Geschäftsbedingungen
Datenschutzbestimmungen
Cookie Richtlinie
DMCA
Versand und Retouren
Gewährleistung
Quality & Information Security Policy
Community guidelines
Recruitment Privacy Policy
EU-Projekte
Privacy policy
Privacy Policy (LT)
Last updated: December 17, 2024
Last updated: December 17, 2024
Who we are?
OBDeleven, UAB (company code: 303255404, address: Karaliaus Mindaugo pr. 38, Kaunas, 44307, Lithuania) is a controller of the Personal Data you provide to us. We respect your privacy and pledge to process and protect your Personal Data in a fair and lawful way in accordance with the applicable legal requirements of the European Union (General Data Protection Regulation 2016/679) (“GDPR”) and the Republic of Lithuania. The definitions used in this Privacy Policy have the same meaning as stipulated in the GDPR.
What does this document mean?
OBDeleven, UAB (“us", “we", or “our”) operates the https://obdeleven.com/ website (“Website”) and the OBDeleven VAG and OBDeleven mobile applications (“App”).
Here we describe how we collect, use and handle your information when you use our Website and App (“Services”). By using the Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you disagree with Privacy Policy, we will not be able to provide you with Services.
We process your personally identifiable information (“Personal Data”) in accordance with these data processing principles:
-
we process Personal Data in lawfully, fairly and transparent manner in relation to the data subject;
-
the Personal Data are collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
-
only adequate and relevant Personal Data are processed limited to what is necessary in relation to the purposes for which they are processed;
-
we process only accurate and, where necessary, kept up to date Personal Data;
-
Personal Data we process are kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the Personal Data are processed;
-
Personal Data are processed in a manner that ensures appropriate security of the Personal Data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.
We collect and use the following Personal Data to provide, improve and protect our Services:
1. Provision of Services
When you use our Services, we collect certain Personal Data:
-
When you use our Website:
-
You can create Your Account. In such case we collect: your username and email address. This information is needed only if you want to create the account and facilitate the purchase of our products.
-
In order to purchase our products, you do not need to create Your Account. However, we still need to collect the following information to be able to sell you our products: your first name and last name, email, phone number, shipping and billing address and order information.
-
-
When you use our App:
-
In order to be able to use our product with the App, you have to:
-
Set up your App account by providing your email address and username; or
-
Sign in through “Facebook” or “Apple ID".
-
-
Through this option, you may choose to have personal information and other content about you available from such social networks, transmitted and shared through the Services.
When you connect to the social network account through the Services, we only collect such information which you allowed the social network(s) to share with third parties (such as your name, email address, list of friends, profile picture, other information available via the applicable social network). You understand and agree that the Services may access, make available and store (if applicable and as permitted by the third-party social network) such information so that it is available on and through your App account, until your account is deleted.
-
-
The user provides information on vehicle model, brand, and vehicle identification number (VIN) for the purpose of being able to use our product with the App.
-
User’s name, surname, address and phone number are collected to enable SFD functionality.
-
2. Usage Data
We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device ("Usage Data").
This Usage Data may include information such as addresses, the type of browser and device you use, the web page you visited before coming to our sites, and identifiers associated with your devices.
When you access the Service by or through a mobile device, this Usage Data includes information such as the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system and its version, the type of mobile Internet browser you use, unique device identifiers, mobile app version, mobile app source (App Store - Apple, Google Play), mobile app build ID, mobile app ID and may include other diagnostic data. We may also receive information about your location.
3. Tracking Cookies Data
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. See us Cookie Usage Policy for more information.
4. Direct Marketing and User Communication
We may process the following Personal Data for direct marketing purposes: name, surname, email address, other information that a user may provide, date of consent.
We prioritize clear and effective communication with our users, ensuring they receive valuable updates and insights without overwhelming them. Our approach is designed to provide pertinent information about their vehicles and the latest features of our products, all while respecting their preferences and privacy:
-
Targeted Advertising: Through selective use of Google Ads and Facebook Ads, our goal is to grow out community and keep it informed about significant updates and enhancements. This method allows us to share news about our products and services, including new functionalities that can enrich the user experience, in a non-intrusive manner.
