Terms & Conditions (of using this web site)
Chipside Ltd are the master strategic partner for MiPermit's services in the UK and provide parking solutions to UK local authorities and private parking companies.
The term 'Chipside Ltd', 'Chipside', 'MiPermit' or 'us' or 'we' refers to Chipside Ltd the owner of this web site whose company registration number is 04049461 (registered in England). The term 'you' refers to the viewer or user of this web site.
- The content of the pages of this website is for your general information and use only. It is subject to change without notice.
- Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.
- Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.
- This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.
- All trade marks reproduced in this website which are not the property of, or licensed to, the operator are acknowledged on the website.
- Unauthorised use of this website may give rise to a claim for damages and/or be a criminal offence.
- From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).
- You may not create a link to this website from another website or document without Chipside's prior written consent.
- Your use of this website and any dispute arising out of such use of the website is subject to the laws of England, Scotland and Wales.
The information contained in this website is for general information purposes only. The information is provided by Chipside Ltd and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this website.
Through this website you are able to link to other websites which are not under the control of Chipside Ltd. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, Chipside Ltd takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.
Chipside Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Chipside Ltd may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 1st December 2009 and was last updated 1st March 2015.
Information we collect:
When using Chipside Ltd's services we may collect the following information:
- Your name.
- Email address, mobile and land-line telephone numbers.
- Residential information (such as your address and postcode) may be required in order that we can provide you with services such as residential/visitor parking permits.
- Vehicle information such as Vehicle Registration Numbers and Make/Model of vehicles you enter in to our system.
- Date and time of commencement and duration of parking via one of the MiPermit services we offer.
- Payment card information which is used to process parking/permit transactions. Note: We do not store full payment card information.
This information is collected on your MiPermit account where Chipside Ltd are the data processor, and the parking authority (the owners of the car parks or parking schemes you are using) are the data controller unless otherwise stated.
What we do with the information we gather
We require this information in order to provide you with MiPermit services. Further information may be used to understand your needs and provide you with a better service, and in particular for the following reasons:
- Communicate with you about your account and products/services you use with us.
- Vehicle information (such as Vehicle Registration Number and permit/stay durations) are passed to the parking authority for parking enforcement purposes.
- Internal record keeping and auditing.
- We may use the information to improve our products and services.
- Payment details are not stored by our systems other than the last four digits of the card number and the expiry date which may be used as a security step in confirming we are in contact with the account holder should this be required, as well as for auditing.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.
More information on data security can be found in our data security section.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so.
You may request details of personal information which we hold about you under the Data Protection Act 1998. A small fee may be payable. If you would like a copy of the information held on you please write to us at our head office address.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
For more information on cookies and how to remove them, please see www.aboutcookies.org
Cookies set by this web site:
|ASPSESSIONID*||Session information cookie generated by the Microsoft's Classic ASP programming language.||Expires on exit|
Cookies set by third party suppliers:
|Provider||Cookie Name||Purpose||More Information|
Making our Site Accessible
MiPermit has a core system design for its internet systems. It also works with many car park location operators on specific pages designed to their corporate requirements. The web pages are designed in order to be accessible to all users, and to comply with the Disability Discrimination Act (DDA).
During the design of this website, we worked closely with our Local Authority customers and hope that we have produced a design that is user friendly and fully accessible.
We followed the Priority 1 and 2 guidelines relating to accessibility as set out by the World Wide Web Consortium (W3C). All pages on this website have also been validated for XHTML and CSS, with accordance to the web standards set out by the W3C.
Main design requirements we have considered:
- Auditory and visual content must have alternatives (e.g. text)
- Don't rely on colour alone for content accessibility
- Markup and style sheets must be used correctly
- Use plain language in content where possible
- Ensure that documents are clear and simple
- Content in tables must transform correctly
- Pages featuring new technologies must transform correctly
- Users must be able to control time-sensitive page updates
- Embedded interfaces must be directly accessible
- Consider and design for device independence
- Use W3C design technologies and guidelines
- Provide clear navigation mechanisms
- Provide context and orientation information
- Nothing in the design stops the user using operating system accessibility functions - magnifiers, on screen keyboards or touch screens
- The content on all pages is readable without the style sheets, colour, scripts and applets
- All images, animations and buttons have alternative descriptions that can be read by screen readers
- Any multimedia containing important information has an alternative or text-only version
- All tables used for layout have captions to clarify their layout-only use
- The pages do not rely on colour for navigation - for example 'click the red link'
- The site uses simple and straight-forward language where possible
- The site uses style sheets (CSS) to format text and layout
- Every link has a clear title
- Pages should resize according to the access method being used
- All events requiring a mouse do not hinder the user's ability to view information
- The user is aware when a pop-up or new window is opened
- All link phrases make sense when read out
If you have experienced a problem with the design of this website, please let us know and we will do our best to help. Contact us via our contact us page.
