Privacy Policy
Your Privacy matters to us
Genista Wines ABN – 63624408949 and its related bodies corporate are committed to protecting your personal information.
In accordance with the Privacy Act 1988 (Cth) (Privacy Act) this Privacy Policy sets out how we manage your personal information.
This Privacy Policy is not applicable to any third parties’ websites or platforms that you may access from our premises, IT systems or website. Those third parties’ websites or platforms might include, but are not limited to, e-commerce and payment processing platforms, online bookings and reservations platforms, accounting, inventory and sales databases. We are not responsible for the privacy practices of those third parties. You should contact them directly to understand and ensure that you are comfortable with how they manage your personal information.
What is personal information?
“Personal information” is information or an opinion about you, or information from which you could reasonably be identified.
“Sensitive information” is a sub-set of personal information. We do not collect sensitive information without your consent, unless we are allowed to do so by law. By sensitive information we are referring to your racial or ethnic origin, political opinions, religious beliefs or affiliations, philosophical beliefs, political, professional, trade association or trade union memberships, sexual orientation or practices, criminal records or your health, genetic or biometric information and templates.
Collection of personal information
How do we collect your personal information?
We may collect your personal information:
- directly from you (for example, when we are in contact with each other, enter into contracts with us, when you attend events we arrange or sponsor, visit our websites, cellar doors or wineries, and when you post about us on social media);
- from publicly available sources and databases (for example, if it is unreasonable or impractical for us to collect the personal information directly from you, because we have provided you with a fair opportunity to supply personal information which we reasonably require for our activities, but you have only partially provided it, or not provided it at all);
- through statutory, regulatory and other governmental processes; and
- from third parties who you have authorised to provide us with your personal information.
If we receive unsolicited personal information about you, we will assess whether we would have been entitled to collect it. If we would not have been entitled to collect it, we will destroy or de-identify it as soon as practicable (if it is lawful and reasonable to do so).
What kinds of personal information do we collect?
Depending on how you interact with us, we may collect personal information such as:
- Contact and identity details – if we are in contact with each other, we may collect details which include your full name, date of birth, street/postal address, email address and telephone number.
- Member details – if you submit a membership application to our Wine Club, or interact with us at member events, we may collect your abovementioned contact details, demographics (age, gender, vocation, educational history), personal interests and a history of our interactions or dealings with you.
- Feedback requests and survey preferences – we may collect details about your demographics, interest in wines and feedback on our activities and products, including when you interact with us on social media platforms.
- Visitor information, images and videos – if you visit our tasting room, vineyards, wineries and hosted events (e.g. wine and food festivals, cellar door tastings or dining functions) we may collect your credit card details and the abovementioned contact details when you make bookings with us, health information (such as dietary requirements, allergies and other relevant health conditions) as well as travel details when you visit as a member of a tour group. From time-to-time we will collect photographs and video footage of our visitors.
- Website interactions – if you communicate with us or purchase products or services from our website we may collect your abovementioned contact details, credit card details, screenshots and other information you choose to provide. Payment details provided through our website are processed through a secure server.
- Customer sales information – when you purchase goods and services from us, whether in person or through our website, we may collect your abovementioned contact details, demographic and credit card details.
- Competition entrant details – if you enter our competitions, we may collect your abovementioned contact details and other information you choose to provide.
- Acquisition of other businesses – if we acquire the assets of another business to whom you have disclosed your personal information, such transactions generally involve the disclosure of personal information from the seller, either as part of the due diligence process or as a result of a transfer of the assets. In such instances, Genista Wines collects the personal information held by the newly acquired business.
Do we use cookies or other analytics tools on our website?
Our website uses ‘cookies’ to improve your browser experience. Cookies are small text files that are downloaded and stored onto your computer’s browser directory when you visit our website.
Cookies are used to track the pages and services you visit on our website and to ensure that you are able to move freely across our website without the need to re-enter information that you have already provided. We use cookies to collect information such as:
- your computer’s IP address and other technical information;
- the date and time at which you access our website and the duration of your visit;
- the pages and content that you viewed during your visit; and
- the type of browser you are using.
It is possible to disable cookies by adjusting your Internet browser’s setting. However, our website may not function correctly if your browser refuses cookies.
Similarly, we use website analytics tools such as Google Analytics and Facebook Pixel to analyse the use of our website, so that we can improve how we interact and engage with you.
Use of personal information
How do we use your personal information?
We may use your personal information:
- to provide our products and administer our services, including providing customer support, verifying your identity, fulfilling your orders, processing deposits and payments, training our staff and testing our systems;
- to facilitate your participation in our wine clubs or any other loyalty programs;
- to develop, inform you about and deliver our competitions, events, promotions and offers;
- to distribute our newsletters and other communications, including emails;
- to publicise our events and facilities, including by publishing images of you attending our events and facilities;
- to conduct marketing activities for our products and services;
- to conduct research and analysis directed at improving our products, services and websites;
- to understand your wine preferences and behaviours;
- to conduct quality audits and for risk management generally; and
- to comply with our legal obligations. For example, we use information regarding a person’s age to ensure that we do not supply alcohol to minors.
