In this policy, Lisa McGuigan Wines, “we”, “us” and “our” means Lisa McGuigan Wines Pty Ltd (ACN 123 123 142) and Vamp by Lisa McGuigan Pty Ltd (ACN 633 475 859).

We take our privacy obligations seriously and are committed to ensuring that we handle personal information in accordance with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Act).

This policy sets out:

• what is considered personal information;
• how we collect, hold, use or disclose personal information;
• the purposes for which we collect, hold, use, disclose and store personal information;
• what happens if we are not able to collect personal information;
• whether we disclose personal information outside Australia; and
• how to contact us, including how to make a complaint.

This policy covers all of our activities, including the operation of our website and our social media accounts including any Facebook, Instagram or other social media accounts (Social Media).

Changes to our privacy policy

We may vary this privacy policy from time to time. Any updated versions of this privacy policy will be published on our website, with any changes effective on the date of publication.

Your privacy matters to us, so please take the time to get to know our practices.

This policy was last updated in [August] 2023.

What is personal information

When used in this policy, the term “personal information” has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you. This may include (but is not limited to) your name, age, gender, postcode and contact details (including phone numbers and email addresses) and possibly financial information, including your credit card, direct debit or PayPal account information. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

“Sensitive information” is information such as health information, information relating to your racial or ethnic origin, membership of political bodies, religion or trade unions, sexual preferences or activities, criminal record or medical information. Due to its sensitive nature, the Act imposes higher obligations where an entity deals with an individual’s sensitive information.

What personal information do we collect and hold

We may collect the following types of personal information:

• name;
• mailing or street address;
• email address;
• mobile, home or business telephone number;
• age or birth date;
• banking information;
• credit card details;
• profession, occupation or job title;
• business or company name;
• metadata such as IP address;
• details of product preferences;
• social media account name and profile picture;
• details of the products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to your enquiries;
• any additional personal information relating to you that you provide to us directly through our website or indirectly through use of our website, Social Media or online presence through our representatives or otherwise; and
• information you provide to us through our cellar door, customer surveys or visits by our representatives from time to time.

We do not expect that we will collect sensitive information about you, however if we do we will always deal with it in accordance with the Act and this policy.

How we collect personal information

We collect your personal information directly from you unless it is unreasonable or impractical to do so. We collect such information directly from you in a number of ways, including (but not limited to): 

• when you sign up for our mailing list;
• when you purchase products or services from us;
• through your access and use of our website, Social Media or sending an SMS/MMS to us;
• when you submit a job application to us and in the course of any work undertaken for us; and
• during conversations between you and our representatives. 

We may also collect personal information from third parties including:

• third party companies such as credit reporting agencies, law enforcement agencies and other government entities;
• our service providers such as WithWine (https://www.withwine.com/legals/#legal-privacy-policy) and Now Book It (https://nowbookit.com/privacypolicy/); and
• our other contractors and business partners including public relations and advertising agencies, mail and delivery services providers and recruitment agencies.

Why do we collect, hold, use and disclose personal information?

We may use and disclose your personal information for the purposes for which it has been collected, or for any other purposes to which you have consented.

You may give us your consent expressly, or it may be implied by your conduct. Subject to the requirements of the Australian Privacy Principles, if you would reasonably expect the information to be used or disclosed for another purpose, we may also use or disclose it for that purpose. Where the information is sensitive information, that other purpose will be directly connected to the primary purpose of collection.

If, in relation to the collection of any personal information, we represent to you how (or for what purposes) the personal information will be collected, held, used or disclosed, and there is any inconsistency between that representation and the terms of this privacy policy, the representation at the point of collection will prevail to the extent of the inconsistency.

The primary purpose for which we collect information about you is to enable us to perform our business activities and functions and to provide the best possible quality of customer experience. We will collect, hold, use and disclose your personal information for any one or more of the following purposes:

• to provide products and services to you;
• to provide you with news, information or advise about our existing and new products and services;
• to communicate with you, including but not limited to, by email, mail, SMS or telephone;
• to manage and enhance our products and services;
• to conduct competitions or promotions;
• to verify your identity;
• to conduct business processing functions for the operation of our website, social media or our business more generally;
• for our administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes, or those of our contractors or external service providers;
• to update your personal information or provide updated personal information to our contractors or external service providers;
• to investigate any complaints about or made by you, or if we have reason to suspect that you are in breach of any of our terms and conditions or that you are or have been otherwise engaged in any unlawful activity; and
• as required or permitted by any law (including the Act).

Our business purposes are further detailed on our website at https://www.lisamcguiganwines.com/.

