• Our websites, portals, and point of sale services
• Our customer care and warranty services
• Our customer events, promotions, and campaigns
• Our hard parts, electronics, and soft goods
• Our software and digital products
Your consent to the processing of personal data will be obtained by an appropriate mechanism such as ticking a box, accepting a pop-up, enabling a setting for a service or website, or other statement or conduct clearly indicating your acceptance to the processing. By consenting, you acknowledge and agree to the use of your data in accordance with this Policy. We may provide additional privacy related terms in connection with a particular DNK TuneWorks product or service. Such terms prevail over this Policy to the extent of any conflict. Our products or services may contain links to other companies’ websites and other third party services that have privacy policies of their own. We recommend that you carefully read the privacy policies of such services as they are not covered by this Policy.
We collect your personal data when you purchase our products or services, use or register our products or services, enter into a sales promotion or a campaign, or otherwise interact with us. Below are examples of the categories of the personal data we may collect.
Technical Information. Some of our software products and services collect information pertaining to your use of the software, your computer hardware, your operating system, and use of connected DNK TuneWorks products. An example scenario of a connected DNK TuneWorks product is when you use the TuneECU Manager software to connect to your OBDLink device. The TuneECU or OBDLink may provide details about the device itself (firmware, part number, etc) and its usage (installation state, installed vehicle, log preferences, etc). In some cases, such as crash reports, additional information about the state of the software (callstack, limited memory snapshots) during the crash will be provided.
Information you provide us. When you register to our services, make a purchase, enter a sales promotion or otherwise interact with us, we may ask you to provide us with certain information such as your name, email address, street address, as well as user names, passwords and other such credentials that are used to authenticate users and to validate their actions or that may be needed to provide you with the products and services you have requested or to communicate with you, as well as information uploaded by you such as location, route information, pictures etc. We may collect training data, demographic information, for example, your age, gender, postal code and language preferences.
We may also collect other information you provide, such as your consents, preferences and feedback, information relating to your devices and other such information you provide us with. Please note that certain non-identifiable information collected from you may become personally identifiable when you provide us with your personal data.
Your transactions with us. We collect or request information relating to your purchase or use of our products or services as well as your other interactions with us. Such information may include, for example, details of the queries or requests you have made, the products and services provided (including delivery details), purchasing details (including payments made, credit card details, billing address, credit checks and other such financial information), details of agreements between you and DNK TuneWorks, records of contacts and communications, information and details relating to the content you have provided us with and other such transactional information. We may, in accordance with applicable law, record your communication with our customer care or with other similar contact points.
Location data. Certain services may involve the use of your location data. Use of your location data is, however, subject to your prior consent for each service.
THE PURPOSES OF PROCESSING
We use your personal data to provide quality products and services. Such use may be necessary for minimum level of service, such as buying a product online. Additional examples can be found below, described elsewhere in this Policy, and/or any provided additional service specific privacy information. Please note that one or more purposes may apply simultaneously. Provision of products and services. We use your personal data to provide you the product or service you have requested, fulfill other requests such as customer service, process your order or as otherwise necessary to perform or enforce the contract between you and us. We may also use your personal data to ensure the functionality and security of our products and services, to identify you, and to prevent and detect fraud and other misuses.
Development of products and services. We may use your personal data to develop our products and services. Whenever possible, information used for this purpose is stored anonymously or pseudonomously. Any personal data processed and aggregated for statistical analysis, is not directly identifiable to you.
Communicating with you and marketing. We may process and use your personal data to communicate with you, for example, to provide information relating to our products and/or services you are using or to contact you for customer satisfaction queries. We may process and use your personal data for marketing. Marketing purposes may include using your personal data for personalized marketing or research purposes in accordance with applicable laws, for example, to conduct market research and to communicate our products, services or promotions to you via our own or third parties’ electronic or other services. In addition, some of our products and services may be used to promote products and services of other companies. However, we will not disclose your personal data to such companies for their marketing purposes without your prior consent.