-
Insightful Analytics: We apply tools like the Google Firebase, Facebook Pixel, aiming to gather insights that help us understand what information our users find most useful. This helps us refine our messaging to ensure relevance and value, focusing on updates such as vehicle status and new product features that genuinely interest our users.
-
Curated Email Communications: Our email communications are thoughtfully crafted to bring the most relevant news directly to our users. This includes concise updates on vehicle status, introductions to new features, and tips on how to get the most out of our products. We strive to keep these emails informative and to the point, respecting our users' time and attention.
-
Direct Notifications: For real-time updates that matter, we use web push and mobile push notifications. These alerts are reserved for important announcements, ensuring that our users are the first to know about critical updates or new features that could impact their experience with their vehicles.
Our communication strategy is centred around keeping our users informed in a respectful and considerate manner. We understand the importance of balancing informative updates with the need for privacy and discretion. Users have full control over their communication preferences, allowing them to opt in or out of different types of notifications as they see fit. This approach reflects our commitment to building a trust-based relationship with our community, ensuring they stay informed about their vehicles and our products in a way that feels comfortable and secure for them.
5. Surveys, Research and/or Studies
We may process the following Personal Data for surveys, research and/or studies purposes: name, surname, email address, other information that a user may provide, date of consent.
If you register on the App or the Website, we may contact you via the App (if installed) to offer you to participate in our surveys, research and/or studies in order to improve our services and/or products. This is done in order to ensure that only users who give their consent would participate in our surveys, research and/or studies.
We use Personal Data for various purposes stated in this Privacy Policy, i.e.:
-
To provide and maintain the Services;
-
To notify you about changes to our Services;
-
To allow you to participate in interactive features of our Services when you choose to do so;
-
To provide customer care and support;
-
To provide analysis or valuable information so that we can improve the Services;
-
To monitor the usage of the Services;
-
To detect, prevent and address technical issues;
-
Send information, respond to inquiries, and/or other requests or questions;
-
Process orders and to send information and updates pertaining to orders;
-
We may also send you additional information related to your product and/or service.
- Processing of Personal Data is necessary for the performance of a contract to which the data subject is party (Article 6(1)(b) of the GDPR), i.e. to purchase our products, install and use the App. The provision of such Personal Data is a contractual requirement, and the data subject is obliged to provide the Personal Data, otherwise the data subject will not be able to purchase our products and/or use the App.
- Processing of Personal Data is also necessary when the data subject has given consent to the processing of his or her Personal Data for direct marketing purposes (Article 6(1)(a) of the GDPR). The data subject is not obliged to provide such Personal Data. However, if such Personal Data is provided, the data subject has the right to withdraw consent at any time.
- Processing of Personal Data is necessary to ensure the fulfilment of the legal obligations applicable to us in accordance with the applicable legislation (Article 6(1)(c) of the GDPR). This may include the processing of the Personal Data for the purposes of: handling claims submitted by the users (their representatives); fulfilling requirements of legal acts regulating the provision of Services; carrying our internal investigations and operational risk events; fulfilling other legal requirements in accordance with applicable legislation in areas such as accounting, taxation, Personal Data protection, governance and management of our company.
- Processing of Personal Data is necessary due to our legitimate interests, which are balanced against the users (as a data subject’s) interests and rights (Article 6(1)(f) of the GDPR). We may process your Personal Data on the basis of our legitimate interest, for example, for the purposes of: preventing and investigating unauthorised use of the Services or disruption of the Services, including implementing the necessary security measures; preventing fraud; asserting, enforcing, defending or transferring of legal claims and storing of information for this purpose; archiving our files; Service‘s incident management for the purpose of maintaining, examining, developing and improving our activities, products; monitoring our performance indicators and financial planning.
We may share information as discussed below, but we will not sell it to advertisers or other third parties:
-
Post and Courier services
In order to be able to send you our products, which you purchased in our Website, we must provide the delivery companies your personal information, such as: your name and surname, shipping address and telephone number.
