PRIVACY POLICY

Yes it does, U.M. has a privacy policy in place according to the requirements of GDPR. The internal policy is adequately documented. It collects and keeps information on the name of the customer company that has contacted Utility Metals, as well as the name, position and other business contact details ( such as tel., fax, e-mail address etc. ) of the employee who contacted Utility Metals. It collects and stores all business correspondence ( such as e-mails ) exchanged between the customer company and Utility Metals. The same practice is followed by Utility Metals for the supplier companies that have contacted Utility Metals or that Utility Metals have contacted them, such as names of companies, contact details, addresses, e-mail addresses, business correspondence etc. This data is not used when not necessary, however is stored and not deleted for purely export compliance reasons, should if and ever authorities require any possible information in reference to export compliance that Utility Metals as any other company with exporting activity is required to follow by the U.K. or the E.U., an export compliance policy / practice. 

It uses computers and electronic means of data storage and the internet with a variety of security measures to maintain the safety of your personal information that is for U.M. of maximum importance. U.M. takes all reasonable care in the circumstances to avoid any possible data breach. You must know however that internet is an insecure place. Even the best safety measures followed by the largest companies in the world or even state organizations / governments may be ineffective. As U.M. is a small company and does not have dedicated IT personnel, don’t expect that U.M. can succeed in areas where Governments, Universities or IT security companies may fail, therefore you must have limited expectations regarding data privacy and whether U.M. can achieve a 100 % protection of data in the electronic systems that it uses.

You may use encryption by sending encrypted e-mails through Godaddy emails. Godaddy is a company in the U.S.A. with millions of customers. Terms and conditions of Godaddy apply. However even encrypted communication, is still data that according by law at least three years must be kept on record and international authorities may ask them and review them for the fight against crime and terrorism.

Utility Metals even if it uses Skype, VPN, Microsoft, Godaddy, Zoho, e-mail, Anveo voip for phone and fax, wind and OTE communication services such as voice and internet data, HawkHost or Amazon cloud services, can’t guarantee that these services can’t be hacked. Even Sony got hacked. Hushmail email services company ( a company widely used by doctors in the USA for HIPAA compliance reasons ) late January 2015 announced it was under Denial of Service attacks ( in their web site http://www.hushmailstatus.com ) and it is always unknown whether their servers can be hacked. In such case hackers can impersonate e-mails. Hushmail now provides in its webpage, advice to hushmail users how to protect them selves from visiting fake sites. Ask and if possible always use e-signatures and if possibly exchange e-mails with encrypted PDFs. Although Utility Metals is in favor of encrypted e-mails between suppliers and customers with the purspose of purely and solely protecting standard business communication and rivacy of data, it does not insist in encouraging customers or suppliers to follow encryption, it is only up to them. Please note that although encyption favors the customers and suppliers in their business confidentiality, never a customer or supplier asked from Utility Metals to use encrypted end to end communication.
For the last 10 years

Encryption is widely used in the information technology of today. In the internet, every web site starting with “https” involves encrypted communication, so if you use google or bing, you use encryption, if you use Microsoft Windows software, there is free option for bitlocker encryption, if you use Skype, it is nothing else that an encrypted communication form. Article 32 of the GDPR includes encryption as an example of an appropriate technical measure, depending on the nature and risks of your processing activities ( please see https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/security/encryption/ ).

U.M. uses appropriate security to prevent the personal data it holds being accidentally or deliberately compromised. In particular,

* it designs and organizes its security to fit the nature of the personal data it holds and the harm that may result from a security breach;

* it is clear about who in U.M. is responsible for ensuring information security;

* it makes sure it has the right physical and technical security.