Profiling/personalization. We may process and use your personal data for profiling/personalization for such purposes as targeted direct marketing, to provide you with service more relevant to you and improvement of our products or services.. Profiling/personalization includes automated processing of your personal data for evaluating, analyzing or predicting your personal preferences or interests in order to, for example, send you marketing messages concerning products or services best suitable for you. We may combine personal data collected in connection with your use of a particular DNK TuneWorks product or service with other personal data we may hold about you, except where such personal data was collected for a different purpose.
TRANSFERS OF YOUR PERSONAL DATA
From time to time we may disclose your personal data to third parties solely for purposes stated in this Policy. Such parties are not permitted to use your personal data for any other purposes than for what your personal data was collected, and we require them to act consistently with applicable laws and this Policy as well as to use appropriate security measures to protect your personal data. Your personal data will not be sold to third parties.
Opting-out from e-mail/SMS based marketing. You may opt-out from brand marketing e-mails by following the guidance in those e-mails (typically provided via “unsubscribe” link) or by contacting us as set forth in the e-mail and on our web site. If you opt-out, we may still send you non-marketing e-mails, such as service notifications or other information or if you are a business customer, we may send business relation information. You may also opt-out from any SMS based direct marketing by contacting us as set forth our on site or via SMS as may be applicable.
Service providers and other authorized third parties. We may transfer your personal data to authorized third parties who process personal data on behalf of DNK TuneWorks for the purposes described in this Policy, such as e.g., technical, logistics, e-commerce, marketing and other service providers.
International transfers. Our products and services may be provided using resources and servers located in various countries around the world. Therefore your personal data may be transferred outside the country where you use our services, including to countries outside the European Economic Area (EEA), where the level of data protection may not be deemed adequate by the European Commission. In such cases we take steps to ensure that adequate protection for your personal data is provided as required by applicable laws. For international transfers of your personal data, we generally rely on agreements that are based on the Standard Contractual Clauses (“SCCs”) of the European Commission. You may find the SCCs here. If you wish to know more about international transfers of your personal data, you may contact us via the contact details given below. Other disclosures. We may disclose and otherwise process your personal data in accordance with applicable laws to defend our legitimate interests, for example, in civil or criminal legal proceedings.
Mergers and Acquisitions. If we decide to sell, buy, merge or otherwise reorganize our businesses in certain countries, this may involve us disclosing personal data to prospective or actual purchasers and their advisers, or receiving personal data from sellers and their advisers, strictly for the purposes of such transactions.
DATA CONCERNING MINORS
We do not seek to collect any information from or engage in any transactions with persons under the legal age in their respective country. Our databases may nevertheless contain personal data of minors where it is not possible to determine the age of the user. We reserve the right to block the service from any person who is or whom we reasonably suspect of being a minor. We request that minors do not make purchases or engage in other legal acts on our products and services without the consent of a parent or legal guardian, unless otherwise permitted by applicable law. If you are a minor but have your legal guardian’s consent, you must be able to prove that such consent exists upon request.
DATA QUALITY AND RETENTION
We take reasonable steps to keep the personal data we possess accurate and up-to-date and to delete out of date or otherwise incorrect or unnecessary personal data. Certain products and services may allow you to manage your profile and the information in such profile. We encourage you to access your personal data via your profile from time to time to ensure that it is correct and up-to-date. Please remember that for such electronic services where you may manage your profile, it is your responsibility to provide us with correct details as well as to update the personal data you have provided us with in case of any changes. We store your personal data only for a period necessary for the purpose in question or as long as required by applicable laws.
We use appropriate technical and organizational security measures to prevent and minimize risks associated with providing and processing personal data.
Such security measures include, where appropriate, the use of firewalls, secure server facilities, encryption, access rights management systems and processes, the separation of data from direct identifiers so that linkage to an identity is not possible without additional information that is held separately, careful selection and limitation of processors, sufficient training of those involved in the processing, and other necessary measures to protect your personal data against unauthorized use or disclosure. Where appropriate, we may also take back-up copies and use other such means to prevent accidental damage or destruction of your personal data. Industry standard security measures, such as the one available through “Secure Sockets Layer” (“SSL”), are used to protect the confidentiality and security of online transactions.
When you visit our websites, information may be placed on your computer or device by your web browser. This information allows us to provide a quality browsing experience. Our use of this information provides benefits to you, such as recognizing your computer, recalling your preferences, eliminating the need for you to enter your password frequently, and remembering items you’ve placed in a shopping cart. The technologies below may also be used for website traffic analysis and profiling to improve our services. However, we do not use them to identify individual users personally. You acknowledge and agree to the storage of cookies, other local storage technologies, beacons and other information on your devices and to the access of such cookies, local storage technologies, beacons and information by us and by the third parties mentioned above.
“Cookies”, in the form of text files, are a way web browsing information is stored on your computer. If you wish to disable cookies, or want to be notified before they are placed, you may do this in your browser settings. For example, if you are using Internet Explorer, you may disable and manage cookies by following the instructions here. Further information about controlling of cookies can be found from: https://www.networkadvertising.org/understanding-online-advertising/what-are-my-options. We may not be able to provide certain services, or you may not be able to view certain parts of this site, if you have disabled cookies. Other kinds of local storage technologies, such as Local Shared Objects (also referred to as “Flash cookies”) and HTML5 local storage may also be used. These technologies make use of different parts of your device from standard cookies, and you might not be able to control them using standard browser tools and settings. For example, you can prevent Flash cookies from being stored by following the instructions provided by Adobe at http://helpx.adobe.com/flash-player/kb/disable-local-shared-objects-flash.html.
Web beacons (or “pixel tags”) may also be used when browsing. These are typically graphic images that are placed on a website to count visitors and/or to access certain cookies. Web beacons do not typically collect any other information than what your browser provides as a standard part of any internet communication. If you turn off cookies, the web beacon will no longer be able to track your specific activity. The web beacon may, however, continue to collect information of visits from your IP-address, but such information will no longer be personally identifiable.
You have the right to request and access the personal data we have collected from and of you. You also have the right to request that we replenish, rectify, anonymize or delete any incomplete, incorrect, unnecessary or outdated personal data we hold on you. However, we cannot delete such personal data that is necessary for compliance with binding legal obligations or if the personal data must be retained according to applicable laws. The personal data we have collected on you will be delivered in a commonly used and machine-readable form. In case you do not wish your personal data to be deleted where the processing of your personal data has been deemed unlawful or the personal data is no longer necessary, or you have objected to the processing and the existence of legitimate grounds for processing is still under consideration, you may request restriction of processing of your personal data.
You may also at any time object to your personal data being processed for direct marketing purposes, sending promotional materials, profiling, or for the performance of market research. Further, where your personal data is processed based on your consent, you have the right to withdraw your consent for such processing at any time.
In case you wish to make use of your rights mentioned above, you may, as appropriate and in accordance with applicable laws, exercise such rights by contacting us through the contact points referred in the marketing materials or below in this Policy. In some cases, especially if you wish us to delete or cease the processing of your personal data, this may also mean that we may not be able to continue to provide the services to you. We encourage you to use available profile management tools for the above purposes as such tools often provide you with direct access to your personal data and allow you to effectively manage it.
Please note that we may need to identify you and to ask for additional information in order to be able to fulfill your above requests. Please also note that applicable law may contain restrictions and other provisions that relate to your above rights.
COMPLAINT TO THE SUPERVISORY AUTHORITY
In the event you consider our processing activities of your personal data to be inconsistent with the applicable data protection laws or that we have not sufficiently ensured the realization of your rights, you may lodge a complaint with the local supervisory authority responsible for data protection matters.
THE CONTROLLER OF YOUR PERSONAL DATA AND CONTACT DETAILS
The data controllers responsible for the purposes of the applicable data protection laws are, as applicable: DNK TuneWorks, 5809 Garden Walk Drive, Frederick, MD 21703, USA.
We may from time to time update and change this Policy. If the changes include new purposes of processing, we will give you prior notice of such changes and, where necessary, request your consent.