We provide these shipping methods:
-
Standard shipping. Package will be sent via Lithuanian post (Lietuvos paštas, AB, company code: 121215587, address: Juozo Balčikonio g. 3, LT-08247 Vilnius, Lithuania).
-
Express shipping. Package will be sent via DHL express (DHL Lietuva, UAB, company code: 111529785, address: Rodūnios kel. 36, LT-02187 Vilnius, Lithuania).
-
United Parcel Service (UPS). Package will be sent via UPS (Skubios siuntos, UAB, company code: 134678891, address: Inovacijų g. 3, Biruliškių k., Kaunas district, Lithuania, which is Authorised Service Contractor for UPS).
-
Deutsche Post. Package will be sent via DHL (DHL Lietuva, UAB, company code: 111529785, address: Rodūnios kel. 36, LT-02187 Vilnius, Lithuania).
-
Siųsk Pigiau. Package will be sent in Lithuania via Siųsk Pigiau partners: DHL, TNT, Venipak, LP express, GLS, Omniva, DPD, FedEx, SST, Itella etc. (Technologijų era, UAB, company code: 300151980, address: Veiverių g. 142, LT-46353 Kaunas, Lithuania).
-
DPD Lietuva. Package will be sent via „DPD “(DPD Lietuva, UAB, company code: 111639299, address: Terminalo g. 7, LT-54469, Biruliškių k., Kaunas district, Lithuania).
-
Amazon fulfillment. Package will be sent via „Amazon fulfilment center“ (Amazon Corporate, address: 410 Terry Ave. North, Seattle, WA, 98109-5210).
-
Others working for us
We use certain trusted third parties (for example, providers of customer support, IT service providers, payment service providers, cloud computing, hosting services) to help us provide, improve, protect, and promote our Services. These third parties will access your information only to perform tasks on our behalf in compliance with this Privacy Policy, and we will remain responsible for their handling of your information per our instructions.
-
Law & Order
We may disclose your information to third parties if we determine that such disclosure is necessary to (a) comply with the law; (b) protect any person from death or serious bodily injury; (c) prevent fraud or abuse of us or our users; or (d) protect our property rights. This includes but are not limited to supervisory authorities, tax administration, law enforcement authorities, bailiffs, notaries, courts, non-judicial dispute resolution institutions.
4. Manufacturer of supported vehicles
After each connection to the control unit, protected by SFD (Schutz Fahrzeug Diagnose / Vehicle Diagnostic Protection), some of your data (the pseudonymised user ID (name), pseudonymised workshop ID (if applicable), country and or the vehicle VIN number) will be transferred to the Volkswagen Group, which will analyse your actions.
If the Volkswagen Group detects violations of security requirements or other non-compliances and submits a request to us, we will also transfer to the Volkswagen Group and/ or investigative authorities your other Personal Data – full name, address, email, telephone number and workshop ID and address (if applicable).
If we ourselves or using service providers transfer your Personal Data to the non-EU/EEA countries, we comply with the relevant requirements of the GDPR (Article 44 et seq.) and oblige our service providers to comply with these regulations too. Therefore, we will transfer your data to the non-EU/EEA countries only by ensuring the level or security provided by the GDPR. This level of security is primarily ensured by the EU Commission’s adequacy decision. If with regard to a particular country there is no adequacy decision of the EU Commission, we will ensure that your rights and freedoms are properly protected by concluding relevant data transfer agreements containing the EU Standard Contractual Clauses or other authorised data protection clauses. In other cases, we may transfer data based on your express consent. You can withdraw your consent at any time by contacting us.
Personal Data can be transferred to non-EU/EEA countries if, for example, it:
-
is necessary for the performance of a contract to which you are a party or for the fulfilment of your requests;
-
takes place as part of the performance of the contract when service providers are involved;
-
is necessary to safeguard our legitimate interests;
-
is required by law or you have given your consent.
