1          Introduction 

Smart Parking Cicicom application (the Application) is operated by the Municipality of Paros and Port Fund of Paros and Antiparos (the Operators)  

This Privacy Policy explains how we handle your Personal data, by the GDPR  data protection Greek Law 4624/2019, which has implemented Regulation 2016/679 EU (the Regulation), and always respect your rights and personal data. 

This Privacy Policy is addressed to every natural person who intends to use the Application. The application’s utility facilitates car parking in certain car parks situated in the island municipal region, which operate Parking Violation Monitoring System. The application can’t be used unless the user accepts the terms and conditions upon his first entry to the app. The terms and conditions are thereafter available in the information button.

Parking Violation Monitoring System is equipped with sensors highlighting vacant and occupied parking spaces and allows the users to proceed with the parking payments via the Application.  

2          Definitions 

Personal Data: means any information about you that could identify you directly or indirectly, such as the personal information described in paragraph 7

Processing: means any operation or set of processes that are performed on Personal Data, by automated means or otherwise, including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure or destruction. 

Parking Violation Monitoring System 

Parking Violation Monitoring System is a parking monitoring and management system that allows users to find available spots, be navigated and pay for parking services through the Application and also informs the Municipal Police about possible parking violations through another application. 

Service Providers  

Service Providers are affiliates, contracted companies, and service providers (collectively, “Service Providers”). These companies are: 

  • Cicicom ltd 
  • Viva Payments Services single member SA (VIVA PAYMENTS). 

 Those processing your information will do so only in an authorised manner by the Operators and are subject to a duty of confidentiality. 

3          Confidentiality taken measures 

The Operators, as the Parking Violation Monitoring System management Superadmin, ensure the limit access to confidential information to only those employees who process this kind of information. There are no hard copies of documents, and electronic copies are password protected. System access is monitored—monitoring activities of “suspicious activity” to prevent data leakage. 

4          Data Controller: 

Municipality of Paros  
Address: Agias Annas, Paroikia, 84400, Paros  
Phone Number: +30 22843 60100-5 
E-mail Address: info@paros.gr 
Website: www.paros.gr 


Port Fund of Paros and Antiparos 

Address: Konstantinou Cherouvim, Paros 844 00 
Phone Number: +30 22840-28529 
E-mail Address: ltparou1@gmail.com  

 5          Data Protection Officer 

Name of the DPO: Please contact Municipality of Paros and Port Fund of Paros and Antiparos        

6          Information That You Share with us Directly 

With your permission, when the Smart  Parking Cicicom  is used, information is provided directly to the system, stored and used for the requested services.     

7           The Personal Data we collect 

The Personal Data collected and processed are the following: 

Email address, plate number and phone number (optional). You are required to provide your Personal Data to the extent that it is necessary, to conclude, and perform our services by the Application; therefore, your failure, partial or incorrect provision could result in the Operators being unable to establish or conduct the contractual relationship regularly. Service Provider Cicicom is not responsible for inputting  incorrect data by users. 

No direct checks are carried out on users. Still, checks are nevertheless carried out on the consistency between the information sent by the payment information and the plate for parking registrations relating to the occupation of the parking lot and the validity of the payment. 

8          Payment Information 

When you purchase our Services, such as parking payments,  Viva Payments Services single member SA (VIVA PAYMENTS) the third-party payment processor as the Operators’ bank payment provider, will collect the billing and financial information to process your charges from your payment card. 

Smart Parking Cicicom does not collect or store your financial information. However, the Operators’ payment processors may share non-financial information with us related to your purchases, like transaction information (timestamp), transaction ID, parking location and value to fulfil your order.  Cicicom has no responsibility and disclaims any and all liability for any loss or damage arising from or related to the payment processing services provided by Viva. 

9          Security of Your Information 

The Operators have implemented appropriate security measures to secure your information. 

When you enter payment information, the third-party payment processor uses secure  technology to encrypt the transmission of that information. . 

