This Policy was last updated on 26 July 2018.
Mitolo Wines Pty Ltd ACN 112 011 560 (“we”, “our” or “us”) is committed to protecting the personal information that we may collect and hold about you. This Policy sets out our procedures relating to management of your personal information.
This policy is based on our obligations under the Privacy Act 1988 (Cth) (“Act”) (including Australian Privacy Principles). The Act provides extensive regulations about the collection, storage and use of personal information.
By voluntarily supplying us with your personal information, you are agreeing to be bound by this Policy.
Any amendments to this Policy will be notified to you by posting an updated version on our website.
Please note that our website contains links to other websites. When a user has clicked on a link to another site, they leave our site and are no longer protected by this Policy.
Employees and prospective employees
The handling of your personal information is exempt from the requirements of the Act where it directly relates to your current or former employment relationship with us. This means that we do not need to comply with the Act insofar as we are dealing with such information for purposes directly related to your employment. That said, acts or practices outside of this scope do not fall within the exemption. For example, we could not sell your personal information to another organisation.
The abovementioned exemption also does not extend to the handling of any personal information of prospective employees who are subsequently not employed by us (i.e. unsuccessful job applicants). In these circumstances, the personal information must be handled in accordance with the Act (as set out further below).
Collection of personal information
The personal information we may collect and hold about you includes:
contact information such as your name, date of birth, postal address, business address, telephone numbers, email address and professional affiliations;
business details, including Australian Business Number;
financial information, including credit card details in conjunction with the payment platform which processes our credit card payments; and
any other personal or private information voluntarily provided by you to us.
In addition, we may collect and hold the following credit information:
• identification information- name, date of birth, current or previous address, driver’s licence number;
• type and amount of credit sought;
• trade references – name of entity, ABN, contact name, telephone number, fax number, email, years trading with you;
• publicly available information about an individual’s creditworthiness;
• consumer credit liability information- name of credit provider, type of consumer credit, details of the consumer credit provided;
• default information;
• repayment history information; and
• payment information in relation to an overdue payment.
We may use “cookies” or similar technologies to collect data. A cookie is a small file, typically of letters and numbers, downloaded on to a device when you access our website. Our website collects the following information from users:
• your server address;
• your top level domain name (for example, .com, .gov, .au etc);
• the date and time of your visit to the site;
• the pages you accessed;
• the previous site you have visited; and
• the type of browser you are using.
Means of collection of personal information
Your personal information may be collected in a number of ways, including:
• directly by our staff when you seek, or enquire about, our services; or
• when you use our website or complete a form on our website.
You need not provide all the information requested by us, but this may prevent us from providing some or all of our goods or services to you.
Use, disclosure & purpose
We collect, hold and disclose your personal information for the following purposes:
• as a necessary part of providing our goods and services to you;
• to promote and market our products and services to you or provide you with information that we believe may be of interest to you through our newsletter service (unless as directed otherwise);
• to personalise and customise your experiences with our website;
• to help us research the needs of our customers and to market our goods and services with a better understanding of your needs and the needs of customers generally;
• to allow us to provide advertising material to you regarding us, our clients, and other business partners (unless as directed otherwise);
• to apply customer/member satisfaction surveys and events such as “loyalty” programs; and
other purposes related to any of the above.
We will only use your information for the purposes for which it was collected (“primary purposes”) or a purpose related to the primary purpose, if this use would be reasonably expected by you, or otherwise, with your consent.
• third parties that provide goods and services to us or through us;
• third parties, such as marketing and digital agencies, who may send to you our e-newsletters on our behalf;
• third parties in order to comply with our legal obligations including, for example, our auditors, legal advisors and the Australian Taxation Office; and
• our website host or software application providers.
We may also disclose your personal information, for the purposes set out above, to any of our subsidiaries, branches, franchises or related entities, agents, dealers or contractors.
We will not disclose your personal information to overseas recipients.
Quality, access to & correction of information
You are entitled to have access to and seek correction of any personal information that we may hold about you. We require that requests for access to or to update or correct your personal information to be in writing outlining the details of your request. Such requests should be addressed to the Privacy Officer via the details provided in this Policy.
We will take appropriate steps to verify your identity (or verify that you act as an authorised agent of the individual concerned) before granting a request to access your personal information.
We will respond to your request for access to your personal information within a reasonable time after you make the request and if access is granted, access will be provided within 30 days from your request. We will, on request, provide you with access to your personal information or update or correct your personal information, unless we are lawfully excluded from granting your request, including if:
• giving access would be unlawful;
• we are required or authorised by law or a court/tribunal order to deny access; or
• giving access is likely to prejudice one or more enforcement related activities conducted by an enforcement body.
Where your request for access is accepted, we will provide you with access to your personal information in a manner, as requested by you, providing it is reasonable to do so.
Your request for correction will be dealt with within 30 days, or such longer period as agreed by you. If we deny your request, we will provide you with a written notice detailing reasons for the refusal and the process for making a complaint about the refusal to grant your request.
Upon accepting a request for correction of your information, we will take all steps that are reasonable in the circumstances, having regard to the purpose for which your information is held, to correct your information.
Storage and Security
Your personal information will be stored as physical files in a secured area, on our electronic data base system and on computers with appropriate back up and security systems. Any personal information which is collected via our website, or which is held on our computer systems, is protected by safeguards including physical, technical (including firewalls and SSL encryption) and procedural methods.
We take reasonable steps to hold information securely in electronic or physical form. We are committed to keeping secure the data you provide to us and we will take all reasonable precautions to protect your personally identifiable information from loss, misuse, interference, unauthorised access or alteration.
We aim to achieve this through:
• imposing confidentiality requirements on our employees;
• implementing policies in relation to document storage security;
• implementing security measures to govern access to our systems;
• only providing access to personal information once proper identification has been given;
c• ontrolling access to our premises; and
• implementing website protection measures.
Notification of Data Breaches
Despite our best endeavours, if a data breach involving your personal information occurs that is likely to cause serious harm to you, we have an obligation to report the incident to the Australian Information Commissioner. In this event, we will notify you of specific details of the data breach and recommend steps you can take to protect yourself.
Dealing with us anonymously
Where lawful and practicable to do so, you can deal with us anonymously or using a pseudonym. You can deal with us anonymously or using a pseudonym when making a general enquiry about the goods and services that we can offer to you including via telephone or our website.
At the time you purchase our goods or engage our services, it is no longer practicable for you to deal with us anonymously or using a pseudonym.
Credit Information Notifiable Matters
We do not disclose your credit information to any credit reporting bodies. Any credit information we collect and/or hold about you will be dealt with in accordance with this Policy.
If you believe that we have breached a term of this Policy or the Act you may submit a written complaint. The written complaint can be emailed or posted to us using the contact details set out below. You must include contact details for us to contact you regarding your complaint.
Our Privacy Officer will consider your complaint and respond as soon as reasonably possible, but not more than 30 days from receiving the complaint.
If you are unsatisfied with the outcome of your complaint you may refer your complaint to the Office of the Australian Information Commissioner to be resolved.
If you wish to:
• gain access to your personal information;
• make a complaint about a breach of your privacy;
• contact us with a query about how your information is collected or used;
• contact us regarding any other matter concerning this Policy,
you can speak directly with our staff who will do their best to try to resolve your issue as simply as possible. Alternatively, you can write to us or send us an email so that our Privacy Officer can consider the matter. We will respond to you as soon as reasonably possible.
If you do not wish to receive direct marketing from us, please contact our Privacy Officer via the details below. Our contact details are as follows:
Phone: 08 8282 9000
Privacy Officer contact: Frank Mitolo
Postal address: PO Box 520, Virginia South Australia 5120
For more information on privacy see the Office of the Australian Information Commissioner's website at: http://www.oaic.gov.au.