Privacy and your Personal Data
All your personal Information shall be held and used in accordance with the EU General Data Protection Regulation (“GDPR”) and national laws implementing GDPR and any legislation that replaces it in whole or in part and any other legislation relating to the protection of personal data. If you want to know what information we collect and hold about you, or to exercise any of your rights as set out below, please email us at firstname.lastname@example.org.
Swirl the Glass is the controller of your Information for the purposes of the GDPR. Partita IVA IT05589270650.
What Information do we collect on our website?
When you visit our website (including the mobile optimised version of the website accessible from your portable hand-held device) you may provide us with personal information such as your name, email address and mobile phone number (“Information”). You may provide us with Information in a number of ways:
by supplying us with the Information as listed above, on an individual basis by submitting a message through our contact form.
by corresponding with us by email, in which case we may retain the content of your email messages together with your email address and our responses.
by Information provided when you use our mobile optimised website from your portable hand-held device, including details of your physical location, where you have agreed to it being used.
We may collect Information about your computer, including, where available, your IP address, operating system, browser type and the geographical location of your computer, for system administration purposes.
How we use your Information
We will hold, use and disclose your Information for our legitimate business purposes including:
to answer your inquiries and provide information about our services
to communicate with you about logistics for our wine tours and tastings, request payment and to follow up with you after the service to request a review. We may use your personal information to deliver information to you and to contact you regarding administrative notices. We will not give or sell this information to any other company for its use in marketing or solicitation.
to release Information to regulatory or law enforcement agencies, if we are required or permitted to do so.
The legal basis for processing your Information
Under GDPR, the main grounds that we rely upon in order to process your Information are the following:
necessary for the purposes of legitimate interests – either we, and/or a third party, will need to process your Information for the purposes of our legitimate interests, provided we have established that those interests are not overridden by your rights and freedoms, including your right to have your Information protected. Our legitimate interests include responding to requests and enquiries from you or a third party, informing you about our services and ensuring that our operations are conducted in an appropriate and efficient manner
necessary for compliance with a legal obligation – we are subject to certain legal obligations which may require us to process your Information. We may also be obliged by law to disclose your Information to a regulatory body or law enforcement agency.
consent – in some circumstances, we may ask for your consent to process your Information in a particular way.
How we share your Information
In certain circumstances we will share your Information with other parties. Details of those parties are set out below along with the reasons for sharing it:
trusted third parties: in order to provide certain services, we will share your information with third party service providers such as our transportation and winery partners, IT infrastructure companies and email logistics providers. We will not share your data with any third party where it is not necessary to do so to provide a service to you.
regulatory and law enforcement agencies. As noted above, if we receive a request from a regulatory body or law enforcement agency, and if permitted under GDPR and other laws, we may disclose certain personal information to such bodies or agencies
How long we hold your Information
We will only retain your Information for as long as is necessary for the purpose or purposes for which we have collected it. The criteria that we use to determine retention periods will be determined by the nature of the data and the purposes for which it is kept. In certain circumstances, once we have deleted or anonymised your data, we may need to retain parts of it (for example, your email address), in order to comply with our obligations under GDPR or other legislation, or for fraud detection purposes.
Your rights relating to your Information
You have certain rights in relation to personal information we hold about you. Details of these rights and how to exercise them are set out below. We will require evidence of your identity before we are able to act on your request.
Right of Access. You have the right at any time to ask us for a copy of the Information about you that we hold, and to confirm the nature of the Information and how it is used. Where we have good reason, and if the GDPR permits, we can refuse your request for a copy of your Information, or certain elements of the request. If we refuse your request or any element of it, we will provide you with our reasons for doing so
Right of Correction or Completion. If Information we hold about you is not accurate, or is out of date or incomplete, and requires amendment or correction you have a right to have the data rectified, updated or completed. You can let us know by contacting us at the email address set out above
Right of Erasure. In certain circumstances, you have the right to request that Information we hold about you is erased, e.g. if the Information is no longer necessary for the purposes for which it was collected or processed or our processing of the Information is based on your consent and there are no other legal grounds on which we may process the Information
Right to Object to or Restrict Processing. In certain circumstances, you have the right to object to our processing of your Information by contacting us at the email address set out above. You also have the right to object to use of your Information for direct marketing purposes.
You can exercise any of the above rights by contacting us at the email address set our above. You can exercise your rights free of charge. Most of the above rights are subject to limitations and exceptions. We will provide reasons if we are unable to comply with any request for the exercise of your rights.
To the extent that we are processing your Information based on your consent, you have the right to withdraw your consent at any time. You can do this by unsubscribing via the link provided in any direct marketing communication, or by contacting us at the email address set out above.
Similar to other commercial websites, our website uses a technology called “cookies” and web server logs to collect information about how our website is used. A cookie is a very small text document, which often includes an anonymous unique identifier. When you visit a website, that site’s computer asks your computer for permission to store this file in a part of your hard drive specifically designated for cookies.
Information gathered through cookies and web server logs may include the date and time of visits, the pages viewed, time spent at our website, and the websites visited just before and just after our website.
Cookies, in conjunction with our web server’s log files, allow us to calculate the aggregate number of people visiting our website and which parts of the website are most popular. This helps us gather feedback so that we can improve our website and better serve our customers. Cookies do not allow us to gather any personal Information about you and we do not generally store any personal Information that you provided to us in your cookies.
We may use ‘session’ cookies which enable you to carry information across pages of the website and avoid having to re-enter information. Session cookies enable us to compile statistics that help us to understand how the website is being used and to improve its structure. You can control and/or delete cookies as you wish by checking your browser settings on each device - for details, see aboutcookies.org.
Visitor Analytics is a simple website analytics service which measures the traffic and visitors' general details of the customers' websites. Collecting these statistics, a website can make their visitors' experience better (e.g. which pages they visit and when, where they are approximately located, where does a user land first or if they are coming from a specific referral).
In order to most efficiently serve you, deposits and payment credit card transactions are handled by established third party banking, processing agents and distribution institutions. They receive the information needed to verify and authorize your credit card or other payment information.
If you are unhappy about our use of your Information, you can contact us at the email address above.