Effective
Date: June 1, 2020
This Online Privacy Policy applies to
information about you that NCI Group, Inc. d/b/a Heritage Building Systems,
part of the Cornerstone Building Brands family (“Heritage,” “we,” “our,” “us”)
may obtain when you visit HeritageBuildings.com (the
“Site”). This Privacy Policy describes how we may collect, use, or share
information about you; your choices regarding our use of your information; how
we safeguard such information; and how you may contact us regarding our privacy
practices.
Collection of Personal
Information
Information you provide. We may obtain information that you provide
directly to us when you interact with the Site (e.g., when you sign up to
receive emails from us or request a quote). This information may include personal information, which is information that can be used
to identify you individually, such as your name, home zip code, email
address, and phone number.
Information collected automatically. In addition to information that you submit to
us, we may collect certain information automatically using various tools and
technologies such as cookies and web server logs. The types of information we
collect may include IP addresses, location, device identifiers, browser
characteristics, operating system details, language preferences, referring
URLs, length of visits, and pages viewed. A cookie is a piece of data that a
website can send to your browser, which may then be stored on your computer as
an anonymous tag that identifies your computer but not you. Many web browsers
are set to accept cookies by default, but you may be able to set your browser
to notify you before you receive a cookie, or to remove or reject cookies.
Please note that if you disable cookies, you may not be able to use certain
features of this Site or other websites and that disabling cookies may
invalidate opt outs that rely on cookies to function.
The
Site may feature GPS software, geo-filtering, and other location-aware
technologies, and the Site's content may be personalized based on your
location. You may change your location-aware technology preferences through
your browser or device settings.
Your web browser may
have settings that allow you to transmit a “Do Not Track” signal when you visit
various websites or use online services. Like many websites, this Site is not
designed to respond to “Do Not Track” signals received from browsers. To learn
more about “Do Not Track” signals, you may wish to visit www.allaboutdnt.com.
Information collected
from other parties. Our service providers
may share with us your personal information that you submit to them. For
example, if you utilize our Color Visualizer tool, you may submit personal
information to one or more of our service providers that may share your
information with us. We may combine information that we have about you with
information we obtain from other parties. When you submit information to
another party, you are subject to that party’s terms of use and privacy
policies, for which we are not responsible.
Use of Personal Information
We
may use personal information we collect through the Site to:
- Facilitate and personalize your
user experience;
- Conduct statistical analysis of
Site content, layout, and features for our marketing purposes;
- Improve the Site, our marketing, or
services we may offer;
- Communicate with you, including to
respond to your requests or inquiries;
- Deliver promotional content to you;
- Send you newsletters;
- Comply with applicable laws,
regulations, or legal process, as well as industry standards and our
company policies;
- Prevent, investigate, identify,
stop, or take any other action with regard to suspected or actual
fraudulent or illegal activity, or any activity that violates our
policies; or
- For any other purpose, with your
consent.
Sharing of Personal Information
We may share your
personal information with our parent, subsidiaries, affiliates, business
partners, and vendors that provide services on our behalf. These parties are
not meant to use personal information except for the purpose(s) for which it
was provided.
In the event of a
business transaction, such as if we sell or transfer all or a portion of our
business or assets (e.g., further to a merger, reorganization, liquidation, or
any other business transaction, including negotiations of such transactions),
we reserve the right to disclose any information we obtain through the Site.
You acknowledge that such transfers may occur and are permitted by and subject
to this Privacy Policy.
Additionally, we may
disclose information when required by subpoena, search warrant, or other legal
processes, or in response to activities that are unlawful or a violation of our
rules for use of the Site, or to protect and defend our rights or property.
Security
We take reasonable
measures to protect your information from loss, theft, misuse, unauthorized
access, disclosure, alteration, and destruction. Nevertheless, transmission via
the Internet and online digital storage are not completely secure and we cannot
guarantee the security of your information collected through the Site.
Third-Party
Analytics and Advertising
We may use third-party
technology to collect and use data in connection with interest-based
advertising, and other parties may collect your personal information about your
online activities over time and across different devices and online properties
when you use the Site. These ad technology companies and advertisers may use,
store, or access cookies, web beacons, and other storage technologies to
collect or receive information from the Site and elsewhere on the Internet and
use that information to provide advertising services to us, including
interest-based advertising or advertisements targeted to your interests
delivered over time and across online services and devices.
We may use certain web
analytics services, including Google Analytics, to help us understand and
analyze how visitors use the Site and to serve ads on our behalf across the
Internet. We’ve implemented Google Analytics Advertising Features such as
remarketing with analytics, interest-based advertising, demographics and
interests reporting, and user segment analysis. We and our vendors may use
first-party cookies or other first-party identifiers as well as third-party
cookies or other third-party identifiers to deliver advertisements, create a
profile of you, measure your interests, detect your demographics, detect your
location, and personalize content.
To find out more about how these analytics services manage the
privacy of information in conjunction with delivering ads online and how to opt
out of information collection by these networks, visit www.youradchoices.com
and www.networkadvertising.org.
For more information on how Google Analytics uses data collected
through the Site, visit www.google.com/policies/privacy/partners.
To opt out of Google Analytics cookies, visit adssettings.google.com
and tools.google.com/dlpage/gaoptout.
