Privacy Policy

version effective as of 12th May 2023

I. General information

At Your Windows Inc. with its registered office at 12 Penns Trail, Newtown PA 1894 (hereinafter called “Your Windows”) we take your privacy seriously and are committed to ensuring that your personal data that we process in connection with your use of our websites available at: yourwindows.com and their subdomains (hereinafter called the “Websites”) and services we provide electronically (hereinafter called the “Services”) is properly protected.

This document (hereinafter called the “Privacy Policy”) is designed to inform you as our (potential) Customer or our Customer’s Representative, to what extent your use of our Websites or Services requires us to process your personal data, what that processing consists of, when that data may be shared with third parties, what rights you have in connection with the processing, and how we store and protect your personal data. 

Terms used in the Privacy Policy and capitalized have the meaning ascribed to them in the wording of the Privacy Policy and in the Terms and Conditions.

For purposes of this Privacy Policy, unless otherwise required by applicable law, “personal data” means any information that identifies, relates to, describes, or is reasonably capable of being associated, linked or linkable with a particular individual or household, including any information that is subject to applicable data protection laws.

II. Personal data Controller

The Controller of your personal data is Your Windows Inc. with its registered office at 12 Penns Trail, Newtown PA 1894 (hereinafter also called the “Controller”).

III. Contact with the Controller

We will answer any questions you have about the Privacy Policy and the processing of your personal data. Contact with the Controller is possible via email address: contact@yourwindows.com. In particular, you may contact us in order to exercise your rights detailed in the Privacy Policy, including deletion of your personal data. 

IV. Your rights

In connection with the processing of your personal data, you have the right to:

  1. access to your personal data; 
  2. obtain a copy of your personal data; 
  3. have your data rectified in the event that your data is untrue or incomplete; 
  4. delete the data in the event that: (i) the data is no longer necessary for the purposes for which it was collected by Your Windows; (ii) the data is processed unlawfully; (iii) you object to the processing of the data; (iv) the data should be deleted in order to comply with a legal obligation; 
  5. limitation of data processing in case in which: (i) the correctness of the data is questioned – for a period of time allowing Controller to verify the correctness of your data; (ii) the data is processed unlawfully, but you will not want the data to be deleted; (iii) your data is no longer needed by the Controller, but may be needed by you to assert or defend claims; (iv) in case in which you raise an objection to data processing – until it is determined whether the legitimate interests of the Controller override the grounds for the objection; 
  6. transfer of data to another Controller in the event that the data is processed by automated means in connection with a contract concluded or consent given,
  7. object to the processing to the extent that the processing is based on a legitimate interest and the objection is justified by your particular situation, 
  8. where the processing of your personal data is based on consent, you also have the right to withdraw consent at any time, without affecting the lawfulness of the processing carried out on the basis of consent before its withdrawal.

If you wish to exercise your rights indicated above, or if you believe that our processing of your personal data violates applicable law, please contact us at the addresses indicated above in the “Contact with the Controller” section. As a rule, we do not charge a fee for exercising your rights. However, if the request is clearly unreasonable, repetitive or excessive, we may legally charge a reasonable fee or refuse to comply with the request. 

V. Personal data we collect

If you choose to contact us, you will share with us some personal information from your email or traditional correspondence, as well as your name and contact information. 

When we create an account for you on our Website to use our Services electronically, we process your email address, as well as your name, surname and – if you are the Customer’s Representative – the information about the company you work with. To log in to your account you also need a password. To order Goods via your account, to conclude a Sales Contract with you, we additionally process address and the Customer’s company details. We also collect your payment information when you purchase our Goods. Payment information is used for payment processing and fraud prevention. 

If you choose to file a complaint regarding your use of the Services or the Sales Contract,, we process your personal data received from you contained in the complaint or relating to the Sales Contract for the purpose of processing the complaint and prevent fraud. In particular we process in this case your contact information (first name, last name, mailing or email address). 

In the information logged on the server when you use our Websites or Services, it will be possible to read in real time what browser and operating system you are using and the IP address associated with your device. 

We can also process your email address if you agree to receive commercial information from the Controller to your email address.

If you consent to our use of cookies other than those strictly necessary for the use of the Websites or Services, we process your personal data regarding your activity on the Websites or Services for analytical, statistical or advertising purposes, depending on which cookies you have consented to. 

VI. Sources of personal data

We receive your personal data directly from you or from our Customer that is represented by you, or automatically from your devices.  

VII. Purposes and legal bases for processing personal data

Your personal data is processed for the following purposes and on the following legal grounds: 

  1. in order to provide Services in connection with the User’s Account (Account Maintenance, Data Storage) – the processing of your personal data is necessary for the conclusion and performance of Services Agreement; 
  2. in order to conclude and perform Sales Contracts with you as a Customer; 
  3. to conclude and perform Sales Contracts with the Customer that you represent – then the legal basis for the processing of your personal data is our legitimate interest;
  4. for the purpose of fulfilling the Controller’s legal obligations in the field of taxation and accounting, related to concluded Sales Contracts, in particular: issuing invoices or other accounting evidence, bookkeeping, accounting for taxes, archiving data for accounting purposes;
  5. for the purpose of corresponding with you and responding to your inquiries – the legal basis for the processing is our legitimate interest consisting of the necessity to resolve a matter or provide an answer to you; 
  6. to process complaints – the legal basis for processing is the legitimate interest of the Controller consisting of the need to duly process the complaint; 
  7. to establish and assert or defend against claims – the legal basis for processing is the legitimate interest of the Controller consisting of the protection of its rights; 
  8. for analytical and statistical purposes in order to improve our Services – the legal basis for processing is our legitimate interest; 
  9. for marketing purposes through sending to you commercial information from the Controller, i.e. information relating to our Services, Goods that we offer, promotions, etc. – we send such information only if you agree to receive commercial information from the Controller to the email address provided by you – the legal basis for processing is your consent;
  10. for analytical, statistical or advertising purposes in connection with the use of cookies – the legal basis for processing is your consent;
  11. in order to contact you in connection with your request sent to us in relation to the exercise of your rights under data protection law.

VIII.The nature of providing personal data

Providing personal information is necessary for the aforementioned purposes, in particular to create a User’s Account for you, to use the Services, to conclude and perform Sales Contracts, fulfil our legal obligations, respond to your inquiries, or send you commercial information (in this case giving your consent is voluntary).

IX. Data retention period

We keep your personal data for as long as necessary for the purposes for which we originally collected it or to comply with other legal requirements. 

The data is kept for the duration of the Controller’s provision of Services to you or for the fulfillment of the Sales Contract. If you request the Controller to delete your User’s Account and discontinue the provision of Services, under the rules set forth in the Terms and Conditions, your User’s Account and all data entered by you therein will be deleted up to 7 calendar days after your request.  Please note that deletion of the User’s Account, however, does not mean that the Controller deletes personal data related to Sales Contracts concluded with the Customer. The data will continue to be stored by the Controller until the expiration of the statutory obligation to store the data (5 years from the end of the fiscal year) and until the expiration of the statute of limitations for claims.

Personal data processed for contact purposes is stored for the time necessary to provide comprehensive information to you.

Personal data that we process on the basis of your consent will be stored at most until you withdraw your consent to the processing of personal data.

X. Disclosure of personal data and transfer of your personal data to a third country (i.e. outside the EEA)

In order to provide Services to you or fulfill the Sales Contract, we need external entities to support and perform services for us. Accordingly, the recipients of your personal data may be entities that cooperate with the Controller, providing IT and hosting services, as well as postal operators or shipping companies and other entities to the extent necessary for the purposes of data processing. 

We may also share your data in cases required by law, and in order to establish, exercise or defend our rights. 

We may disclose and/or transfer personal data as part of any actual or contemplated merger, sale, transfer of assets, acquisition, financing and/or restructuring of all or part of our business, bankruptcy or similar event, including related to due diligence conducted prior to such event where permitted by law.

In connection with our use of cookies other than those necessary for the use of the Websites or Services, provided that you have given your prior consent, your personal data is transferred to the providers of these cookies.. 

XI. Information on automated processing, including profiling

The Controller does not make decisions towards data subjects based solely on automated processing, including profiling.

XII. Cookie policy

Issues concerning the cookies used on the Website and the Services and consent to the use of cookies, can be found in a separate Cookie Policy.

XIII. Aggregated and de-identified data. 

We may de-identify information and create anonymous and aggregated data sets and reports to assess, improve and develop our business, products and Services, prepare benchmarking reports on our industry and for other research, marketing and analytics purposes. This data is not personal data.

XIV.Information About Minors

The Controller’s Websites and Services are neither structured nor intended for Users who are minors. The Controller does not target, promote, or market Goods or Services to minors. We do not knowingly collect personal data from minors, as defined by law. If we discover we have received personal data from a person under the age of 18 years, which has not been properly authorized, we will take reasonable steps to delete that data as quickly as possible. If you have concerns over the collection of minor’s personal data on the Website or Services, please contact us at the information provided in the “Contact with the Controller” section above.  

XV. Supplemental Notice for California Residents

Under California’s “Shine the Light” law (Cal. Civ. Code § 1798.83), California residents who provide us certain personal data are entitled to request and obtain from us, free of charge, information about the personal data (if any) we have shared with third parties during the immediately preceding calendar year for their own direct marketing use. Such requests may be made once per calendar year for information about any relevant third-party sharing in the prior calendar year. California residents who would like to make such a request may contact us by email at: contact@yourwindows.com with the subject line “California Shine the Law Request”. The request should attest to the fact that the requester is a California resident, and provide a current California address. We are only required to respond to a customer request once during any calendar year.  

XVI.Supplemental Notice for Nevada Residents

If you are a resident of Nevada, you have the right to opt-out of the sale of certain personal data to third parties who intend to license or sell that personal data. You can exercise this right by contacting us at contact@yourwindows.com with the subject line “Nevada Do Not Sell Request” and providing us with your name and the email address associated with your Account.  Please note that we do not currently sell your personal data as sales are defined in Nevada Revised Statutes Chapter 603A. If you have any questions, please contact us as set forth below.

XVII.Do Not Track

We do not currently recognize automated browser signals regarding tracking mechanisms, which may include “Do Not Track” (DNT) signals sent by web browsers, mobile devices, or other mechanisms. Third parties may be able to collect information, including personal data, about your online activities over time and across different websites or online services when you use the Services. You may opt out of online behavioral ads at http://www.aboutads.info/choices/. You also may limit certain tracking by disabling cookies in your web browser.

XVIII. Changes to Privacy Policy

The Privacy Policy is reviewed on an ongoing basis and may be updated if there is a change in the law affecting the processing of your personal data, as well as if the Controller makes changes to the processing of your personal data. When we make changes, we will make the new version of the Privacy Policy available on the Websites. The date of the most recent update is listed at the top of this document under the “effective” date.