored in our database, and shared with the Parking Rights Service (PRS) and our payment processor (Stripe) as a reference identifier.
- Location data (GPS): Your device's GPS coordinates are used to determine your parking zone. GPS coordinates are sent to the PRS API when registering parking and are stored alongside your parking session records. Location is only accessed while the App is actively in use.
- Parking session data: Zone, street name, start and end time, duration, and cost for each parking session.
- Payment information: Payments are processed by Stripe. Your card details are handled exclusively by Stripe under their PCI-DSS compliance; card numbers never touch our servers. We store a Stripe customer identifier linked to your account.
- Vehicle information: Make, model, and optional nickname as provided by you.
- Parking sign photos (AI Sign Reader): Images you capture are sent to OpenAI for AI analysis. By default, images are processed in real-time and not permanently stored. If you opt in to "help improve the service," images may be stored for up to 12 months with an account identifier.
- Device information: Basic device identifiers for app functionality and crash reporting.
- Usage analytics: Anonymous app usage data collected via Firebase Analytics, including approximate location (~1 km precision).
3. How We Use Your Information
- Register your parking with Copenhagen's official Parking Rights Service (PRS)
- Process payments and issue refunds via Stripe
- Verify your vehicle via the Danish Motor Register (DMR)
- Display parking zones and information relevant to your location
- Process parking sign images through AI for instant explanations
- Provide parking history and session summaries
- Improve app functionality and user experience
- Fix bugs and troubleshoot technical issues
- Respond to your support requests
4. Lawful Basis for Processing
We process your personal data on the following legal grounds under GDPR Article 6:
- Contract performance (Art. 6(1)(b)): Parking registration, payment processing, vehicle management, refund calculation, and parking history. All necessary to deliver the service you request.
- Legitimate interest (Art. 6(1)(f)): Analytics, crash reporting, fraud prevention, and service improvement. Our legitimate interest is to maintain and improve a reliable service. This does not override your fundamental rights.
- Consent (Art. 6(1)(a)): Optional storage of parking sign images for service improvement. You may withdraw consent at any time without affecting the lawfulness of prior processing.
- Legal obligation (Art. 6(1)(c)): Retention of transaction records for tax and accounting purposes as required by Danish law.
5. Vehicle Verification (DMR)
As required by the City of Copenhagen, we verify license plates against the Danish Motor Register (Motorregistret / DMR) during vehicle onboarding. This confirms that the license plate is associated with a registered vehicle. The verification is performed via a secure API connection. We do not store the full DMR response; only the verification status.
6. GPS Positioning Disclaimer
Important: GPS positioning may be inaccurate. The parking zone displayed in the App is based on your device's GPS signal, which can vary by several hundred meters. You are responsible for verifying the correct parking zone before confirming payment. Always check on-site signage.
7. AI Sign Reader
When you use our AI Sign Reader feature:
- The photo you take is sent to OpenAI for processing via a secure API
- By default, processing happens in real-time and the image is not permanently stored on our servers
- If you have opted in to "help improve the service," the image may be stored for up to 12 months linked to your account identifier
- We do not provide your images to OpenAI for the purpose of training AI models
- You can use the App without the AI feature if you prefer
8. Third-Party Data Recipients
We share personal data with the following third parties, each for a specific purpose:
- City of Copenhagen / Parking Rights Service (PRS): License plate, GPS coordinates, and parking session details are shared to officially register your parking and enable enforcement verification. Copenhagen Parking Info
- Stripe: Payment processing. Stripe receives a reference identifier linked to your account. Card data is handled exclusively by Stripe under PCI-DSS compliance. Stripe Privacy Policy
- Danish Motor Register (DMR): License plate numbers are sent for vehicle verification during onboarding. Motorstyrelsen
- OpenAI: Parking sign images are sent for AI analysis (transient processing). OpenAI Privacy Policy
- Google / Firebase: Anonymous analytics data and crash reports. Firebase Privacy Policy
- Google Maps: For displaying the interactive parking map. Google Privacy Policy
9. Data Shared with the City of Copenhagen
In accordance with our operational agreement with the City of Copenhagen, the municipality has access to relevant parking registration data in order to verify valid parking payment, handle enforcement, and process complaints. This includes:
- License plate number
- Parking zone and location
- Parking session start and end times
- Payment status (paid / refunded)
No payment card details or Stripe customer identifiers are shared with the municipality.
10. Data Security
- All data transmission is encrypted using HTTPS/TLS
- Payment card data is handled exclusively by Stripe under PCI-DSS compliance and never touches our servers
- Database access is restricted by role-based access controls
- Server-side operations use Firebase Admin SDK with strict security rules
- Regular security reviews and updates
11. Data Retention
We retain personal data only as long as necessary for the purposes described in this policy:
- Parking session history: 24 months (required for tax documentation and dispute resolution)
- Parking enforcement check data: 90 days
- Parking sign images (if consent given): 12 months
- Analytics data: Up to 14 months
- Crash reports: 90 days
- Account data: Retained until you request account deletion
After the retention period expires, data is automatically deleted or anonymized.
12. Your Rights Under GDPR
Under the General Data Protection Regulation, you have the following rights regarding your personal data:
- Right of access (Art. 15): Request a copy of all personal data we hold about you.
- Right to rectification (Art. 16): Request correction of inaccurate personal data.
- Right to erasure (Art. 17): Request deletion of your personal data. Use "Delete My Account" in the App, or email us.
- Right to restriction of processing (Art. 18): Request that we limit how we process your data.
- Right to data portability (Art. 20): Receive your data in a structured, machine-readable format. Use "Export My Data" in the App, or email us.
- Right to object (Art. 21): Object to processing based on legitimate interest.
- Right to withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
To exercise any of these rights, contact us at support@innovaapps.ai. We will respond within 30 days.
You also have the right to lodge a complaint with the Danish Data Protection Agency:
- Datatilsynet
- Carl Jacobsens Vej 35, 2500 Valby, Denmark
- Email: dt@datatilsynet.dk
- Website: datatilsynet.dk
13. Account Deletion
You can delete your account and all associated personal data at any time:
- In the App: go to Menu → "Delete My Account"
- By email: send a request to support@innovaapps.ai
Upon deletion, the following data is permanently removed:
- All vehicle records
- All parking session history
- All stored parking sign images
- Your Stripe customer profile
- Your Firebase authentication account
Anonymized audit logs may be retained for up to 90 days after deletion for security purposes.
14. Children's Privacy
Legal Parking is not intended for users under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
15. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes through the App or by posting the new policy on this page and updating the "Last updated" date. Material changes will be communicated at least 14 days before they take effect.
16. Contact Us
For questions about this Privacy Policy or to exercise your data protection rights:
- Company: Innova Apps
- Address: Tove Maës Vej 1, 1 TH, 2500 Valby, Denmark
- CVR: 45291154
- Email: support@innovaapps.ai