Privacy Policy

1. Who We Are

MicroANPR Technologies, Inc. ("MicroANPR", "we", "us", or "our") is a UK-based company that provides Automatic Number Plate Recognition (ANPR) software-as-a-service solutions for traffic management, security, parking, and law enforcement applications.

2. Information We Collect

2.1 Account and Contact Information

• Personal details: Name, email address, phone number, job title
• Company information: Company name, address, industry
• Account credentials: Username, encrypted passwords, authentication data
• Billing information: Processed by third-party payment providers (see Section 7)

2.2 ANPR Service Data

• Image data: Vehicle images processed through our ANPR service
• License plate data: Number plate text extracted from images
• Metadata: Timestamps, camera locations, confidence scores
• Configuration data: Camera settings, alert rules, notification preferences

2.3 Usage and Technical Data

• Service usage: API calls, feature usage, processing volumes
• Technical data: IP addresses, device information, browser type
• Performance data: Response times, error rates, system performance
• Support data: Support tickets, communication history, feedback

2.4 Cookies and Tracking

We use cookies and similar technologies as described in our Cookie Policy. This includes essential cookies for service functionality, analytics cookies (with consent), and preference cookies for user experience.

3. How We Use Your Information

3.1 Service Delivery (Legal basis: Contract)

• Providing ANPR recognition services and API access
• Processing vehicle images and extracting license plate data
• Delivering alerts, notifications, and reports
• Managing user accounts and access controls
• Billing and payment processing

3.2 Service Improvement (Legal basis: Legitimate Interest)

• Analyzing service usage to improve performance and accuracy
• Developing new features and capabilities
• Conducting research to enhance ANPR algorithms
• Monitoring system performance and reliability

3.3 Customer Support (Legal basis: Contract)

• Responding to support requests and technical issues
• Providing technical assistance and training
• Troubleshooting service problems

3.4 Legal and Compliance (Legal basis: Legal Obligation)

• Complying with law enforcement requests where legally required
• Meeting regulatory requirements for data retention
• Protecting against fraud and security threats
• Enforcing our terms of service

3.5 Communication (Legal basis: Legitimate Interest or Consent)

• Service updates and maintenance notifications
• Security alerts and important account information
• Product updates and feature announcements (with consent)
• Industry insights and best practices (with consent)

4. Data Sharing and Disclosure

We do not sell your personal data. We may share your information in these limited circumstances:

4.1 Service Providers

• Cloud infrastructure: AWS, Google Cloud, or Microsoft Azure
• Payment processing: Stripe, PayPal, or similar payment providers
• Analytics: Google Analytics (with consent)
• Support tools: Customer service and helpdesk platforms
• Email services: Transactional email providers

4.2 Legal Requirements

We may disclose information when legally required to:

• Comply with court orders, warrants, or legal processes
• Respond to law enforcement requests within legal frameworks
• Protect our rights, property, or safety
• Investigate fraud or security incidents

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity, subject to the same privacy protections.

5. Data Retention

5.1 Account Data

• Active accounts: Retained while your account is active
• Closed accounts: Deleted within 30 days unless legally required to retain
• Billing records: Retained for 7 years for tax and accounting purposes

5.2 ANPR Processing Data

• Image data: Deleted within 30 days unless you specify longer retention
• License plate text: Retained according to your configuration (up to 2 years max)
• Metadata: Retained for service analytics and billing purposes (up to 1 year)

5.3 Usage and Technical Data

• Log files: Retained for 90 days for security and performance monitoring
• Analytics data: Aggregated data retained for service improvement
• Support tickets: Retained for 3 years for quality assurance

6. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

6.1 Right of Access

You can request a copy of all personal data we hold about you. We'll provide this within one month, free of charge for the first request.

6.2 Right to Rectification

You can ask us to correct inaccurate or incomplete personal data. Most account information can be updated directly in your dashboard.

6.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data in certain circumstances, such as when it's no longer necessary for the original purpose.

6.4 Right to Restrict Processing

You can ask us to temporarily stop processing your data in certain situations, such as while we verify its accuracy.

6.5 Right to Data Portability

You can request your data in a machine-readable format to transfer to another provider. We provide export functionality in your dashboard.

6.6 Right to Object

You can object to processing based on legitimate interests, including marketing communications and analytics.

6.7 Rights Related to Automated Decision Making

Our ANPR service involves automated processing. You have the right to human review of automated decisions that significantly affect you.

7. Data Security

We implement comprehensive security measures to protect your data:

7.1 Technical Safeguards

• Encryption: AES-256 encryption at rest, TLS 1.3 in transit
• Access controls: Multi-factor authentication, role-based permissions
• Network security: Firewalls, intrusion detection, VPN access
• Monitoring: 24/7 security monitoring and incident response

7.2 Organizational Measures

• Regular security training for all employees
• Background checks for personnel with data access
• Incident response procedures and breach notification protocols
• Regular security audits and penetration testing

7.3 Data Processing Agreements

All third-party service providers sign data processing agreements ensuring they maintain appropriate security standards and comply with UK GDPR requirements.

8. International Data Transfers

Your data may be processed in countries outside the UK/EU by our cloud infrastructure providers. We ensure adequate protection through:

• EU-UK adequacy decisions where available
• Standard contractual clauses approved by UK authorities
• Certification schemes (ISO 27001, SOC 2)
• Provider-specific safeguards (AWS, Google Cloud, Microsoft Azure compliance)

9. Children's Privacy

Our services are designed for business use and are not intended for children under 16. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us immediately.

10. Changes to This Policy

We may update this privacy policy to reflect changes in our practices, technology, legal requirements, or other factors. When we make significant changes:

• We'll notify you via email and dashboard notification
• We'll update the "Last updated" date at the top of this policy
• We'll provide a summary of key changes
• For material changes, we may require your consent to continue using the service

11. Contact Us

If you have questions, concerns, or requests related to this privacy policy or your personal data, please contact us:

11.1 Complaints

If you're not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Phone: 0303 123 1113
• Post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

12. Cookie Policy

For detailed information about our use of cookies and similar technologies, please see our separate Cookie Policy.