SECTION 1 - PRIVACY AND YOUR PERSONAL DATA
It also describes enhanced web security features designed to protect you, such as HTTPS.
The holding and use of your personal information comply with the Data Protection Act. It is also compliant with the GDPR (General Data Protection Regulation), which came into force on 25 May 2018. Regular reviews will ensure ongoing compliance.
SECTION 2 - ABOUT GDPR
The GDPR applies throughout the European Union (EU). It strengthens, harmonises, and modernises EU data protection law and enhances individual rights and freedoms. It is consistent with the European understanding that privacy is a fundamental human right. The GDPR regulates how individuals and organisations may obtain, use, store, and destroy your personal data.
The GDPR covers all institutions established in the EU. It also includes all systems outside the EU that process the personal data of EU citizens. For the avoidance of doubt, the intention of the UK to leave the EU (“Brexit”) is immaterial to GDPR compliance. The penalties for non-compliance are stringent.
LITTLEWINE Limited, established in the UK, is the Data Controller. Daniela Pillhofer, Co-Founder and Director, is the Data Protection Officer. Contact her via the website.
SECTION 3 - THE LITTLEWINE WEBSITE
When you visit www.littlewine.co, we use a third-party service, Google Analytics, based in the USA. They collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed anonymously, which does not identify anyone. Neither ourselves or Google Analytics tries to find out the identities of those browsing our website. Google Analytics participates in and has certified its compliance with the Privacy Shield framework. They treat all personal data received from EU member countries under the Privacy Shield framework. Further details about Google Analytics compliance can be seen here.
SECTION 4 - PERSONAL INFORMATION COLLECTED
When you visit the LITTLEWINE website, you may provide personal information. This information is the minimum required to operate our services and requires your positive consent. It includes your name and email address and is collected by:
Completing a Contact Us form on the site;
Subscribing to a Newsletter/Update to receive news, promotions, information or updates;
Commenting on published Products, and Blog Posts;
Email, where we may retain your email messages, your email address and our responses;
Digital Information is also sent to the website from your access device. This is on the device used, location and IP address.
LITTLEWINE does not and will never collect sensitive personal data. Examples include health or financial information or information that reveals a person’s racial or ethnic origin. LITTLEWINE does not conduct personal data Profiling.
SECTION 5 - COOKIES
Hence by using the LITTLEWINE website, you agree to cookie use. If you do not accept this, you can alter your own browser settings. You can turn off cookies or block those which are unacceptable to you. You can also delete existing cookies. All modern browsers allow you to do this and your browser settings have instructions on this.
SECTION 6 - HOW DO WE USE THE INFORMATION YOU PROVIDE?
We use your information in the following ways:
present content from our website in the most effective manner for you and your device;
notify you of any changes;
provide you with any news, promotions, information or updates using Klaviyo;
update our records;
provide anonymised usage statistics using Google Analytics.
SECTION 7 - PERSONAL INFORMATION AND THIRD PARTIES
We do not sell personal information collected by the website to any third party. Transfer of personal data for data processing is only made to Google Analytics, Spotify or Klaviyo. These third-party data processors are outside the EU as described above and below. Notwithstanding this, we are under a duty to disclose or share your information to comply with any legal obligations.
SECTION 8 - YOUR CONSENT
Consent is the legal basis for processing your personal data according to the GDPR.
The LITTLEWINE Newsletter/Update subscription, Contact Me form and Article Comment is optional. They require your positive consent to collect and use your personal data. You may sign up for the Newsletter/Update, use the Contact Me form or leave Comments on published Articles. You must positively give your consent to each of these by ticking a blank box.
The Newsletter/Update is an optional free subscription service which requires your positive consent when first signing up. You may unsubscribe from this subscribed Newsletter/Update service at any time. All Newsletter/Updates sent contain automatic unsubscribe links.
The Contact Me/Article Comment facilities require your positive consent for each usage.
You can refuse consent without detriment.
The Newsletter/Update is constructed, sent and analysed by Klaviyo. Klaviyo is a data processor in the USA. It gathers statistics on email opening, location and clicks using their technologies. Klaviyo participates in and has certified its compliance with the Privacy Shield framework. They treat all personal data received from EU member countries under the Privacy Shield framework.
SECTION 9 - YOUR RIGHTS
You may request access to your personal data that we collect online and maintain by contacting us at any time without charge. Exceptionally, if the application is unfounded, excessive, or repetitive, we may charge a fee based on our administrative costs. We will respond within one calendar month of the request date.
You have the right to ask us not to process information for marketing purposes. Any marketing will cease immediately upon receipt.
You have the right to have any of your personal data held by us securely erased, restricted or rectified. We will respond without undue delay, and in any case within one calendar month.
You may unsubscribe from a subscribed Newsletter/Update at any time.
SECTION 10 - SECURITY AND TRUST
Instead of HTTP, the LITTLEWINE website uses an SSL EV Certificate for enhanced safety and privacy, using HTTPS. Consequently, in your browser, you may see this as:
Our name, as we own the EV certificate;
A distinctive colour, usually green. This is shown in the address bar to indicate a valid EV Certificate;
A lock symbol in the address bar. It varies in colour depending on the website security status. By clicking on the lock symbol, you can obtain more information about the EV certificate.
HTTPS is much more secure than HTTP. However, we cannot guarantee the security of your data during transit to our website. Once we have received it, we use security features to prevent unauthorised access.
Last updated 1 April 2020