Disability Discrimination Act
The DDA was passed in 1995, with the latest update in 2004. Its purpose was to end the discrimination facing many disabled people and covers design of internet sites.
The Web Content Accessibility Guidelines (WCAG) were set out by the World Wide Web Consortium (W3C) in 1999 to assist web site developers to produce internet sites that are accessible to as many people as possible.
Credit & Debit Card Security
Chipside Ltd (and their strategic partnership with MiPermit) systems do not store your credit or debit card number. It is automatically passed to the payment authorisation service (Sage Pay) and only the last four digits of your card and the expiry date are stored for auditing and account verification purposes. This is one of a number of security layers implemented for your protection.
A merchant number is the way that the banks know who is asking for money from your credit or debit card.
Many of our Local Authority and other clients use their own merchant number supplied directly by their own banks. Our clients may use their own master merchant number to collect payments from you, or can opt to use Chipside's master merchat number as a service to collect payments. We require use of a company called Sage Pay to ask the banks for payment from your credit/debit card. All our partners are required to use a PCI-DSS certified service to ensure the same standards of security.
Payments taken by Chipside's master merchant account will be shown on your statement as 'Chipside Limited'.
Who is Sage Pay?
Sage Pay (formerly called Protx) is the fastest growing independent Payment Service Provider (PSP) and is a division of business software company Sage, one of the UK's most trusted business brands. Sage Pay process over 4 billion secure payments each year, for over 30,000 + UK businesses of all sizes. They all rely on Sage Pay to keep their money moving and help them to tackle online card fraud, ensuring that the payment process is safe and easy.
Is Sage Pay Secure?
Sage Pay provides a secure payment gateway (Level 1 PCI DSS) for processing payments for thousands of online businesses, including ours. It is Sage Pay's utmost priority to ensure that transaction data is handled in a safe and secure way.
Sage Pay uses a range secure methods such as fraud screening, IP address blocking and 3D secure. Once on the Sage Pay systems, all sensitive data is secured using the same internationally recognised 256-bit encryption standards.
Sage Pay is PCI DSS (Payment Card Industry ] Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.
Sage Pay is an active member of the PCI Security Standards Council (PCI SSC) that defines card industry global regulation.
In addition, you know that your session is in a secure encrypted environment when you see https:// in the web site address, and/or when you see the locked padlock symbol alongside the address, but always check that the certificate which is used to create a https connection is valid and from a trusted source.
When making payments through our services, you can be sure that you are completely protected.
More information about paying securely with Sage Pay can be found at www.sagepay.com
PCI DSS Compliance
For your protection and to reduce the possibility of credit card fraud, banks issuing merchant numbers require the holders to be assessed for compliance with banking industry security protocols. Your parking location operator will have decided whether they are charging you directly, or through agents. In any event, each merchant number holder is required to hold a valid PCI certificate for the service.
Data Transfer Security
To operate the MiPermit service efficiently, there are a number of data transfers that occur automatically between our systems, those of our partners, suppliers and those of our customers - for example car park location enforcement teams (to advise that your stay is valid). Each transfer has relevant security protocols applied to them as noted briefly below.
Credit Card Information
Information passes to Sage Pay. All transaction information passed between merchant sites and Sage Pay's systems is encrypted using a minimum of 256-bit SSL certificates. No cardholder information is ever passed unencrypted and communication between our servers and you, and the payment processor Sage Pay are signed using MD5 hashing to prevent tampering. Nothing we pass to Sage Pay's servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.
Details of your vehicle registration number, parking location and expiry time are transmitted to the car park location operator handheld computers for the purpose of parking enforcement. This is done securely using a number of methods depending on what is chosen by the operator.
Details of your payment value (but not your personal or card details) are transmitted by electronic transfer to car park location operators back office financial systems for audit purposes.
Details of your usage of the service is accessed by the car park location operators using either our management reporting functions or by secure electronic data transfer, depending on the requirements of the operator.
It is important to understand that you are a customer of the car park location operator (be this a Local Authority or privately owned parking provider) in the same way that you are a valued customer of Chipside and the MiPermit service and its partners. Your name and address may be passed to those parties as part of good systems governance.
Worried About Your Data?
We want to ensure that you are comfortable with the use of your data. If you need to speak to us about your data, please email or telephone. We will be pleased to help.
Transfers of Data Outside Europe
We are required to take steps to satisfy ourselves that any country outside the EEA gives adequate data protection rights to you, before transferring your information to any country outside the European Economic Area (EEA). The EEA currently comprises of the EU countries and Norway, Iceland and Liechtenstein. Countries outside the EEA may not give the same level of protection to your information as those within the EEA. Our website is hosted in the UK and we do not transfer outside the EEA any information submitted by you through the site. However, we do currently allow you to access your account worldwide from many devices including mobile devices.