Data may be transferred to servers in the United States of America, according to ICO, ( https://ico.org.uk ), the Safe Harbor scheme is recognized by the European Commission as providing adequate protection for the rights of individuals in connection with the transfer of their personal data to signatories of the scheme in the USA. The new policy however of E.U. requires data to be kept in E.U. servers.
( Please view the link: http://ec.europa.eu/justice/newsroom/data-protection/news/151013_en.htm
For that reason, U.M. uses
* Godaddy web services with data of U.M. ( as a European customer ) stored in E.U. countries ( information through customer support of Godaddy )
* Microsoft ( Office 365 and Skype ) web services with data of U.M. stored in Finland and Austria ( information through customer support of Microsoft )
* Google web services with data of U.M. stored in Finland, Netherlands, Ireland, Belgium ( general information from Google’s website, please view: https://www.google.com/about/datacenters/inside/locations/index.html )
* Amazon web services with data of U.M. stored in Ireland ( information derived when signing up to Amazon )
* Anveo VOIP services with data of U.M. stored in Germany ( information through customer support of Anveo )
* Adobe cloud services with data of U.M. hosted in Amazon ( therefore Irish servers ) ( please see http://adobeinteractiveguide.adobe.com/drupal/sites/default/files/creative_cloud_security_faq_it.pdf )
* Zopim chat with data of U.M. stored in the E.U. ( please see https://support.zendesk.com/hc/en-us/articles/212874767-Addressing-data-privacy-for-Zendesk-and-Zopim-in-light-of-the-recent-European-Court-of-Justice-decisions-regarding-the-EU-US-Safe-Harbor-Framework ) and
https://support.zendesk.com/hc/en-us/articles/203657676-Regional-Data-Hosting-Policy

( information through customer support of Zendesk/Zopim ).
* Zoho web services with data of U.M. stored in the E.U. ( information through customer support of Zoho )

* HawkHost Web services in Canada. Hawkhost mentions about GDPR the following, please see: https://support.hawkhost.com/index.php?/Knowledgebase/Article/View/192/0/general-data-protection-regulation. Additionally U.M. is checking with HawkHost where data of U.M. is stored.

The EU directive states that personal data can only be transferred to countries outside the EU and the EEA when an adequate level of protection is guaranteed, ( Please view http://ec.europa.eu/justice/data-protection/international-transfers/index_en.htm ). E-mail data is more than simple name/address/telephone details.
It is impossible for U.M. to know if data of the a/m cloud services are stored on more than one server in geographically diverse locations and whether some or all of these locations are outside the E.U.

Adobe makes an effort to explain the new situation with the invalidation by E.U. of the safe harbor agreement, please see:
http://www.adobe.com/uk/privacy/safe-harbor.html

It is impossible for U.M. to know if any web services company even if it claims that data is stored in E.U. does not send data outside the E.U. or does not duplicate data for storage safety reasons or does not use other supplementary web services that may send / travel data outside the E.U. ( this is common in the internet industry especially with IT security companies trying to protect servers of various companies against DDOS attacks and they switch servers in various locations often ).

Third party applications installed in this web site ( for example google analytics ) may use cookies ! If you do not agree with the use of cookies in our website, you must leave this site. 

NO MEANS NO.

The data collected about you is intended to be used internally only ( except cases of export control license applications to state organizations )

As from January 2016, it will not ask you when you inquire some products if you wish to redirect your inquiry and the details of your company to another stockholder or to a mill.

Exception to this ( data to be used externally ), is about cases of export control license applications, where U.M. in the applications it sends to the U.K. Export Control Organization, it will answer any possible question asked in the application, in full detail, inclusive general and specific information regarding the supplier of the goods and regarding your company, other parties involved in the supply chain, level of incorporation of goods into larger products and other.

In case however, that you purchase products from U.M. or from U.M.’s collaborating warehouses in the E.U. and you commit illegal actions with these products, U.M. will cooperate with international authorities if it will be asked. Should you inquire products from U.M. and your inquiry comes from a sanctioned country by the UN or by the UK, or if your inquiry raises concerns to U.M. about public safety, it may inform international state or non-state organizations that enforce law.

Communication in any form relating to metals or plastics for defense products or for re-export, U.M. is obliged by law to keep them in record for at least three years and of course to be fully visible to UK authorities if it is asked so.

