Updated: December 1, 2022

“Company” refers to Society of the Original Wine World, LLC, including any group companies, affiliates, and subsidiaries from time to time (also may be referred to as “we”, “us”, or “our”). Company is committed to protecting your privacy and complying with applicable data protection and privacy laws. This Privacy Policy (“Privacy Policy”) is designed to help you understand what kind of information we collect in connection with our products and services and how we process and use such information. Throughout this Privacy Policy, the term “personal data” means information relating to an identified or identifiable individual (i.e., a natural person). Your personal data may be used in accordance with this Privacy Policy. Further information about our data practices may be provided on our website and/or in our mobile application if applicable. This Privacy Policy applies to personal data collected in connection with our Website or in connection with products and services offered by Company or from other interactions with us. We may also provide additional privacy-related terms in connection with a particular Company product or service, and such product or service-specific terms prevail over this Privacy Policy to the extent of any conflict. Our products or services may also contain links to other companies’ websites and other third-party services that have privacy policies of their own. We recommend that you carefully read these external privacy policies as well. Company is not responsible for the privacy practices or contents of any such third-party services. Where a consent from you to the processing of personal data described in this Privacy Policy is required under the applicable law, such consent will be obtained by an appropriate mechanism such as checking a box stating your consent, choosing technical settings for a service or website, or other statement/conduct clearly indicating your acceptance to processing, depending on the product, website, service, or application you are using. If you do not provide data required for the particular service or website feature you are intending to use, or for transactions that you are trying to complete, such service or website feature may not be available, and/or transactions may not be completed. We collect personal data when you purchase our products or services, use, or register our services, enter into a sales promotion or a campaign, or otherwise interact with us.

DATA COLLECTED

Technical Information. In most cases you may visit our website or use our products or services without having to identify yourself. However, certain technical information is normally collected as a standard part of your use. Such information includes, for example, IP-address, access time, website linkage bringing you to our page, Company pages you visit, and the links used, the ad banners and other content you view, information about your devices and other such technical information your browser provides us with or as may be otherwise collected in connection with our products and services. When you use our services or otherwise interact with us over telecommunications networks, certain additional information, such as your mobile subscription number, may be transmitted to us by the telecommunications operator as a standard part of that communication. Please also see the section “Use of Cookies, Web Beacons, and Similar Technology” below.

Information You Provide To Us. When you register to use our services, make a purchase, enter a sales promotion or otherwise interact with us, we may ask you to provide certain information such as your name, email address, street address, user name, password and/or other such credentials used to authenticate users and to validate their actions, or that may be needed to provide users with the products and services requested and/or to communicate with users, as well as information uploaded by users. We may collect demographic information, for example your age, gender, postal code, and language preferences. We may also collect other information you provide, such as your consents, preferences, and feedback, as well as information relating to your devices and any other such information you provide us with. Please note that certain initially non-identifiable information collected from you may become personally identifiable when you provide us with personal data. Additionally, some of our services may allow you to submit information about other people, for example, if you make an order for a product that you wish us to send directly to another recipient.

Special Categories of Personal Data. We may collect your biometric data. Users are requested to grant consent for such data collection explicitly per each service or product in question. For certain services or applications, this may be done by adjusting the settings of the application or service, in accordance with applicable law. Denial of the consent may affect the provision of the relevant service.

Your Transactions With Us. We may (and often will) collect or request information relating to your purchase or use of our products or services, as well as other interactions between you and Company. Such information may include details of requests you make, products and services provided (including delivery details), purchase details (including payments, credit card details, billing address, credit checks and/or other such financial information), details of agreements between you and Company, records of contacts and communications, information and details relating to the content you have provided us with, and any other such transactional information. We may, in accordance with applicable law, record your communication with our customer care or with other similar contact points.

Location Data. Our website and/or certain services may involve the use of your location data. For example, we may collect location data to enable geolocation. Use of your location data is, however, subject to your prior consent as well as applicable law.

Data Obtained from Third Parties. In addition to the personal data we obtain from you, we may obtain, in accordance with applicable law, specific personal data from publicly available sources. This may include personal data such as credit information and address information updates.

PURPOSES OF COLLECTION AND PROCESSING

Company processes your personal data for the purposes described in this Privacy Policy and/or any additional service-specific privacy information. Please note that one or more purposes may apply simultaneously.

Provision of Products and Services. We may process and use your personal data to provide you with the product or service you have requested, to fulfill your other requests such as customer service, to process your order, or as otherwise may be necessary to perform or enforce relevant contract(s) between you and Company. We may also process and use your personal data to ensure the functionality and security of our products and services, to identify you, and to prevent and detect fraud and other misuses.

Development of Products and Services. We may process and use your personal data to develop our products and/or services. However, for the most part, we only use aggregate, anonymized, and statistical information in the development of our products and services - and not data directly identifiable to you. We may also process and use your personal data to personalize our offerings and to provide you with services more relevant to you, for example, to make recommendations and display customized content and advertising. We may combine personal data collected in connection with your use of a particular Company product and/or service with other personal data we may hold about you, except where such personal data was collected for a different specific purpose.

Communicating with You; Marketing. We may process and use your personal data to communicate with you, for example, to provide information relating to our products and/or services you are using or to contact you for customer satisfaction inquiries. We also process your personal information when you contact us via contact forms made available on our websites. In such situations we process the data you have given us for the purpose of answering your questions or inquiries and providing the assistance you have requested. We may also process and use your personal data for marketing purposes. Marketing purposes may include using your personal data for personalized marketing or research purposes in accordance with applicable laws, to conduct market research and to communicate about our products, services, or promotions. In addition, some of our products and services may be used to promote products and services of other companies, however, your personal data is not disclosed to such companies for their marketing purposes without your prior consent or other basis under applicable law.

Personalization. We may process and use your personal data for personalization of targeted direct marketing and improvement of our products or services. We may also create aggregate and statistical information based on your personal data. Personalization includes automated processing of your personal data for evaluating, analyzing, or predicting your personal preferences or interests in order to, for example, send you marketing messages concerning products or services best suitable for you.

Additionally, we may work with analytics partners who collect, and with whom we may share data about customers on our site and app visitors, to conduct analytics on our behalf and for others. Accordingly, we may share Technical Information (see above) including device (including mobile device) identifiers, location data, demographic, online behavioral information, and or data about your interests (collectively, “Analytics Data”) with third-party advertising partners or networks who may use that data to serve you with interest-based or targeted ads for products and services offered by us or them. This Analytics Data does not directly identify you. The use of this information is governed by the third parties’ privacy policies. Alternatively, collection ad sharing may be through cookies, pixels, web beacons, APIs, or similar technologies as set forth herein.

TRANSFERS OF YOUR PERSONAL DATA

We may disclose and transfer your personal data to the parties below (or to other parties to the extent permitted or required by applicable law):

Company Affiliates. You acknowledge and agree (to the extent such agreement is valid under applicable law) that, to the extent applicable, we may share your personal data within Company affiliates and may transfer your personal data for the use of other Company cin accordance with applicable law, for example, when an affiliate is involved in the provision of the services to you or to other group companies. This may include, for example, billing and delivery of your purchases, provision of services such as customer service, development and maintenance of digital solutions and managing, analyzing and profiling/personalization of customer data as set forth above. Other affiliates of the Company than the one you have separately subscribed to as a consumer, will not send you e-mail or text message-based marketing.

Opting Out from E-mail/SMS-based Marketing. You may opt-out from marketing e-mails by following the guidance in those e-mails (typically provided via “unsubscribe” link) or by contacting the Company as set forth in the e-mail and/or website. If you opt-out, we may still send you non-marketing e-mails, such as service notifications or other information. You may also opt-out from any SMS based direct marketing by contacting the Company as set forth on Company’s website (or via SMS as may be applicable).

Service Providers and Authorized Third Parties. We may transfer your personal data to authorized third parties who process personal data on behalf of Company for the purposes described in this Privacy Policy, for example, technical, logistics, e-commerce, marketing, and/or other service providers. Such parties are not permitted to use your personal data for any other purpose than the reason for which personal data was collected, and these authorized service providers are required to act consistently with applicable law and this Privacy Policy, as well as to use appropriate security measures to protect personal data. We may also transfer your personal data to a service provider or third-party, if you use such services where a service provider or third-party needs to process such data for the provision of the respective service, or where you separately agree that a service provider or third-party may process your data.

International Transfers. Our products and services may be provided using resources and servers located in various countries around the world. Therefore, your personal data may be transferred outside the country where you use our services, including to countries outside the European Economic Area (EEA), where the level of data protection may not be deemed adequate by the European Commission. In such cases we take steps to ensure that adequate protection for your personal data is provided as required by applicable laws. For international transfers of your personal data, we generally rely on agreements that are based on the Standard Contractual Clauses (“SCCs”) of the European Commission. Subject to you enabling non-essential cookies by giving consent via our cookie banner or Cookie preference center, some of the non-essential third-party cookies used in our website may transfer your personal data (such as IP-address) to countries outside the EEA such as the USA. See our Cookie Policy for further information. Other disclosures: We may disclose and otherwise process your personal data in accordance with applicable laws to defend Company’ legitimate interests, for example, in civil or criminal legal proceedings.

Mergers, Acquisitions, Business Transactions and Transfers. We may disclose and/or transfer your personal data to prospective or actual purchasers and their advisers in connection with mergers, acquisitions, sales, reorganizations, or other transactions, transfers or changes of control involving Company, its services, applications, or business. We may also receive personal data from sellers and their advisers for such transactions.

DATA CONCERNING MINORS

Company does not seek to collect any information from, or engage in any transactions with, persons under legal age in their respective jurisdiction. Our databases may nevertheless contain personal data of minors as it is not always possible to precisely determine the age of a user. We reserve the right to block the service from any person who is, or whom we reasonably suspect of being, a minor. Company’s policy is to request that minors do not make purchases or engage in other legal acts on our products and services unless otherwise permitted by applicable law.

DATA QUALITY AND RETENTION

We take reasonable steps to keep personal data accurate and up-to-date, and to delete out-of-date or otherwise incorrect/unnecessary personal data. Certain Company products and services may allow you to manage your profile and information in your profile. We encourage you to access your personal data via your profile from time to time to ensure that it is correct and up to date. Please remember that for such electronic services where you may manage your profile, it is your responsibility to provide us with correct details as well as to update the personal data in the event of any change. We store your personal data only for the time period necessary to achieve the purpose in question (or as long as required by applicable law).

DATA SECURITY

Company implements appropriate technical and organizational security measures to prevent and minimize risks associated with providing, storing, and processing personal data. Such security measures include, by way of example, firewalls, secure server facilities, encryption, implementing proper access-rights management systems, careful selection of processors, sufficient training of Company’ personnel involved in the processing, and other necessary measures to provide appropriate protection for your personal data against unauthorized use or disclosure. We may also take back-up copies and use other similar means to prevent accidental damage or destruction of your personal data. If a particular part of a Company website supports on-line transactions, we will use an industry standard security measure, such as the one available through “Secure Sockets Layer” (“SSL”), to protect the confidentiality and security of online transactions and relevant personal data.

USE OF COOKIES, WEB BEACONS, AND SIMILAR TECHNOLOGY

From time to time when you visit a Company website, subject to your consent in accordance with applicable law, information may be placed on your computer to allow us (or third parties) to recognize your computer in the form of a text file known as a “cookie.” Our use of cookies is intended to provide benefits to you, such as eliminating the need for you to enter your password frequently during a session or the need to re-enter items you place in a ‘shopping cart’ if you do not finish a transaction in a single visit. Cookies are also used for website traffic analysis and profiling. We may use similar technologies (such as APIs) in conjunction with third parties for this purpose. Further information on our use of cookies can be found in our Cookie Policy and in the Cookie settings. Parts of the Company website may, subject to your consent in accordance with applicable law, also use other kinds of local storage technologies, such as Local Shared Objects (also referred to as “Flash cookies”) and HTML5 local storage. These technologies are similar to the cookies discussed above in that they are stored on your device and can be used to store certain information about your activities and preferences. However, these technologies may make use of different parts of your device from standard cookies, and so you might not be able to control them using standard browser tools and settings. Company may also use web beacons (or “pixel tags”). However, we do not use web beacons to identify individual users personally. Web beacons are typically graphic images that are placed on a website and used to count visitors and/or to access certain cookies. This information is used to improve our services. Web beacons do not typically collect any other information than what your browser provides us with as a standard part of any internet communication. If you turn off cookies, the web beacon will no longer be able to track your specific activity. The web beacon may, however, continue to collect information relating to visits from your IP-address, but such information will no longer be personally identifiable. You may modify your cookie preferences in your browser settings and/or in Cookie settings. However, we may not be able to provide certain services, or you may not be able to view certain parts of the website, if you have disabled cookies. Some of our business partners whose content is linked to or from our website may also use cookies, web beacons, APIs, or similar technologies, however, we have no access to, or control over, any such third party cookies, APIs, or similar technologies.

YOUR RIGHTS

You have the right to request information and access the personal data we have collected from you and of you. You also have the right to request that we replenish, rectify, anonymize, or delete any incomplete, incorrect, unnecessary, or outdated personal data we hold. However, we cannot delete such personal data that is necessary for compliance with binding legal obligations or if the personal data must be retained according to applicable laws. You have the right to request and receive the personal data we have collected on you in a commonly used and machine-readable form. In case you (i) consider your personal data collected to be inaccurate, (ii) you do not wish your personal data to be deleted where the processing of your personal data has been deemed unlawful or the personal data is no longer necessary, or (iii) you have objected to processing and the existence of legitimate grounds for processing is still under consideration, you may request restriction of processing of your personal data. You may also at any time object to your personal data being processed for direct marketing purposes, sending promotional materials, profiling, or for the performance of market research. Further, where your personal data is processed based on your consent, you have the right to withdraw your consent for such processing at any time. If you wish to exercise your rights mentioned above, you may, as appropriate and in accordance with applicable law, do so by contacting us through the contact points referred in such marketing materials, on the website, or below in this Privacy Policy. In some cases, especially when you wish to delete or cease the processing of your personal data, this also may mean that we will not be able to continue to provide the services to you. We encourage you to use profile management tools as may be made available by us for the above purposes as such tools often provide you with direct access to your personal data and allow you to effectively manage it. Please note that the Company may need to identify you and to ask for additional information in order to be able to fulfill your above requests. Please also note that applicable law may contain restrictions and other provisions that relate to your above rights.

COMPLAINTS

In the event you consider Company’s processing activities of your personal data to be inconsistent with the applicable data protection laws of your jurisdiction, or that Company has not sufficiently ensured the realization of your rights, you may file a complaint with the local supervisory authority responsible for data protection matters. 

CONTROLLER OF PERSONAL DATA AND CONTACT DETAILS

The data controllers responsible for the purposes of the applicable data protection laws are, as applicable:

Society of the Original Wine World, LLC

3636 N. Causeway Blvd., Suit 300

Metairie LA 70002

Toll Free: 888.609.4608

If you are using http://www.winegrower.co website, your data controller is Company. You may contact us either via the contact details above or via our online contact form. When contacting us via our webform, please select “Personal Data Management” as the topic.

CHANGES TO THIS PRIVACY POLICY

Company may from time-to-time update and change this Privacy Policy. If the changes include new purposes of processing, Company will provide prior notice of such changes and, where applicable, request your consent.

CALIFORNIA RIGHTS

This section fully incorporates all of the above stated Privacy Policy as if fully set forth below and your rights under the CCPA are intended to supplement the rights set forth therein.

RIGHT TO KNOW AND ACCESS

California residents have the right (upon a verifiable request) to request the following:

(1) The categories of personal information collected about you.

(2) The categories of sources from which personal information is collected.

(3) The business or commercial purpose for collecting or selling personal information.

(4) The categories of third parties with whom we share personal information.

(5) The specific pieces of personal information we have collected about you.

Please note that the Company may need to identify you and/or ask for additional information in order to be able to verify and/or fulfill your request. You may make your request using the contact details above or through the online contact form. In both instances, you may be required to provide your email address on file with us among other verifying information. We will acknowledge your request within 10 days. Upon verification of your identity, we will fulfill your request. However, we will not provide any information that we reasonably believe may be subject to fraudulent action. To contact us for Right to Know inquiries, please email us at legal@openworldlabs.io, include your name and/or username, and list “CCPA – Right to Know” as the topic. Please note, to properly ensure that all personal information is permanently deleted, you should also delete your cookies from your browser (refer to our Cookie Policy) and decline giving your consent via our Cookies settings.

RIGHT TO REQUEST DELETION

California residents have the right to request deletion of their personal information collected or maintained by Company. Please note that the Company may need to identify you and ask for additional information in order to be able to verify and/or fulfill your request. You can make your request using the toll-free number or by emailing legal@openworldlabs.io and include your name and/or username and listing “CCPA Right to Deletion” as the topic. In both instances, you may be required to provide your email address on file with us among other verifying information. We will acknowledge your request within 10 days. Upon verification of your identity, we will fulfill your request. However, we will not provide any information that we reasonably believe may be subject to fraudulent action. Please note, that to ensure that all personal information is permanently deleted, you should also delete your cookies from your browser (refer to our Cookie Policy) and decline to give your consent via our Cookie settings.

DO NOT SELL MY INFORMATION

You have the right, at any time, to direct any business that sells personal information about you to third parties to not sell your personal information. This is the “Right to Opt-Out of Sale”. The meaning of “sale” under the CCPA is broadly defined and can include sharing your information for any economic benefit. Company shares your information with service providers and other authorized third parties as set forth in the Privacy Policy above. To the extent that any such third party is not considered a service provider under the CCPA or the CCPA is interpreted in a way that any action of Company is a “sale”, is “selling”, or otherwise deriving an economic benefit from the sharing of your personal information as described in this Privacy Policy and to the extent that you wish us not to share such information, please submit your request using the methods listed herein. Please note that the Company may need to identify you and ask for additional information to be able to verify and/or fulfill your request. You can make your request using the toll-free number or through the online contact form. In both instances, you may be required to provide your email address on file with us among other verifying information. We will acknowledge your request within 10 days. Upon verification of your identity, we will administer your request. Please be advised that a request to “Do Not Sell My Info” will result in the deletion of all information that the Company has on file for you. To contact us for Do Not Sell My Info inquiries, please email us at legal@openworldlabs.io, include your name and/or username and list “CCPA – Do Not Sell My Info” as the topic. Please note, to properly ensure that all personal information is not shared/sold, you should also delete your cookies from your browser (refer to our Cookie Policy) and decline to give your consent via our Cookie settings.

CALIFORNIA MINORS only: See also DATA CONCERNING MINORS above. As a general rule. businesses are not permitted to sell your information unless you are between 13 and 16 years of age, or if your parent - if you are under 13 years of age - has affirmatively authorized the sale/sharing of your information. This is the right to opt-in. If you are under the legal age in the country you reside in, and in any such instance, under the age of 16, we do not seek to engage with you in any transaction, whether tracking by cookies or otherwise.

OTHER RIGHTS

You have the right not to be discriminated against because you exercised any of your rights under California law. You also have the right to designate an authorized agent to make any CCPA request on your behalf. Company reserves the right to ask for proof that such agent is in fact authorized by you.