Privacy Policy

Welcome to All About Comfort Heating and Cooling and our website at  www.allaboutcomfortheatingandcooling.com! This privacy policy sets out the basis on which we will  process any Personal Data that we may collect about you as a visitor to our website. This policy further  sets out how we protect your privacy and your rights in respect of our use of your Personal Data.  

WHO IS THE DATA CONTROLLER? 

A “data controller” is a person or organization who alone or jointly determines the purposes for which  and the manner in which any personal data is, or is likely to be, processed. In this sense, All About  Comfort Heating and Cooling LLC of 2123 NW Hedgewood Dr, Grain Valley, MO 64029, United  States (“All About Comfort”, “we”, “us”, “our”) is the data controller. If you have any questions about  this policy or about data protection at All About Comfort in general, you can call us on +1 (816) 847- 5557.

WHAT IS PERSONAL DATA? 

Personal Data is information that makes it possible to identify a natural person. This includes, in  particular, your name, date of birth, address, telephone number, e-mail address, but also your IP address.  Anonymous data exists if no personal reference to the user can be made. 

WHAT IS PROCESSING? 

“Processing” means and covers virtually any handling of data. 

WHAT LAW APPLIES? 

We will only use your Personal Data in accordance with Missouri’s common law and statutory privacy  requirements and the EU’s General Data Protection Regulation (“GDPR”), and of course only as  described in this Privacy Policy. 

WHAT ARE THE LEGAL BASES FOR PROCESSING PERSONAL DATA We have to have at least one of the following legal bases to process your Personal Data: a) you have  given your consent; b) the data is necessary for the fulfillment of a contract/pre-contractual measures;  c) the data is necessary for the fulfillment of a legal obligation; or d) the data is necessary to protect our  legitimate interests, provided that your interests are not overridden.  

WHAT PERSONAL DATA DO WE COLLECT FROM YOU? 

We may collect and process the following Personal Data about you: 

  1. a) Personal Data that you give us: 

This is information about you that you give to us by filling in forms on our website, scheduling an  appointment, requesting a quotation, or corresponding with us by telephone, post, email, or otherwise.  It may include, for example, your name, address, email address, and telephone number; information  about your business relationship with us; and information about your requirements and interests.  

The protection of your Personal Data is particularly important to us in the performance of our HVAC  services. We therefore only want to process as much Personal Data (for example, your name, address,  e-mail address, or telephone number) as is absolutely necessary. Nevertheless, we rely on the processing  of certain Personal Data, to fulfill our contractual obligations to you or to carry out pre-contractual  measures and in the context of administrative tasks as well as the organization of our business and  compliance with legal obligations, such as archiving.  

Finally, we process data in the context of administrative tasks as well as organization of our business,  and compliance with legal obligations, such as archiving. In this regard, we process the same data that  we process in the course of providing our contractual services. The processing bases are our legal  obligations and our legitimate interest. 

  1. b) Personal Data that our website and other systems collect about you:  

If you visit our website, it will automatically collect some information about you and your visit,  including the Internet protocol (IP) address used to connect your device to the Internet and some other  information, such as the pages on our site that you visit. This is used to monitor the performance of the  website and improve the experience of visitors to the website.  

We use so-called cookies on our website. Cookies are pieces of information that are transmitted from  our web server or third-party web servers to your web browser and stored there for later retrieval.  Cookies may be small files or other types of information storage. As set out in Missouri’s common law  and statutory privacy requirements and the EU`s Privacy and Electronic Communications Directive  (“PECD”), we need to obtain consent for the use of non-essential cookies. For further information on  the cookies we use, please refer to our Cookie Policy.  

We use Google Fonts by Google and Font Awesome of Fonticons Inc on our website to display external  fonts. To enable the display of certain fonts on our website, a connection to a Google/Font Awesome  server is established when our website is accessed. The connection to Google/Font Awesome  established when you call up our website enables Google/Font Awesome to determine which website  sent your request and to which IP address the display of the font is to be transmitted. This represents a  legitimate interest. 

Our website uses Google Maps API to visually display geographical information. When using Google  Maps, Google also collects, processes and uses data about visitors’ use of the map functions. You can  find more information about data processing by Google in the Google privacy policy. There you can  also change your personal privacy settings in the Privacy Centre. The integration of Google Maps  represents a legitimate interest. 

We also use Google’s reCAPTCHA from Google to check whether data input is made by a human being  or by an automated program. For this purpose, reCAPTCHA analyses the behavior of the website visitor  on the basis of various characteristics. This analysis begins automatically as soon as you enter our  website. The legal basis for using reCAPTCHA is our legitimate interest. 

