Let’s talk

Privacy Policy

This Privacy Policy (the “Privacy Policy” or “Policy”) describes Wint.ai Ltd. (“Wint”, “we”, “our”, or “us”) practices for processing Personal Data on our applications, software, and services accessible on or by domains owned by Wint (collectively, our “Services”) and on our public website at https://wint.ai/ (“Website”).

When we use the term “Personal Data” in this Privacy Policy, we mean information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, to an individual.

We collect, use, process, share and store the following categories of Personal Data:

  1. “Direct Consumer Data” means any Personal Data of our private customers’ who directly engage with Wint (hereinafter, “Direct Consumer”).
  2. “Business Contact Data” means Personal Data concerning our business customers’, partners’, distributors’ and supplier’s internal persons and representative of any legal entity who directly or indirectly engage with Wint (hereinafter, “Business Contact”).
  3. “Indirect Consumer Data” means Personal Data concerning end consumer of our business customers, partners or distributors (hereinafter “Indirect Consumers”).
  4. “Website Visitor Data” means Personal Data concerning any individual who enters and interacts with our Website (hereinafter “Website Visitors”).

We processes these categories of personal data differently because the direct relationship we have with our direct consumer, is different from the indirect relationship we have with the End Consumer of our business customers, distributors and partners (Indirect Consumer).

Read this Policy and make sure you fully understand our practices in relation to your Personal Data, before you access or use our Services or Website. If you opposed to our practices, you must immediately leave this Website, and avoid or discontinue all use of the Services. If you have further questions or concerns regarding this Privacy Policy please contact us at: [email protected]

This Privacy Policy is divided into the following sections:

Section 1 DATA CONTROLLER/DATA PROCESSOR
Section 2 PERSONAL DATA YOU PROVIDE US OR WE COLLECT WHEN YOU VISIT OUR WEBSITE AND PURPOSES.
Section 3 PERSONAL DATA WE COLLECT WHEN YOU USE OUR SERVICES AND PURPOSES
Section 4 COOKIES
Section 5 WITH WHOM DO WE SHARE YOUR PERSONAL DATA?
Section 6 TRANSFER OF PERSONAL INFORMATION OUTSIDE YOUR TERRITORY
Section 7 RIGHTS REGARDING PERSONAL DATA
Section 8 DATA RETENTION
Section 9 INFORMATION SECURITY
Section 10 AGE RESTRICTION
Section 11 CHANGES TO THIS PRIVACY NOTICE
Section 12 CONTACT

1. DATA CONTROLLER/DATA PROCESSOR

The Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“GDPR“) distinguishes between the data controller, who determines the purposes and means of processing; and the data processor, who processes the data on behalf of the data controller. Below we explain how these roles apply to our Websites and Services. If you are a Consumer of ours, we processes personal data in different ways when you use our products and services:

  1. When Direct Consumer enters into a service agreement directly with us (i.e., B2C relationship), we process Direct Consumer Data for ours own purposes, as an independent data controller and we assume the responsibilities of data controller, as set forth in this Privacy Policy detailed in section ‎3.
  2. When the consumer does not enter into a service agreement directly with us but rather through a distributor or other legal entity (i.e., B2B relationship), we process Indirect Consumer Data as a data processor and on behalf of our distributor or our business customer, as applicable, who is the data controller of such data. In this case we processes Indirect Consumer Data strictly in accordance with our distributor or our business customer’s reasonable instructions. Some of this Indirect Consumer Data is processed by Wint as an independent controller, as set forth in this Privacy Policy and detailed in section ‎3.

Wint is the data controller of Business Contact Data. With respect to such data, we assume the responsibilities of data controller, as set forth in this Privacy Policy. In such instances, our service providers processing such data will assume the role of data processor.

Our business customers, partner and distributor are solely responsible for determining whether and how they wish to use our Services, and for ensuring that all individuals using the Services on their behalf or at their request, as well as all Indirect Consumer Data that may be included through the Services (whether Wint is a processor regarding such data), have been provided with adequate notices and given informed consent to the processing of their Personal Data, where such consent is necessary or advised, and that all legal requirements applicable to the collection, recording, use or other processing of data through our Services are fully met concerning such Indirect Consumer Data.

