This Privacy policy was last updated on 10/9/2023
At New Leaf Heat Pumps we take your privacy extremely seriously and we will never sell or share your Personal Information with anyone outside of New Leaf Heat Pumps. We use your Personal Information – information which you consent to give us – only and exactly as we need to in order to fill your orders and stay in communication with you. You have the right to review and manage this information at any time, with complete control over updating, deleting, or otherwise changing any of it.
Please note that when you place an order, or create an account, or sign up for email notifications, what you are doing is submitting your information to New Leaf Heat Pumps voluntarily. That means you are giving us your consent to communicate with you using this medium (email). What we promise, is never to knowingly use your Personal Information in any way that might compromise your privacy, or the information’s security. The full terms of our use of your information is explicitly set out in this Privacy Policy.
If you still have any questions or privacy concerns after reading our Privacy Policy, please contact us at:
New Leaf Heat Pumps
Attn: Privacy Officer
garrett@newleafheatpumps.com
Ticonderoga, NY 12883
We collect information that can be used to identify you in these ways: 1) if you create an account, even if you don't purchase anything; 2) if you create an account on checkout during purchase; 3) if you check out as a guest; 4), if you subscribe to receive our promotional emails.
Created Accounts. When you create an account, whether or not you purchase anything, we collect your name, email address, regular address. If you make a purchase, you also create an order history. You can access this order history along with your personal details at any time. All you have to do is log into your account.
Guest Checkouts. When you check out as a guest, we collect your name, email address, regular address. Checking out as a guest is different from creating an account only in that you don't have access to an order history. Moreover, no one can use your account fraudulently because you do not have an account on the Frontend. Your personal information however, is the same, whether guest or account, and we do hold onto this information on our customer service backend. We need this information in order to process and ship your orders to you. You can of course ask us to remove this information by emailing us at brian@New Leaf Heat Pumps.com.
Email Subscription. We use the services of Mailchimp to send email group emails not directly related to your specific purchase or account. Mailchimp is one of the leading providers of email software and participates in the EU-US and Swiss-US Privacy Shield Framework, which is a framework agreement between the United States and member countries to ensure Privacy accountability on the part of member organizations. To learn more about the EU-US Privacy Shield program, and to view Mailchimp’s certification, please visit the U.S. Department of Commerce site at Privacy Shield. Mailchimp is firmly committed to your privacy.
When you subscribe to receive our Newsletter emails – that is, when you opt-in – we collect your name and email address. Note that only first name and email address are required. Please note that the opt-in is checked by default when you reach customer checkout. You will need to uncheck it, or you can simply unsubscribe later when you do receive email from us.
When you create an account, whether or not you make a purchase, or if you check out as a guest, you are also automatically added to our Communication List so that we can keep in touch with you. This is important because from time to time it may be necessary to inform all our customers, as a group, of changes or other critical activities at New Leaf Heat Pumps, including updates to this Privacy statement. Occasionally, if we feel you may be happy to hear about some important special, we may also use this list to communicate with you. We'd rather risk your displeasure by sending the communication than have you be outright angry because we had an awesome sale and no one bothered to tell you. For more on how you can manage your Communication List, see "How to manage your personal information on New Leaf Heat Pumps" below.
With respect to email communications in general, whether it is Newsletter, the Communications List, or any other, note that in using Mailchimp we also may collect information regarding your interaction with e-mails we send, such as whether you opened, clicked on, or forwarded a message. This data adds nothing to your privacy information and in no way has an impact on it, nor can it be used on its own to identify you, but only helps us to better understand if you did receive our email and if it was in some sense useful to you.
Beyond the above, we DO NOT collect any other information that can be used to identify you.
Information that cannot be used to identify you is information that we collect automatically, as part of the normal operation of our servers and of the “Internet” in general, which requires that certain information be logged. None of this information can be used to identify you personally.
