Privacy Policy

Crossing Creek is bound by the Privacy Act 1988 (Act), the Australian Privacy Principles (APPs) as well as other laws and codes.

Crossing Creek is committed to protecting your privacy. We have developed this Policy in order for you to understand how we collect, use, communicate and disclose and make use of personal information.

The following outlines our privacy policy.

– Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
– We will collect and use of personal information solely with the objective of fulfilling those purposes specified by us and for other compatible purposes, unless we obtain the consent of the individual concerned or as required by law.
– We will only retain personal information as long as necessary for the fulfilment of those purposes.
– We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
– We will protect personal information by reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
– We will make readily available to customers information about our policies and practices relating to the management of personal information.
– We are committed to conducting our business in accordance with these principles in order to ensure that the confidentiality of personal information is protected and maintained.

Data

When will we collect data your data? This may include but is not limited to when

– You join our Wine Club
– You purchase wine online
– You order wine over the phone
– You request wine be freighted to you
– You book a wine tasting with us
– You apply for a job

What type of personal data will we will collect?

Information may include but is not limited to– Identification such as name, address, proof of age (over 18years old)
– Communication details such as email, phone
– Credit card details for payment of goods & services

Use of Data.

The data will be used for the following purposes

– For administration & sales of our products & services
– Where authorised by you
– Where we are required, authorised or permitted by law
– To verify your identity
– To comply with laws & regulations
– To provide you with information about products & services from Crossing Creek that are most relevant to you

We do not sell or pass on your details to third parties.

Disclosure of Data

We disclose data to Contractors to assist us deliver your order, process payments & communicate with you. These may include

– Our freight company for purpose of delivering your goods
– Our secure online payment gateway company

Data Security

We take reasonable steps to ensure that the personal data we hold is protected from loss, misuse & unauthorised access. In order to prevent any unauthorised access or disclosure of the personal data that we gather we have in place electronic and managerial procedures to secure and guard this information.

Access & Correction of Data

You have the right to access, modify or delete information we hold about you at any time. This is our commitment to take all reasonable steps to ensure that the information we hold about you is accurate, complete and up-to-date. Should you request your personal information be destroyed and cease to be collected, Crossing Creek will comply with this request.

You can access and change your personal information by contacting us here, or if applicable, via the website where you entered your personal information. We encourage you to contact us in order to keep your personal information up to date.

Opting out of Marketing & Promotions

If you wish to cancel your Crossing Creek membership you can do this online via My Account page, a written request via email or call us at Cellar Door. On receipt we will destroy all your personal information.

If you unsubscribe or request we no longer forward you any marketing or mailing list communications we will immediately destroy your personal information & cease communications

Security

Crossing Creek uses Stripe Payments, Stripe is a PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.

All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).

If you would like more information please go to the Stripe Security page.