WICKHAM HILL WINERY
1 October 2015
1. RESPECTING YOUR PRIVACY
Wickham Hill Holdings Pty Ltd (ABN 45 158 543 714), trading as Wickham Hill Winery (‘Wickham Hill Winery’ or ‘we’ or ‘us’ or ‘our’), is bound by the Privacy Act 1988 (Privacy Act) regarding the manner in which we collect and handle your personal information and how we respond to your requests to access and correct it.
‘Personal information’ is information about an identifiable individual, as defined by applicable law. We are committed to protecting the privacy of any personal information we hold about individuals in accordance with the applicable laws. As such, we only collect personal information where it is reasonably necessary for us to do so in performing our statutory functions and related activities.
This policy explains how we collect and handle your personal information and how we respond to your requests to access or correct it. In addition, this policy sets out the rights and obligations of both you and Wickham Hill Winery in relation to the handling of your personal information.
This policy forms part of our Terms and Conditions for use of this website, which you should also read. Privacy statements in relation to this website and in relation to calls received by us are also incorporated into this policy.
This policy outlines our personal information management practices. Specifically:
the kinds of personal information we collect and hold;
how we collect and hold it;
the purposes for which we collect, hold, use and disclose it;
your right to access and seek correction of it;
how you may complain about privacy matters; and
our sharing of your personal information overseas.
There are some matters to which this policy does not apply and these are referred to below.
2. WHAT KINDS OF PERSONAL INFORMATION DO WE COLLECT AND HOLD?
The personal information we collect and hold is what is reasonably necessary for our business functions and activities. When we collect and hold personal information, it is of the following kinds:
your personal details such as your name, addresses, telephone numbers, age, date of birth and
your customer reference number or loyalty card number;
whether you have taken up some of our other offerings, such as membership of our clubs and
loyalty programs, our financial services products and our mobile applications;
any rewards and redemption details applicable to your membership of our loyalty programs; and
whether you have a connection with others whose personal information we may collect or hold,
for example family members who may be linked to your loyalty program membership;
what, how and when you buy from us or have expressed an interest in buying from us;
your stated or likely preferences, for example whether you may be interested in particular
products or promotions.
information about your occupation, business or employer;
information about your business operations within the wine sector;
information about any regional association that you are a member of;
your credit card or account details (during the course of conducting financial transactions with you);
Australian Business Numbers (which are only used in accordance with the Privacy Act);
our suppliers, business associates and their employees;
current, former and prospective employees and contractors;
third parties whom we work closely with such as sub-contractors, consultants, marketing and advertising agencies; and
other persons that we come in contact with.
Some of our products and services require us to collect health information from you, for example our optical or insurance services. We also collect health information from you for the purpose of determining any public liability issues involving you. This information is only used to provide you with those services or to manage such issues.
Depending on the nature of your dealings with us, we may collect and hold other types of personal information. For example, information collected and held via our secure financial systems about the debit or credit card you might use for your purchases from us.
You generally have the option of not identifying yourself or of using a pseudonym when dealing with us. But not where this is impractical (for example when you shop online with us) or where the law or a court order provides otherwise.
3. HOW DO WE COLLECT AND HOLD PERSONAL INFORMATION?
Collection of personal information: When we collect personal information about you, we do so by making a record of it. We do this when:
you register with us, for example to create an account or to send you information;
you communicate with us online;
you take part in our promotions, competitions, testimonials, surveys and focus groups (as applicable);
you deal with us in any other way involving a need for personal information to be provided such as when you make a lay-by, contact our customer service line or if you bring a claim against us.
We may also collect personal information about you by accessing data from other sources and then analysing that data together with the information we already hold about you in order to learn more about your likely preferences and interests.
Most of the personal information we collect and hold about you is from your direct dealings with us.
We may sometimes collect your personal information other than from you directly. For example from other suppliers who, in common with us, have a relationship with you.
4. HOLDING OF PERSONAL INFORMATION
Personal information we hold is generally stored in computer systems. These may be operated by us or by our service providers. In all cases, we have rigorous information security requirements aimed at eliminating risks of unauthorised access to, and loss, misuse or wrongful alteration of, personal information.
When individuals come on to our website, we may collect certain information such as browser type, operating system and the website visited immediately before coming to its site. This information is used in an aggregated manner to analyse how individuals use our site, so that we can improve its site.
Our website has links to other websites not owned or controlled by us. We are not responsible for these sites or the consequences of individuals going on to those sites.
You have a general right to anonymity/pseudonymity when dealing with us. However, if you do not provide us with the personal information that we request, our ability to provide services to you may be diminished.
7. COOKIES AND IP ADDRESSES
8. WHY DO WE COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION?
When we collect, hold and use your personal information, we do so primarily to sell and promote our goods and services to you and to improve on the range of our offerings. For example:
to learn of your likely preferences so that we may promote our goods and services to you in a waywhich may be of most interest to you; and
to assist in investigating your complaints and enquiries.
We disclose personal information we collect for purposes which are incidental to the sale and promotion of our goods and services to you. For example, we may disclose your personal information within our group, to service providers who assist us in our day-to-day business operations and as part of buying or selling businesses.
We may collect, hold, use and disclose your personal information for other purposes which are within reasonable expectations or where permitted by law.
When marketing to you, your personal information is only ever used or disclosed for our own purposes. You may opt out of our direct marketing to you. Our direct marketing materials will tell you how to do this.
We may de-identify your personal information. We may do this for use and disclosure of the anonymous data to determine preferences and shopping patterns.