If we transfer Personal Data to the recipient, which is unable to ensure an adequate level of data protection, based on your consent alone, we point out that the following risks arise: it is possible that the adequate protection of Personal Data is not sufficiently regulated, there is no data protection supervisory authority; there is no control over the further processing of Personal Data (including transfer to third parties); the implementation of your data protection rights can be impeded or disregarded.
Furthermore, your information, including Personal Data, may be transferred to and stored on servers or computers located outside your state, province, country, or other governmental jurisdiction, where data protection laws may differ from those in your region. By consenting to this Privacy Policy and submitting your Personal Data, you agree to this transfer.
When you purchase our products, we will keep your Personal Data for no longer than 10 years (unless we need to keep the data longer under our agreement with the Volkswagen Group - as described below) after which time it will be destroyed.
If you delete your accounts from our Services, we will also delete this information. But please note: (1) there might be some latency in deleting this information from our servers and back-up storage; and (2) we may retain this information if necessary to comply with our legal obligations, resolve disputes, or enforce our agreements.
Please note that a different procedure than the one above applies to your Personal Data, which we must provide to the Volkswagen Group.
We will store your Personal Data, e.g. first name, surname and contact details (postal code, city, street, phone number and email), as well as the VIN number and the pseudonymised ID code assigned to you, for 30 years from the last use of the SFD service (even after your account is removed from our system). The above storage and transfer of your data is required for the traceability of changes made to the SFD-protected control unit (the changes you can make using the App and OBDevelen hardware).
The Volkswagen Group, after receiving your Personal Data, can analyse and store it in its system for 30 years from the last access to the SFD service. The Volkswagen Group will process your Personal Data, if necessary, under the ground of a legitimate interest (Article 6(1)(f) of the GDPR and in compliance with the legal obligations imposed on the Volkswagen Group by Regulation (EU) 2018/858 of the European Parliament and of the Council of 30 May 2018 on the approval and market surveillance of motor vehicles and their trailers, and of systems, components and separate technical units intended for such vehicles).
As well as in other cases, when your Personal Data is processed for the purpose of providing it to the Volkswagen Group, you can exercise your rights as a data subject - to object to the processing of Personal Data, to request the deletion of Personal Data, correction of inaccurate data, etc.). In order to exercise the above rights, you must first contact us, and we will forward your request to the Volkswagen Group. Detailed information on how the Volkswagen Group can process your Personal Data can be found here.
We will inform you each time when there is a change in the Volkswagen Group's data processing rules (as far as the processing of your Personal Data is concerned).
Attention!
By deleting your account, you lose your vehicle’s history, PRO/Ultimate subscription, and all credits. Used PRO/Ultimate subscription that you have will not work anymore with another account.
If you consent to receive marketing emails from us, we will retain your Personal Data for this purpose for up to 2 years from the date of your receipt. After this period, your data will be securely deleted unless you renew your consent. If you consent to participate in surveys, research and/or studies organized by us, we will retain your Personal Data for this purpose for up to 2 years from the date of your receipt. After this period, your data will be securely deleted unless you renew your consent.
Our Service does not address anyone under the age of 14 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 14. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
We respect your legal rights to Personal Data.
Your rights under law and measures we take to implement them are:
The right to be informed
Before using Website and App we provide you with information on processing of your Personal Data and guarantee the access to our Privacy Policy. We strive to be transparent about how we use your data.
The right to access
You have the right to access your information. You can receive the information about purposes of processing; Personal Data we keep; providers and receivers of your Personal Data; retention period and your rights if requested.
The right to rectification
If the Personal Data we hold about you is inaccurate or not complete, you have the right to ask us to rectify it. If that Personal Data has been passed to a third party with your consent or for legal reasons, then we must also ask them to rectify the data.
The right to erasure
If we do not have a legal basis to continue processing your Personal Data, you can ask to exercise your “right to be forgotten”.
The right to restrict processing
You have the right to ask for restriction on how we process your Personal Data This means we are permitted to store the Personal Data but not further process it.
The right to data portability
We must consider your right to reuse gathered Personal Data for your own purposes across services in a safe and secure way without this affecting the usability of your data.
