Privacy Policy alimex Precision in Aluminum, Inc._USA
As of: March 5, 2026
This privacy policy consists of (1) PART 1 – USA (South Carolina) and (2) PART 2 – GDPR add-on module, insofar as the GDPR is applicable in individual cases (cf. Art. 3 GDPR).
PART 1 – Privacy Policy for the USA (South Carolina)
1. Controller
alimex Precision in Aluminum, Inc.
195 Shop Grove Drive – Unit A, Columbia, South Carolina 29209, USA
Phone: +1 803-339-0757 | Email: contact@alimexamericas.com
Authorized representative/management: Chief Executive Officer (CEO): Michael Meints
2. Scope
This notice explains what data is processed when you visit this website. The online offering is aimed at users in the USA. For users from the EU/EEA, PART 2 may also apply insofar as the GDPR is applicable.
3. Categories of personal data
Technical data:
IP address, date/time, page views, referrer URL, browser/device information.
Usage data:
Click paths, interactions, length of stay (especially for analysis/statistics tools).
Communication data:
Information from forms or emails (e.g., name, contact details, message).
Security data:
Data for bot/spam defense, attack detection, and log data.
4. Purposes of processing
- Technical provision and delivery of the website
- Security, abuse and fraud prevention (e.g., firewall, DDoS protection, bot defense)
- Analysis and optimization (e.g., reach measurement)
- Integration of external content (e.g., videos, fonts)
- Communication processing (inquiries, support)
5. Cookies and similar technologies
This website may use cookies and local/session storage to provide functions, content, and media. Details on the tools used and typical identifiers can be found in Appendix A (cookie/tool overview).
Note: When using Google reCAPTCHA, a cookie (_GRECAPTCHA) is set for risk analysis, among other things.
6. Recipients/service providers (including activities)
We use service providers who process personal data on our behalf or as independent providers. The following information is based on the services currently used:
6.1 Sucuri (GoDaddy Media Temple, Inc.)
Activity: Website security network, firewall, DDoS protection, malware monitoring. Website: https://sucuri.net/ | Privacy: https://sucuri.net/privacy/ | Contact: privacy@sucuri.net, 2155 E. GoDaddy Way, Tempe, AZ 85284, USA
6.2 GoDaddy Operating Company, LLC
Activity: Infrastructure services such as hosting, DNS, CDN (secureserver.net, wsimg.com). Website: https://www.godaddy.com/ | Privacy: https://www.godaddy.com/agreements/privacy | Contact: privacy@godaddy.com, 2155 E Warner Rd, Tempe, AZ 85284, USA
6.3 Google LLC
Activity: Google Analytics (statistics), Tag Manager (tag delivery), Fonts (fonts), Translate (translation), reCAPTCHA (spam/bot protection), Ads/DoubleClick (advertising) if applicable. Website: https://about.google/ | Privacy: https://policies.google.com/privacy
6.4 YouTube (Google LLC)
Activity: Video embedding, streaming, player functions. Website: https://www.youtube.com/ | Privacy: https://www.youtube.com/howyoutubeworks/privacy/
6.5 Automattic Inc. (Gravatar)
Activity: Global avatar delivery. Website: https://gravatar.com/ | Privacy: https://automattic.com/privacy/
6.6 ZoomInfo Technologies LLC
Activity: B2B database & go-to-market intelligence. Website: https://www.zoominfo.com/ | Privacy: https://www.zoominfo.com/legal/privacy-policy | Privacy Center: https://privacy.zoominfo.com/
7. Data security
We use appropriate technical and organizational security measures (including TLS/SSL) and restrict access according to the need-to-know principle.
8. Storage period
We only store personal data for as long as is necessary for the purposes stated in this notice or as required by law. Log and security data may be stored for longer periods if necessary to defend against or analyze attacks.
9. Contact
Email: contact@alimexamericas.com
10. Notice regarding security incidents (South Carolina)
Notifications of data protection/security incidents are subject to the obligations under S.C. Code § 39-1-90.
PART 1A – US State Privacy Addendum (where applicable)
Several US states grant consumers data protection rights. This addendum applies only to the extent that the respective laws apply to our company and the specific processing (e.g., depending on location/market, data categories, and legal thresholds).
1. Possible rights (examples; depending on the state)
- Right to access/“Right to know” (categories of data, purposes, recipients)
- Right to erasure
- Right to rectification
- Right to data copy/portability
- Opt-out against targeted advertising and, where applicable, against the sale/sharing of certain data
- Protection against discrimination when exercising rights
2. Exercising rights
You can send requests to contact@alimexamericas.com (subject line: “Privacy Request”). We may request additional information to verify your identity and will respond to requests in accordance with applicable US state laws.
3. Authorized Agent
Where applicable, you may appoint an authorized agent. We may require proof of authorization and may take additional steps to verify your identity.
PART 2 – GDPR Addendum (only if GDPR applies)
1. When does this addendum apply?
This additional module only applies if the GDPR is applicable in individual cases. This may be the case in particular if personal data of persons located in the EU is processed and the processing is related to offering goods or services in the EU or observing the behavior of persons in the EU (Art. 3 GDPR).
2. Controller under the GDPR
The controller is: alimex Precision in Aluminum, Inc., 195 Shop Grove Drive – Unit A, Columbia, South Carolina 29209, USA; email: contact@alimexamericas.com.
