Specialty Machine will be closed on December 24-25, December 31, and January 1 for the holiday season.
Request Quote
Contact Us

PRIVACY POLICY

Effective Date: 1 October 2024

Introduction

Specialty Machine (“we,” “us,” “our”) is committed to protecting the privacy and security of our customers, suppliers, employees, and all parties with whom we engage. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal and proprietary information in connection with our operations. To the maximum extent possible, we comply with all applicable laws and regulations, including but not limited to those related to defense contracting, International Traffic in Arms Regulations (ITAR) compliance, National Institute of Standards and Technology (NIST) 800-171 standards, Cybersecurity Maturity Model Certification (CMMC) 2.0 Framework, and the
protection of personal information.

We take privacy seriously and strive to balance the need for efficient operations with customer data protection. By interacting with Specialty Machine, you consent to the practices described in this Privacy Policy.

1. Scope of the Policy

a. This Privacy Policy applies to all data and information Specialty Machine handles, including:

  • Personally Identifiable Information (PII)
  • Customer proprietary data (technical drawings, financial data, etc.)
  • Controlled Unclassified Information (CUI)
  • Health information subject to the Health Insurance Portability and
    Accountability Act (HIPAA) (if applicable)
  • Information relevant to compliance with industry-specific standards, including but not limited to defense, aerospace, oil & gas, energy, semiconductor, and chemical industries.
 
2. Information We Collect

a. We may collect the following categories of information:

  • Personal Information: Name, contact information (email, phone number,
    address), job title, and other identifiers.
  • Business Information: Company name, contact details, and business
    identification numbers.
  • Technical Information: Technical data, including proprietary drawings, customer specifications, and engineering documentation.
  • Contract Information: Information required for defense, aerospace, or
    government contracts, including CUI.
  • Financial Information: Payment details, account information, and billing records.
  • Logistics Information: Shipping details, inventory levels, and consignment data.
  • Sensitive Materials Information: Information regarding materials compliance, including avoidance of conflict minerals, as per the Dodd-Frank Act.
 
3. How We Use Information

a. Specialty Machine uses the information we collect for the following purposes:

  • Contract Fulfillment: To manufacture products, provide services, and meet the specifications outlined in contracts with our customers.
  • Regulatory Compliance: To comply with relevant laws and regulations, including ITAR, NIST 800-171, ISO 9001, AS9100, CMMC 2.0, and DoD contract requirements.
  • Customer Support: To provide customer service, address inquiries, and manage customer accounts.
  • Security & Compliance: To protect the integrity of our systems and comply with security requirements for handling PII, CUI, and sensitive materials information, particularly in compliance with CMMC 2.0 Level 2, which applies to controlled unclassified information.
  • Business Operations: For accounting, financial record-keeping, inventory
    management, and forecasting purposes.
  • Marketing: We only use customer data for marketing purposes with prior explicit consent. Customers can opt out at any time and can rest assured that their data will not be used for marketing purposes unless they choose to participate.
 

b. Mitigation: We only collect information necessary for these purposes, ensuring efficient operations while protecting your proprietary and personal data. Data use for marketing is entirely optional, with clear opt-out mechanisms available.

4. Data Sharing & Disclosure

a. We may share information as follows:

  • With Our Service Providers: We may share information with third-party service providers who support our operations (e.g., ERP providers, IT support, etc.), but only
    with providers who meet our strict data protection standards, including compliance with CMMC 2.0 Level 2 for CUI handling.
  • For Legal Compliance: We may disclose information if required by law or to comply with legal obligations, such as a subpoena, court order, or government regulation. We will inform customers, where legally permitted, before making any such disclosures.
  • For Defense and Aerospace Contracts: We may share relevant contract-related information with government agencies, contractors, and subcontractors as needed for compliance with ITAR, NIST 800-171, CMMC 2.0, and other defense regulations.
  • In Connection with Mergers or Acquisitions: In the event of a merger, acquisition, or sale, customer and operational data may be transferred to the new entity, subject to the same privacy safeguards. We will notify customers of any such transfers and maintain the same privacy protections.
 

b. In cases where third-party contractors are engaged to fulfill specific aspects of an order (e.g., testing, special treatments), these contractors will be contractually obligated to maintain the same level of confidentiality and data protection as Specialty Machine. We ensure that any such engagements are fully compliant with our data protection and privacy standards.

c. Mitigation: Data sharing is limited to trusted service providers and legal obligations. We always prioritize customer confidentiality, and sharing is done only when absolutely necessary for contract fulfillment or legal compliance. Where legally permitted, we will notify customers in advance of any required legal disclosures.


