Last Updated: April 17, 2024
What LPR Is
License Plate Recognition technology (“LPR System” or “LPR”) utilizes cameras and various processes to capture and store digital images of vehicle license plates, and uses character recognition algorithms to identify license plate characters. An LPR System creates a searchable computerized database resulting from the data collected by fixed and/or mobile cameras located at various locations. LPR System data (“LPR Data”) includes license plate number information as well as the date, time and location when the image or information was collected.
Using LPR
There are many laws that govern how an LPR System may or may not be appropriately used by business organizations and law enforcement authorities. This LPR Policy pertains only to PCA-KC, LLC. PCA-KC, LLC shall be construed to include its corporate affiliates and its/their officers, directors, employees and agents (hereinafter collectively “PCA-KC, LLC”). PCA-KC, LLC may also be referred to herein as “We,” “Us” or “Our.”
Purpose Of This LPR Policy
The purpose of this LPR Policy (“Policy”) is to detail Our use of the LPR System, Our authorized users of the LPR System and how We appropriately use, access, process, share, store, maintain, collect, secure and retain the LPR Data that is within Our possession or control, in compliance with all applicable federal, state and local laws.
Applicability Of This Policy
This Privacy Policy pertains only to Our interaction with and use of the LPR System that is deployed at each parking location that We manage, including Our data practices relevant to the LPR Data that is within Our possession or control. Any LPR Data that is in the possession or control of others including how those parties make use of the LPR System is subject to the respective LPR policies of these other parties and not this Privacy Policy. Accordingly, be sure to carefully review the LPR policies of these other parties for how they interact with and make use of the LPR System including their data practices relevant to the LPR Data that is within their possession or control. This Policy is also applicable to any third party LPR related information that We may receive from other third parties (such as law enforcement) and whether We release that information or data shall depend upon this Policy, applicable law and what instructions We may receive from that third party.
Purpose Of Collecting LPR Data
We utilize LPR to capture, analyze, and store digital license plate data to enable the rapid identification of vehicles in support of parking operations and compliance activities. LPR may also be used to supplement or replace paper tickets to log the times at which a vehicle enters or exits Our LPR enabled and PCA-KC, LLC managed parking locations in order to determine the fee due upon exit. LPR Data may also supplement or replace proximity access cards and permit stickers to grant location entry to subscription parking permit holders and to facilitate a more efficient and expedient location exit.
How We Use LPR Data
We may use LPR Data to: (1) correct parking fees for lost entry tickets; (2) identify and track down abandoned vehicles left in Our managed parking locations; (3) verify the count of vehicles parked in Our managed parking locations; (4) help customers locate their vehicles; (5) identify open parking spaces; (6) permit entry/exit to vehicles without need for interaction at the entry/exit gate; (7) respond to inquiries from law enforcement, legitimate third party subpoenas or from other legitimate third parties; (8)issue fee, parking violation or citation notices; (9) collect on an unpaid debt; and (10) generate various operational metrics and statistical reports internal to Our organization and for Our own internal business purposes, noting that in certain instances Our clients may have access to the same data.
Restricted Uses
We do not process or make the LPR System or LPR Data available to individuals for any personal, non-commercial purposes. We only use the LPR System to collect license plate data from within public view. Any LPR Data that We may access shall not be used by Us to harass, intimidate or discriminate against any individual or constitutionally protected group.
Management Of The LPR System
The LPR System that is deployed at each parking location that We manage is primarily installed and managed by Our trustworthy independent third party service providers who have undertaken responsibility for safeguarding the LPR Data that is within their possession and control, including its collection, use, security, integrity, dissemination, retention, monitoring and destruction. Our trustworthy independent service providers have also assumed responsibility for ensuring that their authorized users of the LPR System operate the LPR System legally and in accordance with the terms of their respective LPR policies.
Training
All of Our authorized users of the LPR System (including Our employees and any contractor that We may hire to serve as one of Our authorized users) shall receive training prior to being granted access to the LPR System and/or LPR Data. A record of all completed training is maintained by Us and/or by Our independent trustworthy service providers. Our LPR operators may receive initial training from Our LPR service provider who may also provide the LPR software and hardware. The training may include the procedure and proper use of the system prior to being granted access to the LPR system. In addition, each of Our users may receive annual refresher training from the Program Manager or his/her designee. The training may include:
- Education about applicable laws;
- Education about how to operate the equipment; and
- Education about how to safeguard password information and how to properly access the LPR System and LPR Data.
Access
Our authorized users with access to LPR Data shall include staff personnel, employees and contractors (if applicable) with an operational or departmental need to specifically oversee such a system and/or are responsible for parking operations and enforcement. The respective Facility Manager deploying an LPR System is the custodian and head administrator of the LPR System and its operation. The only individuals with access and the ability to query data in the system are:
Facility Managers, and their designee(s) Program Managers, and their designee(s); Assistant Parking Managers Parking Supervisors; Auditors; IT Personnel; and Bookkeepers
All logins and queries are stored and monitored, and contain the following information:
Username; Date; Time; Purpose of query; and License plate and other criteria used to query the system.
This data shall be stored and monitored by each respective Facility Manager or their designees. License plate information is only referenced against vehicle parking databases or other third party databases where the third party has legitimately requested that We do so for a legitimate purpose, such as for law enforcement or for debt collection purposes. See section entitled “LPR Data Requests from Third-Parties” below.
