Privacy Policy
Privacy Policy
This Privacy Notice aims to inform you about the data processing in connection with our website and related services. The processing of personal data takes place exclusively within the framework of the respective valid legal data protection regulations, in particular the Data Protection Act 2018 and General Data Protection Regulations (hereinafter referred to as “GDPR”).
General Information
Personal data
Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); a natural person is considered as being identifiable, directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more special characteristics expressing the physical, physiological, genetic, mental, economic, cultural, or social identity of this natural person.
Who we are
Windows Plus Roofs & Kitchens Plus Bathrooms are trading styles of Windows Plus Roofs Limited (“we”, “our”, “us”). Our company number is 11590335. Our ICO registration number: ZB502678.
We are the data “controller”, which means we are responsible for deciding how and why your personal Information is used. We are also responsible for making sure it is kept safe, secure and handled legally.
We operate to the highest standards when protecting your personal information and respecting your privacy. You can contact our Data Protection Officer by sending an email to [email protected], or by writing to us at Diamond House Kingsway North Team Valley NE11 0JH
Personal Data which we may collect about you and how it is used
Most commonly, we will collect your Personal Data in the following circumstances:
- When you provide your contact details to us requesting a quote for windows and doors either by telephone, online chat, website quote form or 3rd party quote form.
- In response to surveys we have sent you.
- Through social media platforms such as Facebook, Twitter, Instagram, and other openly available public sources.
- When you visit our website, the lawful basis we rely on to process your personal data is either Article 6(1)(a) of the UK GDPR, for example when we require your consent for the optional cookies we use, or Article 6(1)(f) which allows us to process personal data when it is necessary for our legitimate interests.
We may collect, use, store and transfer different kinds of Personal Data from and about you through a number of different methods, which may include:
Source of data | Categories of personal data | Purpose | Lawful Basis |
Website Visit | IP Address, location data | Your device’s IP address may tell us an approximate location when you connect to our websites, but this will be no more precise than the city, state, or country you are using your device in. (Please see our Cookie Policy). | Consent or legitimate interest (please see our Cookie Policy) |
Lead Generation 3rd Party Supplier LI under Lead generators | Title, Surname, Email address, Postcode, Contact Number | To enable us to respond to your request | Consent or legitimate interest (please see our Cookie Policy) |
Quote request | Title, Surname, Email address, Postcode, Contact Number | To respond to your request for a quote and to provide pre-contract information | Contract |
Brochure request | Title, Surname, Email address, Postcode, Contact Number | To follow up your request for a brochure | Legitimate Interest |
Chat enquiry | Name, Postcode, Contact Number, Email address | To respond to your chat enquiry | Legitimate Interest |
Social Media interaction | Title, Surname, Email address, Postcode, Contact Number | To assist in your social media enquiry | Legitimate Interest |
Email enquiry | Title, Surname, Email address, Postcode, Contact Number | To assist in your email enquiry | Legitimate Interest |
Telephone canvassing | Title, Surname, Email address, Postcode, Contact Number | To market similar products to you | Legitimate Interest |
Door to door canvassing/instore pop-ups/Showroom visit | Title, Surname, Email address, Postcode, Contact Number | To respond to your request for a quote and to take necessary steps to fulfil that | Contract |
Your communication | Vulnerability information (health & disability) | Information that allows us to understand whether you are in a vulnerable situation; information that will help us to better help you. | Consent |
Your call into our Helplines | Name, address, DOB, email address, telephone numbers | When you share comments and opinions with us, ask us questions or make a complaint we will keep a record of this, which may include call recordings. | Contract where there is an agreement between us. Legitimate interest where you are not a customer |
Placing an order | Name, Address, Contact Number, Email Address, Date of birth, unique order number. Other details may include:
|
Providing the service requested and fulfilling obligations and customer service | Contract |
Survey platform | Records of any responses to surveys you have volunteered | To gather feedback to help improve services and promote the company | Legitimate interest |
Advertising and direct marketing preferences and responses | Telephone number, Name, Address | To adhere to any requests for these communications to stop. | Regulatory |
Public registers, such as Land Registry | Name, address ownership details | To check ownership status | Legitimate interest |
Our services are not aimed at children.
Direct Marketing
From time-to-time we may contact you by telephone with information about our products and services we believe you may be interested in.
If you have not consented to receiving marketing communications, we will only send these communications to you when permitted to do so by law – using the basis of Legitimate Interests, but in all circumstances, we will respect your preferences as may be updated from time to time. You can let us know at any time that you do not wish to receive marketing calls including by sending an email to us at [email protected].
