Our commitment to protecting personal data in accordance with Ethiopian law and international best practice. Last updated 21 April 2025.
ParkET PLC is committed to processing personal data responsibly, transparently, and in full compliance with the Ethiopian Personal Data Protection Proclamation and all other applicable laws. Data protection is not merely a compliance exercise for us — it is a core part of how we build trust with the drivers, wardens, and city administrators who depend on our platform.
This Data Protection Policy explains how ParkET embeds data protection principles into our operations, governance, and technology. It applies to all personal data we process as a data controller and provides additional detail supplementing our Privacy Policy.
ParkET processes personal data only to the extent necessary to provide safe, efficient digital parking services in Ethiopia. We design our systems with privacy in mind from the outset.
Every data processing activity at ParkET must comply with the following principles:
We process data only on a valid legal basis and always treat data subjects fairly and transparently.
Data is collected for specific, explicit purposes and not processed further in a manner incompatible with those purposes.
We collect only the data that is necessary for the purpose — no more, no less.
We take reasonable steps to keep personal data accurate and up to date, and promptly correct or delete inaccurate data.
Personal data is kept in identifiable form only for as long as necessary for the stated purpose or required by law.
We use appropriate technical and organisational measures to protect data against unauthorised access, loss, or destruction.
Our Data Protection Officer is responsible for monitoring compliance with these principles across the organisation.
ParkET relies on the following legal bases to process personal data:
Processing your Telebirr phone number and vehicle plate number(s) is necessary to provide the parking service you have contracted for. Without this data, we cannot activate sessions or verify parking.
We process device information, usage analytics, and IP addresses based on our legitimate interests in fraud prevention, service improvement, and security. We have conducted legitimate interests assessments to confirm that these interests are not overridden by your rights.
We process and retain certain data (e.g., violation records, financial transaction records) because we are required to do so by Ethiopian municipal regulations, tax law, and other applicable legislation.
We rely on your consent for non-essential location tracking beyond what is required to display the parking map. You may withdraw consent at any time through the app's location settings.
ParkET has appointed a Data Protection Officer (DPO) who is responsible for:
The DPO operates independently and reports directly to the Chief Executive Officer. Contact the DPO at dpo@parket.et or by post at our registered office in Bole Sub-City, Addis Ababa.
ParkET is an Ethiopian company and our primary data processing occurs within Ethiopia. Some of our cloud infrastructure providers may process data in other jurisdictions. When this occurs, we ensure that:
We do not transfer personal data outside of Ethiopia to countries that do not provide equivalent data protection without your explicit consent or a compelling legal requirement to do so.
We engage third-party data processors to assist in delivering our Service. All processors are subject to:
Key processors include our cloud hosting provider, SMS gateway provider, and anonymised analytics platform. A full list of sub-processors is available on request from our DPO.
ParkET maintains a documented personal data breach response procedure. In the event of a breach:
To report a suspected data security incident, contact security@parket.et immediately.
ParkET conducts a Data Protection Impact Assessment (DPIA) before implementing any new processing activity that is likely to result in high risk to individuals' rights and freedoms. DPIAs are mandatory for:
DPIAs are reviewed and signed off by the DPO before the relevant processing commences.
We maintain documented procedures to handle data subject rights requests efficiently and within the required timeframes. All requests are logged, acknowledged within 5 business days, and fulfilled within 30 days (extendable by a further 2 months for complex requests with notification).
Rights we facilitate include: access, correction, deletion, restriction of processing, data portability, and objection to processing. Where we are unable to fulfil a request (e.g., due to a conflicting legal obligation), we will explain the reason in writing.
Submit rights requests to privacy@parket.et.
All ParkET employees who handle personal data receive data protection training on joining the organisation and annually thereafter. Training covers:
Compliance with this policy is a condition of employment. Breaches may result in disciplinary action up to and including dismissal.
For questions about data protection at ParkET, contact our Data Protection Officer:
You also have the right to lodge a complaint with the relevant Ethiopian data protection supervisory authority if you believe we have not handled your data lawfully.