We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
IMPORTANT: Please make sure your posts do not contain any personally identifiable information (both your own and that of others). When uploading images, please take care that you have redacted all personal information including number plates, reference numbers and QR codes (which may reveal vehicle information when scanned).
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Private Parking Company GDPR & Planning Compliance
DragonCart
Posts: 21 Forumite
Good morning all, a bit of an odd query perhaps, but having received an invoice from a private parking company (PPC) as the registered keeper of a vehicle, I am considering pursuing them for their GDPR and planning compliance. I have already appealed the invoice sent to me through the process using the template here in addition to information from elsewhere which identified areas where the invoice doesn't comply with PoFA. I have also made contact with the landowner to bring the tactics of the PPC to their attention (not that I expect they'll care) and the DVLA to ensure that my data was requested in the correct manner.
I've now approached the local council to ensure that all signage and ANPR cameras went through the correct planning processes, and I have questions over the accuracy and visibility of their signs that I'm hoping will be addressed.
I'm turning my attention at the moment to their compliance with GDPR, namely whether or not their Data Protection Officer has 'experience and expert knowledge of data protection law' as the ICO request. Given that a private parking company are taking images, acessing addresses and personal information from the DVLA, one would expect that they're well qualified! Does anybody know whether you can request information on the qualifications and competence of a Data Protection Officer, and do companies have to show their compliance to the ICO by proving the individual has experience and expert knowledge or can they just name the teaboy and get away with it?
I've now approached the local council to ensure that all signage and ANPR cameras went through the correct planning processes, and I have questions over the accuracy and visibility of their signs that I'm hoping will be addressed.
I'm turning my attention at the moment to their compliance with GDPR, namely whether or not their Data Protection Officer has 'experience and expert knowledge of data protection law' as the ICO request. Given that a private parking company are taking images, acessing addresses and personal information from the DVLA, one would expect that they're well qualified! Does anybody know whether you can request information on the qualifications and competence of a Data Protection Officer, and do companies have to show their compliance to the ICO by proving the individual has experience and expert knowledge or can they just name the teaboy and get away with it?
0
Comments
-
Your GDPR question would be much more appropriately addressed to the ICO. Even if you get a supportive reply, I guess you have one long uphill climb to gain any traction.
Pursing 'planning compliance' needs to be via the local council. They are the enforcement authority. If they're not prepared to enforce, you've no chance.
'Advertising consent' for signage is potentially the better furrow to plough, as failure to acquire it is a criminal offence. Retrospection is not allowed (but it hasn't stopped LAs from responding that it has been granted in retrospect). If that happens, it's only you who can force the exposure and continue to push against The Establishment. It will all depend on how good you are with a bone in your mouth!
Planning permission (for ANPR cameras, for example), other than causing the PPC to put in a retrospective application, is pretty much a waste of time because retro-permission is virtually guaranteed, unless the council has a real downer on the PPC. Maybe one of the local councillors has fallen foul of the PPC, if so, get him onboard.Please note, we are not a legal advice forum. I personally don't get involved in critiquing court case Defences/Witness Statements, so unable to help on that front. Please don't ask. .
I provide only my personal opinion, it is not a legal opinion, it is simply a personal one. I am not a lawyer.
Give a man a fish, and you feed him for a day; show him how to catch fish, and you feed him for a lifetime.Private Parking Firms - Killing the High Street0 -
Thanks Umkomaas.
I've requested information regarding planning and signage under an FOIA to the relevant council and also to the councillor responsible for the area in question directly.
I'm currently putting together a letter that says that due to their failure to comply with Section 4 of the Freedom of Protections Act 2012 in their Notice to Keeper, I would like assurances that their Data Protection Officer has the qualifications, background, experience and knowledge in the field of data protection law to ensure their competence in handling complex and risky data with sufficient oversight. I've also requested any and all Data Protection Impact Assessments that relate to the handling of my data, in addition to a subject access request.
The ICO say this has to be raised with the company first and they will address it if there's no response / an insufficient response. If they can't comply with FOPA 2012, I wouldn't be at all surprised if they have just given the DPO title to someone who sought an extra bit of annual leave / an incremental rise rather than sending someone on a course to ensure they're fit for the job!
[FONT="][/FONT]0 -
Should be Protection of Freedoms Act 2012 and later on POFA 2012.0
-
Apologies, that's what I have on my draft, but thanks for making me proofread it
0 -
Nine times out of ten these tickets are scams so complain to your MP.
