Skip to content

Legal

Privacy Policy

Effective Date: January 1, 2026

Metal Master Sales Corporation

1. Data Controller

The data controller responsible for your personal information is:

2. Personal Information We Collect

  • Contact Information: name, email, phone, mailing address.
  • Account Information: username, password, preferences.
  • Transaction Information: purchase history, payment information.
  • Technical Information: IP address, browser type, device information, cookies.
  • Usage Information: pages visited, features used, interaction data.

3. Sources of Personal Information

  • Directly from you when you provide it.
  • Automatically through your use of our website.
  • Third-party service providers and business partners.

4. Purposes and Legal Basis for Processing

  • To provide services and fulfill contracts (contract performance).
  • To communicate with you about services (legitimate interest).
  • To comply with legal obligations (legal obligation).
  • To improve our services and website (legitimate interest).
  • With your consent for marketing purposes (consent).

5. Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Typical retention periods:

  • Transaction data: 7 years for tax and accounting purposes.
  • Account information: duration of account plus 1 year.
  • Marketing data: until consent is withdrawn or 3 years of inactivity.

6. Sharing with Third Parties

  • Service providers who assist in business operations.
  • Payment processors for transaction processing.
  • Legal authorities when required by law.
  • Business partners with your consent.

We do not sell your personal information to third parties. We do not share your personal information with third parties for their direct marketing purposes.

6a. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Secure socket layer (SSL) encryption for data transmission.
  • Access controls and authentication procedures.
  • Regular security assessments and updates.
  • Employee training on data protection.
  • Secure data storage and backup procedures.
  • Incident response and breach notification protocols.

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security but continuously work to maintain the security of your information.

7. International Data Transfers

Your personal information may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission.

7a. Children’s Privacy

Our website is not intended for children under the age of 13 (or 16 in the European Economic Area). We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

7b. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and understand user preferences. You can control cookie settings through your browser preferences. For more information about the cookies we use, see our Cookie Policy.

7c. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you without human intervention.

8. Your Rights

GDPR Rights (EU residents)

  • Right of access to your personal information.
  • Right to rectification of inaccurate information.
  • Right to erasure (“right to be forgotten”).
  • Right to restrict processing.
  • Right to data portability.
  • Right to object to processing.
  • Right to withdraw consent at any time.

CCPA Rights (California residents)

  • Right to know what personal information is collected.
  • Right to know whether personal information is sold or shared.
  • Right to opt-out of the sale or sharing of personal information.
  • Right to delete personal information.
  • Right to correct inaccurate personal information.
  • Right to non-discrimination for exercising your rights.

9. Do Not Sell or Share My Personal Information

We do not sell or share your personal information for cross-context behavioral advertising. If our practices change, we will update this policy and provide an opt-out mechanism here.

To opt out of any future sale or sharing of personal information, or to exercise any of your CCPA rights, use the link below. Your request will be sent to our Data Protection Officer and processed within the timeframes required by law.

Submit Opt-Out Request

The form routes your request to our Data Protection Officer and logs it for response. You may also email dls@dlsassociatesinc.com with the subject line “Do Not Sell or Share My Personal Information”.

10. How to Exercise Your Rights

To exercise any of your rights, please contact us at:

We will respond to your request within the timeframes required by law (typically 30 days for GDPR, 45 days for CCPA).

11. Right to Lodge a Complaint

If you are an EU resident, you have the right to lodge a complaint with your local supervisory authority if you believe we have not complied with data protection laws.

12. Data Protection Officer

For questions about this privacy policy or our data practices, contact our Data Protection Officer at dls@dlsassociatesinc.com.

13. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of material changes by posting the updated policy on our website with a new effective date.

This privacy policy is designed to comply with GDPR and CCPA requirements. For specific legal advice, please consult with legal counsel.