2. PERSONAL DATA YOU PROVIDE US OR WE COLLECT WHEN YOU VISIT OUR WEBSITE AND PURPOSES.

2.1. Personal Data that you provide us with

In some places on our public-facing websites, you can fill out web forms to ask to be contacted by our team. We will ask you for the following categories of Personal Data:

  • Identification data (e.g., first name, last name, country);
  • Contact details (e.g., email, phone number, type of business);
  • Professional data (e.g., company’s name, job title);
  • Free text (comments). Please be thoughtful about what information you share with us. While we will take appropriate measures to protect your Personal Data you share with us, it is best to avoid sharing any personal or other sensitive information in these communications not necessary for us to assist you with your request.

The provision of certain types of Personal Data may be necessary or optional, depending on your requests. Mandatory data will be marked as such at the moment of collection of your Personal Data. If you refuse to provide mandatory data, Wint may not be able to reply to your contact request.

2.2. Personal Data that we collect automatically from you

Each time you visit our Website we may automatically collect the following data through cookies and other tracking technologies:

  • Internet or other electronic network activity information (e.g., Internet protocol (IP) address; date and time of the visit; time and length of visits to certain pages; page interaction information, such as scrolling, clicks, and mouse-overs; methods used to browse away from the page; traffic data; location).

This data is necessary for the proper functioning of the Website, enhancing your experience, analyze Website usage, and provide you with personalized content and ads.

For more information on the cookies we use and your cookie choices, please see section 4 below.

2.3. For what purposes do we use your Personal Data?

  • In order to submit the “contact” and “partners” forms, candidate forms or other online forms on our Website, These means of communication are intended to allow us to contact you and respond to your inquiries and to evaluate your job application. Please note that at all times, you may choose whether or not to provide or disclose Personal Data and please do not provide any more Personal Data than is needed for us to contact you. The processing of such Personal Data for these purposes is based on legitimate interest of Wint in handling the contact and partner requests and job application sent to it.
  • We may also use the data collected in a de-identified form and process such data for the following purposes: (1) to better understand user needs on an aggregated basis, in order to further develop, customize and improve our Website based on Visitors’ preferences, experiences and difficulties. (2) to monitor and analyze your use of the Website for technical administration and troubleshooting of the Website. (3) For commercial research and further development. (4) For improving the Website by creating system analytics and statistical data. (5) to compile and aggregate statistical trends. (6) to create aggregated statistical data and other aggregated and/or inferred information, which we or our business partners may use to provide and improve our Website or our business partner’s services. The processing of such Personal Data for these purposes is based on the legitimate interest of Wint in improving its Website and user’s experience.
  • We may also use such Personal Data in the event of pre-litigation or litigation (e.g., to take action against any identified security breach; to manage any dispute or litigation.) The processing of Personal Data for these purposes is based on legitimate interest of Wint in defending its rights and interests.
  • We may also use such Personal Data to comply with legal and regulatory obligations (e.g., to perform any reporting and notifications obligations we may be subject to, to competent governmental agencies and authorities; to process your requests to exercise your rights.). The legal basis is the legal and regulatory obligations to which Wint is subject.

3. PERSONAL DATA WE COLLECT WHEN YOU USE OUR SERVICES AND PURPOSES.

3.1. Direct Consumer Data and Indirect Consumer Data

When you sign up for an account with us and use our Services, we ask you to provide us with the following Personal Data:

  • Identification data (e.g., first name, last name, floor, number apartment);
  • Contact details (e.g., address, email address);
  • Password;
  • Payment information – for Direct Consumer only (e.g., bank account, credit and your billing address).
  • Water consumption details (e.g., quantity of water used, water flow, time of use, leakage).