What happens if we can’t collect your personal information

If you do not provide us with the personal information described in this policy, some or all of the following might happen:

• we may not be able to provide you with the products or services you requested, either to the same standard, or at all;
• we may not be able to provide you with information about products and services that you may want, including information about new products or special promotions; or
• we may be unable to tailor the content of our website to your preferences and your experience of our website may not be as enjoyable or useful.

How do we disclose your personal information

We may disclose your personal information:

• to our employees, related bodies corporate, partnerships, joint venture entities and business partners;
• to our existing and potential contractors, agents and external service providers for the operation of our website, Social Media, or business, or for the purpose of fulfilling requests by you, and otherwise providing products and services to you, including without limitation, web hosting providers, customer experience providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
• to our sponsors, or promoters of any competition that we conduct or promote via our services;
• to police, any relevant authority or enforcement body, or your Internet Service Provider or network administrator, for example, if we have reason to suspect that you have been engaged in any unlawful activity, and we reasonably believe that disclosure is necessary;
• to potential purchasers and purchasers of our business or assets and to successors in title; or
• as required or permitted by any law (including the Act).

Disclosure of personal information outside Australia

We may disclose your personal information to our related bodies corporate, partnerships, joint venture entities and external service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the Australian Privacy Principles. Such entities may operate in jurisdictions including but not limited to the Republic of Ireland, the United States of America and the United Kingdom.

Direct Marketing Materials

We may send you direct marketing communications and information about our services, products or promotions that we consider may be of interest to you. These communications are sent in various forms, including mail, SMS, email or social media, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method of communication wherever practical to do so.

You may at any time opt out of receiving marketing communications from us by contacting us (details below) and we will ensure that your name is removed from our mailing list. We do not provide your personal information to other organisations for the purpose of direct marketing unless authorised by you.

If you receive communications from us that you believe have been sent to you other than in accordance with this policy, or in breach of any law, please contact us using the details provided below.

Cookies

We may use cookies on our websites from time to time. Cookies are text files placed in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your email address or other personally identifiable information. However, they do allow third parties, such as Google and Facebook, to cause our advertisements to appear on your social media and online media feeds as part of our retargeting campaigns. If and when you choose to provide us with personal information, this information may be linked to the data stored in the cookie.

We may use web beacons on our websites from time to time. Web beacons (also known as Clear GIFs) are small pieces of code placed on a web page to monitor the visitor’s behaviour and collect data about the visitor’s viewing of a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.

Third party web sites

Our website may contain links to or embed content from other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.

Storage and Security

We may hold your personal information in a number of different formats, including software programs (located both onsite and offsite, including in the cloud), databases, filing systems and in offsite backup storage. Personal information held by us may be stored in email accounts that are accessible through mobile devices.

We will take all reasonable steps to protect the personal information that we hold from misuse, loss or unauthorised access, which may but do not necessarily include firewalls, anonymisation, password access, secure servers and encryption of credit card transactions.

If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.

Accessing and correcting your personal information

You may request access to any personal information we hold about you at any time by contacting us (details below). Where we hold information that you are entitled to access, we will try and provide you with a suitable means of accessing it (for example, by mailing or emailing it to you) within 30 days from your request. We will not charge for simply making a request and will not charge for making any corrections to your personal information. If you make an access request, we will ask you to verify your identity. There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy or safety of others, or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal and advise you on how to make a complaint.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.

We request that you keep your information as current as possible so that we may continue to improve our service to you.

How you can complain about a breach of privacy

If you believe your privacy has been breached by us, or have any questions or concerns about our privacy policy please, contact us using the contact information below and provide details of the incident so that we can investigate it.

Once the Privacy Officer receives a complaint, whether it is in writing or verbal means, the Privacy Officer will commence an investigation if it is considered that a breach of this policy or the Act may have occurred. The investigator will endeavour to determine the nature of the alleged breach and how it occurred. We may contact you during the process to seek further clarification if necessary. If a breach is found, the Privacy Officer will take available measures to prevent any further breaches from taking place. We may also contact you to inform you of the outcome of the investigation. We will endeavour to resolve all investigations within a reasonable time. 

We will endeavour to deal with your requests or complaints confidentially; however, there are circumstances in which we may disclose your requests in accordance with our legal obligations and having regard to the safety and privacy of others. For example, we may disclose your complaint to the police if criminal allegations are raised. Our representatives will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

If you want to lodge a complaint, leave a concern or receive additional information, please contact our Privacy Officer at:

The Privacy Officer

Lisa McGuigan Wines Pty Ltd (ACN 123 123 142)

2198 Broke Rd, Pokolbin, NSW 2320

Tel: +61 418 424 382

Email: privacy@lisamcguiganwines.com