Your rights regarding your personal data
You have a number of ‘Data Subject Rights’ under UK data protection law. If you would like to exercise any of these rights or have any associated query please contact us at [email protected]. More information can be found on the Information Commissioners website www.ico.org.uk.
These are as follows:
- Informed: You have the right to be informed about how we handle your personal data. This privacy statement provides this information, and we will always make this clearly accessible whenever we collect personal information from you.
- Access: You have the right to ask for a copy of the personal data we hold about you and the purposes for which we are using it. On receipt of such a request we will endeavour to respond to you as soon as possible and within one calendar month. We will confirm the personal data being processed, but this does not necessarily mean providing copy documents with non-personal information, within which your personal data might be contained.
- Rectification: You have the right to request that we amend any personal data which is incorrect or requires updating.
- Erasure: You have the right to request that we delete any personal information pertaining to you. We will assess any deletion request on a case-by-case basis and will endeavour to respond to you as soon as possible, and within one calendar month. Please note this is not an absolute right and there may be circumstances in which we can justifiably retain information about you.
- Object: You have the absolute right to object to receiving direct marketing from us. You also have the right to raise an objection about how we are handling your personal data.
- Restriction: You have the right to request that we restrict or suppress your personal data, so we would only store it but not use it.
- Portability: You have the right to obtain and reuse your personal data for your own purposes across different services. Due to the nature of our business and the limited nature of the personal data we handle, we do not believe this right is likely to apply.
We do not conduct any automated decision-making or profiling.
Where we rely upon your consent to process data, you have the right to withdraw that consent and to do so please contact us using the information above.
In order to fulfil a data subject rights request, we may need to ask you for proof of identity, depending on the circumstances.
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you (such as taking account of any disability).
If you have any concerns about the manner in which we have collected and used your personal data, please contact us and we will do our best to help. If you are unhappy with the way in which we have handled your personal data you have the right to raise a complaint with the UK’s Information Commissioner’s Office.
How long we store your personal data for
We will only keep a copy of your personal information for as long as is reasonably necessary for the purpose for which it was collected, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint, or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for Personal Data, we consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data, so that it can be used in a non-identifiable way for the purposes of statistical analysis and business planning.
In some circumstances, we will anonymise your Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
How we protect your personal data
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your Personal Data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We always hold your Personal Data securely and to prevent unauthorised disclosure or access to your Personal Data, we have implemented strong security safeguards including operating our website over the https protocol. We also follow stringent procedures to ensure we work with all Personal Data in line with current data protection legislation.
Who we may share your personal data with
We share personal data with the following categories of third parties. We never share or sell your data to anyone outside the group for their own marketing use.
Who | Examples (not exhaustive) |
Any party approved by you | A finance company if you want to take out a financing service |
Other people you have authorised to access your account | Joint account holder, e.g. we may provide your personal data to the other joint account holder where they submit a subject access request |
Advertising partners | Google, Facebook |
Industry partners | Partners, suppliers & contractors for the performance of any contract we enter into with them or you, for example scaffolding companies, Locksmiths, product manufacturers, insurers Examples include Assure Certification Ltd, The Consumer Protection Association, GGF, FENSA, Clayton Glass, UK Windows & Doors Group To comply with financial audit regulations: Deloitte, Grant Thornton. |
The government or our regulators | Information Commissioner’s Office (ICO), HMRC, Financial Conduct Authority (FCA) Ombudsman services |
Trial partners | Companies we work with to test our new products and services |
Companies that help us run our business, help customers complete sales or appointment bookings, support our IT infrastructure and to further understand our customers | IMA Home, Ebiz, MBN, Rackspace, Yomdel, Freshworks, Trustpilot, Researchbods, SiteSpect, DataBowl, CustomerGauge. |
Data sharing within Windows Plus Ltd
Personal data may be shared across any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries. We do this so that we have a single, joined-up view of our customers, to offer you the best possible experience. In particular, we do this for the following purposes:
- Understanding your use of products and services from across the group
- Improving the products and services offer by group companies (including market research), and customer relationship management strategy
- Product development, and
- Marketing products and services that you might be interested in.
Links to other websites
This privacy notice does not cover any links within this site linking to other websites. We encourage you to read the privacy statements on the other websites you visit.
Changes to this privacy notice
We keep our privacy notice under regular review. This privacy notice was last updated on the 02nd July 2024.