Analytics. When you visit New Leaf Heat Pumps, we use a third party service, Google analytics, to collect standard internet log information and details of visitor behavior. We do this to find out things such as the number of visitors to the website, what pages they visit, where they're coming from, and if they're looking at the website on their phones or a desktop computer. This helps us make decisions about how to make the website better for those same visitors. At no point is personal information about you collected. You are anonymized, with no hope of identifying who you are on the basis of this information, not by New Leaf Heat Pumps, and not by Google.
System Info. When you place an order, create an account, or contact us, in addition to your personal information, we also collect some anonymous data. This data includes your IP Address, and information about how you interacted with New Leaf Heat Pumps – whether you reached us with a phone call or by visiting our storefront, and whether you used a desktop or a mobile device. This information is completely anonymous. It, and your personal information, are not "automatically" tied together outside of your order details. Nor is this information included in your personal store account but is instead kept in server logs. Servers logs do not contain personally identifying data but only machine performance data. In other words, this anonymous data cannot be used to identify you in any way. Nor can we delete it, because it is part of the system logs, not part of your order history or customer profile. To give you an example: we collect IP Addresses. IP Addresses are used to identify where you connected to the Internet. But they don’t tell us anything about who did the connecting. Every time you log into a public WiFi, or into your home Network, that WiFi and that Network have an IP Address. So we know where you’re coming from. What we don’t know is who is coming from there – i.e., John Smith at such and such an IP Address. IPs are simply how machines communicate with each other.
Cookies. Cookies are small text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity as well as to help us improve our service. It is also used to make your shopping experience better by, for example, remembering you in our loyalty program after you log in, or remembering what you put in your shopping cart.
Some cookies are necessary for you to be able to actually shop – cookies, for example, remember who you are as you go from page to page, log in, proceed to checkout. Without these cookies, you wouldn’t be able to buy anything, not just from New Leaf Heat Pumps, but from Amazon or anywhere else.
Some cookies, called third-party cookies, while not necessary as described above, are set by our Analytics program. These are used to get statistical data about how the website is doing. We use that data to improve the site. Ultimately, it helps us help you shop more easily.
Cookies do NOT install program code in your browser; they’re just bits of text. And in general, cookies also do not carry or extract personally identifiable information – they won’t carry your name, for example; just browser data. Allowing cookies is also fully under your control. You may change your cookie settings at any time in your browser, including choosing not to accept any cookies from any website at all. Note however, that if you disallow all cookies, you won’t be able to checkout on New Leaf Heat Pumps, and your experience on other websites will also suffer.
Our obligation is to let you know that we do use cookies, and to make it clear that these cookies do not harvest your personal data. If you are in the EU, then you will also get a notice the first time you visit our site, asking if you want to opt out of our third-party Analytics cookies. We hope that you will accept them, mostly because it helps us make our website better for you. But you don't have to accept them, and your shopping experience will still be just fine.
Regular Payment Processing. Note that we do NOT store credit cards in any way, nor directly handle credit card transaction information during your regular checkout, nor can we ever see your credit card details during these checkouts. Your payment is processed by our credit card processing vendor, Paypal, in conjunction with your credit card issuer or bank.
Paypal itself uses the strongest possible security measures to protect your information both during the transaction and after it is complete. Paypal is certified as fully PCI DSS compliant, as well as compliant with all card association security initiatives, including the Visa Cardholder Information Security and Compliance (CISP), MasterCard® (SDP), and Discovery Information Security and Compliance (DISC).
Please note that payment processing is also subject to the terms, conditions, and privacy policy of the Payment Processor (Paypal) and of your credit card issuer or bank in addition to this Privacy Policy. This gives your information an additional layer of security.
Note as well that New Leaf Heat Pumps is not responsible for any errors made by the Payment Processor. However, we are happy to help to any extent possible in case of such an error, and will obtain all transaction details that Paypal makes available in effort to address the problem. Any such details New Leaf Heat Pumps obtains, where they may be personally identifying information, we will use solely in accordance with our Privacy Policy.
