The purpose of this privacy policy is to inform you about how your data is being handled by us. You have certain rights in relation to your data, including the right to revoke your consent and the right to object to processing based on legitimate interests, profiling (including the use of custom and lookalike/similar audiences), and direct marketing. At any time, you can exercise your rights by emailing us at complaints@webuyanywindows.com. For further details about our processing and your rights, please see below.
This website is owned and operated by Reclaims 4u ltd and is intended for use by consumers in the United Kingdom. We abide by the relevant rules of the General Data Protection Regulation (“GDPR”) and the Data Protection (Jersey) Law 2018.
We take the protection of your personal data very seriously. Our privacy policy explains what information we collect from you, what we do with it, how we keep it secure and the circumstances in which we provide it to third parties.
We obtain and process personal data in different ways depending upon the purpose of the processing and way in which we obtained your personal data.
In most circumstances your data will only be processed within the UK or EEA. If for any reason we need to have your data processed elsewhere we will inform you of that, any privacy risks involved and what we have done to minimise those risks.
You can at any time ask us to tell you what personal data relating to you we hold.
You also have the right to ask us to rectify your data if it is inaccurate, erase it or restrict the processing of it, in particular in regards to your right to object to processing under legitimate interests of your data for profiling (including the use of custom, lookalike or similar audiences) and for direct marketing. In some circumstances you can ask us to provide it to you in a format which would allow you to transfer it digitally to another.
Where we have requested, and you have given us consent to process your data you may withdraw that consent at any time.
Were our business to be sold all your data would be transferred to the purchaser so that they could use it in the same way as we do now.
In relation to double glazing enquiries, one of the companies who may contact you are Safestyle UK PLC. You do not have to buy anything from any of our providers. There is no obligation to purchase.
If you are at all concerned about our processing of your data, please let us know by contacting our Data Protection Officer at complaints@webuyanywindows.com. You may also complain about it to the Office of the Information Commissioner (“ICO”).
Requesting quotes or information
Our site enables people to request quotes or information for the product or service shown or selected on the site (the “Product”).
The service that our site provides is to connect people who are looking to purchase the Product with relevant providers of the Product (“Service Providers”).
If you’d like to request and receive quotes or information for the Product (“Quotes”), please complete and submit our webform.
Once we’ve received your request, we’ll connect you with one or more relevant Service Providers who will contact you in response to your request. In order to connect you with the Service Provider(s), we share the information that you provide to us via our webforms with those Service Provider(s). We’ll tell the Service Providers who you are, and your Product requirements, and they’ll then contact you directly with your requested Quotes. You’ll see on our webform that we have a really clear consent statement. This statement sets out the Service Providers that will contact you.
For certain Products, before connecting you with relevant Service Providers, we may call you to confirm your details or requirements.
You can choose which Service Provider to buy from, but there is no obligation to purchase from any of them.
Other than where we state in this Privacy Policy, we do not share your data with anyone else or use it for any other purpose, except on an aggregate and anonymous basis. This means that we also do not transfer it to any advertising network, or use it to build user profiles.
Requesting to book an appointment
If you would like to hear from a Service Provider and/or book an appointment, please complete and submit our webform.
Once we’ve received your enquiry, we’ll do one of the following:
We’ll connect you directly with one or more relevant Service Providers. We’ll tell the Service Providers who you are, and the information that you provided on the webform (as set out below).
Contact details and product requirements
If you complete our webform in order to request Quotes or to book an appointment, it will ask you for your contact details, such as your name, email address, telephone number, postal address, and/or postal code.
Our webform will also ask for information regarding your Product requirements.
From time to time, we change our webforms, and so they may ask you for other information. It will always be clear from the webform what information we’re requesting, and we only request information that is relevant to your request, and the service that we’re providing.
If we call you in response to you completing our webform, we may ask you for additional information to do with your request.
When you visit our site, we will do our best to provide you with the information you are looking for. This will mean that, sometimes, we may ask you for your name and email address (via a pop-up box on our site) so that we are able to send you more information about the products or services that you have shown an interest in. You are not required to submit this information to us and, if you change your mind, you can opt out at any time by clicking the unsubscribe link in the email.
Information about your health
If you have completed a webform relating to a health Product, our webform may ask you for information including sensitive personal data (e.g. information about your health).
Additionally, if we call you in response to such a request, we may also ask you for information about your health.
We will only ask you information about your health where it is relevant to your request, and we will only collect this type of information with your consent.
IP addresses
We also store and share Internet Protocol (IP) addresses, as explained below. Every computer or device has an IP address – a unique number – which enables it to communicate with other computers and devices over the Internet.
Call recordings
We digitally monitor and/or record calls between you and us for the purposes of quality control and staff training. Also, occasionally, we may need to provide Service Providers with limited access to such recordings in order to resolve disputes. Please be aware that sensitive personal data may be recorded where you voluntarily disclose health information to us over the phone.