While we take reasonable precautions against possible security breaches of our Services and our customer databases and records, no web or Internet transmission is completely secure. Although we strive to protect your personal information, we cannot guarantee that unauthorised access, hacking, data loss, or other breaches will ever occur; we cannot guarantee the security of your information while it is being transmitted to our Service. Any transmission is at your own risk. Cicicom is by no means responsible for any of the above) 

11     Opting Out of Geolocation 

Information relating to geolocation is not collected to be associated with identified subjects. Still, by their very nature, it could allow the user to be identified through processing and association with data held by third parties. 

In the case that you don’t want your location to be visible, you may disable the location features on your device. Please see your device manufacturer settings. If you disable those features, you will not access or receive any services, content, or features made available based on geolocation data. 

12     How we collect your Personal Data and how we process them. 

We process Personal Data that you provide to the Application as described in Section 7 only for the provided services 

13     Information from Your Mobile Device 

When you access the Application and our Services on your mobile device, we automatically check or collect the language associated with your device 

We may also collect technical data to address and fix technical problems and improve our Sites, including the memory state of your device when a system or app crash occurs while using our Sites.  Your device or browser settings may permit you to control the collection of this technical data.  This data may include parts of a document you were using when a problem occurred, or the contents of your communications.  By using the Sites, you are consenting to the collection of this technical data. We may also automatically use, with your permission, your GPS location information in order to find a spot near them.  

14     The legal ground of this processing of Personal Data? 

14.1     For the performance of the Application and Services 

The processing of Personal Data is necessary for us to provide our services by the Application and/or fulfil your orders and/or provide you with related services. The purposes of the processing are adjusted according to the nature of the service provided. 

For control relating to the correct use of the Application (permission to park in a specific area, validity of the payment, etc.) and for other purposes related to customer-supplier contractual obligations, including related assistance services. 

14.2     For the legitimate interests pursued by the Operators or by a third party 

Except for the above case, third parties or the Operators process your Personal Data, when necessary, except if your fundamental rights and freedoms override the below interests. Below are some examples: 

  • in court proceedings and/or to claim legal claims. 
  • In the context of the operation and security of the IT sector of the Operators. 
  • In the context of preventing and clarifying criminal offences. 

To protect its legitimate interests, such as fraud prevention, credit risk protection, maintaining security, and improving the quality of services. 

14.3     For compliance with a legal obligation 

The Operators may be subject to various legal obligations, such as the obligations arising from Municipal legislation in general, the laws and regulations applicable in the Paros Island and Greece in general, any directives, rules, or guidance issued by relevant authorities, as well as any regulations issued by a competent organ of the European Union. 

The data will not be processed for marketing purposes. 

15     Transfer of your Personal Data outside the EEA or to an international organisation 

The Operators do not transfer your Data to third parties located outside the European Economic Area (EEA). 

The processors in third countries are obliged to apply the Regulation similarly to the companies located within the European Economic Area. 

The Personal Data will not be transferred to non-EU countries. 

16     Safety, Security, and Compliance with Law 

Your information, the contents of all of your online communications in our Services, and the communications between you and the Operators may be accessed and monitored as needed to provide our Service and may be disclosed: 

  • When we have a good faith belief that we must disclose the information in response to a legal process (for example, a court order, search warrant, or subpoena); 
  • To comply with any applicable laws or regulations; 
  • Where, in our sole discretion, we believe that the Service is being used to commit a crime, including to report criminal activity or to share information with other companies and organisations for fraud protection, credit risk reduction, and other security precautions; 
  • When we have a good faith belief that there is an emergency that poses a threat to the health and/or safety of you, another person, or the public generally; and 
  • To protect the rights or property of the Operators and other applicable third parties, including to enforce our Terms of Service. 

17     Whom we share your data with 

Depending on the requested Services or as necessary to complete any transaction or provide any Service you have requested, we may share your information with our affiliates, contracted companies, and service providers (collectively, “Service Providers”) we rely upon to assist in the operation of the Mobile Application and Services available to you and whose privacy policies are consistent with ours or who agree to abide by our policies concerning Personal Information. We will not share any information with unaffiliated third parties. 

Service Providers are not authorised to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. Service Providers are given the information they need only to perform their designated functions. We do not authorise them to use or disclose any provided information for their marketing or other purposes.  