Please note that
Heritage does not control how other parties manage their opt-out processes.
Social Features
Certain features of the
Site may permit you to initiate interactions between the Site and other
platforms like social networks (for example, to share the Site with your
friends). Using these features may allow both Heritage and the operator of the
other platform to access certain information about your use of our Site and
theirs, including personal information. You should review the terms, policies,
and settings of these other platforms to learn more about their data practices
and/or adjust your settings.
Linked Websites
The Site may include
links to websites that are not owned or operated by Heritage. This Privacy
Policy does not apply to those websites, which may have their own privacy
policies or notices that you should review to understand how they may use or
disclose your personal information. Heritage is not responsible for the content
or privacy practices of any linked websites that it does not control. Any
personal information you submit through these websites is governed by the
third-party service provider’s own privacy policy and terms and conditions.
The Site may also
provide links to websites operated by Heritage, our parent, brands, affiliates,
or subsidiaries. Unless indicated otherwise, these websites are not governed by
this Privacy Policy. For information on how these websites may collect, use, or
disclose your personal information, we encourage you to review the privacy
policies posted on the linked websites.
Information for
California Residents
California’s
“Shine the Light” Law. California law permits customers in California
to request certain details about how their personal information is shared with
third parties and, in some cases, affiliates if that personal information is
shared for those third parties’ and affiliates’ own direct marketing purposes.
We do not share personal information with third parties or affiliates for those
third parties’ or affiliates’ own direct marketing purposes. Californians may
request information about our compliance with this law by emailing
us at privacy@cornerstone-bb.com or mailing to Cornerstone
Building Brands, Inc., Attention: Data Privacy, 10943 North Sam Houston Pkwy W,
Houston, Texas, 77064.
To make a request, please provide sufficient
information for us to determine if this applies to you, attest to the fact that
you are a California resident, and provide your current California address to
which we will send our response. Your inquiry must specify “California Privacy
Rights Request” in the subject line of the email or the first line of the
letter and include your name, street address, city, state, and ZIP code. Please
note that we are only required to respond to one request per customer each
year.
California Consumer
Privacy Act. The
California Consumer Privacy Act (the “CCPA”), which provides California
consumers certain rights regarding their personal information (“PI”), became
effective on January 1, 2020. As of that date, the California Attorney General
had not completed the rulemaking process to establish the regulations for
covered businesses to implement the law. Accordingly, we may update information
in this section regarding our data practices and your rights under the CCPA,
modify our methods for responding to your requests, and/or supplement our
responses to your requests as we continue to develop our compliance program to
reflect the development of the law and our understanding of how it relates to
our data practices.
If
you are a California consumer and would like to make a request pursuant to your
“right to know about personal information collected, disclosed or sold”
(including your right to obtain copies of specific pieces of PI), your “right
to request deletion of personal information,” or your “right to opt-out of the
sale of personal information,” you may contact us at privacy@cornerstone-bb.com or
complete and submit the form, here.
We will respond to your request as soon as we have guidance on how to properly
verify your identity and the appropriate response parameters.
Please
note that CCPA rights do not apply to PI collected from (1) job applicants,
current and former employees, or independent contractors; or (2)
representatives of another business in connection with business communications
or transactions.
Examples
of the types of PI we may collect from California consumers, and of the
purposes for such collection, are outlined in the chart below.
Category of PI
|
Examples
|
Purpose(s)
|
Identifiers
|
Name,
physical address, phone number, Internet Protocol address, email address,
unique personal identification number
|
Processing
transactions, customizing concurrent consumer experiences, detecting fraud,
security, marketing
|
Customer
/ Personal Records
|
Name,
physical address, phone number, email address, payment card details,
employment information
|
Processing
transactions, customizing concurrent consumer experiences, detecting fraud,
security, marketing
|
Commercial
Information
|
Purchase
history information
|
Managing
transactions, quality control
|
Internet
Usage Information
|
Browsing
history, search history, information regarding interactions with our website
or advertisements
|
Debugging,
security, detecting fraud, marketing
|
Sensory
Data
|
Audio
recordings of customer service calls, CCTV footage
|
Quality
control, safety, detecting fraud, managing transactions
|
Professional
or Employment Info
|
Employment-related
information, such as business contact details
|
Facilitating
transactions
|
We
will revise this section as the law becomes clearer and we are able to provide
you with more specific information about your CCPA rights and how to exercise
them.
Please note that “Shine the Light”
rights and CCPA rights are established under different legal regimes and must
be exercised separately.
Information
for Users Outside the United States
If you are visiting the
Site from outside the United States, please be aware that information we obtain
about you will be processed in the United States or in other jurisdictions. By
using the Site, you acknowledge and consent to the international transfer and
processing of your personal data as described in this Privacy Policy. Please be
aware that the data protection laws and regulations that apply to your personal
data transferred to the United States or other countries may be different from
the laws in your country of residence.
Revisions
This
Privacy Policy is subject to change at our discretion. We will indicate
changes, including material changes, to the Privacy Policy by updating the
“Effective Date” at the top of this page. Your continued use of this Site after
any update to this Privacy Policy will constitute your acceptance of the
changes.
Contact Information
You may direct comments
or questions regarding this Privacy Policy via email to privacy@cornerstone-bb.com.