Effective Date: June 1, 2020
This Online Privacy Policy applies to information about you that NCI Group, Inc. d/b/a Heritage Building Systems, part of the Cornerstone Building Brands family (“Heritage,” “we,” “our,” “us”) may obtain when you visit HeritageBuildings.com (the “Site”). This Privacy Policy describes how we may collect, use, or share information about you; your choices regarding our use of your information; how we safeguard such information; and how you may contact us regarding our privacy practices.
Collection of Personal Information
Information you provide. We may obtain information that you provide directly to us when you interact with the Site (e.g., when you sign up to receive emails from us or request a quote). This information may include personal information, which is information that can be used to identify you individually, such as your name, home zip code, email address, and phone number.
Information collected automatically. In addition to information that you submit to us, we may collect certain information automatically using various tools and technologies such as cookies and web server logs. The types of information we collect may include IP addresses, location, device identifiers, browser characteristics, operating system details, language preferences, referring URLs, length of visits, and pages viewed. A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as an anonymous tag that identifies your computer but not you. Many web browsers are set to accept cookies by default, but you may be able to set your browser to notify you before you receive a cookie, or to remove or reject cookies. Please note that if you disable cookies, you may not be able to use certain features of this Site or other websites and that disabling cookies may invalidate opt outs that rely on cookies to function.
The Site may feature GPS software, geo-filtering, and other location-aware technologies, and the Site’s content may be personalized based on your location. You may change your location-aware technology preferences through your browser or device settings.
Your web browser may have settings that allow you to transmit a “Do Not Track” signal when you visit various websites or use online services. Like many websites, this Site is not designed to respond to “Do Not Track” signals received from browsers. To learn more about “Do Not Track” signals, you may wish to visit www.allaboutdnt.com.
Information collected from other parties. Our service providers may share with us your personal information that you submit to them. For example, if you utilize our Color Visualizer tool, you may submit personal information to one or more of our service providers that may share your information with us. We may combine information that we have about you with information we obtain from other parties. When you submit information to another party, you are subject to that party’s terms of use and privacy policies, for which we are not responsible.
Use of Personal Information
We may use personal information we collect through the Site to:
Sharing of Personal Information
We may share your personal information with our parent, subsidiaries, affiliates, business partners, and vendors that provide services on our behalf. These parties are not meant to use personal information except for the purpose(s) for which it was provided.
In the event of a business transaction, such as if we sell or transfer all or a portion of our business or assets (e.g., further to a merger, reorganization, liquidation, or any other business transaction, including negotiations of such transactions), we reserve the right to disclose any information we obtain through the Site. You acknowledge that such transfers may occur and are permitted by and subject to this Privacy Policy.
Additionally, we may disclose information when required by subpoena, search warrant, or other legal processes, or in response to activities that are unlawful or a violation of our rules for use of the Site, or to protect and defend our rights or property.
Security
We take reasonable measures to protect your information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction. Nevertheless, transmission via the Internet and online digital storage are not completely secure and we cannot guarantee the security of your information collected through the Site.
Third-Party Analytics and Advertising
We may use third-party technology to collect and use data in connection with interest-based advertising, and other parties may collect your personal information about your online activities over time and across different devices and online properties when you use the Site. These ad technology companies and advertisers may use, store, or access cookies, web beacons, and other storage technologies to collect or receive information from the Site and elsewhere on the Internet and use that information to provide advertising services to us, including interest-based advertising or advertisements targeted to your interests delivered over time and across online services and devices.
We may use certain web analytics services, including Google Analytics, to help us understand and analyze how visitors use the Site and to serve ads on our behalf across the Internet. We’ve implemented Google Analytics Advertising Features such as remarketing with analytics, interest-based advertising, demographics and interests reporting, and user segment analysis. We and our vendors may use first-party cookies or other first-party identifiers as well as third-party cookies or other third-party identifiers to deliver advertisements, create a profile of you, measure your interests, detect your demographics, detect your location, and personalize content.
To find out more about how these analytics services manage the privacy of information in conjunction with delivering ads online and how to opt out of information collection by these networks, visit www.youradchoices.com and www.networkadvertising.org.
For more information on how Google Analytics uses data collected through the Site, visit www.google.com/policies/privacy/partners. To opt out of Google Analytics cookies, visit adssettings.google.com and tools.google.com/dlpage/gaoptout.
Please note that Heritage does not control how other parties manage their opt-out processes.
