The THB Company ("THB," "Company," "we," "us," or "our") respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit thbcompany.com (the "Site"), submit a request through our contact or quote forms, or otherwise interact with us in connection with our HVAC testing, adjusting, and balancing (TAB) services.
This Policy is intended to address the disclosure requirements of the European Union General Data Protection Regulation (GDPR), the UK GDPR, and the comprehensive consumer privacy laws enacted by U.S. states. By using the Site, you acknowledge that you have read this Policy. If you do not agree with it, please do not use the Site.
1. Who We Are
315 Main St., Ste #204
Reading, MA 01867
Phone: (781) 944-7800
Email: tboussy@thbcompany.com
For purposes of the GDPR, The THB Company is the data controller responsible for personal information collected through the Site.
2. Information We Collect
A. Information You Provide to Us
When you submit our "Request a Project Quote" form, email us, or otherwise contact us, we may collect:
- Full name
- Company or organization name
- Email address
- Phone number
- The service(s) you are interested in (such as Air & Water Balancing, Life Safety Testing, Fire Damper Testing, Duct Testing, Building Commissioning, or FGI Testing)
- A description of your project and any other details you choose to share
- Any other information contained in correspondence you send us, by form, email, or phone
B. Information Collected Automatically
When you visit the Site, certain information may be collected automatically through your browser, server logs, cookies, and similar technologies, including:
- IP address
- Browser type and version
- Device type and operating system
- The pages you view, the date and time of your visit, and how long you spend on a page
- The page that referred you to the Site and the page you visit after leaving it
- Approximate location derived from your IP address
C. Information from Third Parties
We may occasionally receive limited information about you from third parties, such as a colleague or business contact who refers you to us, or publicly available professional information (for example, from a company website or professional networking profile) that helps us respond to your inquiry.
D. Information We Do Not Collect
We do not knowingly collect Social Security numbers, government identification numbers, financial account or payment card numbers, precise geolocation, health information, biometric information, or other sensitive categories of personal information through the Site. If you include such information in a message to us, we will use it only as necessary to address your inquiry and will not retain it longer than needed.
3. How We Use Your Information
We use the personal information described above to:
- Respond to quote requests, questions, and other inquiries
- Prepare proposals and estimates, schedule projects, and deliver our TAB services
- Communicate with you about your project, including scheduling, reporting, and follow-up
- Maintain records of our business relationships
- Operate, maintain, secure, and improve the Site
- Understand how visitors use the Site so we can improve its content and performance
- Detect, investigate, and prevent fraud, abuse, or technical issues
- Comply with applicable laws, regulations, and legal process
- With your consent, send you marketing communications about our services, which you may opt out of at any time
4. Cookies and Similar Technologies
The Site may use cookies and similar technologies to operate properly and to help us understand how visitors use it. These may include:
- Essential cookies, which are necessary for the Site to function and cannot be switched off
- Analytics cookies (for example, [Google Analytics or a similar tool, to be confirmed]), which help us understand visitor traffic and usage patterns on an aggregate basis
- Embedded third-party content, such as the Google Map embedded on our Contact page, which may set its own cookies in accordance with Google's privacy policy
You can control or delete cookies through your browser settings. Most browsers allow you to refuse or delete cookies, though doing so may affect the functionality of the Site. Where required by applicable law, we will request your consent before placing non-essential cookies and provide a way to manage your preferences.
5. How We Share Your Information
We do not sell or rent your personal information to third parties. We may share personal information with:
- Service providers who perform services on our behalf, such as website hosting, email delivery, IT support, customer relationship management, and website analytics, under contractual obligations to protect your information and use it only for the purposes we specify
- Professional advisors, such as our accountants, auditors, or attorneys, as needed
- Government authorities, regulators, or other third parties, where we believe disclosure is necessary to comply with a legal obligation, protect our rights or property, or protect the safety of our employees, customers, or the public
- A successor organization in connection with a merger, acquisition, reorganization, financing, or sale of all or part of our business
6. Data Retention
We retain personal information for as long as reasonably necessary to fulfill the purposes described in this Policy, including responding to your inquiry, maintaining our business relationship and project records, and meeting our legal, accounting, insurance, and recordkeeping obligations. When personal information is no longer needed for these purposes, we take reasonable steps to delete or anonymize it.
7. Data Security
We maintain reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, use, disclosure, alteration, or destruction. No method of transmission over the internet, or method of electronic storage, is completely secure, and we cannot guarantee absolute security.
8. Your Privacy Rights Under the GDPR (European Economic Area, UK, and Switzerland)
If you are located in the European Economic Area, the United Kingdom, or Switzerland, the following additional terms apply to you.
Legal Bases for Processing
We process personal information on one or more of the following legal bases:
- Consent, where you have given us consent (for example, to receive marketing communications), which you may withdraw at any time
- Performance of a contract, where processing is necessary to respond to your request or provide services you have asked for
- Legitimate interests, where processing is necessary for our legitimate business interests, such as operating and improving the Site or maintaining business relationships, provided those interests are not outweighed by your rights and freedoms
- Legal obligation, where processing is necessary to comply with applicable law
Your Rights
Subject to applicable conditions and exceptions, you have the right to:
- Access the personal information we hold about you
- Request that we correct inaccurate or incomplete personal information
- Request that we erase your personal information
- Request that we restrict the processing of your personal information
- Receive a copy of your personal information in a portable format, or request that we transmit it to another organization
- Object to our processing of your personal information, including processing based on legitimate interests
- Withdraw consent at any time where processing is based on consent
We do not use your personal information to make decisions based solely on automated processing that produce legal or similarly significant effects.