  1. c) Other information:  

For business reasons, we analyze the data we have on web and server traffic patterns, website  interactions, browsing behavior etc. The analyses serve us alone and are not disclosed externally and  processed using anonymous analyses with summarized and or anonymized values (“Aggregated Data”).  Aggregated Data could be derived from your Personal Data but is not considered Personal Data in law  as this data will not directly or indirectly reveal your identity. However, if we combine or connect  Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the  combined data as Personal Data which will be used in accordance with this Privacy Policy. For this  purpose we use Google Analytics from Google. The legal basis is our legitimate interest and your  consent. For further information on our use of Google Analytics, please refer to our Cookie Policy.  

OTHER USES OF YOUR PERSONAL DATA? 

We may also collect, store, and use your Personal Data for the following purposes:  ● to operate, manage, develop, and promote our business and, in particular, our relationship with  you and related transactions, including, for example:  

○ marketing purposes (when we have either gathered prior opt-in consent and/or have a  legitimate interest to send you communications which we believe to be relevant and of  use to you);  

○ accounting and billing/payment purposes; 

○ to operate, administer, and improve our website and other aspects of the way in which  we conduct our business; 

○ to offer you our products and services; 

○ to provide you with services or information that you may have requested; and ○ to keep you informed and updated on relevant topics or services you may be interested  in. 

  • to protect our business from fraud, money laundering, breach of confidence, theft of proprietary  materials, and other financial or business crimes;  
  • to comply with our legal and regulatory obligations, bring and defend legal claims and assert  legal rights; and 
  • if the purpose is directly connected with an assigned purpose previously made known to you. 

We will only process your Personal Data as necessary so that we can pursue the purposes described  above and where we have a legal basis for such processing. Where our lawful basis for processing is  that such processing is necessary to pursue our legitimate interests, we will only process your Personal  Data where we have concluded that our processing does not prejudice you or your privacy in a way that  would override our legitimate interest. In exceptional circumstances, we may also be required by law  to disclose or otherwise process your Personal Data.  

CHANGE OF PURPOSE 

We will only use your Personal Data for the purposes for which we collected it as detailed above, unless  we reasonably consider that we need to use it for another reason and that reason is compatible with the  original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and  we will explain the legal basis which allows us to do so. 

DATA SHARING 

In certain cases, it is necessary to transmit the processed Personal Data in the course of data processing.  In this respect, there are different recipient bodies and categories of recipients. 

Internal 

If necessary, we transfer your Personal Data within All About Comfort. Access to your Personal Data  is only granted to authorized employees who need access to the data due to their job, e.g., to provide  our products or services or to contact you in case of queries.  

External bodies 

Personal Data is transferred to our service providers in the following instances: ● in the context of fulfilling our contract with you, 

  • to use marketing services and to advertise our products and services online, ● to communicate with you, 
  • to provide our website, and  
  • to state authorities and institutions as far as this is required or necessary. 

International transfers  

We may transfer your Personal Data to other companies as necessary for the purposes described in this  Privacy Policy. In order to provide adequate protection for your Personal Data when it is transferred,  we have contractual arrangements including non-disclosure agreements, data processing agreements,  and standard contractual clauses regarding such transfers. We take all reasonable technical and  organizational measures to protect the Personal Data we transfer. 

HOW LONG DO WE KEEP YOUR PERSONAL DATA? 

We will delete your Personal Data when we no longer need such Personal Data, for instance, where:

  • it is no longer necessary for us to retain your Personal Data to fulfill the purposes for which we  had collected it;  
  • we believe that your Personal Data that we hold is inaccurate; or  
  • in certain cases where you have informed us that you no longer consent to our processing of  your Personal Data. 

Sometimes, however, there are legal or regulatory requirements which may require us to retain your  Personal Data for a specified period, and in such cases we will retain your Personal Data for such  specified period; and we may need to retain your Personal Data for certain longer periods in relation to  legal disputes, and in such cases we will retain it for such longer periods to the extent required. 

DATA SECURITY 

Our website uses SSL or TLS encryption to ensure the security of data processing and to protect the  transmission of confidential content, such as contact requests that you send to us. We have also  implemented numerous security measures (“technical and organizational measures”), for example,  encryption or need-to-know access, to ensure the most complete protection of Personal Data processed  through our website.  

SOCIAL MEDIA 

We are present on social media based on our legitimate interest. If you contact or connect with us via  social media, we and the relevant social media platform are jointly responsible for the processing of  your data and enter into a so-called joint responsibility agreement. The Personal Data collected when  you contact us is used to process your request, and the basis for this is both your consent and our  legitimate interest. 