Social Features
Certain features of the Site may permit you to initiate interactions between the Site and other platforms like social networks (for example, to share the Site with your friends). Using these features may allow both Heritage and the operator of the other platform to access certain information about your use of our Site and theirs, including personal information. You should review the terms, policies, and settings of these other platforms to learn more about their data practices and/or adjust your settings.
Linked Websites
The Site may include links to websites that are not owned or operated by Heritage. This Privacy Policy does not apply to those websites, which may have their own privacy policies or notices that you should review to understand how they may use or disclose your personal information. Heritage is not responsible for the content or privacy practices of any linked websites that it does not control. Any personal information you submit through these websites is governed by the third-party service provider’s own privacy policy and terms and conditions.
The Site may also provide links to websites operated by Heritage, our parent, brands, affiliates, or subsidiaries. Unless indicated otherwise, these websites are not governed by this Privacy Policy. For information on how these websites may collect, use, or disclose your personal information, we encourage you to review the privacy policies posted on the linked websites.
Information for California Residents
California’s “Shine the Light” Law. California law permits customers in California to request certain details about how their personal information is shared with third parties and, in some cases, affiliates if that personal information is shared for those third parties’ and affiliates’ own direct marketing purposes. We do not share personal information with third parties or affiliates for those third parties’ or affiliates’ own direct marketing purposes. Californians may request information about our compliance with this law by emailing us at [email protected] or mailing to Cornerstone Building Brands, Inc., Attention: Data Privacy, 10943 North Sam Houston Pkwy W, Houston, Texas, 77064.
To make a request, please provide sufficient information for us to determine if this applies to you, attest to the fact that you are a California resident, and provide your current California address to which we will send our response. Your inquiry must specify “California Privacy Rights Request” in the subject line of the email or the first line of the letter and include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year.
California Consumer Privacy Act. The California Consumer Privacy Act (the “CCPA”), which provides California consumers certain rights regarding their personal information (“PI”), became effective on January 1, 2020. As of that date, the California Attorney General had not completed the rulemaking process to establish the regulations for covered businesses to implement the law. Accordingly, we may update information in this section regarding our data practices and your rights under the CCPA, modify our methods for responding to your requests, and/or supplement our responses to your requests as we continue to develop our compliance program to reflect the development of the law and our understanding of how it relates to our data practices.
If you are a California consumer and would like to make a request pursuant to your “right to know about personal information collected, disclosed or sold” (including your right to obtain copies of specific pieces of PI), your “right to request deletion of personal information,” or your “right to opt-out of the sale of personal information,” you may contact us at [email protected] or complete and submit the form, here. We will respond to your request as soon as we have guidance on how to properly verify your identity and the appropriate response parameters.
Please note that CCPA rights do not apply to PI collected from (1) job applicants, current and former employees, or independent contractors; or (2) representatives of another business in connection with business communications or transactions.
Examples of the types of PI we may collect from California consumers, and of the purposes for such collection, are outlined in the chart below.
|
Category of PI |
Examples |
Purpose(s) |
| Identifiers | Name, physical address, phone number, Internet Protocol address, email address, unique personal identification number | Processing transactions, customizing concurrent consumer experiences, detecting fraud, security, marketing |
| Customer / Personal Records | Name, physical address, phone number, email address, payment card details, employment information | Processing transactions, customizing concurrent consumer experiences, detecting fraud, security, marketing |
| Commercial Information | Purchase history information | Managing transactions, quality control |
| Internet Usage Information | Browsing history, search history, information regarding interactions with our website or advertisements | Debugging, security, detecting fraud, marketing |
| Sensory Data | Audio recordings of customer service calls, CCTV footage | Quality control, safety, detecting fraud, managing transactions |
| Professional or Employment Info | Employment-related information, such as business contact details | Facilitating transactions |
We will revise this section as the law becomes clearer and we are able to provide you with more specific information about your CCPA rights and how to exercise them.
Please note that “Shine the Light” rights and CCPA rights are established under different legal regimes and must be exercised separately.
Information for Users Outside the United States
If you are visiting the Site from outside the United States, please be aware that information we obtain about you will be processed in the United States or in other jurisdictions. By using the Site, you acknowledge and consent to the international transfer and processing of your personal data as described in this Privacy Policy. Please be aware that the data protection laws and regulations that apply to your personal data transferred to the United States or other countries may be different from the laws in your country of residence.
Revisions
This Privacy Policy is subject to change at our discretion. We will indicate changes, including material changes, to the Privacy Policy by updating the “Effective Date” at the top of this page. Your continued use of this Site after any update to this Privacy Policy will constitute your acceptance of the changes.
Contact Information
You may direct comments or questions regarding this Privacy Policy via email to [email protected].