Additional Information
If you choose to download and use our app, to enhance your experience we may collect some additional information. We do this by using a tracking tool that collects your online identifier, geolocation, device specification, Google advertising ID and other behavioural data relating to the use of our app.
Additionally, we might collect data about you if you:
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. At the bottom of this policy, we have included a table, setting out what cookies we use, and the purposes for which we use them.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaopto
IP ADDRESSES
We store IP addresses in order to stop unwanted traffic (i.e. spam) to our site. For example, if we become aware that spam is coming from a particular IP address (i.e. computer or location), we can block that IP address.
From time to time, we also share IP addresses with Service Providers to enable Service Providers to verify that requests for Quotes have come from a particular country.
We use your data (described above) in the following ways.
To connect you with relevant Service Providers
As explained above, if you submit our webform, we’ll pass your request to one or more relevant Service Providers (named on the consent statement). We will do this in a secure way. For example, using HTTP Secure (HTTPS), which means the data is encrypted. The Service Providers then contact you directly with your quotes. They may contact you by telephone, text/SMS or email.
Before we pass your request to any Service Providers, our service may involve an element of automated decision-making. Our technology platform may automatically assess your Product requirements based on the information you have provided us and pass your request to such Service Providers that would like to receive requests for Quotes at the time your request is made.
Some Service Providers may pass your data to third-party credit check agencies as part of your application for specific financial products, and you will be made aware of this in the consent statement.
To call you to confirm your details or requirements
For certain Products, before connecting you with relevant Service Providers, we may call you to confirm your details or requirements.
We may also call you to ask about your experience using our site and service, and dealing with the Service Providers with which we connected you.
To call you to book an appointment
Where you have requested to book an appointment, we may call you, either in our brand name or in the name of and on behalf of a Service Provider, to book your appointment.
If we book an appointment for you, we’ll share your details, including any information that you provide on the call, with the Service Provider. We’ll also tell you which Service Provider we’ve made an appointment with. We won’t book an appointment without your approval.
Occasionally, we may not be able to find a suitable appointment for you. If this is the case, we’ll let you know on the call. However, we may be working with other Service Providers that can help you. If this is the case, we’ll pass your enquiry to those Service Providers (either named on the consent statement or during the call), who will contact you directly by telephone, text/SMS or email.
To email or text you about similar products and services – But only if you haven’t opted out of such emails or texts
If you use our quote request service, then, as an existing user, we would like to email you, or send you text/SMS messages, about similar products and services for which we think you might like quotes or information (“Other Products”). Sometimes your mobile network provider may charge you for such SMS messages.
You will always be given an opportunity to opt out of such messages before we send them, and we will not send such messages if you have opted out.
To create custom and lookalike/similar audiences
We like to work with Facebook, Google and other platforms (“Platforms”) to reach out to you with adverts for Other Products. We also like to use Platforms to reach out to other people who might like to use our quote request service.
We do this in two ways. In both cases, your data, along with other data, is used to create a custom audience and/or a lookalike/similar audience. Whenever an audience is shared with a Platform, the data is first hashed and pseudonymised, meaning that any data within the audience that could identify a person is replaced with an artificial identifier. So, the process is secure. Also, we don’t share more data than we need to for the purpose of creating the audience.
As we explain below, at any time, you may object to such activity by emailing us at complaints@webuyanywindows.com.
To improve your in-app experience and for marketing attribution
We may use data collected in our website to better understand how you interact with our content and track the relevance of our marketing campaigns to your interests.
To email you to remind you to complete our webform where its partially completed
If you start but don’t complete one of our webforms, we may email you to remind you to complete that webform. We will only store data inputted by you in a partially completed webform for two hours from when you leave the webform. If you don’t return to the webform to complete and submit the form in two hours, we will permanently delete the data you’ve inputted, subject to an automatic back-up of that data being made and stored for 30 days from the date you partially completed our form. Such back-up will not be readily accessible by us and your data will not be used for any other purpose.
Receiving data from Service Providers
From time to time, Service Providers may return data to us. They may do this if they have a query regarding a request for Quotes or an enquiry that we have sent to them in order to enable us to resolve the query. They may also return data to us, together with confirmation on whether or not a product has been purchased, in order to enable us to improve our marketing. We may also use such data to create custom and lookalike/similar audiences, as explained above.
Working with suppliers
We work with a number of suppliers, who process data on our behalf. These include cloud storage providers, email service providers, and cloud telephony providers. We have appropriate contracts in place with such suppliers to ensure the protection and confidentiality of data.
Depending on the countries in which you’re looking for Service Providers, we may transfer your data outside the UK. As of 1 January 2021, the UK is no longer a part of the European Economic Area (the “EEA”). This means that your data may be transferred outside of the UK to countries inside the EEA, or to another country outside of the EEA. For example, if you’re looking for Service Providers in the USA, we may need to transfer your data to the USA.
