Privacy Statement

Dynochiptuningfile (hereinafter: “we”, “us” or “Dynochiptuningfile”), also operating under the name Portalchiptuningfile, attaches great importance to the protection of your personal data. In this privacy statement we explain which personal data we collect, why we collect them, how we handle them and which rights you have. We process personal data in accordance with the General Data Protection Regulation (GDPR).

The data controller within the meaning of the GDPR is:

• Dynochiptuningfile / Portalchiptuningfile
• Website: portalchiptuningfile.com
• Contact: via the contact form on our website or via support in your dealer dashboard.

We process, among others, the following categories of personal data:

• Account and contact details: name, company name, e-mail address, phone number, address, postcode, city, country and VAT number.
• Login credentials: encrypted password and session information.
• File and vehicle data: original ECU files, vehicle details (brand, model, engine code, year), requested tuning options and any comments.
• Transaction and billing data: purchased credits, payment method, payment status, invoices and transaction history.
• Communication data: messages you exchange with us via support, e-mail or the contact form.
• Technical data: IP address, browser type, device information, language preference and global location (based on IP) to display the correct language.

We process your personal data exclusively for the following purposes:

• Performance of the contract: creating and managing your account, processing your files, delivering tuned files and handling payments.
• Legal obligations: keeping records for tax and accounting purposes.
• Legitimate interest: securing our platform, fraud prevention, technical analysis, improving our services and sending service-related notifications.
• Consent: where applicable, for example for optional communication. You can withdraw your consent at any time.

We never sell your personal data to third parties. We only share data with parties necessary for our services, including:

• Hosting and infrastructure providers for running our website, database and e-mail systems.
• Payment service providers for processing credit purchase transactions (e.g. iDEAL, card payments, bank transfer).
• E-mail and notification providers for sending transactional e-mails (such as order confirmations, password resets and account notifications).
• Competent authorities where we are legally required to do so.

Where necessary we have concluded data processing agreements with all these parties so that your data is handled confidentially and carefully.

Where possible, your data is processed within the European Economic Area (EEA). If data is transferred to a country outside the EEA, we only do so where that country offers an adequate level of protection or on the basis of the European Commission's standard contractual clauses.

We do not keep your personal data longer than strictly necessary for the purposes for which they are collected:

• Account data: as long as your account is active. Inactive dealer accounts without credit balance are automatically deleted after 20 days; you will receive a confirmation e-mail about this.
• File and transaction data: up to the statutory retention period (generally 7 years for billing data).
• Support communication: up to 2 years after the last contact, unless legally required otherwise.

We take appropriate technical and organisational measures to protect your personal data against loss, unauthorised access, alteration or disclosure. This includes TLS encryption, hashed passwords, role-based access control (RBAC), logging and regular backups.

Under the GDPR you have the following rights:

• Right of access to the personal data we process about you.
• Right to rectification of incorrect or incomplete data.
• Right to erasure (“right to be forgotten”).
• Right to restriction of processing.
• Right to data portability.
• Right to object to processing based on legitimate interest.
• Right to withdraw given consent at any time.

You can exercise these rights via support in your dashboard or via our contact form. In principle, we respond to your request within 30 days.

Our website uses functional cookies and similar techniques that are strictly necessary for the functioning of the platform, such as remembering your login session and your language preference. For analytical or marketing cookies, we request your consent first where legally required.

Do you have a complaint about how we handle your personal data? We are happy to help — please first contact us via support. You always have the right to file a complaint with the Dutch Data Protection Authority (autoriteitpersoonsgegevens.nl) or with the supervisory authority in your own member state.

We may amend this privacy statement from time to time, for example due to changes in our services or legislation. The most up-to-date version can always be found on this page. In case of material changes we will inform you via e-mail or via a notification in your dashboard.