JustPark is a cashless parking payment provider for 18 local authorities and over 50 private operators including Universities and Hospitals. We provide parking payment options, through mobile applications, IVR and online. We focus on improving the customer experience and innovation including emissions pricing, EV charging and Blue Badge fraud prevention.
- Mobile Applications, IVR, SMS and web payments for parking sessions
- Comprehensive back office reporting tools for analysis of parking sessions
- Dedicated account management and support for parking team
- Integrated with hardware suppliers for pay-on-exit and autopay
- Finance analysis and optimisation
- Pre-booking service for revenue maximisation and optimisation
- Tools to combat Blue Badge fraud
- Predictive availability to reduce congestion and emissions
- Pre-booking service for EV charging points
- Dynamic and emissions based pricing
- Fastest way to pay for parking
- 3m+ registered customers
- 99.9% uptime SLA
- Forward thinking team focused on the future of mobility
- Reduce congestion and emissions
- Reduce costs associated with appeals
- Improve your parking brand and customer experience
- Secure (PCI certified) platform
- Reduce cash collection costs and high merchant fees
- Communicate effectively with motorists through online messaging
£0.00 to £0.10 per transaction
- Education pricing available
- Free trial available
|Software add-on or extension||Yes, but can also be used as a standalone service|
|What software services is the service an extension to||
Payment Machine services
|Cloud deployment model||
|System requirements||Internet Access|
|Email or online ticketing support||Email or online ticketing|
|Support response times||
Our response time is dependant on the contact method and the issue the user is experiencing.
When contacting us via by email Email/Tickets, there are 4 separate SLAs and they are as follows:
• Urgent - SLA of within 30 minutes
• High - SLA of within 4 hours
• Normal - SLA of within 24 hours
• Low - SLA of within 72 hours
When contacting us via Live Chat, during office hours, a user will typically receive a response within minutes.
|User can manage status and priority of support tickets||Yes|
|Online ticketing support accessibility||WCAG 2.1 AA or EN 301 549|
|Phone support availability||24 hours, 7 days a week|
|Web chat support||Web chat|
|Web chat support availability||24 hours, 7 days a week|
|Web chat support accessibility standard||None or don’t know|
|How the web chat support is accessible||We use Zendesk to manage our customer support tickets, and they are currently working on meeting WCAG 2.1 AA.|
|Web chat accessibility testing||To date, we have not done any testing with assistive technology users as we only recently began rolling out Live Chat.|
|Onsite support||Onsite support|
As a client of JustPark's, you will have your own dedicated client account manager, priority access to the client-facing account support team and direct contact with the sales director on the senior management team.
Your drivers will receive priority customer service support from our UK customer service team (available on a free phone, local rate number), who are also available out of hours to the client should any issues arise.
During implementation, you will have regular in person and conference call meetings with your account manager and the implementation team, as well as full client training on the back office product and driver facing products so your team is fully equipped for the switch to JustPark. Should any follow-up training be required, we can provide this via video call or in person if more suitable.
In person contract review meetings will take place at the frequency defined by the client - as frequently as once per quarter following initial implementation.
Our goal is for you to receive the support you and your drivers need, whenever it is required. All of the above is provided free of charge.
|Support available to third parties||Yes|
Onboarding and offboarding
There will be an initial kick off meeting to outline the project plan, timelines and project scope. We will guide you thorough every step of the implementation. The account management and implementation teams have conducted over 18 local authority implementations over the last 18 months and all have gone very smoothly.
Throughout the implementation process, you will have regular in person and conference call meetings with your account manager and the implementation team.
For training, all relevant employees from the user's organisation will receive full training on the back office and driver facing products so the team is fully equipped for the switch to JustPark. Should anyone be absent, we will conduct a train-the-trainer process with the most senior team member.
Should any follow-up training be required, we can provide this via video call or in person if more suitable.
We will provide hard and soft copy (PDF) user guides for all of the products, and send updated versions to the user as and when updates are made to the training documentation.
|End-of-contract data extraction||At the end of the contract, all data specific to the contract will be made available via our online export function. This will include all parking session data for the duration of the contract.|
At end of contract all signage will be removed and the new provider will be responsible for the erection of new provider signage.
The telephone service will be switched off at an agreed time and date.
All outstanding monies owed to the client will be calculated an paid within the 30 day SLA should the service be on a JustPark MID.
JustPark has the ability to contact all current customers to advise of the switch to a new provider.
Using the service
|Web browser interface||Yes|
|Application to install||No|
|Designed for use on mobile devices||Yes|
|Differences between the mobile and desktop service||We offer a mobile responsive website and all functionaility is available on mobile and well as desktop.|
|What users can and can't do using the API||
We can integrate our solution with your existing enforcement providers using our API.
We offer out-of-the-box integrations with Imperial Civil Enforcement Solutions (ICES), Conduent, ZatPark, Chipside, Civica, Spur, and WSP.