Although the UK is no longer part of the EEA, we will still hold your data to the same level of protection as we did when we were part of the EEA. This means that for any transfer of your data outside of the UK, we will continue to take steps to ensure that it is protected to the same level of protection that applies to transfers of data outside of the EEA.
Certain countries have a European Commission adequacy decision, which means they are considered to offer an adequate level of data protection and we will continue to only transfer data to those countries on this basis.
Other countries do not have the same level of legal protection as countries in the EEA, or with an adequacy decision. If we do transfer your data in this way, we will take steps to ensure that it is protected to the same levels that apply in the EEA. This may include, for example, adopting the EU’s standard contractual clauses.
We also pass your data on to Safestyle UK. Please see their privacy policy here https://www.safestyle-windows.co.uk/privacy-policy/
We have a data retention policy, which clearly sets out how long we keep data for, and for what reasons.
We will keep your data only for as long as is necessary to fulfil the purpose/s for which it was collected in the first place, i.e. as set out in this Privacy Policy.
For example:
This Privacy Policy sets out (above) how we use your data. Under the GDPR, controllers must have a valid lawful basis for each processing activity that they undertake. This section sets out our lawful basis for each activity.
For example:
For example:
This Privacy Policy sets out (above) how we use your data. Under the GDPR, controllers must have a valid lawful basis for each processing activity that they undertake. This section sets out our lawful basis for each activity.
Activity: To connect you with relevant Service Providers, including in respect of certain health-related Products.
Lawful Basis under the GDPR: Consent
Your Rights: To withdraw your consent, as explained below.
Activity: The automated decision-making explained above.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
Activity: Using and sharing IP addresses.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
Activity: To email you regarding a partially completed webform.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
Activity: To call you to confirm your details or requirements.
Lawful Basis under the GDPR: Consent
Your Rights: To withdraw your consent, as explained below.
Activity: To call you to book an appointment.
Lawful Basis under the GDPR: Consent
Your Rights: To withdraw your consent, as explained below.
Activity: Sharing call recordings with Service Providers.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: To object to processing based on legitimate interests.
Activity: To email or SMS message you about similar products and services.
Lawful Basis under the GDPR: Legitimate interests*
Your Rights: To object to processing based on legitimate interests. You also have the right to object to direct marketing.
Activity: To create custom and lookalike/similar audiences.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
Activity: Receiving data from Service Providers.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
Activity: To email or SMS message you with more information about the products or services that you have shown an interest in.
Lawful Basis under the GDPR: Consent
Your Rights: To withdraw your consent, by clicking the unsubscribe link in the email or SMS message as applicable.
Activity: To improve your in-app experience and for marketing attribution.
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
Activity: To verify that your webform submission is a genuine request (only where your submission relates to a finance product or service).
Lawful Basis under the GDPR: Legitimate interests
Your Rights: You have the right to object to processing based on legitimate interests.
*Under the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), we send such emails on the basis of the existing customer (soft opt-in) exemption.
In each case where we have identified legitimate interests as the legal basis for our processing, we have conducted a legitimate interests assessment.
Your rights will be determined by the country in which you reside. If you reside in the European Economic Area or the United Kingdom, you have certain rights under GDPR in relation to your personal data. In relation to our site, and the service that we provide, those rights are set out in the table above. We further explain these rights, and your other rights, below.
Right of access – You have the right at any time to ask us for a copy of the personal information that we hold about you, and to check that we are lawfully processing it.
Right of rectification – If personal information that we hold about you is not accurate or is out of date and requires amendment or correction you have a right to have the data rectified or completed.
Right of erasure – In certain circumstances, you have the right to request that personal information we hold about you is erased (e.g. if the information is no longer necessary for the purposes for which it was collected or processed).
Right to object to or restrict processing – In certain circumstances, you have the right to object to our processing of your personal information. For example, if we are processing your information on the basis of our legitimate interests, and there are no compelling legitimate grounds for our processing which override your rights and interests.
Right of data portability – In certain instances, you have a right to receive any personal information that we hold about you in a structured, commonly used and machine-readable format.
Right to withdraw consent – In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You can exercise this right by contacting complaints@webuyanywindows.com.
Exercising your rights As explained above, you can exercise your right to withdraw consent by contacting complaints@webuyanywindows.com.
If you wish to exercise any of your other rights under the GDPR or if you wish to discuss our use of your data, please email us at complaints@webuyanywindows.com. Alternatively, you can write to us at the address set out above, or inform us if you speak with us on the phone.
Our lead supervisory authority for the processing set out in this Privacy Policy is the UK Information Commissioner’s Office (ICO). If you are unhappy with how we have processed your data, you have the right to make a complaint to the ICO.
If you have any questions regarding this Privacy Policy, or any questions relating to data protection or privacy, you can contact us at complaints@webuyanywindows.com.
Alternatively, you can write to us at the address set out in the ‘About Us’ section above.