MARKETING 

Insofar as you have given us your consent to process your Personal Data for marketing and advertising  purposes, we are entitled to contact you for these purposes via the communication channels you have  given your consent to. Our marketing generally takes the form of email but may also include other less  traditional or emerging channels. These forms of contact will be managed by us or by our contracted  service providers. Every directly addressed marketing sent by us or on our behalf will include a means  by which you may unsubscribe or opt out. 

SMS MARKETING  

General and Opt-In 

Insofar as you have given us your separate consent and your mobile number to process your data for  marketing and advertising per SMS, we are entitled to send you marketing, promotional, or  informational messages. 

A mobile user might opt-in by: i) Entering a phone number online, ii) Sending an Mobile Originating  (MO) message containing an advertising keyword, iii) Filling out a paper form that includes their phone  number, or iv) Signing up at a point-of-sale location. 

All marketing and advertising per SMS will be managed by us or by our contracted service providers.  Every directly addressed marketing and advertising per SMS sent or made by us or on our behalf will  include a means by which you may unsubscribe or opt out. 

You agree that any mobile phone number you provide to us is a valid mobile phone number of which  you are the owner or authorized user. If you change your mobile phone number or are no longer the  owner or authorized user of the mobile phone number, you agree to promptly notify us.  

Opt-Out and Support

You may opt-out at any time. If you wish to opt- out and stop receiving calls from us please tell us on  the phone directly and if you no longer agree to receive mobile messages from us, reply STOP, QUIT,  CANCEL, OPT-OUT, and/or UNSUBSCRIBE to any mobile message from us.  

You may continue to receive text messages for a short period while we process your request, and you  may receive a one-time opt-out confirmation message. You understand and agree that the foregoing is  the only reasonable method of opting out.  

For support, reply HELP to any mobile message from us. Our mobile messaging platform may not  recognize requests that modify the foregoing commands, and you agree that we and our service  providers will not be liable for failing to honor requests that do not comply with the requirements in  these Terms. 

SMS and other Mobile Messages 

We may send marketing and advertising per SMS in various formats. Promotional messages advertise  and promote our products and services and may include promotions, specials and other marketing  offers. 

Our marketing and advertising per SMS may be sent using an automated technology, including an  autodialer, automated system, or automatic telephone dialing system. Our message frequency will vary  but will not exceed 7 messages per Week (excluding appointment reminders). 

We do not charge for mobile messages sent, but you are responsible for any message and data rates  imposed by your mobile provider, as standard data and message rates may apply for SMS and MMS  alerts. 

Phone numbers won’t be shared with Third Parties. SMS consent won’t be shared with Third Parties.

We will not disclose or otherwise distribute your phone number to third parties unless lawfully required  to do so. We will never rent or sell your phone number to any third party, nor will we use your phone  number to initiate a call or SMS message to you without your express or implied prior consent. Your  wireless carrier and other service providers also collect data about your SMS usage, and their practices  are governed by their own privacy policies. 

Changes 

We may also change the telephone number or short code we use and we will notify you of any such  change. You acknowledge that any requests sent to a telephone number or short code that has been  changed may not be received by us and we will not be responsible for failing to honor a request sent to  a telephone number or short code that has been changed. 

Telephone Consumer Protection Act (“TCPA”) and CAN-SPAM Act (“CAN SPAM”) compliance To be in accordance with the TCPA and CAN SPAM, we agree to the following: If at any time you  would like to unsubscribe from receiving future emails and SMS, you can email or reply to us as  described above, and we will promptly remove you from ALL correspondence. 

YOUR RIGHTS AND PRIVILEGES  

Privacy rights  

You can exercise the following rights: 

  • The right to access; 
  • The right to rectification; 
  • The right to erasure; 
  • The right to restrict processing; 
  • The right to object to processing; 
  • The right to data portability;

Update your information and withdraw your consent  

If you believe that the information we hold about you is inaccurate or request its rectification, deletion,  or object to legitimate interest processing, please do so by contacting us.  

Access Request  

In the event you want to make a Data Subject Access Request, please contact us. We will respond to  requests regarding access and correction as soon as reasonably possible. Should we not be able to  respond to your request within thirty (30) days, we will tell you why and when we will be able to  respond to your request. If we are unable to provide you with any Personal Data or to make a correction  requested by you, we will tell you why.  

What we do not do 

  • We do not request Personal Data from minors and children; 
  • We do not process special category data without obtaining prior specific consent; ● We do not use automated decision-making including profiling; and  
  • We do not sell your Personal Data. 

Complaint to a supervisory authority 

You have the right to complain about our processing of Personal Data to a supervisory authority  responsible for data protection. However, we would appreciate the opportunity to address your concerns  before you contact any supervisory authority. The supervisory authority in Missouri is the Attorney  General’s Office (www.ago.mo.gov).  

