Privacy

Privacy Policy

Last updated: May 6, 2026

Summary: EL Parking collects only the minimum data required to operate a corporate parking reservation system. We do not sell, share, or monetize your personal data. We do not use analytics, advertising, or tracking frameworks. Your data stays within your organization's Firebase project.

1Data Controller

EL Parking is an internal corporate application operated by EssilorLuxottica for employee parking management. The data controller is EssilorLuxottica. For questions regarding this policy, contact the app administrator at the email address provided within the application.

2Data We Collect

We collect only data that is strictly necessary to provide the parking reservation service:

Account information: Name, corporate email address, and a securely hashed password (managed by Firebase Authentication — we never see or store your plaintext password).
Vehicle information: License plate number and car description, provided voluntarily by you for parking identification purposes.
Booking data: Parking spot selection, date, and time range for reservations you create.
Device preferences: Theme preference (light/dark), notification reminder settings, and biometric lock preference — stored locally on your device only.

3Data We Do NOT Collect

We explicitly do not collect, process, or store:

Location data or GPS coordinates
Contacts, calendar, or photo library data
Device identifiers for tracking (IDFA, IDFV)
Browsing history or app usage analytics
Biometric data (Face ID / Touch ID / Android Biometric authentication is processed entirely on-device by the platform security hardware — no biometric data leaves your device)
Health, financial, or any other sensitive personal data

4How We Use Your Data

Your data is used exclusively for:

Authenticating your identity and managing your account
Creating, displaying, modifying, and canceling parking reservations
Sending booking reminders via local on-device notifications
Delivering administrative announcements within the app
Providing administrators with aggregated, non-identifying booking statistics

5Data Storage and Security

Cloud storage: Account and booking data is stored in Google Firebase (Firestore and Firebase Authentication), hosted within Google Cloud infrastructure. Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
Local storage: Notification preferences and UI settings are stored on-device using platform storage (iOS UserDefaults/Keychain and Android SharedPreferences/Keystore-backed secure storage where applicable).
Access control: Firestore Security Rules enforce strict role-based access. Users can only read and modify their own data. Administrative actions are logged in an append-only audit trail.
No third-party access: We do not use third-party analytics, advertising networks, crash reporters, or data brokers. No data is shared with any third party beyond the Firebase infrastructure required to operate the service.

6Data Retention

Active accounts: Your data is retained for the duration of your active account.
Booking history: Past booking records are retained for administrative reporting purposes.
Account deletion: You may delete your account at any time from the app (Settings → Delete Account). Upon deletion, your user profile, all associated bookings, and authentication credentials are permanently and irrevocably removed. Audit log entries (which record administrative actions) are retained as required for security compliance.

7Data Sharing

We do not sell, rent, lease, trade, or otherwise share your personal data with any third party for any purpose.

Your data is accessible only to:

You: Your own account information, bookings, and preferences.
Designated administrators: User management (account activation/suspension), booking oversight, and parking spot configuration — all actions are recorded in an audit log.
Google Firebase: As the infrastructure provider, Google processes data in accordance with Google Cloud's data processing terms and GDPR compliance framework.

8Your Rights

In accordance with applicable data protection regulations (including GDPR where applicable), you have the right to:

Access your personal data — visible in the app at all times (Settings).
Rectify inaccurate data — editable in the app (Settings → Profile).
Delete your account and all associated data — available in the app (Settings → Delete Account).
Object to processing — contact the app administrator.
Data portability — contact the app administrator to request an export of your data.

9Children's Privacy

EL Parking is a corporate workplace application. It is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors.

10Notification Permissions

The app requests permission to send local notifications for booking reminders only. You may revoke this permission at any time via device settings (iOS/Android). Notifications are scheduled on-device. No advertising identifiers are collected or transmitted for notification delivery.

11Android Location Note (Current Release)

For the current Android release, geofence/location reminders are disabled and the app does not request foreground or background location permissions. If location-based reminders are reintroduced in a future release, this policy and the in-app disclosure will be updated before rollout.

12Changes to This Policy

We may update this privacy policy to reflect changes in the application or applicable regulations. Material changes will be communicated via an in-app announcement. The "Last updated" date at the top of this page indicates the most recent revision.

13Contact

For privacy-related inquiries, data access requests, or concerns about this policy, contact the application administrator at the email address provided in the app (Settings → Need Help?).