We can also use our API to integrate with barriers, payment machines, sensors systems and ANPR solution.
|API documentation formats||Open API (also known as Swagger)|
|API sandbox or test environment||Yes|
|Description of customisation||We can customise the brand on the checkout on web and mobile web. This represents one part of the user experience when the user is ready to buy. As a result, users can log in, pay and get a confirmation email on a web white-label experience.|
|Independence of resources||We run containerised workloads on managed kubernetes (GKE on gcloud) for our applications. Kubernetes is an app deployment, networking and management platform, that let’s us easily scale applications running in containers. Our primary cluster straddles three different data centres equally for high availability. We then preform regular load test to ensure we are able handle additional load and understand our theorical limit.|
|Service usage metrics||Yes|
We provide metrics for measuring car park performance and efficiency metrics including but not limited to:
- Usage/Registration Statistics (By platform)
- Motorist Demographics
- Occupancy rates
- Pricing Insights
- Payment Methods
- Transaction Volumes (broken down by Location, Zone)
- Parking Durations (broken down by Location, Zone)
- Revenue (broken down by Location, Zone)
|Supplier type||Not a reseller|
|Staff security clearance||Other security clearance|
|Government security clearance||Up to Developed Vetting (DV)|
|Knowledge of data storage and processing locations||Yes|
|Data storage and processing locations||
|User control over data storage and processing locations||No|
|Datacentre security standards||Managed by a third party|
|Penetration testing frequency||At least once a year|
|Penetration testing approach||‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider|
|Protecting data at rest||Encryption of all physical media|
|Data sanitisation process||Yes|
|Data sanitisation type||Deleted data can’t be directly accessed|
|Equipment disposal approach||A third-party destruction service|
Data importing and exporting
|Data export approach||You can export data by using the back-office interface provided to every client or speaking to your account manager who can arrange an export. All data specific to this contract will be made available.|
|Data export formats||
|Other data export formats||
|Data import formats||
|Other data import formats||XLS|
|Data protection between buyer and supplier networks||TLS (version 1.2 or above)|
|Data protection within supplier network||
Availability and resilience
- Smartphone Applications: 99.9%
- Back-Office System: 99.9%
- Enforcement API: 99.9%
- Payment Processing: 99.9%
See SLAs in Service Document for more information.
|Approach to resilience||We run containerised workloads on managed kubernetes (GKE on gcloud) for our applications. Our primary cluster straddles three different data centres equally for high availability. We run multiple replicas of each of these applications simultaneously and have the facility to horizontally scale these replicas automatically based on CPU usage when required. Both the backend services in this relationship use Redis as a cache layer and also as a queue system, configured in a Highly Available setup with failover replicas in separate data centres in the case that the primaries fail. Both the backend services use a MySQL database set up in a Highly Available configuration across multiple data centres with multiple read replicas to handle database read load, and a dedicated failover replica located in a different data centre ready to take over as the master in the case of an outage or hardware failure.|
We provide a statuspage indicating any current issues, updates and expected resolution times.
In our client facing portal we have intergrated with this statuspage service to identify to customer when we are experiencing any issues
We utilise statuspage.io which provide a public dashboard, API access and email alerts on subscription basis.
Identity and authentication
|User authentication needed||Yes|
|User authentication||Username or password|
|Access restrictions in management interfaces and support channels||
When the back office is set up, your account manager will liase with the key point of contact at the user's organisation. We will send a spreadsheet with each 'permission' and a list of what that 'permission' can see/do, and ask the client to fill out the names/emails of the team members who need each permission.
We will not set up any new users without the key point of contact's permission.
If any detailed requests from the user's team members come through our support channels, the request will be passed on to the account manager for review.
|Access restriction testing frequency||At least every 6 months|
|Management access authentication||Username or password|
Audit information for users
|Access to user activity audit information||Users contact the support team to get audit information|
|How long user audit data is stored for||At least 12 months|
|Access to supplier activity audit information||Users contact the support team to get audit information|
|How long supplier audit data is stored for||At least 12 months|
|How long system logs are stored for||Between 1 month and 6 months|
Standards and certifications
|ISO/IEC 27001 certification||No|
|ISO 28000:2007 certification||No|
|CSA STAR certification||No|
|Who accredited the PCI DSS certification||Elavon Security Manager|
|PCI DSS accreditation date||14/03/2019|
|What the PCI DSS doesn’t cover||
JustPark are PCI Level 2 compliant and complete a SAQ type D.
This include a quartly security scan and Self-assessment Questionnaire.
|Other security certifications||No|
|Named board-level person responsible for service security||Yes|
|Security governance certified||No|
|Security governance approach||We comply with ISO9001, and have internal processes and procedures that are detailed and available to all employees. All employees go through training on induction with regards to security governance, and our governance procedures are reviewed regularly by the COO and CEO. Specific training is given on security to all relevant employees.|
|Information security policies and processes||ISO9001 and internal processes, which are fully GDPR compliant|
|Configuration and change management standard||Supplier-defined controls|
|Configuration and change management approach||All changes to the system, including configuration changes are made through our distributed version control system (Git) and must be approved by at least one other team member before they are merged and deployed. During this review process potentional vulnerability are idenifity and fix before releasing|
|Vulnerability management type||Supplier-defined controls|
|Vulnerability management approach||Vulnerabilities get identified though a few different channels, the yearly penetration tests, bug bounties or customer reports. The impact of customer data is reviewed then are treated with priotity 1 status. Getting fixed immediately being patch in up to 24 hours.|
|Protective monitoring type||Supplier-defined controls|
|Protective monitoring approach||We utilise intelligent logging which looks for suspension activity and generates alerts. We then have a detailed Incident Response Plan indicating different escaltion steps and people to contact depending of different scenarios. All incidents are dealt processed with a few hours of us being made aware of the issue|
|Incident management type||Supplier-defined controls|
|Incident management approach||We have pre-defined incident response plan with clear escalation path. Users are able to report incidents via our customer support team. The issue will be idenified, priotied and fixed with the customer being informed at each step of the progress.|
|Approach to secure software development best practice||Conforms to a recognised standard, but self-assessed|
Public sector networks
|Connection to public sector networks||No|
|Price||£0.00 to £0.10 per transaction|
|Discount for educational organisations||Yes|
|Free trial available||Yes|
|Description of free trial||JustPark will provide a payment platform for a limited amount of time to operators, Local Authorities and other parking space providers to demonstrate the added value that our platform can bring.|