USA SPECIFIC PROVISIONS 

The following applies to users located elsewhere in the United States. While we understand and  appreciate that privacy and consumer data protection laws differ as they are subject to each state’s  legislature and that no data protection framework similar to the EU’s GDPR exists on a federal level,  we are committed to follow and apply the relevant privacy rules and regulations for your state.  

As of the day of drafting, the following states had enacted privacy and consumer data protection laws:  California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee,  Texas, Utah, and Virginia. Under consideration of the similarities of the above provisions, no conflict  should arise pursuing a uniform approach in granting all users in the USA the same rights and privileges  as set out above. However, should ambiguity occur, the most stringent provision is chosen to ensure the 

most comprehensive approach when it comes to protecting your Personal Data. Further, the following also apply 

  1. i) “Shine the Light” 

“Shine the Light” law (Civil Code Section 1798.83) requires us to respond to requests from  California asking about the business’s practices related to disclosing Personal Data to third  parties for the third parties’ direct marketing purposes. You may make a request about our  collection and disclosure of your Personal Data using the contact details provided.  

  1. ii) COPPA (Children Online Privacy Protection Act) 

When it comes to the collection of Personal Data from children under the age of 13 years  old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The  Federal Trade Commission, United States’ consumer protection agency, enforces the  COPPA Rule, which spells out what operators of websites and online services must do to  protect children’s privacy and safety online. We do not specifically market to children  under the age of 13 years old.

iii) CAN SPAM Act 

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes  requirements for commercial messages, gives recipients the right to have emails stopped  from being sent to them, and spells out tough penalties for violations. To be in accordance  with CAN SPAM, we agree to the following: If at any time you would like to unsubscribe  from receiving future emails, you can email us, and we will promptly remove you from  ALL correspondence.  

  1. iv) Telephone Consumer Protection Act (TCPA)  

If we process your Personal Data for the purpose of sending you SMS marketing  communications, you may manage your receipt of marketing and non-transactional  communications from us by replying or texting ‘STOP’ if you receive our SMS  communications. In this respect, the data processing is carried out solely on the basis of our  consent in personalized direct advertising per SMS.  

  1. v) Controls For Do-Not-Track Features 

Most web browsers and some mobile operating systems and mobile applications include a  Do-Not-Track (‘DNT’) feature or setting you can activate to signal your privacy preference  not to have data about your online browsing activities monitored and collected. At this  stage, no uniform technology standard for recognizing and implementing DNT signals has  been finalized. As such, our website does not currently respond to DNT browser signals or  any other mechanism that automatically communicates your choice not to be tracked  online. If a standard for online tracking is adopted that we must follow in the future, we  will inform you about that practice in a revised version of this policy.  

  1. vi) Right to complain 

Finally, and in regard to the right to complain to a supervisory authority. You have the right  to lodge a complaint about our processing of Personal Data with a supervisory authority  responsible for data protection. Users based in the above-mentioned States may lodge a  complaint with the relevant district attorney or attorney general office. However, we would  appreciate the opportunity to address your concerns before you contact any supervisory  authority.  

CANADA AND MEXICO SPECIFIC PROVISIONS 

Both Canada and Mexico have introduced data protection laws that are similar to the GDPR, namely  Federal Law for the Protection of Personal Data in the Possession of Private Parties (“LFPDPPP”)  supplemented by the Rules of the Federal Law for the Protection of Personal Data in the Possession of  Private Parties in Mexico and the Personal Information Protection and Electronic Documents Act  (“PIPEDA”) in Canada. Under consideration that the GDPR has played a pivotal role, no conflict should  arise pursuing a uniform approach in granting all users in Mexico or Canada the same rights and  privileges as set out above. However, should ambiguity occur, the most stringent provision is chosen to  ensure the most comprehensive approach when it comes to protecting your personal data. 

In terms of your right to complain, Canada’s national supervisory authority is the Office of the Privacy  Commissioner (www.priv.gc.ca) and the National Institute of Transparency, Access to Information and  Personal Data Protection (Instituto Nacional de Transparencia, Acceso a la Información y Protección  de Datos Personales) (“INAI”) is the national supervisory authority in Mexico (www.ifai.org.mx).  

HELP AND COMPLAINTS 

If you have any questions about this policy or about data protection at All About Comfort in general,  you can call us on +1 (816) 847-5557. 

CHANGES 

The first version of this policy was issued on Wednesday, December 4th, 2024, and is the current  version. Any prior versions are invalid, and if we make changes to this policy, we will revise the  effective date.