Park with me is a mobile application and online service for finding parking and EV charging in Slovenia, managing timed parking sessions, and using a prepaid in-app wallet. The marketing website at parkiraj-me.si is static (no cookies, no analytics, no account sign-in). The service is operated by the Park with me service provider. For privacy questions and exercising your rights, use the contact e-mail above.
2. Personal data we process
Account: e-mail address and password (we store passwords only as a cryptographic hash).
Location: precise GPS location when you use “My location” on the map or view estimated driving distance to a selected place; we collect it only while you actively use the app in the foreground (no background tracking).
Vehicles: licence plate and optional make, model, and colour saved in your profile.
Parking sessions: selected parking location, start and end times, price band, and amounts linked to your wallet.
Wallet and payments: wallet balance and ledger entries; wallet top-ups are processed by Stripe. We store transaction amounts and Stripe payment identifiers, not full card numbers.
E-mail: transactional messages (e-mail confirmation, password reset, resend confirmation) sent via Amazon SES (SMTP).
Favourites: parking lots and EV chargers you save to your account.
Statistics: aggregates derived from your parking sessions (e.g. frequent locations, average duration, estimated search time saved) — estimates only, not official records.
Push notifications: if you grant notification permission, we store a Firebase Cloud Messaging (FCM) device token and your device locale (language code) to deliver relevant push messages. On iOS, we may also store Live Activity update tokens while a parking session countdown is shown on the Lock Screen. We send four categories: parking session reminders (before your session expires), notifications when a session ends, wallet top-up confirmations, and account-security alerts (e.g. a password change). You can disable notifications entirely or by category in Settings at any time.
Diagnostics: crash-related data sent to Sentry.
Usage analytics (enabled): the mobile app sends product-analytics events to PostHog (EU cloud). This includes app opens, screen views, sign-in/registration/sign-out events, and - after you log in with a server account - an internal user id and a one-way hash of your account e-mail (not the plain address) so sessions can be linked in analytics. Demo mode (no server account) does not call PostHog identify; anonymous screen events may still be collected if analytics is configured.
App security: when enabled on the service, Firebase App Check attestation tokens may be sent with API requests to reduce abuse.
Camera (iOS, optional): if you top up your wallet with Stripe Payment Sheet, iOS may ask to use the camera to scan a payment card — handled by Stripe, not stored on our servers.
Technical data: IP address and basic request metadata in server logs (security and rate limiting).
3. Purposes and legal bases (GDPR)
performance of the service contract (Article 6(1)(b) GDPR);
showing your location on the map and driving-distance estimates (consent via system permissions or legitimate interest for the feature you choose);
system security, abuse prevention, and account protection (legitimate interest);
crash diagnostics and usage analytics (legitimate interest in operating and improving the service);
payment and accounting legal obligations (Article 6(1)(c) GDPR).
4. Recipients and processors
We do not sell personal data. Trusted providers process data on our instructions only:
OpenRouteService - road distance and driving-time estimates on detail screens.
Some providers may process data outside the European Economic Area; where this applies, we use appropriate safeguards (e.g. EU Standard Contractual Clauses). PostHog analytics for Park with me is configured to use PostHog’s EU data region.
5. Map data
Maps use tiles from Stadia Maps based on OpenStreetMap data. Their licences and attribution requirements apply. Both links are available in the app (Settings) and at openstreetmap.org/copyright and stadiamaps.com/attribution.
6. Retention
Account data (e-mail, vehicles, favourites, sessions, wallet): until you delete your account in the app or upon your request.
Push device tokens and Live Activity tokens (iOS): retained while you are signed in and an active session countdown uses them; disabled on sign-out and deleted when you delete your account.
Security logs: typically up to 90 days, unless longer retention is required for a security incident.
Stripe payment and accounting records: retained as required by law, including after account deletion where applicable.
PostHog analytics: retained according to PostHog’s project settings and their privacy documentation; when you sign out, the app resets the analytics user identity on the device; after account deletion, linked analytics data is handled per PostHog retention and our data-deletion practices.
7. Your rights
Under the GDPR you have the right of access, rectification, erasure, restriction, data portability, and to object to processing where the law allows. Send requests to the contact e-mail above; we respond within GDPR time limits.
Delete your account in the app: Profile → Settings (gear icon) → Delete account. Details are also on Account deletion instructions.