Privacy Policy

We collect information you provide directly to us and information generated automatically when you use the platform.

Information you provide

• Account details: full name and email address when you register.
• Listing details: address, photographs, pricing, and availability windows provided by parking space owners.
• Booking details: vehicle type, booking duration, and any notes you add.
• Communications: messages or requests sent to our support team.

Information collected automatically

• Device and browser information (user agent, IP address, language preferences).
• Usage data: pages visited, features used, and timestamps.
• Location: approximate location when you search for parking (only if you grant browser permission).
• Cookies and session tokens required for authentication and session management.

Payment information

All payments are processed by Razorpay (Razorpay Software Private Limited). We do not store card numbers, CVV codes, UPI IDs, or any other sensitive payment credentials on our servers. Razorpay’s privacy policy applies to payment data: razorpay.com/privacy.

• To create and manage your account.
• To facilitate bookings between parking space owners and renters.
• To process payments and send booking confirmations.
• To communicate service updates, booking reminders, and support responses.
• To detect and prevent fraudulent transactions and misuse of the platform.
• To analyse usage patterns and improve the platform (using anonymised aggregate data).
• To comply with legal obligations under Indian law.

We will never sell your personal data to third parties for marketing purposes.

We share your information only as necessary to operate the service:

• Between users: when a booking is confirmed, the renter’s first name and booking details are shared with the listing owner, and the listing address and access instructions are shared with the renter.
• Supabase: our database and authentication infrastructure provider (Supabase Inc., USA). Data is stored on servers in the AWS Mumbai region (ap-south-1).
• Razorpay: payment processing. We share booking amount, order reference, and your contact details as required by Razorpay to complete the transaction.
• Legal requirements: we may disclose information if required by a court order, government authority, or to enforce our Terms of Service.

We retain your account data for as long as your account is active. If you request account deletion, we will delete or anonymise your personal data within 30 days, except where retention is required by law (e.g., financial records retained for 7 years as required by the Income Tax Act, 1961).

Booking records are retained for 2 years after the booking date for dispute resolution and compliance purposes.

We use strictly necessary cookies and session tokens to keep you signed in and to protect against cross-site request forgery. We do not use advertising cookies or third-party tracking pixels.

• sb-access-token, sb-refresh-token: Supabase authentication session (secure, httpOnly).
• Ephemeral in-memory state for booking flow.

Under applicable Indian data protection law (including the Information Technology Act, 2000 and the Digital Personal Data Protection Act, 2023) you have the right to:

• Access the personal data we hold about you.
• Correct inaccurate or incomplete personal data.
• Request deletion of your personal data (subject to legal retention requirements).
• Withdraw consent for non-essential processing.
• Raise a grievance with our designated Grievance Officer.

To exercise any of these rights, email us at privacy@parkd.in. We will respond within 30 days.

We implement industry-standard security measures including TLS encryption for all data in transit, encrypted storage for sensitive fields, and row-level security policies on our database. Access to production data is restricted to authorised personnel only.

While we take reasonable steps to protect your data, no system is completely immune to breaches. If you discover a security vulnerability, please report it responsibly to security@parkd.in.

Our platform is intended for users aged 18 and above. We do not knowingly collect personal data from minors. If you believe a minor has created an account, please contact us and we will delete the account promptly.

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a prominent notice on the platform at least 14 days before they take effect. Continued use of the platform after the effective date constitutes acceptance of the revised policy.

For privacy-related questions or to exercise your rights, contact our Grievance Officer: