Last Modified 01/18/2019
1. SECURITY & PRIVACY
3. PROTECTING YOUR PERSONAL DATA
When collecting and processing your personal data, we will communicate all information to you and inform you of the purpose of the data.
We will collect and process your personal data only for the purposes described in this policy.
We will only collect personal data that is necessary for order processing. We will take all reasonable steps to ensure that the personal data we hold is accurate and up to date.
We will hold your personal data for the period necessary for processing in compliance with the provisions of the law.
You may access, modify, correct or delete your personal data. You may also oppose the use of your personal data, particularly to avoid receiving marketing information. The details of the department to contact and steps to be taken in this respect are shown below in the clause "Access and Modification".
We will ensure reasonable technical and organizational measures are in place to protect your personal data against alteration or accidental or unlawful loss, or unauthorized use, disclosure or access.
We may share your personal data with third parties for payment processing, email services and other services essential to the running of the business (such as commercial partners and/or service providers) for the purposes set out in this policy. We will take appropriate measures to safeguard your security when sharing or transferring such data.
The winery’s online ordering and customer service website is hosted by a third-party e-commerce vendor. This vendor uses secure server technology for all transactions on the site. The secure server software encrypts all information you input before it is sent to us. In addition, your customer data is protected against unauthorized access.
Customer payment card information resides in a secure online vault at a specialized payments processor, Stripe, and never resides on the winery’s server or that of our e-commerce vendor. Stripe facilitates payment without ever releasing the actual card information to the winery or our e-commerce vendor.
Stripe is a PCI level 1 validated provider. This is the highest level of security certification offered in the payment processing industry.
4. SECURITY OF PERSONAL INFORMATION COLLECTED
Private member accounts are protected by a password randomly created by the customer relationship management (CRM) system or directly by submission of the member themselves. Winery personnel are unable to create, view or edit passwords for extra added security. If a password is forgotten, the member may create a new password after receiving an email sent to the address on file.
5. WHAT PERSONAL DATA IS COLLECTED?
At various times, we may ask you for information about you and/or members of your family and guests, such as:
First Name/Last Name
Birthdate (verification of 21 years or older in order to purchase wine in the United States)
Credit Card Number for transaction purposes (see “Vinespring” above)
How you first heard of Rubia Wine Cellars
Where you first tasted Rubia Wines
6. PERSONAL INFORMATION ACCESS
All private member’s personal information is accessible to view, edit, and delete online by logging into the account using your unique username and secure password.
7. WHEN IS YOUR PERSONAL DATA COLLECTED?
Personal data may be collected on a variety of occasions, including:
Upon visit to the tasting room
Third party collection of information such as events at restaurants or trade pourings
Internet activities such as connection to Rubia Wine Cellars website (IP address, cookies) and pages on social networks, etc.
8. STORAGE OF DATA
Personal data will be held within four consecutive wine releases if the member places a wine order at any time or requests to continue to receive marketing information from Rubia Wine Cellars. Additionally, information will be maintained if reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.