Do we use your personal information to conduct direct marketing?
Customers and mailing list members are sent information about our products and services that we consider may interest them. These communications are sent in various forms, including SMS and email. You can opt-out of receiving marketing communications at any time by lodging a request with our Privacy Officer (details below) or by using the opt-out method provided in our marketing communications. Once we have received your opt-out request, we will remove you from our direct marketing programs as soon as reasonably practicable. We do not trade in or sell your personal information to other parties.
Disclosure of personal information
We disclose personal information in limited circumstances. Your personal information may be disclosed to:
- our third party service providers, including event co-ordinators, payment processors, data entry providers, marketing agencies, IT service providers, mailing houses, electronic network administrators, cloud service and software providers, debt collectors, suppliers, and where necessary, to professional advisers, such as our solicitors and accountants;
- other members/entities within our corporate group;
- government authorities or other statutory bodies where it is expressly permitted under the Privacy Act. For example, where you have provided your consent or we are legally required to do so, such as under a court order or warrant; and
- any other parties to whom you have authorised us to disclose your personal information.
Storage and security of personal information
How do we secure your personal information?
We take reasonable steps to protect your personal information, including maintaining electronic, physical and procedural security measures to safeguard it.
For example, we have in place user names, passwords and access restrictions that provide electronic protection of personal information that we store electronically. However, there are inherent risks with the transmission of data over the internet. Whilst reasonable security measures are in place for the protection of your personal information, please be aware that no guarantee can be made that your personal information is completely secure.
We also secure hard copy personal information within buildings or other storage facilities, by restricting access to those buildings or facilities (for example, by locking the buildings and filing cabinets in which the personal information is stored).
If any unauthorised access or disclosure of your personal information occurs, we comply with our obligations under the Privacy Act in dealing with that unauthorised access under disclosure, including any obligations in respect of eligible data breaches under the Privacy Act.
Do we disclose your personal information overseas?
Personal information may be stored in the Cloud (that is, computer servers connected to one another via the Internet). We may store your personal information with, or allow it to be accessed by, overseas third parties who provide:
- software and maintenance services for the Cloud;
- training services in connection with using and accessing the Cloud; and
- infrastructure/hardware used to access the Cloud.
In many instances, the data centres are located in Australia. However, some of those third parties are situated, and store content, offshore, your personal information may be transmitted, disclosed, stored or accessed in overseas jurisdictions. Those jurisdictions may include but are not limited to, the European Economic Area, European Union, Indonesia, Malaysia, Thailand, UK and the US.
Access to, and correction of, personal information
How can you access and correct your personal information?
You may request access to your personal information by sending a written request to our Privacy Officer (details below). Upon receiving an access request, we may seek further details from you in order to verify your identity. We reserve the right to refuse access to personal information if we cannot verify your identity to our reasonable satisfaction. Access will generally be provided in an appropriate format within 30 days. We may charge a fee for providing access if it requires a significant amount of time to locate your personal information or to collate or present it in an appropriate format. This fee will be explained to you before it has been incurred. In limited circumstances, and only where it is permitted under the Privacy Act, we may not be able to provide access to your personal information: for example, where it would have an unreasonable impact upon the privacy of others or where we believe your request is frivolous or vexatious.
We will take reasonable steps to ensure personal information we collect and use is accurate, up-to-date and complete. Where personal information is out-of-date or incorrect, you may inform us of this by contacting our Privacy Officer (details below) and we will correct it.
Miscellaneous issues
Can you deal with us anonymously or use a pseudonym?
You can choose to deal with us anonymously or by using a pseudonym. However, we may be unable to provide you with accurate or useful information, and (in some circumstances) you may not be able to access a full range of our products and services. For example, we may not be able to process your request, sell you alcoholic beverages, provide a definitive response, assess your eligibility for events, offers or promotions, we may need to ask you further questions or require more time to respond.
Will our Privacy Policy change?
We may amend this Privacy Policy from time to time in order to ensure that it reflects any alterations to our information handling practices or business circumstances. Any updated Privacy Policy will be published on our website. Changes come into effect from the time when they are brought to your attention, or when you next logon to our website, whichever is earlier. Please make sure you review this Privacy Policy each time you visit our website to keep up to date on any changes.
How can you contact us regarding privacy matters?
If you have any concerns or complaints regarding how we handle personal information, please contact our Privacy Officer. Correspondence should be addressed to:
Privacy Officer
Genista Wines
Phone: +61 458 871 159
e-mail: [email protected]
We take all complaints seriously and will respond to you within a reasonable period of time, unless we consider your complaint to be frivolous or vexatious.
If a privacy concern or complaint is not resolved to your satisfaction, you can contact the Office of the Australian Information Commissioner.
Last updated: 31 December 2022