Parliament is well aware of the MO of these private parking companies, and on 15th March 2019 a Bill was enacted to curb the excesses of these shysters. Codes of Practice are being drawn up, an independent appeals service will be set up, and access to the DVLA's date base more rigorously policed, persistent offenders denied access to the DVLA database and unable to operate.
Hopefully life will become impossible for the worst of these scammers, but until this is done you should still complain to your MP, citing the new legislation.
http://www.legislation.gov.uk/ukpga/2019/8/contents/enacted
Just as the clampers were finally closed down, so hopefully will many of these Private Parking Companies.You never know how far you can go until you go too far.0 -
There is no necessity to comply with PoFA in their NtK unless they are attempting to invoke keeper liability. The NtK primarily is a request to the RK to provide the details of the driver. Failing to do that, and as long as the full and exact PoFA requirements are met, only then can they legitimately pursue the RK.I'm currently putting together a letter that says that due to their failure to comply with Section 4 of the Freedom of Protections Act 2012 in their Notice to Keeper, I would like assurances that their Data Protection Officer has the qualifications, background, experience and knowledge in the field of data protection law,
I can't, unfortunately, find the read-across between a non-PoFA NtK and the qualifications and background of the DPO.Please note, we are not a legal advice forum. I personally don't get involved in critiquing court case Defences/Witness Statements, so unable to help on that front. Please don't ask. .
I provide only my personal opinion, it is not a legal opinion, it is simply a personal one. I am not a lawyer.
Give a man a fish, and you feed him for a day; show him how to catch fish, and you feed him for a lifetime.Private Parking Firms - Killing the High Street0 -
The invoice I received says "we may pursue you (the Keeper) on the assumption you were the driver" which I believe (perhaps wrongly) is an attempt to invoke keeper liability.
My query about the competence and qualification of their DPO stems from their attempt to incorrectly invoke keeper liability and also their inaccurate signage. This leads me to question whether what appears to be a pretty amateurish company has staff who are adequately qualified and competent to administer data in accordance with GDPR. If they're not, then they shouldn't be recording, accessing or storing people's data. Or is that too much to expect of them?0 -
If they were pursuing keeper liability, they would never need to make assumptions as to who the driver was. By their very statement, they are not relying on PoFA.The invoice I received says "we may pursue you (the Keeper) on the assumption you were the driver" which I believe (perhaps wrongly) is an attempt to invoke keeper liability.
Could be asked of 90% of the PPC network. I don't think this is going far, unless you're really good with that bone. But, as always, happy to be proved wrong if someone can stick one right up a PPC's posterior.My query about the competence and qualification of their DPO stems from their attempt to incorrectly invoke keeper liability and also their inaccurate signage. This leads me to question whether what appears to be a pretty amateurish company has staff who are adequately qualified and competent to administer data in accordance with GDPR. If they're not, then they shouldn't be recording, accessing or storing people's data. Or is that too much to expect of them?Please note, we are not a legal advice forum. I personally don't get involved in critiquing court case Defences/Witness Statements, so unable to help on that front. Please don't ask. .
I provide only my personal opinion, it is not a legal opinion, it is simply a personal one. I am not a lawyer.
Give a man a fish, and you feed him for a day; show him how to catch fish, and you feed him for a lifetime.Private Parking Firms - Killing the High Street0 -
Apologies Unkomaas, I'm quite new to all of this and don't really understand all the PoFA / NTK things.
What I've been told is that their Notice to Keeper is not compliant with POFA because it says that they will pursue me (the keeper) on the assumption that I was the driver, which I understand is the exact opposite of PoFA as PoFA transfers liability to the keeper, NOT to an assumed driver.
I see no harm in asking about the DPO stuff, as you say, it's unlikely that any of them have somebody competent and qualified enough to be handling the data they hold, so they should be held to account. I don't know if it'll get anywhere, it probably won't, but I don't mind asking.0 -
After some searching, I have found that the land on which they operate is zero-rated and that no planning permission was ever provided or authorised for their signage or cameras. Is this common practice and acceptable? Can a business profit from zero-rated land by enforcing a contract that they claim exists on the basis of signage they have not been permitted to erect and that [FONT="]implies authority through the feature of a PCN symbol, but also fails to make reference to the term 'parking charge notice' as required under the IPC code of practice?
[/FONT]0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.4K Life & Family
- 258.8K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards