Purpose and Scope
Where local legislation, regulations, or governing authorities differ in the application and or interpretation of privacy requirements, those rulings shall supersede those set out in this policy. Craggy Range will update this policy when our information handling practices change, or when required. Any revised policy will take effect when it is published on our website.
Privacy obligations relating to staff are addressed separately within Craggy Range’s internal policies.
INFORMATION WE COLLECT
The information collected by Craggy Range will depend on the products, services, or information you ask us to provide to you, and the nature of the dealings you have with us. This will include (but is not limited to) information to confirm your identity, date of birth, and contact details such as your physical address, mailing address, email, and contact phone numbers. In establishing a customer relationship additional information related to bank accounts, credit information and reference checks will often be requested.
By providing Craggy Range with your personal information, you consent to us using and disclosing it for the purposes set out in this policy.
Advertising services providers by partners
We advertise in a number of ways, including online through managed social media presences, and on other unaffiliated sites and mobile applications. To understand how our advertising campaigns are performing, and better understand the visitors to our website we work with partners who provide us advertising services. We collect information via our advertising service providers to help us understand how users interact with our services, to serve advertisements on our behalf across the internet, and measure the performance of these advertisements. Please see the Cookie use statement below for more information on which partners we use and to learn more about your privacy choices.
Social media and APIs
We may provide an application programming interface (API) to enable third-party applications to interface with our websites. Some applications enable you to interact with us through the API in a way that requires you to log in. To do this, most of these applications will direct you through a process where you are able to let the application connect to your account.
If you allow an application to connect to your account on our websites, including if you set up your account on our website using an API with a third party social media platform, that application will be able to access information that you can see when you are logged into our websites. You should only allow applications you trust to access your account on our websites.
If you set up your account on our websites using an API with a third-party social media platform, you also consent to us obtaining and using your information from such platform.
How your information is used
We may use your personal information for any purpose which is stated to you at the time of collection or that you otherwise authorize and to:
Send you newsletters
Communicate with you for general contact or feedback inquiries.
Analyze usage of this website;
Carry out marketing, promotional, and publicity purposes including direct marketing, market research, and surveys;
To show you advertising and information that is most relevant to you and your interests; and
Improve the content of this website and customize this website to your preferences.
Cookies and how we use them
The information collected by these tools may include geolocation data, the IP address of the device you are using and information about websites that IP address has come from, the pages accessed on our website, and the next website visited. We may use and combine this information to maintain, secure, and improve our websites, enhance your experience when using our websites, display and deliver relevant content, services, and advertising and understand the effectiveness of our marketing and advertising.
If you want to prevent cookies from being used, you can change your browser settings to disable cookies. However, you may not be able to access all or parts of our websites, or you may experience reduced functionality when accessing certain services.
How we store and secure personal information
We keep your hard-copy or electronic records on our secured premises and systems or offsite using trusted third parties. Our security safeguards include:
Staff education: we train and regularly remind our staff of their obligations with regard to your information.
Taking precautions with overseas transfers and third parties: when we send information overseas or use third parties that handle or store data, we ensure that appropriate data handling and security arrangements are in place.
System security: when you transact with us on the internet via our website or mobile apps we encrypt data sent from your computer to our systems. We have firewalls, intrusion detection systems, and virus scanning tools to protect against unauthorized persons and viruses accessing our systems. We limit access by requiring the use of passwords.
Destroying data when no longer required: where practical, we keep information only for as long as required (for example, to meet legal requirements or our internal needs).
Credit Card Information: where credit card information is required, our processes for recording, managing, and using credit card details are designed in alignment with global PCI Security Standards.
The purposes we collect, store, use, and disclose personal information
We collect, use, disclose, store and retain your personal information so that we can carry out our business activities and functions and provide you with our services. The type of information about you that we will collect, use, disclose, store and retain will depend on our relationship with you, the types of products or services you request from us, and our legal obligations.
The purposes for which we collect, store, use, and disclose personal and credit-related information is so that we can:
Establish your identity and assess applications for products and services;
Provide products and services to you;
Send information and communications requested by you;
Manage our relationship with you;
Manage our risks and help identify and investigate illegal activity, such as fraud;
Conduct and improve our businesses and improve customer experience;
To update our records and ensure contact details are up to date; and/or
Comply with our legal obligations and assist government and law enforcement agencies or regulators where required.
Access and correction of personal information
If you wish to seek access to the personal information we may hold about you, please contact our Privacy Officer at email@example.com. Where we hold information that you are entitled to access, we will try to provide you with a suitable and secure means of accessing it such as via direct email or courier.
Where you are not entitled to access personal information under the Privacy Act, for example, if it would breach or have the potential to breach another individual’s privacy rights, we will provide a reason for the refusal.
If you believe that the personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. Depending on the nature of the changes requested, we may ask for further confirmation of identity and/or that the request is submitted in writing for audit and compliance purposes.
Copyright for all material hosted within the Website is owned by Craggy Range Vineyards Ltd. unless otherwise indicated. The copyright for material pulled from external platforms is as per specific copyright notices on said platforms.
You may download, store, display, print and reproduce this material in unaltered form only for your personal, non-commercial use or use within your organization so long as you give appropriate acknowledgment to the copyright owner.
Apart from any use as permitted under the Copyright Act 1994 (NZ), all other rights are reserved.
Requests for further authorization should be directed to firstname.lastname@example.org.
If you believe that we have breached, or potentially breached our privacy obligations, please contact the Privacy Officer on email@example.com in the first instance. Depending on the nature of the breach or potential breach, we may ask for further confirmation of identity, details of the complaint and/or that the request is submitted in writing for audit and compliance purposes.
We’ll do our best to help you, but if we can’t, then you have the right to make a complaint to your local data protection authority about the way we’ve managed your information. You can ask us for help to determine which authority is the right one to contact. In New Zealand, the authority is the Office of the New Zealand Privacy Commissioner who can be contacted by:
Completing an online complaint form at privacy.org.nz; or
Writing to the Office of the Privacy Commissioner, PO Box 10-094, The Terrace, Wellington 6143.
Disclosure to third parties
We may disclose your personal or credit-related information with third parties where this is permitted by law or for any of the purposes mentioned above.
Third parties include:
Parties to whom we outsource certain functions (e.g. financial institutions).
Auditors, compliance regulators, government agencies, and departments.
Any other third party with your prior authorization for such disclosure.