Privacy Policy
This Privacy Notice for DYNOMIATA LLC (doing business as DynoMiata) ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use our services ("Services"), including when you:
- Visit our website at https://dynomiata.com
- Use DynoMiata, a web-based service that processes OBD-II log files uploaded by users. Users record engine data using their own phone-based OBD scanner app, then upload the resulting CSV file to dynomiata.com for analysis. There is no mobile application; all use is via the website.
- Engage with us in other related ways, including any marketing or events
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at [email protected].
Summary of Key Points
This summary provides key points from our Privacy Notice. You can find more detail on each topic in the full sections below.
- What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us, the choices you make, and the products and features you use.
- Do we process any sensitive personal information? We do not process sensitive personal information.
- Do we collect any information from third parties? We do not collect any information from third parties.
- How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
- With whom do we share personal information? We may share information in specific situations and with specific third parties (Stripe, Cloudflare, Resend).
- How do we keep your information safe? We have organizational and technical processes and procedures in place to protect your personal information. However, no electronic transmission or storage can be guaranteed to be 100% secure.
- What are your rights? Depending on where you are located, applicable privacy law may give you rights regarding your personal information.
- How do you exercise your rights? The easiest way is by submitting a data subject access request, or by contacting us.
1. What information do we collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information that you voluntarily provide when you register on the Services, express an interest in obtaining information about us, participate in activities on the Services, or otherwise when you contact us.
Personal Information Provided by You. The personal information we collect may include:
- Email addresses
- IP address
- Vehicle data via OBD-II (engine RPM, vehicle speed, throttle position, intake air temperature, manifold pressure)
- Payment info (handled by Stripe; we do not store it ourselves)
- Display name (optional, if provided): used to personalize your dashboard greeting
Sensitive Information. We do not process sensitive information.
Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number and the security code associated with your payment instrument. All payment data is handled and stored by Stripe. You may find their privacy notice at https://stripe.com/privacy.
Information automatically collected
In Short: Some information, such as your IP address and device characteristics, is collected automatically when you visit our Services.
We automatically collect certain information when you visit, use, or navigate the Services. This information does not reveal your specific identity but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Services, and other technical information.
Like many businesses, we also collect information through cookies and similar technologies.
The information we collect includes:
- Log and Usage Data. Service-related, diagnostic, usage, and performance information our servers automatically collect when you access or use our Services.
- Device Data. Information about your computer, phone, tablet, or other device used to access the Services.
- Location Data. Approximate location derived from your IP address. This is imprecise (typically city-level or coarser) and is used for atmospheric correction (ambient temperature, barometric pressure) in horsepower calculations. We do not collect precise GPS or device-based location.
- Vehicle telemetry data. Data collected from the user's vehicle via an OBD-II adapter, including engine RPM, vehicle speed, throttle position, intake air temperature, manifold pressure, and other powertrain parameters used to calculate horsepower and torque. VIN is never collected, stored, or transmitted to our servers.
- Aggregate visit counts (GoatCounter). We use GoatCounter, a privacy-first analytics service, to count visits to each page. GoatCounter does not set cookies, does not fingerprint visitors, and does not track users across sites. It records anonymous, aggregate counts (page views and referrer category) so we can understand which pages users find useful. We do not sell or share this data.
2. How do we process your information?
In Short: We process your information to provide, improve, and administer our Services, communicate with you, for security and fraud prevention, and to comply with law.
We process your personal information for a variety of reasons, including:
- To facilitate account creation and authentication and otherwise manage user accounts. So you can create and log in to your account, and keep it in working order.
- To deliver and facilitate delivery of services to the user. To provide you with the requested service, including dyno calculations and stored results.
- To respond to user inquiries / offer support. To respond to your inquiries and solve any potential issues with the Services.
- To send administrative information to you. To send you details about our products and services, changes to our terms and policies, and other similar information.
- To fulfill and manage your orders. To fulfill and manage your orders, payments, and refunds made through the Services.
- To protect our Services. To keep our Services safe and secure, including fraud monitoring and prevention.