The right to object
If the processing of Personal Data is based on your consent, legal obligation or legitimate interest you have the right to object such processing.
The right to withdraw consent
If the processing of Personal Data is based on your consent you can reject your consent at any time.
The right to complain to a Supervisory Authority
If you think your rights is being violated you can complain to State Data Protection Inspectorate of the Republic of Lithuania (Valstybinė duomenų asaugos inspekcija (https://www.ada.lt/), L. Sapiegos str. 17, Vilnius, [email protected]).
We will do our best to help you exercise your rights, All the requests regarding your rights on Personal Data can be sent to us by email [email protected] or by mail Karaliaus Mindaugo str. 38, Kaunas, Lithuania, along with document proving the identity of data subject.
We may update our Privacy Policy from time to time. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
If we are involved in a reorganization, merger, acquisition or sale of our assets, your information may be transferred as part of that deal. We will notify you (for example, via email) of any such deal and outline your choices in that event.
Schedule 1 - Data Processing Agreement (Applicable to the customers in the United States of America)
California
To the extent that we process on behalf of customer any personal information in scope of the California Consumer Privacy Act of 2018 (CCPA), as amended by the California Privacy Rights Act of 2020, and its implementing regulations (collectively, the CPRA) (such personal information being California Personal Information), the provisions of this clause apply.
We will not sell or share California Personal Information that it collects (as that term is defined in the CPRA) under the Agreement.
The specific business purpose (as that term is defined in the CPRA) for which we process California Personal Information is to provide, manage and secure the Services, and customer discloses the California Personal Information to us for the limited and specified Services purposes.
We will not retain, use, or disclose the California Personal Information that it collects for any purpose other than for the Services purposes, unless permitted by the CPRA.
We will not retain, use, or disclose the California Personal Information that it collects under the Agreement for any commercial purpose (as that term is defined in the CPRA) other than the Services purposes, unless permitted by the CPRA.
We will not retain, use, or disclose the California Personal Information that it collects outside the direct business relationship between us and customer, unless permitted by the CPRA.
We will comply with all applicable sections of the CPRA, including - with respect to the California Personal Information that we collect when providing the Services - providing the same level of privacy protection as required of businesses by the CPRA.
We grant customer the right to take reasonable and appropriate steps to ensure that we use the California Personal Information that it collects under the Agreement in a manner consistent with customer’s obligations under the CPRA.
We will notify customer if it determines that it can no longer meet its obligations under the CPRA.
We grant customer the right, upon notice, to take reasonable and appropriate steps to stop and remediate our unauthorized use of California Personal Information.
We will enable customer to comply with consumer requests made under the CPRA. customer will inform us of any consumer request made under the CPRA with which customer must comply and provide the necessary information for u to comply with the request.
The customer agrees that we may engage other service providers (as that term is defined in the CPRA) to assist in providing the Services to customer (Sub-Processors). A list of our current Sub-Processors can be found in our Privacy Policy.
Virginia
To the extent that we process on behalf of customer any personal data in scope of the Virginia Consumer Data Protection Act (VCDPA) (such personal data being Virginia Personal Data), the provisions of this clause apply.
We will ensure that each person processing Virginia Personal Data is subject to a duty of confidentiality with respect to the Virginia Personal Data.
At customer’s discretion, we will delete or return all Virginia Personal Data to customer as requested at the end of the provision of the Services, unless retention of the Virginia Personal Data is required by law. If customer reasonably requests it, we will make available to customer all information in its possession necessary to demonstrate its compliance with the obligations under the VCDPA.
We will allow, and cooperate with, reasonable assessments by customer or customer’s designated assessor. Alternatively, we may arrange for a qualified and independent assessor to conduct an assessment of our policies and technical and organizational measures in support of the obligations under the VCDPA using an appropriate and accepted control standard or framework and assessment procedure for such assessments. we will provide a report of such assessment to customer upon request.
We will ensure that any subcontractors engaged in the processing of Virginia Personal Data are engaged under a written contract in accordance with the VCDPA that requires the subcontractor to meet our obligations with respect to the Virginia Personal Data.