Also, U.M. uses for communication, VPN – Virtual Private Networks ( encrypted internet channels )
Godaddy USA/UK Hosting web mail, HawkHost Canada cpanel webmail, Zoho web mail, Skype, and other internet
( such as voip or chat ) applications.
The providers of these communication means have their own privacy policy which is subject to the laws of the country where they are established.
All internet/communication passing through these providers may be visible to local authorities and U.M. has no any control on the privacy policy of these providers or to the security measures they follow.

U.M. will cooperate with government and law enforcement officials if asked so, to enforce and comply with the law. It will disclose any information about you to government or law enforcement officials or private parties as U.M., in its sole discretion, believes necessary or appropriate to respond to claims and legal process (including without limitation subpoenas), to protect U.M.’s property and rights or the property and rights of a third party, to protect the safety of the public or any person, or to prevent or stop activity it will consider to be illegal or unethical. It will also share your information to the extent necessary to comply with governmental rules, regulations and policies, for aboth above mentioned cases such a disclosure is fair.

To the extent it is legally permitted to do so, it will take reasonable steps to notify you in the event that it is required to provide your personal information to third parties as part of legal process provided authorities will allow so.

U.M. may inform and communicate its privacy policy and the purposes of the data collection to the relevant information commissioner in the U.K.

Just for the reason that U.M. is involved in the trading of dual use ( commercial and defense ) metals and plastics, data is kept all the time and is not deleted. Data is updated only for the purpose of accuracy, ie to be able to communicate in the future at the correct e-mail address or phone number.

Please read notes in other questions stated in this web page as well.

Occasionally at U.M.’s discretion it may include or offer third party products or services on its website. These third party sites have separate and independent privacy policies. U.M. therefore has no responsibility or liability for the content and activities of these linked sites. Nonetheless it seeks to protect the integrity of its sites and welcomes any feedback about these sites. 

This privacy policy applies only to information collected through U.M. websites and offline. 

Please visit the link : Terms of use, communication and sale at the bottom of this page. 

By using this present web site you must read and understand this privacy policy and you consent to U.M.’s privacy policy. In case that you do not agree, you must leave this web site immediately ! 

This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”).
Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
In case of activation of the IP anonymization, Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area.
Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA.
On behalf of the website provider Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage to the website provider.
Google will not associate your IP address with any other data held by Google.
You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.
Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.

You can refuse the use of Google Analytics by clicking on the following link.
An opt-out cookie will be set on the computer, which prevents the future collection of your data when visiting this website: https://tools.google.com/dlpage/gaoptout?hl=en

This website uses also Zoho analytics, a web analytics service provided by Zoho company in the USA and U.K.

Zoho Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Zoho on servers in Europe

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of this website.

This website uses also Bing Webmaster tools, a web analytics service provided by Microsoft company in the USA

Bing Webmaster tools uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Microsoft on servers in the United States.

You may refuse the use of cookies by selecting the appropriate settings on your browser. However, please note that if you do this,
you may not be able to use the full functionality of this website.

Any of the information U.M. collects from you is for four specified purposes, may be used in one of the following ways:

to personalize your experience ( your information helps U.M. to better respond to your individual needs )

to improve U.M.’s website ( U.M. continually strives to improve its website offerings based on the information and feedback it receives from you).

to improve its business relationship with you, current or potential and

to improve customer service ( your information helps U.M. to more effectively respond to your customer service requests and support needs )

U.M. believes that you reasonably expect that this data is used solely for business matters, has a positive business effect on you, therefore, all this information is only related to business matters and all above four purposes are compatible to each other.

Data is processed fairly and lawfully only through electronic means. U.M. puts in place appropriate checks to prevent any problems occurring ( ie: frequent review of electronic security measures ).

U.M. takes reasonable steps to ensure the accuracy of any personal data it obtains, ie getting independent confirmation that the data is accurate such as checking if there is a mistake on VAT number, by visiting the EU VAT verification web site, it ensures that the source of any personal data is clear; it carefully considers any challenges to the accuracy of information ie it checks if it has accurately recorded information provided by the individual concerned, or by another individual or organization and considers whether it is necessary to update the information. You may challenge the accuracy of the information or you may complain on how U.M. processes your data.

U.M. is fair and honest to you about its identity