9. HOW WE HOLD PERSONAL INFORMATION
We will generally hold personal information in physical records, on our information management system or on mailing lists. In some cases we may hold records on third party servers which may be located overseas. We take reasonable steps to hold all hard copy and electronic records of your personal information in a secure manner to ensure that it is protected from misuse, interference and loss, and unauthorised access, modification or disclosure.
10. HOW WE USE PERSONAL INFORMATION COLLECTED FROM YOU
We collect, use and exchange your information for the purpose of:
managing our relationship with you;
responding to your enquiries;
where you have given us your consent. providing you with (or permitting selected third parties to provide to you with), information on services, events and activities run by Wickham Hill Winery;
administering events and competitions;
analysing and improving the services (and content) we offer and the events and activities we undertake;
personalising the way that our online content is presented to you and to allow you to participate in interactive features when you choose to do so;
contacting you about a submission, article or correspondence that you have made or sent;
to carry out our obligations arising from contracts entered into between you and us; and
any other purposes notified to you at the time your personal information is collected.
11. WHO WE MAY DISCLOSE YOUR INFORMATION TO
Your personal information may be disclosed:
where the use or disclosure is required at law;
third party companies which Wickham Hill Winery may have commercial or non-commercial relationships with for the purpose of promoting wine events and products; and
to Wickham Hill Winery’s related entities, domestic and international offices and representatives (for internal purposes only);
specialist advisors to Wickham Hill Winery who have been engaged to provide Wickham Hill Winery with legal, administrative, financial, insurance, research, marketing or other services;
where you have given us consent
any other person authorised implicitly or expressly, when the personal information is provided or collected by us.
12. HOW CAN YOU ENQUIRE ABOUT, ACCESS AND CORRECT YOUR PERSONAL
We will provide you with access to any of your personal information we hold (except in limited circumstances recognised by law). If you wish to access your personal information or have an enquiry about privacy, you can write to us at:
Before we provide you with access to your personal information we may require some proof of identity. We may charge a reasonable fee for giving access to your personal information if your request requires substantial effort on our part.
If you need to correct your personal information, please contact us at the details provided above.
13. HOW CAN YOU COMPLAIN ABOUT OUR MANAGEMENT OF PERSONAL INFORMATION?
If you wish to complain about a breach of the privacy rules that bind us, you may contact us at one of the above contact points. We may ask you to put your complaint in writing and to provide details about it.
We may discuss your complaint with our personnel and our service providers and others as appropriate.
We will investigate the matter and attempt to resolve it in a timely way and will inform you in writing about the outcome of the investigation. If we do not resolve your complaint to your satisfaction and no other complaint resolution procedures are agreed or required by law, we will inform you that your complaint may be referred to the Privacy Commissioner for further investigation and will provide you with the Commissioner’s contact details.
14. OUR SHARING OF YOUR PERSONAL INFORMATION OVERSEAS
It is our policy to require all of our overseas sharing of personal information to be done in a way which requires observance of strict privacy and security standards, both during transit and at the overseas destination.
We may allow your personal information to be shared with those who are in countries other than your own location. We do this:
where we have made a business decision to store our data with a trusted service provider who is in the business of providing data storage and processing services. Examples are those who store and process our email and mobile application data. These services commonly involve diverse geographic locations which change from time to time for reasons which include data protection and processing efficiency. Where these services are used by us, it is not practical for us to notify you of which country your personal information may be located in; and
when our business which collected your personal information is in a different country to your location;
where you are involved with public liability issues concerning a product we may disclose your personal information to any overseas supplier of such a product in the course of managing those issues.
Wickham Hill Winery has taken reasonable steps regarding physical and technical access intrusion security measures to protect the personal information we hold against loss, misuse, interference and from unauthorised access, alteration or disclosure. However, if you are considering sending us any personal information through any of our communication channels, please be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP). You must also take care to protect your usernames and passwords and notify us as soon as possible if you become aware of any security breaches.
17. OTHER PRIVACY TERMS AND LIMITS OF THIS POLICY
This is a policy. There may be additional privacy notices and terms relevant to you depending on the nature of your dealings with us and on our particular businesses. There are additional privacy terms in our loyalty program and club membership contracts and for use of our online sites, for example.
We have separate charters concerning our employees – this policy does not apply to the personal information of our employees in their capacity as such.
18. MORE INFORMATION
The Australian Privacy Principles (APP’s) are as follows:
Australian Privacy Principle 1–open and transparent management of personal information
Australian Privacy Principle 2–anonymity and pseudonymity
Australian Privacy Principle 3–collection of solicited personal information
Australian Privacy Principle 4–dealing with unsolicited personal information
Australian Privacy Principle 5–notification of the collection of personal information
Australian Privacy Principle 6–use or disclosure of personal information
Australian Privacy Principle 7–direct marketing
Australian Privacy Principle 8–cross-border disclosure of personal information
Australian Privacy Principle 9–adoption, use or disclosure of government related identifiers
Australian Privacy Principle 10–quality of personal information
Australian Privacy Principle 11–security of personal information
Australian Privacy Principle 12–access to personal information
Australian Privacy Principle 13–correction of personal information
More information about privacy law and privacy principles is available from the Privacy Commissioner. The Privacy Commissioner may be contacted at www.oaic.gov.au (email – email@example.com) (Australia). Similarly, for information about privacy generally, or if your concerns are not resolved to your satisfaction, you can contact the Office of the Australian Information Commissioner on 1300 363
992 or via www.oaic.gov.au.