18.     Within the Operators 

The Personal Data may be brought to the attention of employees of the Data Controller who process Personal Data or System Administrator and who will receive adequate operating instructions from the Data Controller in this regard; the same will happen towards the employees or collaborators of the Municipality. 

19     How long your Personal Data will be kept for 

The Personal Data communicated are kept for the time necessary to fulfil the purposes or for any other legitimate related purpose and precisely for the administrative-accounting purposes. They will be held till further notice from the Operators and in the case of legal disputes, Personal Data will be kept for the whole period until the deadlines for appeals are exhausted. Once the retention terms indicated above have elapsed, personal data will be destroyed or made anonymous, compatibly with the technical procedures for cancellation and backup. 

20     Your rights 

You have several important rights under the Regulation (EU) 2016/679 (General Data Protection Regulation), and Specifically Right of access by the data subject are: 

  • Right to access your Personal Data (Article 15): You might receive information and/or a copy of the Personal Data we hold free of charge. 
  • Right to rectification (Article 16): you might ask us to correct any mistakes in our information. 
  • Right to erasure (“right to be forgotten”) (Article 17): you might ask us to erase the Personal Data concerning you. 

However, we reserve the right to deny the erasure if the processing is necessary to comply with a legal obligation, for public interests, or the establishment, exercise, or defence of legal claims. 

  • Right to restriction of processing (Article 18): you might require us to restrict our processing of your Personal Data if you contest the accuracy of your Personal Data, the lawfulness of the processing, or you have objected to the processing (according to article 21), and you wait for our reply whether we have legitimate grounds which override yours. 
  • Right to data portability (Article 20): you have the right to request and receive the Personal Data concerning you that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to a third party under certain circumstances. 
  • Right to object (Art. 21 of Regulation): You have the right at any time to object to the processing of your data, including profiling, based on the legitimate and/or public interest (section 6 (1) (e) and (f)) when you deem that this is justified due to a particular situation that concerns you. 

If you disagree, we shall no longer process your data unless it demonstrates compelling legitimate grounds for the processing that override your interests, rights, and freedoms or if the processing serves the establishment, exercise, or defence of legal claims. 

  • Right to withdraw your consent: you reserve the right to withdraw your consent. However, the withdrawal of the consent does not affect the lawfulness of the processing based on the consent before its withdrawal. 

If you wish to exercise any of the above rights or ask any questions or clarifications or complain, please do not hesitate to contact the Municipality of Paros  at info@paros.gr. 

Moreover, you also have the right to file a complaint to the Commissioner of Personal Data Protection. For more information concerning filing a complaint, see section 22. 

21     Keeping your Personal Data secure 

The Operators have appropriate security measures to prevent Personal Data from being accidentally lost, used, or accessed unauthorised. We limit access to your Personal Data to those who have a genuine business need to have access to it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality. 

We also have procedures to deal with any suspected data security breach. We will notify you by email and any applicable regulator of a suspected data security breach where we are legally required to do so. 

22     How to complain 

We hope to resolve any query or concern you raise about our use of your information. 

However, the Regulation also gives you the right to complain about the supervisory authority, the Commissioner of Personal Data Protection. For more information concerning filing a complaint,  complaints@dpa.gr. 

23     Are you obliged to provide us with your Personal Data?        

You are required to provide your Data to the extent that it is necessary to conclude, perform our services by the Application, and/or provide you with the requested information and/or fulfil your mandates. If you refuse to give us the requested Data, we will not offer and continue to provide our services. 

25     Changes in this privacy notice 

This Privacy Notice was published on [012/06/2024] 

We reserve the right to modify this Privacy Policy, so we encourage you to review it frequently. You should periodically check this privacy page for updates. If we make a material change to the Policy, you will be provided with appropriate notice by legal requirements. Your continued use of the Services signifies your acceptance of our Privacy Policy as modified. 

26     Contact Us 

If you have any questions, comments, or concerns regarding our Privacy Policy and/or practices, please contact us at info@paros.gr. All other inquiries should be directed to Paros Municipality’s Support Page.