The Facility Managers or their designees shall also run periodic audits to ensure access to the LPR Data was made by authorized persons for authorized uses.
What LPR Data Is Collected
The following information may be collected by the LPR System but not all of the following information may be received, accessed by, used or retained by Us:
Vehicle license plate image captured; Vehicle license plate number; Vehicle license plate state; Date; Time; Location; and Payment and parking device information.
Data Storage & Data Retention
LPR Data is generally sent to and stored in the databases of Our trustworthy independent third party service providers. Some of the LPR Data that is accessed by PCA-KC, LLC may be stored in Our database when such data is needed to process a parking related transaction at one of Our parking locations that We manage. This data is used by the LPR System, for example, to allow parking customers to gain entry to parking for which their permit is valid and to exit without having to provide payment. The permit holder’s license plate number may be used to supplement or replace proximity access cards, plastic hang tags, stickers, and other permit materials.
The length of time that LPR Data in Our possession or control will be retained or stored in Our databases varies depending on the parking lot location and such data may be destroyed or overwritten at any particular parking facility location if that location’s data storage capacity has been exceeded, but all such data is also centrally stored and maintained indefinitely by Our Business Intelligence Unit in a transactional format. In any event, when lawfully required to by court order, to comply with a pending litigation, in response to a legitimate inquiry from law enforcement or under circumstances where We need to continue to retain such data for Our own operational, research, statistical or business purposes, noting also that LPR Data not in Our possession or control may be stored in third-party LPR cameras, equipment and connected databases pursuant to a third-party’s own data privacy policies and procedures. The data records stored on Our LPR servers do not include photographs of the vehicle (either close-up of the license plate or context photo of the rear or front of the vehicle) but instead are limited to the alpha numeric license plate information and accompanying date, time, and location in the field. Such records do not directly identify a particular person. Please consult the LPR policies of our independent service providers for information about how long Our LPR service providers retain the LPR Data in their databases.
Security
We and Our independent trustworthy LPR service providers use administrative, operational, technical and physical safeguards to protect the LPR System and LPR Data from unauthorized access, use, destruction, modification or disclosure including implementing the following safeguards:
Administrative
Username and password-protected access to the LPR System. The system shall document in a separate log all information access by username, including the date and time of access, the data elements used to query the LPR System, the organization or entity with whom the username is associated or affiliated with, what LPR Data was accessed and the purpose for accessing the data. In addition, the database usage shall be monitored and audited.
Operational
Training Our authorized users on proper use and secure practices when using LPR Data and the LPR System and its database and taking steps to ensure that others who are designated as Our authorized users to be given access to the LPR System and LPR Data follow the requirements of this Policy including applicable law.
Physical
All network equipment and servers containing sensitive data are maintained and accessed only by authorized personnel. This includes the secure storage of computers with access to the database.
Technical
All information is encrypted to protect any personally identifiable information. The LPR System workstations and servers shall be updated with the latest security patches on a regular basis. Antivirus protection will be utilized, and log files will be periodically reviewed. The LPR Data shall be secured, encrypted, and backed up regularly.
In the very unlikely event of a data breach that constitutes a violation of any applicable law, proper data breach notifications will be made in accordance with applicable law.
Quality Assurance
Collection of or access to LPR Data may be automated in some cases so the LPR Data and details of collection or access are included in the LPR System without review. Although infrequent, license plate translation may be incomplete or inaccurate and LPR Data may include inadvertently collected or accessed information. Accordingly, the appropriate Facility Manager or his/her designee shall take the appropriate measures to ensure accuracy, correct license plate translation errors when identified and see that any inadvertently collected or accessed information is removed from the system and/or not used for any purpose.
Releasing LPR Data
We will not share LPR Data that is within Our possession or control with any commercial or private entity or individual, other than as necessary to conduct Our parking management operations. We include confidentiality provisions in Our agreements with Our contractors to prohibit any use or distribution of LPR Data within Our possession or control for any purpose other than the authorized uses under this Policy. LPR Data gathered or collected and records retained regarding this data will not be:
Sold, published, exchanged, or disclosed for commercial marketing or promotional purposes. Disclosed or published without authorization. Disseminated to persons or entities not authorized to access or use the data.
LPR Data Requests from Third-Parties
We shall provide LPR Data to a federal, state, or local law enforcement or other governmental agency upon legitimate inquiry or only if a warrant or other court order is issued and served. In addition, LPR Data gathered shall not be disclosed to the public or in a civil matter unless such disclosure is required by law or court order. Further, any specific request for LPR Data that we may receive from a third party is always subject to Our review and approval. If we were to accept and approve such a request, We would require that the third party certify compliance with all applicable law and adopt LPR policies and practices consistent with this Policy.
Enforcement
Violation of this Policy by any PCA-KC, LLC employee, retained contractor, or other PCA-KC, LLC authorized user, may lead to suspension or termination of that user’s access to the LPR System and LPR Data, and potentially suspension or termination of employment or contract retention.
Changes To This Policy
This Policy may be amended from time to time in order to account for new PCA-KC, LLC company-wide or facility specific policies and procedures and/or new changes in the law, so please be sure to periodically check this Policy for any new updates. We also reserve the right to apply such Policy amendments to any LPR Data that may have been collected prior to the implementation of any Policy amendment.