- To save or protect an individual's vital interest. Where necessary to prevent harm.
- To improve product accuracy and reliability. To diagnose calculation errors, identify edge cases in the RLS mass estimator, and ensure horsepower/torque outputs remain accurate across different vehicles and conditions, we may review anonymized vehicle telemetry to debug issues users report.
3. What legal bases do we rely on to process your information?
In Short: We only process your personal information when we believe it is necessary and we have a valid legal reason to do so under applicable law.
If you are located in the EU or UK
The General Data Protection Regulation (GDPR) and UK GDPR require us to explain the valid legal bases we rely on to process your personal information:
- Consent. We may process your information if you have given us permission to use your personal information for a specific purpose. You can withdraw your consent at any time.
- Performance of a Contract. We may process your personal information when we believe it is necessary to fulfill our contractual obligations to you, including providing our Services.
- Legitimate Interests. We may process your information when it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your rights and freedoms, for example to diagnose problems and/or prevent fraudulent activities.
- Legal Obligations. Where necessary for compliance with our legal obligations, such as cooperating with a law enforcement body or regulatory agency, or exercising or defending our legal rights.
- Vital Interests. Where necessary to protect your vital interests or those of a third party, such as situations involving potential threats to safety.
If you are located in Canada
We may process your information if you have given us specific permission (express consent) to use your personal information for a specific purpose, or in situations where your permission can be inferred (implied consent). You can withdraw your consent at any time.
In some exceptional cases, we may be legally permitted to process your information without consent, including: where collection is clearly in your interests and consent cannot be obtained in time; for investigations, fraud detection, and prevention; for business transactions; for witness statements relevant to insurance claims; to identify injured or deceased persons; where there are reasonable grounds to believe financial abuse may be occurring; where disclosure is required by subpoena, warrant, or court order; where the information is publicly available and specified by regulations.
4. When and with whom do we share your personal information?
In Short: We may share information in specific situations described below and with the third parties listed.
Vendors, Consultants, and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties designed to safeguard your personal information. They cannot do anything with your personal information unless we have instructed them to, and they commit to protect and retain the data only for the period we instruct.
The third parties we may share personal information with are:
- Functionality and Infrastructure Optimization: Cloudflare
- Invoice and Billing: Stripe
- Transactional and marketing email delivery: Resend
- Privacy-first audience analytics (no cookies, no cross-site tracking, no fingerprinting): GoatCounter
We may also need to share your personal information in the following situations:
- Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
5. Do we use cookies and other tracking technologies?
In Short: We may use cookies and other tracking technologies to collect and store your information.
We use only essential cookies and similar tracking technologies to maintain the security of our Services and your account, prevent crashes, fix bugs, save your preferences, and assist with basic site functions. We do not use cookies for advertising, analytics, or behavioral tracking.
Specific information about how we use these technologies and how you can refuse them is set out in our Cookie Notice.
6. How long do we keep your information?
In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Notice unless otherwise required by law.
We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Notice, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). No purpose in this notice will require us to keep your personal information for longer than the period of time in which you have an account with us.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible (for example, because it has been stored in backup archives), we will securely store and isolate it from any further processing until deletion is possible.
7. How do we keep your information safe?
In Short: We aim to protect your personal information through a system of organizational and technical security measures.
We have implemented appropriate and reasonable technical and organizational security measures designed to protect the security of any personal information we process. However, despite our safeguards, no electronic transmission or information storage technology can be guaranteed to be 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk.
8. Do we collect information from minors?
In Short: We do not knowingly collect data from or market to children under 18 years of age.
We do not knowingly collect, solicit data from, or market to children under 18 years of age, nor do we knowingly sell such personal information. By using the Services, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to that minor's use of the Services. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under 18, please contact us at [email protected].
9. What are your privacy rights?
In Short: Depending on your state of residence in the US or your location in some regions (such as the EEA, UK, Switzerland, and Canada), you have rights that allow you greater access to and control over your personal information. You may review, change, or terminate your account at any time.
