Privacy Policy

1. Who we are

Park Graph is a parking facilitation platform connecting Owners (lot operators) and Drivers via QR codes, payments, and messaging. This Privacy Policy explains what data we collect, why, how we share it, and how to exercise your rights. For questions email privacy@parkgraph.com.

2. What we collect

From Owners: name, email, phone, company name, lot address, lot photos, payout bank details (via Stripe Connect — we do not see the bank number), Stripe identity-verification status, configured rates and operating hours, support messages, and platform usage telemetry.

From Drivers: the lot you scan, the duration you select, your license plate (if you provide one), payment details (handled directly by Stripe — we never see the card number), the IP address you scanned from (stored as a one-way hash for fraud and analytics, never as plaintext), the user-agent class (mobile vs desktop vs bot), the HTTP referrer, the timestamp, your phone or email if you opt into receipts and alerts, and any text messages you send through chat or our AI reservation flow.

For identity verification (Owners always; Drivers when our risk systems trigger a check): a government-issued photo ID image (front and, where required, back), a selfie or live image, your full legal name, date of birth, residential or business address, the document's ID number and issuing country / state, and the verification result and risk signals returned by Stripe Identity. You submit this information directly into Stripe Identity's flow; we receive the result, a redacted record of the documents you submitted, and the risk signals — we do not retain the raw images on our own servers. See Section 4 for the processor and Section 5 for retention.

Cookies: a session cookie for login, a referral-code cookie if you arrived via a referral link, and a short-lived cookie that records whether you accepted the current Terms version. See the Cookie Policy.

From integrations: when you connect Google Business Profile, Stripe, or another integration, we receive only the scopes you granted.

3. Why we collect it (and our legal basis)

• To run parking sessions, take payments, and pay out Owners (legal basis: performance of a contract with you).
• To detect fraud, abuse, chargeback risk, and stolen credentials, and to verify the identity of Owners and risk-flagged Drivers via Stripe Identity (legal basis: fraud prevention, contractual necessity, regulatory compliance, and our legitimate interests in protecting Drivers, Owners, card networks, and the platform from loss).
• To deliver receipts, plate alerts, payment failures, and account notices (legal basis: performance of a contract; legitimate interests for service-related notices).
• To produce per-lot analytics for Owners (scan counts, conversion, hour-of-day, peak-day) (legal basis: legitimate interests of the Owner with whom you transacted).
• To improve the product and to comply with legal, regulatory, processor, and card-network obligations (legal basis: legal obligation and legitimate interests).

4. Who we share with

We share only what is necessary to operate the service:

• Stripe — for payments, payouts, and chargeback handling.
• Stripe Identity — our identity verification processor for Owners and risk-flagged Drivers. We transmit the identity verification data described in Section 2 (government ID image, selfie, name, date of birth, address, and ID number) to Stripe Identity, and receive back the verification result, a redacted document record, and risk signals. Stripe's processing is governed by the Stripe Identity Verification Terms and Stripe Privacy Policy. See also our Terms of Service, Section 5 (Identity Verification).
• Supabase — our managed Postgres + auth host.
• Resend / AgentMail / Twilio — for email and SMS delivery.
• Anthropic, OpenAI, Google AI, OpenRouter — for chat, reservation-intent parsing, and pricing or copy recommendations. We never send raw card data, identity verification documents, or full plate numbers to AI providers; we redact identifiers before they leave our servers where possible.
• Cloudflare, AWS — for DDoS protection, edge caching, and infrastructure.
• Lot Owners — Owners see the sessions on their own lot, including the plate you provided, the duration, and the amount you paid. They never see your full payment instrument or your identity verification documents.
• Authorities — when legally compelled (court order, subpoena, regulatory request), and only the minimum required.

We do not sell personal data.

5. Retention

• Account records: kept while the account is active, then 7 years for tax and accounting reasons.
• Parking sessions and receipts: 7 years.
• Identity verification records (the result, the redacted document record, and the risk signals returned by Stripe Identity): retained for the life of the account plus 7 years after closure for fraud prevention, regulatory compliance, chargeback and dispute defense, and our legitimate business interests. The raw ID image and selfie are stored by Stripe under Stripe's retention policy, not on our own servers.
• Hashed-IP scan events: 24 months for fraud and analytics.
• Chat and AI reservation transcripts: 90 days unless flagged for fraud review.
• Server logs: 30 days.
• Email delivery logs at upstream providers: governed by their terms.

6. Your rights

You may request access to, correction of, or deletion of your personal data — including the identity verification data we hold about you and the result Stripe Identity returned to us — by emailing privacy@parkgraph.com. We will respond within 30 days. If you are in the EU, UK, EEA, Switzerland, California, Colorado, Virginia, or another jurisdiction with data-rights laws, you have rights under GDPR, UK GDPR, CCPA / CPRA, or your local statute, including the right to lodge a complaint with your supervisory authority.

We honor verified deletion requests except where we must retain records for tax, fraud prevention, regulatory compliance, chargeback or dispute defense, or other legal-defense purposes. In particular, identity verification results and risk signals are subject to the retention rule in Section 5 and may be preserved past a deletion request to the extent needed to defend against fraud, chargebacks, or legal claims, or to comply with card-network or regulatory obligations. Where Stripe Identity is the controller of the raw ID image and selfie, you may also exercise rights against Stripe directly under Stripe's Privacy Policy.

7. International transfers

We process data in the United States. By using Park Graph, you consent to your data being transferred to and processed in the U.S. and in any region operated by our infrastructure providers.

8. Children

Park Graph is not directed to anyone under 16. We do not knowingly collect personal data from children. If you believe a child has provided data, email privacy@parkgraph.com and we will delete it.

9. Security

We use industry-standard safeguards (TLS in transit, encryption at rest at our database provider, principle of least privilege, signed admin actions, and per-account API keys). No system is perfectly secure. If a breach affects you, we will notify you as required by law.

10. Contact

Privacy questions or requests: privacy@parkgraph.com.