vcdspro.de/en benötigt JavaScript. Bitte JavaScript im Webbrowser aktivieren.



Ross-Tech SFD Terms of Service

Last Modified: 2026-03-27


Foreword

  • Hereinafter, “Ross-Tech” refers to the VCDS manufacturer located at 881 Sumneytown Pike, Lansdale, PA 19446, USA (www.ross-tech.com)
  • Hereinafter, “VW AG” refers to the German automobile manufacturer located at Berliner Ring 2, 38440 Wolfsburg, Germany (www.volkswagen.de)

 

1. Scope and Purpose:

“Vehicle Diagnostics Protection (SFD)” is a system that is intended to help protect VWAG’s software-controlled vehicle functions against misuse and unauthorized changes. Ross-Tech’s diagnostic software requests an activation token from VWAG’s SFD IT backend. That SFD IT backend generates and signs the activation token and sends it to Ross-Tech’s software, which in turn transmits the token to the control module in the car where it is checked, and if valid, the module unlocks certain functions.   

Within this context, Ross-Tech’s servers manage all access operations and logs them to provide a subsequent evidence trail as we are contractually obligated to do by VWAG in order to offer this service. The vehicle’s VIN, vehicle brand, diagnostic address and control unit ID of the vehicle are stored, together with your user ID and your IP address. The service request time stamp is also stored. This makes it possible to determine who made the changes to a control unit in the event of misuse.

Various items of your data may be stored and processed when SFD is being used, including, but not limited to:   

  • Full name
  • Company
  • Address
  • Country
  • Telephone number
  • E-mail address

In the event of misuse or an objectively reasonable suspicion of misuse, the relevant service request data may be turned over to VWAG and/or the responsible investigative authorities together with the associated user’s personal identity data.

 

2. Legal basis for data processing:

We will use this data for the purpose of allowing you to request individual SFD activation tokens, which is necessary in order for SFD-protected control units to be unlocked for selected diagnostic services. We process the listed data on the basis of an overriding legitimate interest (Article 6 (1f) of the GDPR). The legitimate interest arises from the obligation to document access to protected control units and to provide evidence of changes made to protected control units.

 

3. Erasure policy:

When deleting stored data, a distinction is made as to whether service requests have been made. Service requests include all requests, regardless of whether the token retrieval was successful. Service request data will be erased 30 years after the relevant service request, provided that this is not prevented by concrete investigations owing to a case of misuse or a suspected case of misuse. User data is stored as long as the user account is active. If a user’s account is deactivated, a check is made to see whether a service request has been made by the user in question:   

  • If a service request has taken place, the user data will be deleted no sooner than 30 years after the last service request.
  • If there was no service request, the user data will be deleted upon request from you.

 

4. Authorized users and access rights:

In order to become authorized to use SFD services via Ross-Tech’s software, you must:     

  • Be a natural person. Collective or workshop accounts are not permitted. 
  • Be the registered user of a current generation (HEX-NET or HEX-V2) interface. Legacy interfaces are not compatible.
  • Have obtained an SFD Service account or subscription from Ross-Tech.

 Ross-Tech reserves the right to withdraw an SFD user’s access rights when the user’s subscription expires, if an attempt is made to change the registration data for an interface, or if the user breaches any of these Terms of Use.     

 

5. User conduct obligations:

  • SFD functionality is to be used exclusively for requesting SFD tokens for vehicles that have been entrusted to the user’s organization for diagnostic and service purposes.
  • Use of SFD for any purpose other than those stated here is prohibited. This applies, in particular, to purposes that are external to the user’s organization.
  • SFD tokens provided via Ross-Tech’s software are generated in relation to a specific person and their creation is logged. Any disclosure of user credentials or SFD tokens to third parties is prohibited.
  • Users must ensure that they are not breaching any applicable legal regulations and/or infringing any rights of third parties by using SFD.
  • Users must ensure that no security measures of the SFD process are bypassed.
  • Users must ensure that no equipment or applications are used in a manner that would disrupt Ross-Tech’s or VWAG’s servers or networks.
  • Confidential information and data (e.g. SFD tokens or login credentials) must not be disclosed to third parties, not even to other people within the user’s organization.

 

6. Responsibility and Liability of Ross-Tech, LLC:

  • Ross-Tech will make the SFD function available to users who have created an SFD Service account or subscription, but assumes no liability for failure of the functionality, whether due to control modules that have been incorrectly configured, or due to network or server outages.
  • Ross-Tech expressly dissociates itself from all forms of use which may have implications under civil or criminal liability law.
  • Ross-Tech is not liable for the manner in which the SFD tokens provided via VCDS are used.

 

7. SFD Usage Rate Limitations: Customers are subject limits for SFD usage

  • 50 Requests per user per hour
  • 250 Requests per user per day
  • 20 different VINs per user per day

These limits are strictly enforced and exceeding any of them will result in the user’s account being locked.

 

8. Final provisions:

  • Ross-Tech reserves the right to revoke access to SFD Services for any user who violates these Terms of Service.
  • Ross-Tech reserves the right to make changes to these Terms of Use with reasonable notice to users who have current subscriptions.
  • Should any provision of these Terms of Use be determined to be void, invalid, unenforceable or illegal for whatever reason, such provision(s) shall be null and void; however the remaining provisions of this Agreement shall be unaffected thereby and will continue to be valid and enforceable.
  • These Terms are governed by the laws of the Commonwealth of Pennsylvania. Any disputes shall be subject to the exclusive jurisdiction of the courts of the Commonwealth of Pennsylvania
  • By createing an account for SFD Services or purchasing a subscription for SFD services from Ross-Tech, the user confirms that they agree to all of the the above terms and provisions.