1. Information We Collect

We may collect the following categories of personal information:

• Identity & Contact: Name, phone number, email address, service address, billing address.
• Service Details: HVAC system type, issue descriptions, preferred appointment times, warranty status, maintenance history (if provided).
• Transactional: Service order details, invoices, payment confirmations (payment card data is processed by third‑party processors, not stored by us).
• Communications: Messages sent through forms, emails, call notes, customer support inquiries.
• Form Submission Content: Data you enter into basic Elementor contact / quote request forms (typically: name, email, phone, address, free‑text message). We do not intentionally request payment card or highly sensitive personal data via forms.
• Marketing Preferences: Newsletter opt‑in status, consent logs.
• Technical / Usage: IP address, device type, browser type/version, pages viewed, referring/exit pages, timestamps, approximate geolocation (city/region), interaction events.
• Cookie & Analytics Data: Session identifiers, campaign parameters (UTM), search queries leading to the site (aggregated via Google Search Console).
• Social / Third-Party Lead Sources: Lead IDs or tracking parameters if you contact us via ads or partner directories.

2. Sources of Data

• Direct: Forms (quote request, contact, scheduling), phone calls, emails, chat.
• Automated: Cookies, analytics scripts, server logs.
• Third Parties: Advertising networks (e.g., Google Ads), analytics providers (e.g., Google Analytics via Google Site Kit), Google Search Console (via Site Kit), referral platforms, financing partners (if applicable).

3. Cookies & Tracking Technologies

We use first‑party and third‑party cookies and similar technologies (pixels, tags, local storage) to:

• Operate core site functionality
• Measure site performance and user engagement
• Improve navigation and content relevance
• Track marketing attribution and ad campaign performance

You can adjust browser settings to refuse or delete cookies. If required by your jurisdiction, we will present a consent banner for non‑essential cookies.

Analytics: We use Google Analytics and Google Search Console. Data is aggregated; we do not combine it with directly identifiable records for profiling beyond operational marketing optimization.

Google Site Kit: We utilize the Google Site Kit plugin to connect our WordPress installation to Google Analytics 4, Google Search Console, and related Google services. Site Kit surfaces aggregated metrics inside the WordPress admin; it does not add additional tracking beyond the underlying Google scripts we configure. Where available, we enable IP anonymization / masking features (adjust within your GA4 settings if needed).

Advertising (if enabled): Remarketing or conversion tags may set cookies to deliver or measure ads. You can opt out via AdChoices and Google’s Ads Settings.

4. How We Use Information

• Provide, schedule, and manage HVAC services
• Prepare quotes and respond to inquiries
• Send service confirmations, updates, and follow‑ups
• Improve website performance and user experience
• Maintain security, prevent fraud, and diagnose issues
• Comply with legal and regulatory obligations
• Perform analytics, reporting, and forecasting
• Send marketing communications (with required consent where applicable)
• Maintain internal customer records and service history

5. Legal Bases for Processing (EU/UK)

• Contract: Processing necessary to deliver requested services.
• Legitimate Interests: Site optimization, limited direct marketing, fraud prevention (balanced against your rights).
• Consent: Non‑essential cookies, certain marketing messages.
• Legal Obligation: Tax, accounting, compliance recordkeeping.
• Vital Interests: Very rarely, to protect life/safety in urgent scenarios (e.g., dangerous equipment issues relayed to emergency services).

6. Sharing & Disclosures

We do not sell personal information. We may share limited data with:

• Service & Technology Providers: Hosting, email delivery, analytics, CRM, scheduling tools.
• WordPress & Plugin Ecosystem: Elementor (for basic form rendering and optional local storage of submissions in the WordPress database) and Google Site Kit (facilitates integration with Google services). Form submissions may be emailed to our internal address and stored in the site database until purged (see Retention).
• Payment & Financing Partners: If you choose financing or pay electronically (processed securely by third parties).
• Marketing & Advertising Partners: Only aggregated or pseudonymized data when feasible.
• Professional Advisers: Legal, accounting, insurance, compliance consultants.
• Authorities / Legal Requests: When required by law, subpoena, or to enforce agreements.
• Business Transfers: Merger, acquisition, asset sale (subject to continuity of protections).

7. Data Retention

We retain personal information only as long as necessary for the purposes described or as required by law (e.g., tax and service records). Typical retention for service inquiries is 24–48 months unless an active customer relationship continues. Elementor form submissions stored in WordPress are reviewed and ordinarily purged within 24 months (earlier if no ongoing relationship). Email copies may persist in secured archives subject to legal holds. Core customer and transaction records needed for accounting/tax may be retained up to 7 years. Aggregated analytics data (without direct identifiers) may be stored longer for trend analysis.

8. Data Security

We implement administrative, technical, and physical safeguards appropriate to risk, including HTTPS encryption in transit, access controls, principle of least privilege, and periodic review of third‑party tools. No system is 100% secure. If we become aware of a data incident affecting you, we will notify you in line with applicable law.

9. Your Privacy Rights

Your rights depend on your jurisdiction. Subject to verification, you may request to:

• Access a copy of personal information we maintain about you
• Correct inaccurate or incomplete data
• Delete data (subject to legal/operational exceptions)
• Restrict or object to certain processing
• Withdraw consent where processing is based on it
• Receive data in portable format (where applicable)
• Opt out of marketing communications at any time (links in emails or by contacting us)

California (CPRA): You may also request disclosure of categories of personal information collected, sources, purposes, and third parties disclosed to in the preceding 12 months, and opt out of sharing for cross‑context behavioral advertising (if we engage in such practices). We do not knowingly sell personal information.

To exercise rights, see Contact Us. We may request information to verify your identity. Authorized agents may submit requests with appropriate documentation.

10. International Transfers

Our primary operations are in the United States. If you are located outside the U.S., your information may be transferred, processed, and stored there. Where required, we implement appropriate safeguards (e.g., Standard Contractual Clauses for EEA/UK data).

11. Children’s Privacy

Our Services are not directed to children under 13 (or the equivalent minimum age in your jurisdiction). We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us to request deletion.

12. Do Not Track

Our site does not currently respond to browser Do Not Track (DNT) signals. We will update this section if that changes.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be indicated by an updated Last Updated date and, where required, additional notice (e.g., banner or email). Continued use of the Services after changes signifies acceptance.

14. Contact Us