Skip to content

GDPR

GDPR Compliance Statement

Last Updated: May 23, 2024

The Vinology, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. This GDPR Compliance Statement outlines how we collect, use, store, and protect your personal data, and your rights under GDPR.

1. Data Controller

The data controller responsible for your personal data is:

The Vinology
Email: info@thevinology.com

2. Data Collection and Use

We collect and use personal data only when necessary for specific, legitimate purposes. The types of personal data we may collect include:

  • Contact Information: Such as your name, email address, and phone number.
  • Account Information: Such as username and password for your account.
  • Transaction Information: Such as payment details for purchases made on our website.
  • Usage Data: Such as information on how you use our website, including your IP address, browser type, and operating system.

3. Legal Basis for Processing

We process your personal data based on one or more of the following legal grounds:

  • Consent: When you have given explicit consent for us to process your data for specific purposes.
  • Contract: When processing is necessary for the performance of a contract to which you are a party.
  • Legal Obligation: When processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests: When processing is necessary for the purposes of our legitimate interests, except where such interests are overridden by your rights and interests.

4. Data Storage and Security

We take appropriate technical and organizational measures to ensure the security of your personal data, including:

  • Encrypting data during transmission and storage.
  • Implementing access controls to restrict access to personal data.
  • Regularly reviewing our data collection, storage, and processing practices.

5. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. After this period, we will securely delete or anonymize your data.

6. Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request access to the personal data we hold about you.
  • Right to Rectification: You have the right to request correction of any inaccurate or incomplete data.
  • Right to Erasure: You have the right to request the deletion of your personal data, subject to certain conditions.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request the transfer of your personal data to another organization or directly to you.
  • Right to Object: You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: You have the right to withdraw your consent at any time, where we rely on your consent to process your personal data.

7. Data Breaches

In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach.

8. International Transfers

If we transfer your personal data outside the European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your data in accordance with GDPR requirements.

9. Contact Us

If you have any questions about this GDPR Compliance Statement or our data practices, please contact us at:

The Vinology
Email: info@thevinology.com

10. Changes to This Statement

We may update this GDPR Compliance Statement from time to time to reflect changes in our practices or legal requirements. We will notify you of any significant changes by posting the new statement on our website.