3.2. Business Contact Data

In order to provide our Business Customers and Partners with the Services, they shall provide us with personal data concerning their internal persons and facility management teams, for example:

  • Identification data (e.g., first name, last name, address, country);
  • Contact details (e.g., email, phone number);
  • Business details (e.g., company’s name, job title);
  • Communications (e.g., correspondences, calls);

3.3. For what purposes do we use your Personal Data?

BUSINESS CONTACT DATA

When the consumer does not enter into a service agreement through a distributor or other legal entity, we act as a Controller when we process your data for the following purposes:

DIRECT CONSUMER DATA

We act as a Controller of Indirect Consumer Data when we process part of your data for the following purposes:

INDIRECT CONSUMER DATA

Indirect Consumer Data that we process on behalf of our business customers or distributors (as listed in section 1) is processed only on behalf of our business customers or distributors. Therefore, our business customers or distributors, as data controllers are responsible for determining the purposes and legal basis of such data.

ALL PERSONAL DATA

4. COOKIES

The Website uses cookies to enhance user experience, analyze website usage, and provide you with personalized content and ads.

Cookies are small data files stored on your device that help us recognize your browser and remember your preferences.

You can view the full list of cookies used on our Website and manage your cookie preferences at any time by clicking the cookie icon available at the bottom left of the Website. This cookie management tool allows you to:

  • View detailed information about each category of cookies
  • Consent to or reject non-necessary cookies (such as statistics or marketing cookies)
  • Change or withdraw your consent at any time

Please note:

  • Strictly necessary cookies are always active, as they are required for the Website to function properly and do not require User consent.
  • No non-necessary cookies will be placed on your device without your explicit, prior consent.

5. WITH WHOM DO WE SHARE YOUR PERSONAL DATA

We may share the Personal Data collected for the provision of the Services in the following instances:

  • With service providers: We share your Personal Data with our IT support and cloud and hosting providers for the purpose of assisting us in providing the Services.
  • With analytics providers: We share your internet and other electronic network activity information with third party analytics providers that conduct analytics on our Services.
  • In the event of a corporate reorganization: In the event that we enter into, or intend to enter into, a transaction that alters the structure of our organization, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our assets, we would share your Personal Data with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We will also share your Personal Data with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings.
  • For legal purposes: We will share your Personal Data where we are legally required to do so, such as in response to tax obligations, court orders, law enforcement or legal process, including for national security purposes; to establish, protect, or exercise our legal rights, as required to enforce our terms of use or other contracts; to defend against legal claims or demands; to detect, investigate, prevent, or take action against illegal activities, fraud, or situations involving potential threats to the rights, property, or personal safety of any person; or to comply with the requirements of any applicable law.
  • Distributors and Partners– We will share consumer Personal Data with partners, Distributors and resellers through which you purchased our solution or who provide services as part of our offering (for example installers, support teams, etc.)

6. TRANSFER OF PERSONAL INFORMATION OUTSIDE YOUR TERRITORY

We may store, process or maintain Personal Data in various sites worldwide, including through cloud-based service providers. Where applicable, such as Personal Data originating from Israel, by using WINT’s products, services and Website, you hereby provide your informed consent to the transfer of your Personal Data to countries outside your state or country to countries in which the level of data protection may not be as protective as the level in your country.

When we transfer Personal Data from within the European Economic Area (EEA) to countries that are based outside the EEA, we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to Personal Data being transferred outside of the EEA, this may be done in one of the following ways:

  • The country that we send the Personal Data to is approved by the European Commission as offering an adequate level of protection for Personal Data;
  • in the absence of an adequacy decision, other legally permitted safeguards such as the EU Commission Standard Contractual Clauses (in the relevant module) for the transfer of Personal Data to third countries, adopted by the European Commission via its implementing decision of 4 June 2021, or any set of clauses approved by the European Commission which amends, replaces or supersedes the SCCs; or –

Further details on the steps we take to protect your Personal Data, in these cases, is available from us on request by contacting us by email at [email protected]

7. RIGHTS REGARDING PERSONAL DATA

Individuals have rights concerning their Personal Data. At any time, you may contact us at: [email protected] and request to know what Personal Data we store about you.

