Privacy Policy

Introduction
A&A Window Products owns & operates aawindowproducts.com. It is A&A’s policy to respect your privacy regarding any information we may collect. This Privacy Policy sets out the principles governing A&A’s use and protection of personal data.

This policy is effective as of January 1, 2021 

Privacy Notice Changes
This privacy policy will be reviewed and updated, if required at a minimum of every 12 months. 

A&A encourages visitors to frequently check this page for any changes to its Privacy Notice. If we make changes, we will revise the “Effective” date at the top of this statement, and we may provide additional notices.

What We Collect and How We Use the Personal Information
A&A Windows may collect Personal Data in the course of our normal business activities, as detailed below.

A&A collects, uses, stores and processes Personal Data, which is data that identifies, relates to, describes, or can reasonably be associated with a particular person.  For all data subjects, this can include: 

  • Identifiers:  Identifying information including name, postal or e-mail address, and phone or fax number, social security numbers, driver’s license numbers, biometric information.
  • Personal Information:  Names, signatures, Social Security Numbers, addresses, government identification documents, financial information such as bank account, credit or debit card information, health insurance information, education information.
  • Business contact information including as job title, department and name of organization, business address, e-mail address, mobile telephone number.
  • Website visitor activity including IP address, the identity of the Internet service provider, the name and version of the operating system, the name and version of the browser, the date and time of the visit, the pages visited. This data may be aggregated such that the individual identities have been removed.
  • Geolocation information:  Physical location, movements, and mobile device unique identifier.
  • Financial information including as financial account information used for payment purposes and/or information that may be contained in a consumer report, bank account information.
  • Contact information for referrals.
  • Employment information:  employment history, employee number, performance appraisals, salary and benefits, healthcare information, emergency contact information. 
  • Protected class information:  Age, race, color, national origin, citizenship, religion or creed, marital status, disability information, sex, genetic information, military or veteran status. 

Children
A&A’s services are not directed to persons under 18 years of age. We do not knowingly collect personal information from children under 18. If a parent or guardian becomes aware that their child has provided us with personal information without the parent’s consent, they should contact us through our site’s “contact” page. If we become aware that a child under 18 has provided us with personal information, we will take steps to delete the information from our records.


How We Collect Information
When you visit our website, we may collect information about your visit.
Directly from clients, contractors, sub-contractors, vendors, employees, and job applicants.
From third parties including contractors, sub-contractors, government agencies.  

Why We Collect It
We collect personal information to conduct our business activities. A&A collects only the minimum amount of personal data required to fulfill these activities.  These activities include: 

  • Executing business activities, including completing our services.
  • Conducting marketing and promotional activities, including responding to inquiries about A&A’s products or services, providing offers and information (as permitted by law) about products, services, or events offered by A&A.
  • Improving the functionality, security, and usability of A&A’s website.
  • Security, including monitoring log-in portals for access, validating identity, and preventing fraud.
  • Fulfilling a legal or contractual obligation.
  • Managing employee relationships, including the administration of benefits.
  • Processing job applications, including background investigations.
  • Complying with applicable laws or regulations.

A&A Windows will not use the personal data it collects for purposes other than those described above without notifying data subjects identified by the data.


How We Share the Information
We use the information you have given us in order to conduct business activities.

Information Sharing
A&A may share this information with:

  • Other entities controlled by or under common control with A&A
  • Vendors
  • Service providers
  • Contractors or sub-contractors
  • Federal, state, and local governments

For the purposes of:

  • Fulfilling A&A’s commercial, contractual, legal, and regulatory obligations.
  • Responding to subpoenas, court orders, or other lawful requests by public authorities, and to meet national security or law enforcement requirements.
  • Investigating illegal activities, suspected fraud, or as otherwise required by law or regulation. Centralizing A&A’s administrative, IT maintenance, and IT security practices.
  • Providing information about A&A’s products, services, or events.

Any third-party that receives personal information from A&A may only process the information in accordance with applicable data processing agreements or contract terms which require the third-party to protect the data and process it in a manner consistent with applicable privacy laws, regulations and A&A’s policies and practices.

Third-Party Links
A&A’s websites may provide links to other third-party websites that are outside of A&A’s control and not covered by this Privacy Policy. A&A Windows is not responsible for the availability, content, or accuracy of third-party policies, nor is it responsible for the privacy practices of other websites, products, services, or goods that may be linked to A&A’s websites. A&A encourages all users of its websites to review the privacy policies posted on these (and all) sites.

How We Store Your Information
A&A Windows takes the responsibility of keeping your information secure.

Storage
The security measures A&A uses vary based on the sensitivity of the personal information we collect, process, and store, and the current state of technology. We also take measures to ensure service providers that process personal data on our behalf also have appropriate security measures.

Retention
A&A retains Personal Data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or not prohibited by law.

If you have consented to the processing of your Personal Data (“opt-in”), A&A will retain and process your Personal Data until you withdraw your consent (“opt-out”), unless the Personal Data must be kept for administrative, legal, or regulatory purposes.

If A&A has not received your opt-in, A&A will delete your Personal Data once the purpose of the collection and processing of such Personal Data has been fulfilled and the adequate duration for documentation and backup storage of such Personal Data has lapsed.

Disposal
Data is securely destroyed or disposed once it is no longer necessary to retain the data.

Security
A&A has in place security policies that are intended to ensure the security and integrity of all Personal Data. A&A has appropriate technical and organizational measures in place to protect against unauthorized or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data held or processed by A&A. If A&A forwards Personal Data to any third party, A&A requires that those third parties have appropriate technical and organizational measures in place to comply with this Privacy Policy and applicable laws.

Your Data Protection Rights
You have certain rights for the collection, use, or dissemination of your personal.

Your Individual Data Subject Rights

Right to request access to data
You have the right to ask for copies of your Personal Data.

Right to correction
You have the right to request correction of your Personal Data.

Right to deletion
You have the right to request that we delete your Personal Data.

Right to opt-out of communications
You have the right to opt-out from marketing communications.  We provide an unsubscribe link in certain marketing communications.  You may also request to opt-out of marketing communications via the data subject rights request process.

Californian Consumers Data Subject Rights Under the California Consumer Privacy Act (CCPA)
The California Consumer Privacy Act of 2018 provides California consumers (California residents) with specific rights regarding their personal information. If you are a California resident, you have the rights under data protection law which are explained here.

How to Submit a Data Subject Rights Request:
You may exercise your data subject rights using any of the following methods:

Emailing us at the address listed on our “contact” page.

Calling our toll-free number at 781-322-9282

We will verify your identity prior to completing these requests. Please provide sufficient information in your request for us to be able to reasonably locate our records about you and what actions you are requesting we take with regards to your data.


How we will respond to your data subject rights request

A&A Windows will respond as described below:

A&A will deliver the required information within 30 days of a verifiable request, and you will receive a notification if A&A will need an additional 30 days to respond.

A&A will provide responses to requests for access to data in a written, readily usable format for data portability and free of charge to the consumer after A&A receives a valid request.

You will receive your requested information either by your account, electronically, or via mail.

A&A will not provide you with specific pieces of personal information if the disclosure would create a substantial, articulable, and reasonable risk to the security of the personal information, your account with the business, or the security of A&A’s systems or networks.

A&A will notify you when data has been deleted.

There may be circumstances where A&A must deny your verified request because of a conflict with state law, federal law, or an exception to applicable privacy laws. If A&A must deny a request accordingly, you will be informed and given the basis for the denial. If the request is denied only in part, A&A will disclose the other information sought by you.