California Notice at Collection
Effective date January 1, 2024
This is a summary of the collection and use of personal information about California residents by GAF Energy LLC and their direct and indirect subsidiaries (“Company,” “we,” “us,” or “our”). For more detail, you can read our Privacy Policy. This summary does not cover our handling of personal information (i) in our capacity as an employer, (ii) solely on behalf of a contractor or other third party, or (iii) in situations where the information is handled in deidentified form or is otherwise not subject to the “notice at collection” requirements of the California Consumer Privacy Act (“CCPA”).
Categories of Personal Information Collected
We collect the categories of personal information described below. We intend to retain this information for as long as we feel it is necessary for the purposes described further below, or for any longer period required by law. Because we may collect and use the same category of personal information for different purposes and in different contexts, there is not typically a fixed retention period that always will apply to a particular category of personal information. Examples of how long we normally intend to retain personal information in certain situations are set forth below.
| CATEGORY OF PERSONAL INFORMATION | EXAMPLES OF HOW LONG WE NORMALLY PLAN TO KEEP THIS INFORMATION |
|---|---|
| identifiers (e.g., name, mailing address, email address, phone number, username, and password); | If we collect a homeowner’s name or other identifiers as part of their warranty registration, we plan to retain it for the duration of the warranty and for a short period after that for related administration and sales purposes. If we instead collect an individual’s name when they sign up for marketing emails, we plan to retain it until they unsubscribe from those emails, and then for two years after that for analytics purposes (but we would keep their email address indefinitely to comply with their unsubscribe request). |
| financial information (e.g., income, bank account information, bank or credit card information, and payment information); | We retain most accounting related information for 12 years. |
| audio, electronic, visual, thermal, olfactory, or similar information (e.g., graphics, photographs, recordings of calls or meetings, and ambient conditions such as humidity or temperature;) | In some cases and for certain solar products, we reserve the right to collect and maintain energy generation, use, and storage for the duration of the warranty and for a short period after that for related administration, research and development, and product improvement purposes. If a contractor submits images of a property to us for assistance with planning an installation that then takes place, we may retain those images for the duration of the warranty and for a short period after that. |
| commercial information (e.g., records of transactions, records of training, and program status); | We retain many types of transaction records for five years after completion of the transaction, for auditing and customer support purposes. |
| internet or other electronic network activity information (e.g., browsing history, search history, and interactions with our emails and digital platforms (including downloads) and third party websites and applications), along with data used to generate such information, such as personally identifiable cookie information or personally identifiable device or browser information; | We retain the IP address associated with account logins for 90 days, though some systems store user IP Addresses for more extended periods, including for account authentication, fraud detection, and other cybersecurity purposes. |
| geolocation and precise geolocation data; | When we allow a QuickMeasure user to find a place on a map, using pin technology, we delete record of their precise geolocation within 30 days. |
| account login credentials; and | We retain data reflecting account credentials for the duration of the account, and may further retain them for fraud prevention and cybersecurity purposes |
| inferences drawn from any of the information identified above. | We often retain inferences for the same period of time for which we retain the underlying data. |
We use personal information for the following purposes:
- We use information to provide you with services, including, without limitation, on our digital platforms or in connection with our products and services, and to respond to your requests, inquiries, comments, and questions. We also use information to provide contractors and others with services.
- We use information to troubleshoot and improve our products and services, including, without limitation, our digital platforms. We may use the information we collect to customize your experience with us. We use information for online and offline marketing purposes. For example, we might use the information we collect to send you information about products, services or special offers that we believe may interest you. This might include information about upcoming contests or promotions. We may use the information we collect to deliver advertisements based on your activities on our digital platforms and third party websites and applications. For example, if you view one of our products on our website, you may receive a postcard or an online ad for that product or a related product on our digital platforms or on third party websites and applications. For more information see our Privacy Policy.
- We use information to communicate with you about your accounts, your subscriptions, or our relationship. For example, we might tell you about changes to our digital platforms or to your accounts or subscriptions with us. Or we might reach out to you and ask you to take a customer satisfaction survey.
- We may use the information we collect for analytical purposes, such as to better understand the interests and preferences of our customers, people who use our digital platforms, and people who buy our products and services. For example, we may use information to generate and analyze aggregate statistics about how users interact with our digital platforms.
- We use information as permitted or required by law and as otherwise disclosed to you. For example, we may use the information we collect to protect the rights and property of us, you, and others; to comply with any legal or regulatory obligations; to handle legal claims or disputes; or to otherwise operate our business.
“Sale” or “Sharing”
During the 12 months leading up to the effective date of this Privacy Summary, we “sold” and “shared” (as those terms are defined under the CPRA), commercial information (transaction data) and internet or electronic network activity (such as a record of a browser’s visit to our website) to marketing and advertising services to assist with such activities. This practice continues today. We do not “sell” or “share” personal information (as those terms are defined under the CCPA) if we have actual knowledge that the consumer is less than 16 years of age.