When you ask us to exercise any of your rights under this Policy and the applicable laws, we may need to ask you to provide us with certain credentials to make sure that you are who you claim you are, to avoid disclosure to you of Personal Data which is related to others that you are not authorized to receive, and to ask you questions to understand better the nature and scope of data that you request to access.

We may redact from the data we will make available to you any Personal Data related to others.

If you are based in the EEA, you are entitled to request us to:

  • access your Personal Data in order to obtain clear, transparent and understandable information on how we process your Personal Data and on your rights (as provided in this Policy), as well as a copy of your Personal Data;
  • rectify your Personal Data in case your Personal Data are obsolete, inaccurate or incomplete;
  • object the processing of your Personal Data when the processing is based on Wint’s legitimate interest. Wint will no longer process your Personal Data unless Wint demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms, such as the respect of a legal obligation (e.g. legal obligation involving the retention of documents), or for the establishment, exercise or defense of legal claims;
  • in certain circumstances under applicable laws, restrict the processing of some of your Personal Data during a limited period of time;
  • withdraw your consent when it has been obtained and processing is based on consent;
  • in certain circumstances under applicable laws, request data portability, meaning that you can receive the Personal Data originally provided by you in a structured and commonly used format or that the data subject can request the transfer of the Personal Data provided by him or her to another data controller;
  • in certain circumstances under applicable laws, delete your Personal Data (also known as the right to be forgotten);
  • lodge a complaint with your national data protection authority.

We will consider all such requests and provide our response within a reasonable period (and in any event within any time period required by applicable law). Please note that we will need to confirm your identity before acting on certain requests.

If you have a complaint about how we use your Direct Consumer Data or Indirect Consumer Data (for which we are the controller, as listed in section ‎3.3), we would always prefer you to contact us first. However, you may also make a complaint to your local data protection authority in the EEA country where we are based or where we monitor your behavior. If you are unsure which data protection authority to contact, please contact us at [email protected]

Indirect Consumer Data that we process on behalf of our business customers or distributors (as listed in section 1) is processed only on behalf of our business customers or distributors. Therefore, our business customers or distributors, as data controllers are responsible for answering and implementing your request to exercise your rights. If you send your request to us, we will transfer it to the relevant our business customers or distributors, in accordance with our agreement with such our business customers or distributors. You may also send your request to exercise your rights directly to the respective customer or distributor.

8. DATA RETENTION

We retain Personal Data for as long as we deem it as reasonably necessary in order to maintain and expand our relationship and provide you with our Services; in order to comply with our legal and contractual obligations; or to protect ourselves from any potential disputes (i.e. as required by laws applicable to log-keeping, records and bookkeeping, and in order to have proof and evidence concerning our relationship, should any legal issues arise following your discontinuance of use), all in accordance with our Data Retention Policy.

In accordance with our Data Retention Policy (which can be provided upon contacting [email protected], the length of time we store your Personal Data depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.

9. INFORMATION SECURITY

We implement technical and organizational measures, such as access controls and encryption, to protect Personal Data, in particular against potential data breaches, either by accident or unlawfully, and against the destruction, loss, modification, unauthorized access or divulgation.

However, no security measure or modality of data transmission over the Internet is 100% secure and we are unable to guarantee the absolute security of the information we have collected from you.

10. AGE RESTRICTION

The Services are not intended for individuals under the age of eighteen (18). If we learn that we have collected or received Personal Data from an individual under the age of eighteen (18), we will delete that information. If you believe we might have information from or about an individual under the age of eighteen (18), please contact us at [email protected]

11. CHANGES TO THIS PRIVACY NOTICE

We may change this Privacy Notice from time to time. We will post the changes to this page and will indicate the date the changes go into effect. If we make changes that materially affect your privacy rights, we will notify you via email and obtain your consent, if required.

12. CONTACT

If you have any specific questions about this Privacy Notice, you can contact us via email [email protected]

Last Updated: July 28, 2025

Copyright © 2024, Wint.ai Ltd. All rights reserved