3. Purposes and legal bases (Art. 6 GDPR)
The legal bases may vary depending on the tool used. An overview for each tool can be found in Appendix A. In general, the following applies:
- Provision of the website: Art. 6 (1) (f) GDPR (legitimate interest in stable, secure provision).
- Security/defense against attacks (e.g., firewall, reCAPTCHA): Art. 6 (1) (f) GDPR (protection against misuse, ensuring integrity).
- Contact requests: Art. 6 (1) (b) GDPR (contract initiation) or (f) GDPR (responding to general inquiries).
- Web analysis (Google Analytics): regularly Art. 6 (1) (a) GDPR (consent), unless absolutely necessary.
- Integration of external content (e.g., YouTube, external fonts): regularly Art. 6 (1) (a) GDPR (consent), unless this results in the setting of unnecessary cookies/identifiers or the transfer of data to third parties.
4. Recipients and categories of recipients
Recipients may be IT service providers (hosting, CDN, security service providers), analysis/statistics service providers, and providers of embedded content. The specific providers used are listed in PART 1, section 6, and in Appendix A.
5. Transfers to third countries (in particular the USA)
If personal data is transferred to the USA or other third countries, this is done on the basis of an adequacy decision (e.g., EU-U.S. Data Privacy Framework, provided the recipient is certified) or appropriate safeguards (e.g., EU standard contractual clauses). Information on safeguards and copies can be requested from contact@alimexamericas.com.
6. Storage period / deletion periods
The storage period depends on the purpose and legal retention obligations. Contact requests are typically deleted after final processing, unless there are legal obligations to the contrary. Log data may be stored for a limited period of time for security reasons.
7. Rights of data subjects
In accordance with the GDPR, you have the right to information (Art. 15), correction (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), objection (Art. 21), and withdrawal of consent (Art. 7(3)).
You also have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR).
8. Obligation to provide data
The provision of technical data is technically necessary for accessing the website. Information in contact forms is voluntary; however, without the required information, processing may not be possible.
9. Automated decision-making/profiling
Automated decision-making with legal or similarly significant effects does not take place as a matter of principle. Security mechanisms such as reCAPTCHA may use automated risk assessments for bot detection.
10. Contact for GDPR inquiries
Email: contact@alimexamericas.com (subject line: “GDPR Request”).
Appendix A – Cookie/tool overview (transparency overview)
Note: The specific setting of cookies/identifiers may vary depending on the browser, device, configuration, and type of embedding. The following overview describes the typical purposes and data flows of the tools used, as well as the (EU) legal basis, insofar as the GDPR is applicable.
| Tool/Provider | Purpose | Data/Identifier (examples) | Category | Typical storage period | Legal basis (EU, if applicable) |
| GoDaddy (hosting/DNS/CDN) | Provision of the website, delivery, performance | IP address, server logs, technical headers; functional cookies, if applicable | Necessary | Logs depending on operation/security; functional, usually session to a few months | Art. 6 (1) (f) (website operation) |
| Sucuri (WAF/security) | Security monitoring, DDoS protection, firewall | IP address, request data, security logs, security cookies if applicable | Necessary | Security logs as required; cookies generally from session to a few months | Art. 6 (1) (f) (IT security) |
| Google Analytics (Google LLC) | Web analysis, reach measurement, optimization | Online identifiers (e.g., client ID), IP address (truncated/untruncated truncated depending on configuration), usage/event data; typical cookies: _ga, _ga_* | Statistics | Typically 2 years (_ga) and 24 hours–2 years (variable, GA configuration) | Regular Art. 6 (1) (a) (consent) |
| Google Tag Manager | Tag playback/management (container) | Usually no cookies of its own; enables other tags to be loaded | Depending on the tags loaded | — | Depending on the tags loaded (consent often required) |
| Google reCAPTCHA | Bot/spam protection, risk analysis | Cookie _GRECAPTCHA; IP address, browser/device information, interaction data | Necessary/security | Cookie typically up to 6 months (Google); may vary | Art. 6 (1) (f) (security) or (a) if consent is required |
| YouTube embedding (Google LLC) | Video display/streaming | IP address, device information; cookies/identifiers depending on embedding (youtube.com vs. youtube-nocookie.com) | External content | Variable depending on YouTube cookies | Regularly Art. 6 (1) (a) (consent), unless essential |
| Google Fonts (external, if used) | Display of fonts | IP address, request data; generally no cookies | External content | — | Regularly Art. 6 (1) (a) or (f) (after risk assessment); self-hosting recommended |
| Google Translate (if used) | Translation function | IP address, browser data; cookie/local storage (e.g., language settings) | Functional/external content | Variable | Art. 6 (1) lit. f (user-friendliness) or lit. a (if tracking/transfer) |
| Gravatar (Automattic) | Avatar delivery (if comment function/user profile) | Hash value of the email (MD5), IP address, request data | External content | Variable | Art. 6 (1) (f) or (a) depending on implementation |
| ZoomInfo (if pixel/integration used) | B2B marketing/lead intelligence (if integrated) | Online identifier, IP address, event data (depending on integration) | Marketing | Variable | Regular Art. 6 (1) (a) (consent) |