Privacy Policy – Diagsoft Solutions

Effective date: August 18, 2025

This Privacy Policy explains how Diagsoft Solutions (“Diagsoft”, “we”, “us”, “our”) collects, uses, shares, and protects your information when you visit https://diagsoft-solutions.com/ (the “Site”), purchase products or services (including digital downloads and preloaded diagnostic laptops), or contact our support team (including remote assistance).

If you do not agree with this Policy, please do not use the Site.

Quick summary (plain-language)

• We collect only what we need to process orders, deliver downloads/licenses, prevent fraud, and support you.

• We do not sell your personal information.

• Marketing emails are opt-in and you can unsubscribe anytime.

• EU/UK/CA/US residents have rights to access, delete, correct, and port data.

• We keep invoices and tax records as the law requires, typically 7 years.

1) Who we are & how to contact us

Controller: Diagsoft Solutions
Address: [Company legal name & address]
Email: [email protected] (or: [email protected])
EU/UK representative (if applicable): [Name, address, email]
Data Protection Officer (if appointed): [Name, email]

2) What we collect

Information you provide

• Checkout & account: name, company, billing/shipping address, email, phone, VAT/tax ID.

• Order content: products purchased (e.g., diagnostic kits/software), serial numbers/licenses we issue, support tier.

• Support & remote assistance: logs you send, screenshots, machine details (e.g., VIN/model), hardware IDs needed for license activation, session recordings only if you agree.

• Messages & forms: email, chat, contact forms (and their metadata).

Information collected automatically

• Technical data: IP address, device/browser info, pages viewed, timestamps, referrer URLs, approximate location (from IP).

• Cookies & similar tech: for essentials (cart, checkout, security), analytics (site performance/usage), and—only with consent—marketing.

Information from third parties

• Payments: we receive confirmation of payment status from our payment providers (no full card details are stored by us).

• Fraud prevention & delivery partners: signals to reduce fraud and to complete shipping.

3) Why we use your data (legal bases)

• To perform a contract – process orders, deliver downloads/licenses, ship goods, provide support.

• Legitimate interests – secure our Site, prevent fraud/abuse, improve products/services, measure performance.

• Consent – send marketing emails, drop non-essential cookies/analytics/ads pixels.

• Legal obligations – tax, accounting, sanctions/AML where applicable, warranty/recall.

4) How we use your data

• Order processing & fulfillment (WooCommerce or equivalent), order updates, receipts, license keys, download links.

• Account management – login, password resets, purchase history.

• Support & remote assistance – troubleshoot installs, activations, connectivity; with your permission, remote sessions may briefly access device info (e.g., adapter/OS versions).

• Security & fraud prevention – rate limiting, IP reputation, login protection.

• Analytics & site improvement – understand what pages/products users find helpful.

• Marketing (optional) – newsletters, product updates, promotions (only if you opted in).

5) Cookies & similar technologies

We use:

• Strictly necessary cookies – cart, checkout, account login, security (cannot be switched off).

• Performance/analytics – measure site usage.

• Functional – remember preferences (e.g., language, region).

• Marketing (optional) – if you consent, we may use tags/pixels to measure campaigns.

Your choices:
You can manage non-essential cookies via our Cookie Banner and your browser settings. Blocking essential cookies may break cart/checkout. For detailed cookie list, see our Cookie Notice: [link to /cookie-policy].

6) Payments, shipping & processors

We use reputable providers to process payments and deliver orders. These providers act as processors (or independent controllers in some cases). They may process:

• Payments: name, email, order amount, last 4 digits of card (we do not store full card details).

• Shipping: name, address, phone for delivery.

• Digital licensing/anti-fraud: IP, device data, order metadata.

Examples of categories of vendors: hosting/CDN, payment processors, fraud prevention, email/SMS providers, analytics, CRM/helpdesk, remote support tools, shipping carriers. We provide vendor details upon request or in a separate data-processing annex.

7) Sharing your information

We share data only with:

• Service providers/Processors needed to run our business (see above).

• Professional advisors (legal, accounting, tax) under confidentiality.

• Authorities where required by law or to protect rights/safety.

• Business transfers – if we sell/merge assets, data may transfer under equivalent protection.

We do not sell your personal information.

8) International transfers

We operate globally. When we transfer data outside your country (e.g., to the US/IL/EU/UK), we use appropriate safeguards, such as EU Standard Contractual Clauses (SCCs) or UK IDTA, and implement technical/organizational measures.

9) Data retention

We keep data only as long as necessary for the purposes above:

• Orders/invoices: typically 7 years (tax/accounting).

• Support tickets/remote logs: normally up to 24 months (or earlier upon request), unless needed for security/compliance.

• Marketing: until you unsubscribe or your consent is withdrawn.

• Accounts: while your account is active; we may archive minimal records to comply with law or defend legal claims.

10) Your rights

Depending on your location (e.g., EEA/UK/California/Quebec/etc.), you may have rights to:

• Access your data and get a copy

• Correct inaccurate data

• Delete/erase (subject to legal retention)

• Object or restrict certain processing

• Data portability

• Withdraw consent (for marketing/cookies)

• Lodge a complaint with your supervisory authority

To exercise these rights, email [email protected] with “Privacy Request” in the subject. We may need to verify your identity.

11) Marketing choices

• Email: click Unsubscribe in any message or email [email protected].

• Cookies/ads: adjust preferences in our Cookie Banner and browser settings.

We honor applicable “Do Not Sell/Share” choices under California/US state laws. See California Notice below for details.

12) Security

We use reasonable administrative, technical, and physical safeguards to protect personal data (e.g., HTTPS/TLS, access controls, backups, logging). No system is 100% secure; please keep your passwords strong and unique.

13) Children

Our Site is not directed to children under 16 (or the applicable age in your region). We do not knowingly collect children’s data. If you believe a child provided data, contact us to remove it.

14) Remote support & licensing specifics

For license activation and remote diagnostics support, we may process:

• License/activation IDs, device/hardware identifiers, adapter model/firmware, OS version, and limited logs necessary to complete activation or fix issues.
  We do not access your files unless you explicitly share them, and we do not read machine ECU contents beyond what you show or send during support.

15) Third-party links

Our Site may link to third-party sites or tools. Their privacy practices are their own. Please review their policies.

16) Changes to this Policy

We may update this Policy from time to time. The “Effective date” shows the latest version. Material changes will be highlighted on this page and, where required, we’ll notify you (e.g., by email or banner).

17) How to contact us

Questions or requests?
Email: [email protected]
Address: [Company legal name & address]
We aim to respond within 30 days (or sooner where the law requires).

Regional notices

A) EEA/UK GDPR notice

Controller: Diagsoft Solutions.
Legal bases: contract, legitimate interests, consent, legal obligation (see Section 3).
Data transfers: safeguarded by SCCs/IDTA where applicable.
Rights: access, rectification, erasure, restriction, objection, portability, complaint to your DPA.

B) California (CCPA/CPRA)

We do not “sell” personal information for money. Some advertising/analytics may be considered “sharing” under CPRA; you can opt-out via our Cookie Banner or email [email protected] with the subject “Do Not Sell/Share My Personal Information”.
Categories collected: identifiers (name, email, IP), commercial info (orders), internet activity (usage logs), geolocation (approximate), inferences (site preferences) – see Sections 2–4.
Sensitive data: generally not collected; if we ever process it, it’s only for permitted, limited purposes.
Retention: see Section 9.

Annex: Summary of data uses