Hi, I have appealed a parking fine from Euro Car Parks on the basis that their machine was out of order, and the paybyphone website did not notify me that payment had failed. I genuinely thought I had paid and was mortified to get a fine, but they obviously don't care about that.

I threw in their things about whether they have permission from the landowner to commence legal action, the images provided were cropped thus being 'digitally altered' etc. But they didn't acknowledge any of these things.

They simply sent back a screenshot of the payment made at the machine around the time I parked. This evidence doesn't prove that it relates to that car park, one payment was made at the exact minute I was stood there trying to get the machine to work, so I don't accept that at all. Even worse, they have stated they have redacted the number plates for data protection reasons, but the full number plates of around 7/8 cars are there in black and white. This is a clear personal data breach.

My question is whether I should take this to POPLA on the basis their evidence is lacking, and also threaten to report their breach, or whether I should hit back directly at ECP with the GDPR issue and hope they cancel it without the need to go to POPLA.

Any help/similar experiences would be really appreciated. Thank you!