Privacy Policy
Last updated: 1 January 2026
1. Introduction
PCN-Beater ("we", "our", or "us") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and protect your information when you use our parking ticket appeal service.
We comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
2. Data Controller
The Data Controller for this service is the Operator of PCN-Beater.
Contact email: support@pcnbeater.co.uk
3. Information We Collect
We collect only the data necessary to provide our appeal drafting services:
A) Case Data
- Vehicle Registration Mark (VRM)
- Penalty Charge Notice (PCN) Number
- Images of the ticket and any supporting evidence uploaded by you
- Details of the alleged contravention (location, date, time)
- Your stated reason for appeal and any additional context you provide
B) Contact Data
- Name (used as the sender on your appeal letter)
- Postal Address (used as the return address on your appeal letter)
- Email Address (for delivery of the service and order confirmations)
C) Transaction Data
- Order ID and timestamps
- Payment confirmation details
- Note: We do NOT store or have access to your full credit/debit card information. All financial transactions are handled securely by Stripe.
D) Usage Data
- IP address, browser type, and device information (for security and fraud prevention)
- Pages visited and interactions with our website (via analytics - see Cookies section)
4. How We Use Your Data
We process your data under the following lawful bases:
Contractual Necessity (Article 6(1)(b) UK GDPR)
To generate your appeal letter, process your payment, and deliver the service you have purchased.
Legitimate Interests (Article 6(1)(f) UK GDPR)
To prevent fraud, improve our service, ensure website security, and send cart abandonment reminders.
Legal Obligation (Article 6(1)(c) UK GDPR)
To maintain financial records for tax and accounting purposes as required by law.
Consent (Article 6(1)(a) UK GDPR)
For analytics and marketing cookies where you have provided consent via our cookie banner.
5. AI Processing
We use artificial intelligence to provide our service:
- OpenAI GPT-4o: Used to analyze your ticket photographs (via GPT-4o Vision) and generate personalized appeal letter drafts
- Your ticket images and case details are sent to OpenAI's API for processing
- OpenAI processes data in accordance with their data processing agreement and does not use your data to train their models
- No automated decision-making with legal effects is performed - all generated letters are drafts for your review
6. Data Sharing (Third-Party Processors)
We share data with trusted third-party service providers who process data on our behalf:
| Provider | Purpose | Location |
|---|---|---|
| OpenAI | AI text generation and image analysis | USA |
| Stripe | Secure payment processing | USA |
| Resend | Email delivery (confirmations, documents) | USA |
| PostGrid | Print and postal fulfilment (when enabled) | Canada/USA |
| Google Analytics (GA4) | Website analytics and conversion tracking | USA |
| Microsoft Clarity | Session replay and heatmap analytics | USA |
| CookieYes | Cookie consent management | UK/EU |
We do NOT:
- Sell your data to third parties
- Share your data with parking enforcement agencies (unless you explicitly engage us to send a letter on your behalf)
- Use your data for marketing without your consent
7. International Transfers
Some of our service providers process data outside the UK/EEA (primarily in the USA). Where this occurs, we ensure appropriate safeguards are in place:
- UK International Data Transfer Agreement (UK IDTA)
- Standard Contractual Clauses (SCCs) approved by the ICO
- Data Processing Agreements with all processors
8. Data Retention
We retain your data for limited periods based on necessity:
9. Cookies
We use cookies to ensure our website functions correctly and to understand how visitors use our site:
Essential Cookies
Required for the website to function (e.g., session management, CSRF protection). These cannot be disabled.
Analytics Cookies
Used to understand site usage (Google Analytics, Microsoft Clarity). These require your consent.
Managing Cookies
We use CookieYes to manage cookie consent. You can change your preferences at any time by clicking the cookie settings icon or adjusting your browser settings.
10. Your Rights
Under the UK GDPR, you have the following rights:
- Right to Access: Request a copy of the personal data we hold about you
- Right to Rectification: Request correction of inaccurate or incomplete data
- Right to Erasure: Request deletion of your personal data ("Right to be Forgotten"), subject to legal retention obligations
- Right to Restrict Processing: Request that we limit how we use your data
- Right to Data Portability: Request your data in a machine-readable format
- Right to Object: Object to processing based on legitimate interests
- Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time
To exercise any of these rights, contact us at support@pcnbeater.co.uk. We will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.
11. Security
We implement robust technical and organizational measures to protect your data:
- Encryption in transit (SSL/TLS) for all data transfers
- Secure cloud hosting with access controls
- Payment processing handled entirely by PCI-DSS compliant Stripe
- Regular security reviews and updates
However, no internet transmission is 100% secure. We encourage you to use strong passwords and protect your email account.
12. Updates to This Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The "Last updated" date at the top of this page indicates when the policy was last revised. We encourage you to review this page regularly.
13. Contact Us
If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:
Email: support@pcnbeater.co.uk
Website: www.pcnbeater.co.uk