Privacy Policy

This privacy policy provides you with information about how we collect and process your personal data.

This privacy policy provides you with information about how IPSERV Limited collects and processes your personal data and relates to our use of any personal data we collect from you from any of our services. This policy should be read together with any other privacy policy or fair processing policy we may provide to you when we are collecting or processing your personal data.

IPSERV Limited respects your privacy and is committed to protecting your personal data.  IPSERV is a controller of personal data and is responsible for your personal data. We are registered as a data controller with the Information Commissioner’s Office (“ICO”). Our registration number is ZA464022. Ipserv has a Data Protection Team who are responsible for overseeing questions in relation to this privacy policy.

IPSERV takes its responsibilities regarding your personal data seriously. However if you believe we’re not meeting those responsibilities and wish to make a complaint, please contact our Data Protection Team by contacting,  Data Protection Team, IPSERV Limited, Grafton House, Russell Road, Ipswich, IP1 2DE. If you are not satisfied with our response you have a right to complain to the Information Commissioners’ Office.

If you would like further information about your privacy, the specific mechanism used by us if we transfer your personal data out of the EEA, or how to request your personal information, you can e-mail us at or write to or

IPSERV Limited
Grafton House
Russell Road

This policy is referred to in Ipserv’s Car Park Terms and Conditions.

The information we collect

We collect personal data or personal information about you in the course of running our business and providing our services to you. Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed.

We may collect, use, store and transfer different kinds of personal data about you which may include your name, age, contact details (telephone number, e-mail address or address), date of birth, automated number plate recognition technology images, your student status, any vehicle details including vehicle registration numbers or marks, and transaction data.  We may also collect health information about you for example to administer the use of blue badges and in relation to incidents that may occur in our car parks.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your personal data but it is not considered personal data in law and this data will not directly or indirectly reveal your identity.

How your Personal Data is collected

We may use different methods to collect personal data from and about you:

  • Directly from you, our customers and prospective customers, when you use our products or services, enquire about our products or service or take part in any surveys or marketing activities, from Parking Charge Notice payments or other enforcement action;
  •  From our business partners where we provide you with our products or services on their behalf
  •  From service providers where they provide you with services or products on our behalf or where we use them to help us provide our products or services to you
  • And from government agencies such as DVLA where lawfully allowed or required.
  • We may collect information about you through our website, via e-mail, the post, over the telephone or from any discussions with you.
  • We may collect your personal data through the use of Automated Number Plate Recognition technology.

If you fail to provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case we may have to cancel a service you have with us but we will notify you if this is the case at the time.

How we use your personal data

We will only use your personal data when the law allows us to.  Most commonly, we will use your personal data in one or more of the following circumstances:

  • With your express consent
  • Legal obligation
  • For legitimate business purposes;
  • And/or to perform a contract or an agreement with you

Purposes for which we will use your personal data

This will enable us to use your personal information for various reasons including:

  • To provide the service, product or information you’ve requested or purchased
  • To process and deliver your order or to handle complaints
  • To process any payments
  • To manage our relationships with you, and with our business partners
  • Notifying you about changes to our terms or privacy policy
  • To contact you, if any issues arise in our premises or with your booking
  • To market our services and products to you
  • To understand the way people use our services and products so that we can improve them
  • To assess and analyse our market, customers, products and services
  • To pursue and collect outstanding monies owed to us including processing a Parking Charge Notice (PCN)
  • For the apprehension and prosecution of offenders
  • For the prevention or detection of crime; and
  • To comply with our legal obligations

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.  If we need to use your personal data for an unrelated purpose we will notify you and we will explain the legal basis which allows us to do so. 

Please note that we may process your personal data without your knowledge or consent, in compliance will the above rules, where this is required or permitted by law.

Telephone calls

If you leave a voice message with us we will use that recording to verify content which may then be used together with other customer records we hold to respond to your query or request, for regulatory compliance, quality control and staff training, preventing or detecting criminal activity and for complaint resolution.

Who we disclose personal information to

We may share information about you:

  • With other companies in the Ipserv Group and Ipswich Borough Council
  • With third party service providers/companies and their subcontractors that provide services for us on our behalf including IT services and mailing services
  • With our business partners who may use your information to provide you with the services you request, analyse and assess their market, customers products and services

There may also be instances when we disclose your information:

  • If we have a duty pursuant to the law to do so, or if the law allows us to do so
  • To verify or enforce compliance with the policies and terms governing our services

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them, to process your personal data for specified purposes and in accordance with our instructions.

How we keep your information secure

The processing of an individual’s personal information will be done in accordance with data protection law.  We’re committed to keeping personal information safe and secure and having regard to the state of technological development and the cost of implementing such measures will implement appropriate technical and organisational measures to protect it from unauthorised or unlawful processing. This policy is referred to in Ipserv’s Terms and Conditions.

Transfer outside of the EEA

Your personal data is mainly processed in the United Kingdom.  We may need to transfer your personal data to third party processors outside of the EEA (the European Economic area), for example to process your payment details or provide support services.  We will only share your data for the purposes set out in this privacy policy and with appropriate safeguards in place. 

How long we keep your Information

If we are providing services to you such as parking permits, we will retain your personal information for the duration of the services and for 6 years thereafter, unless otherwise agreed.

Messages left on our voicemail system are retained for a period of 3 days.

Parking Charge Notice (PCN) records for 3 years. 

Unless otherwise set out in this privacy policy, any other information we process about you will be retained by us until we no longer need it for the purposes for which it was collected, as set out in this privacy policy and/or the relevant fair processing notice. We will base that decision on a number of criteria, including whether we are required by law to keep the information for a certain period of time, whether you have withdrawn consent to the processing, whether a contract has been performed and the likelihood of us needing to retain the information in the event of a claim arising, whether the data is still up to date and whether there are exceptions set out in the applicable data protection legislation that allows us to retain the personal data for a longer period or indefinitely.


Our website may, from time to time, contain links to and from the websites of third-party service providers, partners and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy and security policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Your rights

Under certain circumstances you have rights under data protection laws in relation to your personal data. You have the right to know what personal information we keep about you. Upon receipt of a written request to the address below, we shall consider any request to provide such information to you.

Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

  • If you want us to establish the data’s accuracy.
  • Where our use of the data is unlawful but you do not want us to erase it.
  • Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
  • You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform.

If you are concerned that any of the information we hold about you or wish to exercise any of the rights above please contact us at this address:

Data Protection Team
Grafton House
Russell Road
Ipswich IP1 2DE

We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Changes to our Privacy Policy

We keep our privacy policy under regular review. This privacy policy was last updated on 6 March 2019.

Contact Us

IPSERV, Grafton House, 15-17 Russell Road, Ipswich, IP1 2DE

01473 432222