Call-In Orders. Sometimes you may prefer to call in an order instead of going through the checkout process. In this case we are happy to complete the order for you and will do so by logging into your account (or creating you a new one) from our customer service backend in order to complete the transaction. To complete the order, we will need your credit card information, which we will take over the phone. Please note that we do not write this information down or store it in any way. Beyond completing the transaction at your request, your purchase is subject to exactly the same terms described in the four preceding paragraphs.
IMPORTANT: Note that we do not accept credit card information submitted by email, text, or any other written method, and that if we do receive such, we will not use it and will delete or destroy it right away.
We collect the Personal Information listed above to help us fill your orders, to bring you sales at New Leaf Heat Pumps that you might find of interest, to communicate with you about your order or account, or to let you know what's happening at New Leaf Heat Pumps. We collect the Information that CANNOT be Used to Identify You to make our technology systems better, and to make our product catalog and customer service better, so that we might serve you better. Beyond that, we have no other purpose for the information, nor do we collect any information that is not related to the aforementioned.
There are only two ways in which we use the personal information we collect about you. One, to fill your orders – at which time we have no choice but to share your delivery information with the shipping service. Two, to communicate with you, either to notify you personally about something concerning your order, your account, or changes at New Leaf Heat Pumps; or to send you our specials, if you have signed up to hear about these.
Beyond using your personal information as just described, note that we do hold onto that information and do not delete it unless you ask us to. This information is part of your store account if you have created one, or if you have completed checkout during purchase, and it consists of your personal details including your name, email, and address, along with your order history. What we do not keep – and never have access to – are your financial details, including credit or bank cards, social security number or other legal identifier that the payment processor might request.
Please note that if a law enforcement agency requests it, we may be required to share your information with the requesting agency. This is not voluntary; we don't have a choice in this.
Hardware, software, transport protocols, and general systems security. The entire New Leaf Heat Pumps site – not just checkout – is protected with our private SSL (this is different from and much more powerful than shared SSL). SSL ensures that the transport of information across the site and back and forth between payment systems or when submitting personal information is encrypted and stays secure. You may view our certificate at any time by clicking the green lock or bar in your browser, which is to the left of the URL field (where you see our domain name at the top of your browser).
The New Leaf Heat Pumps shopping system is comprised of software, this software sits on servers. The software we use is delivered SaaS (Software as a Service) by BigCommerce and it sits on their servers. BigCommerce is one of the leading shopping systems anywhere and takes security exceptionally seriously. BigCommerce is Certified LEVEL 1 PCI DSS compliant. LEVEL 1 is the highest form of compliance available. BigCommerce in turn does not share your personal information (where you are considered our customer) with any third parties.
Additionally, BigCommerce participates in the EU-US and Swiss-US Privacy Shield Framework, which is a framework agreement between the United States and member countries to ensure Privacy accountability on the part of member organizations. To learn more about the EU-US Privacy Shield program, and to view BigCommerce’s certification, please visit the U.S. Department of Commerce site at Privacy Shield.
Personnel. Our people are required to conduct themselves in a manner consistent with the company’s guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards. Before we hire someone who may come in contact with your information, we conduct reasonably appropriate background checks to the extent legally permissible and in accordance with applicable local labor law and statutory regulations.
Our people also have to sign a confidentiality agreement and must acknowledge receipt of, and compliance with, New Leaf Heat Pumps' confidentiality and privacy policies. We provide them with security training, and with handling our customer's personal data if and when they have to. Note that only a very few of our personnel will ever come into contact with your personal data – those concerned with filling your order; all others cannot access it without specific authorization.
First, Your General Privacy Rights
You have the right to ask us if we hold any Personal Information about you and if so, to request a copy of that information. You also have the right to ask us to remove or correct any Personal Information which you consider inaccurate. With the exception of orders you have placed, you may also remove or update this information yourself. Below, we will show you where this information can be found and how you can manage it. If you have created an account at any point but made no purchases, you can request that we remove the entire account and all its associated information. It is your right to be forgotten. To do so, please send your request and any comments you may have regarding your privacy to brian@New Leaf Heat Pumps.com.
