Privacy Statement Dated: August 24, 2023
A. M. Castle & Co. ("Castle") respects the privacy of our online visitors. Our privacy practices are described below to inform you how we collect, use and share personal and device information that we obtain from users of the Castle website. This Privacy Statement only applies to the Castle website.
Should you have any questions regarding this Privacy Statement, please send an email to
This Privacy Statement covers the following topics:
What we collect What we do with the information we gather Security and confidentiality Links to other websites EU-U.S. Data Privacy Framework Access and Correction Cookies Changes to Privacy Statement What we collect
We may collect the following information:
1 - "Personal Information" - that is, information such as your full name, employer, email address, mailing address, and telephone number;
2 - "Device Information" - that is, information about you or your activities, such as your Internet Protocol Address) through which we do not attempt to identify you but through which it may be possible to identify you; and/or
3 - Information related to customer surveys, promotions and/or offers that may be Personal Information and/or Device Information (e.g., preferences, demographics, interests, etc.).
We collect Personal Information from our online visitors only when voluntarily offered when those visitors place an order. We may also collect Device Information from users of the Castle website.
What we do with the information we gather
We use the Personal Information that you provide and we subsequently gather in order to perform, monitor and review performance of any purchase order or contract you enter with us (online or otherwise). This includes using the Personal Information, (i) to understand your preferences, provide you with a better service, and respond to your inquiries; (ii) for internal record keeping; (iii) for internal analysis; and (iv) to administer offers for which you provided Personal Information. It is not possible for you or your company to enter, monitor or review purchase orders or contracts on our website unless you provide this Personal Information.
We use the Device Information, including IP addresses and login IDs, for our legitimate business interests, such as to allow our website to operate, to determine the nearest Castle facility and the availability of inventory near your geographic location, and to calculate shipping costs. We may also use it to investigate the source of any security incident. We retain this information for at least one year. We also use anonymized aggregated device information to measure the number of visitors to the Castle website and the areas of the website that are of most interest to our visitors.
We may contact you by email, phone, fax, mail or other means, unless you direct us not to do so.
We may share your Personal Information with a Castle affiliated company or with unrelated third parties (including contractors who provide services to us) to assist with any of the uses of Personal and Device Information described herein. For example, we may share and/or provide your Personal Information and Device Information with/to third parties that assist with the operation, administration, or maintenance of our website or to assist us in performing a contract we entered with you or your company. The privacy policies of such third parties may also apply. Castle does not otherwise make a practice of selling or otherwise supplying Personal Information or Device Information to others, unless we are required to do so by law or because it is pertinent to judicial, administrative or governmental investigations or proceedings. We retain Personal Information for as long as you remain a customer and thereafter for our record keeping purposes.
We retain Device Information, including IP addresses and login IDs, for at least one year.
Security and Confidentiality
We are committed to ensuring that your Personal Information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online. However, we undertake no obligation to maintain the confidentiality of non-confidential data such as feedback, questions, comments or ideas that you voluntarily provide to us (e.g., via the "Contact" tab or similar features on the Castle website). We reserve the right to use and disclose such non-confidential information as we deem appropriate. By voluntarily submitting feedback to us, you consent to these terms.
Links to other Websites
Our website may contain links to enable you to easily visit other websites of interest. The appearance of hyperlinks does not constitute an endorsement by Castle. Once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide while visiting such sites. You should exercise caution and look at the privacy statement applicable to the website you are visiting.
EU-U.S. Data Privacy Framework
In addition to the Framework, any transfers of the Personal Information of EU Data Subjects are subject to data transfer agreements containing the SCCs, as adopted by the European Commission. You may have certain rights under these SCCs, and if applicable to you, we will make copies of redacted SCCs available to you upon request to educate you about your rights.
Rights of EU Data Subjects
If you are an EU Data Subject, you have the right to access or opt-out of the sharing or processing of your own Personal Information subject to certain limitations, such as where the legitimate rights of other persons would be infringed or where the burden or expense of providing access would be disproportionate. If you wish to exercise such rights, please contact us as described below.
Choices of EU Data Subjects
We will provide appropriate choice in the event we use your Personal Information for purposes materially different from the purposes for which it was originally collected.
Recourse, Enforcement, and Liability
Please contact us as specified below if you have any questions, want access to your Personal Information, or otherwise need assistance. We remain responsible for our collection, use and disclosure of Personal Information in accordance with the Framework. We also are responsible for third-party agents that process such Personal Information on our behalf, unless we prove that we are not responsible for the event giving rise to the damage. In certain situations, we may be required to disclose Personal Information in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.
If you have an unresolved concern about Personal Information that we have not addressed satisfactorily, we have committed to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) with regard to unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF.. We are also subject to the investigatory and enforcement powers of the Federal Trade Commission with respect to the Framework. In addition, under certain conditions, more fully described on the Privacy Framework website, EU Data Subjects may invoke binding arbitration for non-monetary issues when other dispute resolution procedures have been exhausted.
We are also subject to the jurisdiction of the EU Member State specified in the SCCs (France), and if you are an EU Data Subject, you may seek judicial remedies in France against us regarding a dispute arising from the SCCs.
Please contact us at DPF@amcastle.com if you have any questions, wish to exercise your rights of access, or seek other assistance.
Data Subject Rights
You may request access to Personal Information we hold about you and, provided that you are not a current customer, you may also ask to be removed from our database. If the Personal Information we hold about you is incorrect, we will correct it upon your request. You also have the right to opt-out of the sharing of your Personal Information with third parties and the use of your Personal Information for a purpose materially different from that which was originally intended. Please email your request to DPF@amcastle.com. Please state "Request/Remove/Change Personal Data" in the subject line of your email.
"Strictly Necessary" Cookies
These cookies are essential in order to enable you to move around the website and use its features. Without these cookies, services you have asked for cannot be provided.
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies do not collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. This information is only used to improve how a website works.
These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customize. They may also be used to provide services you have asked for such as watching a video or commenting on a blog. The information these cookies collect is anonymous and they cannot track your browsing activity on other websites.
Changes to Privacy Statement
If you feel that this site is not adhering to this Privacy Statement, you may contact us via email at
DPF@amcastle.com or contact us via mail at A.M. Castle & Co., Attention: Law Department, 1420 Kensington Road, Suite 220, Oak Brook, Illinois 60523.