In some regions (like the EEA, UK, Switzerland, and Canada), you have certain rights under applicable data protection laws: (i) to request access and obtain a copy of your personal information; (ii) to request rectification or erasure; (iii) to restrict the processing of your personal information; (iv) data portability where applicable; and (v) not to be subject to automated decision-making. In certain circumstances, you may also have the right to object to the processing of your personal information. You can make a request by contacting us using the contact details in Section 13 below.
If you are located in the EEA or UK and believe we are unlawfully processing your personal information, you have the right to complain to your Member State data protection authority or the UK data protection authority.
If you are located in Switzerland, you may contact the Federal Data Protection and Information Commissioner.
Withdrawing your consent
If we are relying on your consent to process your personal information, you have the right to withdraw your consent at any time by contacting us using the details provided in Section 13 below. Withdrawal will not affect the lawfulness of processing before its withdrawal, nor will it affect processing conducted in reliance on lawful processing grounds other than consent.
Opting out of marketing and promotional communications
You can unsubscribe from our marketing and promotional communications at any time by clicking the unsubscribe link in the emails we send, or by contacting us using the details in Section 13. You will then be removed from the marketing lists. However, we may still communicate with you for service-related messages necessary for the administration and use of your account.
Account information
If you would at any time like to review or change the information in your account or terminate your account, you can:
- Log in to your account settings and update your user account.
- Contact us using the contact information provided.
Right to erasure
Upon your request to terminate your account, we will deactivate or delete your account and personal information from our active databases within 30 days. Some information may be retained to prevent fraud, troubleshoot problems, assist with investigations, enforce our legal terms, or comply with applicable law. To request deletion, email [email protected] or submit a data subject access request.
Cookies and similar technologies
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject cookies. This may affect certain features or services of our Services.
If you have questions or comments about your privacy rights, you may email us at [email protected].
10. Controls for Do-Not-Track features
Most web browsers and some mobile operating systems and applications include a Do-Not-Track ("DNT") feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized. We do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard is adopted in the future, we will inform you in a revised version of this Privacy Notice.
11. Do United States residents have specific privacy rights?
In Short: If you are a resident of California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, or Virginia, you may have the right to request access to and receive details about the personal information we maintain about you, correct inaccuracies, get a copy of, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information.
Categories of personal information we collect
The table below shows the categories of personal information we have collected in the past twelve (12) months.
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Contact details, such as name, postal address, telephone or mobile number, unique personal identifier, online identifier, IP address, email address, account name | YES |
| B. Personal information as defined in the California Customer Records statute | Name, contact information, financial information | YES |
| C. Protected classification characteristics under state or federal law | Gender, age, date of birth, race and ethnicity, national origin, marital status, other demographic data | NO |
| D. Commercial information | Transaction information, purchase history, financial details, payment information | NO |
| E. Biometric information | Fingerprints and voiceprints | NO |
| F. Internet or other similar network activity | Browsing history, search history, online behavior, interest data, interactions with our and other websites, applications, systems, and advertisements | YES |
| G. Geolocation data | Device location | YES |
| H. Audio, electronic, sensory, or similar information | Images and audio, video or call recordings created in connection with our business activities | NO |
| I. Professional or employment-related information | Business contact details, job title, work history, professional qualifications | NO |
| J. Education information | Student records and directory information | NO |
| K. Inferences drawn from collected personal information | Inferences drawn from collected personal information to create a profile or summary about preferences and characteristics | NO |
| L. Sensitive personal information | (none) | NO |
We may also collect other personal information outside of these categories through your interactions with us in person, online, or by phone or mail in the context of:
- Receiving help through our customer support channels
- Facilitating the delivery of our Services and responding to your inquiries
We will use and retain the collected personal information as needed to provide the Services or for the period of time in which you have an account with us.
Sources of personal information
Learn more about the sources of personal information we collect in Section 1 above.
How we use and share personal information
Learn more about how we use your personal information in Section 2 above.
Will your information be shared with anyone else? We may disclose your personal information with our service providers pursuant to a written contract between us and each service provider, as listed in Section 4.