Manage Your Store Account
Your store account contains all information you submit to us, including name, email, delivery and/or billing address, and birth date if applicable. It also contains your purchase history if you've made purchases. To change submitted information, sign in to New Leaf Heat Pumps , go to "Account Settings" to update personal data, or go to "Addresses" to update address information.
If you would like to delete your entire account, which will also delete your purchase history and any or all data we have on you right across our system, please email us at brian@New Leaf Heat Pumps.com. Note that this cannot be undone. Note as well, that although your purchase history is deleted, the orders themselves cannot be deleted, even if they are cancelled orders. Instead, they are archived, which also means they are no longer visible in our Orders History.
Manage Your Information as a Guest Checkout
If you check out as a guest, note that we have your information, which includes your order history, on our customer service backend. What doesn’t exist, is an account on the frontend (the website) for you to log into. We can of course remove this backend information for good, although we cannot remove your orders. We can only archive them. If you’d like to see your Guest Checkout information go, please email us with your request at brian@New Leaf Heat Pumps.com. Again, this cannot be undone.
Manage Your Newsletter Emails
The Newsletter list is an opt-in email list in which you agreed to receive emails on our specials whenever we send them. You may opt out of this list at any time by using the UNSUBSCRIBE link in any of the Communications emails you have received. If you opt out, and later change your mind, you can subscribe again at any time.
You may also contact us at brian@New Leaf Heat Pumps.com to request complete removal from the list, not just unsubscribe. The differeence between unsubscribe and complete removal is that with unsubscribe your information remains in our system, although it is never used again. If you request complete removal, we will delete all your information from the list. Note that this cannot be undone.
Product Review Emails
If you have purchased from us, 5-10 days after you receive your merchandise you will receive an email asking you to review the products you purchased. If you don't want to receive these on future purchases all you have to do is unsubscribe at the bottom of the review email and you will never receive one of these emails again.
Bear in mind that this email is not part of any mailing "list" but part of the normal operation of our shopping system. We cannot delete this information without deleting your entire account at New Leaf Heat Pumps (which we will be happy to do if you request this – see "Manage Your Store Account" above). Instead, what happens is that a new piece of information is added to your account, and this information says, "do not email me with product review requests."
New Leaf Heat Pumps System Emails (Communication List)
We may occasionally send customers an email with updates about our shopping system, new features, updates to terms or privacy, or other transactional emails. This email affects all customers who have an account with us and it is a "list" email we maintain on Mailchimp. It is part of the normal and necessary operation of our shopping system and your addition to this list is therefore automatic if you have created an account with us, or if you have purchased from us, even if you check out as a guest. That’s because your purchase action or account creation action automatically creates a business relationship between you and New Leaf Heat Pumps, and such a relationship will likely require communication.
You may opt out from receiving these emails by using the UNSUBSCRIBE link in any of the emails we send, and we will never contact you again. The only exception would be an emergency – and this is not something we can currently foresee. You may also request that we delete you from the list entirely, but to do so we have to delete your entire account and/or order history on New Leaf Heat Pumps. If this is your wish, email us with your request at garrett@newleafheatpumps.com. Note that this cannot be undone.
For Any of the Above
If you'd prefer to have us handle any of the above on your behalf, or if you have additional concerns, please email us at garrett@newleafheatpumps.com.
We may occasionally update this Policy. When we do, we will also revise the “last updated” date at the beginning of the Privacy Policy. Your continued use of New Leaf Heat Pumps after such changes will be subject to the then-current policy. If we change this Privacy Policy in a manner that is less strict in terms of our use or disclosure of your Personal Information, we will make every effort to notify you of the change and to obtain your consent prior to applying the change to any Personal Information that we collected from you prior to the date the change becomes effective. We encourage you to periodically review this Privacy Policy to stay informed about how we collect, use, and disclose Personal Information.