International Data Transfers
Because we are based in the United States, any personal information you provide to us will be transferred to, stored, and processed in the United States. The United States may not have data protection laws equivalent to those in your home jurisdiction. Where required, we rely on appropriate safeguards, such as the European Commission's Standard Contractual Clauses, to protect personal information transferred internationally.
Right to Lodge a Complaint
You have the right to lodge a complaint with the data protection supervisory authority in your country of residence, place of work, or the place where an alleged infringement occurred.
9. Your Privacy Rights Under U.S. State Privacy Laws
A number of U.S. states have enacted comprehensive consumer privacy laws, including (as of this Policy's last update) California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Rhode Island, Tennessee, Texas, Utah, Virginia, and Arkansas. If you are a resident of one of these states, you may have some or all of the following rights, depending on the law that applies to you:
- The right to confirm whether we process your personal information and to access that information
- The right to correct inaccuracies in your personal information
- The right to request deletion of your personal information
- The right to obtain a copy of your personal information in a portable format
- The right to opt out of the sale of your personal information
- The right to opt out of the use of your personal information for targeted advertising
- The right to opt out of profiling that produces legal or similarly significant effects
- The right to limit the use or disclosure of sensitive personal information
- The right to appeal our response to a privacy request
- The right not to be discriminated against for exercising any of these rights
Categories of Personal Information We Collect
The table below describes the categories of personal information we collect, consistent with the categories identified under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and similar state laws.
| Category | Examples | Do We Collect It? | Source | Purpose |
|---|---|---|---|---|
| Identifiers | Name, email address, phone number, IP address | Yes | Directly from you; automatically from the Site | Respond to inquiries, provide services, operate the Site |
| Commercial information | Services requested, project details | Yes | Directly from you | Prepare proposals, deliver services |
| Internet or network activity | Pages viewed, browsing behavior on the Site | Yes | Automatically, through cookies and analytics | Improve and secure the Site |
| Professional or employment information | Job title or employer, if provided | Yes, if voluntarily provided | Directly from you | Respond to inquiries, prepare proposals |
| Geolocation data | Approximate location from IP address | Yes (approximate only) | Automatically from the Site | Site analytics |
| Sensitive personal information | Government IDs, financial account numbers, precise geolocation, health information, biometric data | No | Not applicable | Not applicable |
| Inferences | Profiles reflecting preferences or characteristics | No | Not applicable | Not applicable |
We do not sell personal information and do not use personal information for cross-context behavioral or targeted advertising. As a result, "opt out of sale" and "opt out of targeted advertising" requests are generally not applicable to our practices, but you may still submit such a request and we will confirm this in our response.
California Residents
In addition to the rights listed above, California residents have the right to know the categories of personal information we have collected, used, disclosed, and (if applicable) sold or shared for cross-context behavioral advertising over the preceding twelve months, as described in the table above. We have not sold or shared personal information for cross-context behavioral advertising in the preceding twelve months.
Under California's "Shine the Light" law, California residents may request information once per year about our disclosure of personal information to third parties for their own direct marketing purposes. We do not share personal information for this purpose.
Nevada Residents
Nevada law permits residents to submit a request directing us not to sell certain "covered information," as defined under Nevada Revised Statutes Chapter 603A. We do not sell covered information, but Nevada residents may still submit such a request to the contact information below, and we will treat it as an opt-out preference for the future.
Sensitive Health and Biometric Data Laws
Some states, including Washington, have enacted laws specifically addressing the collection of consumer health data (such as Washington's My Health My Data Act) or biometric identifiers (such as the Illinois Biometric Information Privacy Act and similar laws in Texas and Washington). We do not collect consumer health data or biometric identifiers through the Site.
Global Privacy Control
We honor the Global Privacy Control (GPC) signal, where legally required, as a valid request to opt out of the sale or sharing of personal information from browsers or devices that send that signal.
How to Exercise Your Rights
To submit a request to exercise any of the rights described above, you may contact us at:
Phone: (781) 944-7800
Mail: The THB Company, 315 Main St., Ste #204, Reading, MA 01867
We may need to verify your identity before responding to your request, using information you have already provided to us or by requesting additional information reasonably necessary to verify your identity. You may designate an authorized agent to submit a request on your behalf, subject to our ability to verify the agent's authority to act for you.
We will respond to verifiable requests within the time frame required by applicable law, which is generally forty-five days, with the possibility of a one-time forty-five-day extension where reasonably necessary. If we decline to act on your request, you may appeal that decision by emailing us at tboussy@thbcompany.com with the subject line "Privacy Rights Appeal" and a description of your original request and our response.
10. Children's Privacy
The Site is intended for business audiences and is not directed to children. We do not knowingly collect personal information from children under the age of thirteen, consistent with the Children's Online Privacy Protection Act (COPPA), or from individuals under the age of consent established by applicable state law. If we learn that we have collected personal information from a child without parental consent, we will take steps to delete that information.
11. Third-Party Links and Embedded Content
The Site may contain links to third-party websites and embedded content, such as a Google Map on our Contact page. We are not responsible for the privacy practices or content of any third-party websites or services. We encourage you to review the privacy policies of any third-party sites you visit.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Any changes will be posted on this page with a revised "Last Updated" date. We encourage you to review this Policy periodically.
13. Contact Us
If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:
315 Main St., Ste #204
Reading, MA 01867
Phone: (781) 944-7800
Email: tboussy@thbcompany.com