We may use your personal information for our own business purposes, such as undertaking internal research for technological development and demonstration. This is not considered "selling" of your personal information.
Aggregate views of opted-in research data are protected by a k-anonymity floor of 5: no bucketed aggregate is returned unless at least 5 opted-in runs share the same bucket. Individual rows are never exposed via any public or admin endpoint. The single exception is the overall opt-in run count, which is a global integer with no bucket dimensions and cannot identify any individual.
We have not sold or shared any personal information to third parties for a business or commercial purpose in the preceding twelve (12) months. We have disclosed the following categories of personal information to third parties for a business or commercial purpose in the preceding twelve (12) months: Category A (Identifiers) and Category B (Personal information as defined in the California Customer Records law).
Your rights
You have rights under certain US state data protection laws. However, these rights are not absolute, and in certain cases we may decline your request as permitted by law. These rights include:
- Right to know whether or not we are processing your personal data
- Right to access your personal data
- Right to correct inaccuracies in your personal data
- Right to request the deletion of your personal data
- Right to obtain a copy of the personal data you previously shared with us
- Right to non-discrimination for exercising your rights
- Right to opt out of the processing of your personal data if it is used for targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects
Depending on the state where you live, you may also have additional rights, such as: the right to access the categories of personal data being processed (Minnesota); the right to obtain a list of categories of third parties to which we have disclosed personal data (California, Delaware, Maryland); the right to obtain a list of specific third parties to which we have disclosed personal data (Minnesota, Oregon); the right to review, understand, question, and correct how personal data has been profiled (Connecticut, Minnesota); the right to limit use and disclosure of sensitive personal data (California); and the right to opt out of the collection of sensitive data and personal data collected through the operation of a voice or facial recognition feature (Florida).
How to exercise your rights
To exercise these rights, you can contact us by submitting a data subject access request, by emailing us at [email protected], or by referring to the contact details at the bottom of this document.
Under certain US state data protection laws, you can designate an authorized agent to make a request on your behalf. We may deny a request from an authorized agent that does not submit proof that they have been validly authorized to act on your behalf in accordance with applicable laws.
Request verification
Upon receiving your request, we will need to verify your identity to determine you are the same person about whom we have the information in our system. We will only use personal information provided in your request to verify your identity or authority to make the request. If we cannot verify your identity from the information already maintained, we may request additional information for verification.
Appeals
Under certain US state data protection laws, if we decline to take action regarding your request, you may appeal our decision by emailing us at [email protected]. We will inform you in writing of any action taken or not taken in response to the appeal, including a written explanation of the reasons for the decisions. If your appeal is denied, you may submit a complaint to your state attorney general.
California "Shine The Light" law
California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about categories of personal information (if any) we disclosed to third parties for direct marketing purposes and the names and addresses of all third parties with which we shared personal information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit it in writing to us using the contact details in Section 13.
12. Do we make updates to this notice?
In Short: Yes, we will update this notice as necessary to stay compliant with relevant laws.
We may update this Privacy Notice from time to time. The updated version will be indicated by an updated "Revised" date at the top of this Privacy Notice. If we make material changes, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to review this Privacy Notice frequently to be informed of how we are protecting your information.
13. How can you contact us about this notice?
If you have questions or comments about this notice, you may contact us at:
DYNOMIATA LLC
14131 SE Center St
Portland, OR 97236
United States
Phone: (971) 266-1258
Email: [email protected]
14. How can you review, update, or delete the data we collect from you?
Based on the applicable laws of your country or state of residence in the US, you may have the right to request access to the personal information we collect from you, details about how we have processed it, correct inaccuracies, or delete your personal information. You may also have the right to withdraw your consent to our processing of your personal information. These rights may be limited in some circumstances by applicable law. To request to review, update, or delete your personal information, please submit a data subject access request.
Last updated: May 23, 2026. Generated via Termly, reviewed by the founder, adapted to match the project's HTML/CSS structure.
Questions about this notice? Email [email protected]. To exercise your rights, submit a data subject access request.