5. Data Security

a. Specialty Machine employs technical and organizational measures to protect the confidentiality, integrity, and availability of data. This includes, but is not limited to:

  • ITAR, NIST 800-171, and CMMC 2.0 Compliance: Adherence to strict access control, encryption, and data management practices for CUI and sensitive defenserelated information. Our security framework complies with CMMC 2.0 Level 2 for the protection of sensitive customer data in defense and aerospace sectors.
  • Employee Training: Regular training on data protection practices, including handling proprietary and confidential information, in alignment with CMMC 2.0 standards.
  • Secure Systems: Use of secure servers, encrypted communications, and
    restricted access to sensitive information, as required under CMMC 2.0 Level 2.
  • Physical Security: Access control systems to protect our facilities, as well as procedures to ensure the security of physical documents and materials.


b. Mitigation: We employ comprehensive security measures to protect all data,
ensuring compliance with stringent industry standards like ITAR, NIST 800-171, and CMMC 2.0. Customers can have peace of mind knowing their data is protected by state-of-the-art security protocols.


6. Data Retention

a. We retain personal and business information for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal, regulatory, or contractual obligations.

  • Customer & Contract Data: Retained for the duration of the contractual
    relationship and for any additional period required by industry standards, such as aerospace, defense, and oil & gas industries, in compliance with CMMC 2.0.
  • Financial Data: Retained as required by financial regulations or applicable law.
  • Logistics and Inventory Data: Retained to support forecasting, inventory
    management, and consignment agreements.

b. Upon the completion of any order or upon customer request, Specialty Machine will return or destroy all technical data, designs, and proprietary information provided by the customer, except where retention is necessary for legal or regulatory compliance. This process ensures that customer information is securely handled during and after the contractual relationship.

c. Mitigation: We only retain data for as long as necessary to meet our legal and
contractual obligations. If requested and legally permissible, we will delete or
anonymize customer data upon termination of our relationship. This ensures that data is not stored unnecessarily, reducing the risk of long-term exposure.


7. Your Rights

a. Depending on applicable laws, you may have the right to:

  • Access personal data we hold about you.
  • Request the correction of inaccurate or incomplete data.
  • Request the deletion or anonymization of personal data, where legally permissible.
  • Object to the processing of your personal data in certain circumstances.
  • Request restrictions on the use of your personal data.

b. Requests for exercising your rights may be directed to
info@www.specialtymachinelp.com.

c. Mitigation: We offer customers control over their data, including the ability to request deletion or corrections. This ensures transparency and responsiveness to customer concerns.


8. International Data Transfers

a. Specialty Machine operates in the U.S. and does not currently transfer personal data internationally. Should this change, we will ensure that any international data transfers comply with applicable data protection laws, such as the General Data Protection Regulation (GDPR), CMMC 2.0, or other relevant regulations.

b. Mitigation: Currently, all data is managed within the U.S., minimizing concerns about international data transfers. Should international transfers become necessary, they will comply with the strictest legal standards.


9. Third-Party Links

a. Our website and communications may include links to third-party websites or
services. Specialty Machine is not responsible for the privacy practices or content of those third-party sites. We encourage customers to review the privacy policies of any third-party services they interact with.


10. Changes to This Policy

a. We may update this Privacy Policy from time to time to reflect changes in our
operations or legal requirements. The most current version will always be posted on our website. If significant changes are made, we will notify customers directly to ensure transparency.


11. Limitation of Liability

a. Specialty Machine’s liability for any damages arising from the collection, use, or disclosure of customer data shall not exceed the total value of the contract under which the data was provided. Specialty Machine will not be liable for indirect, incidental, or consequential damages except in cases of gross negligence or willful misconduct.


12. Contact Us

a. For questions or concerns about this Privacy Policy or how we handle your data, please contact us at:

Specialty Machine
P.O. Box 4606
Lago Vista, TX 78645
info@www.specialtymachinelp.com
(512) 267-4944

Specialty Machine logo – letters "SM" in black font with "Specialty Machine" underneath.
American made
ethically sourced

Office: (512) 267-4944
Fax: (512) 267-4443

Email: info@www.specialtymachinelp.com

White LinkedIn Logo. Facebook
Lago Vista:
20202 Alfalfa Dr.
Lago Vista, TX 78645
Marble Falls:
1624 Northwood Dr
Marble Falls, TX 78654
White LinkedIn Logo. Facebook

(512) 267-4944

Fax: (512) 267-4443

info@specialtymachine.com

Lago Vista:
20202 Alfalfa Dr.
Lago Vista, TX 78645
 
Marble Falls:
1624 Northwood Dr
Marble Falls, TX 78654
© 2025, Specialty Machine

Website by Blackhawk

Specialty Machine logo – letters "SM" in black font with "Specialty Machine" underneath.

Follow us:

White LinkedIn Icon. Instagram Facebook