Who we are
Our website address is: https://cedarridgewhiskey.com.
Cedar Ridge Winery and Distillery (Cedar Ridge) is committed to protecting the privacy of our customers and visitors. This statement details the steps we take to protect personal information provided on our websites. It describes the types of personal information that we collect, the purposes for which we use such information, and the choices our users have regarding our use of it. The steps we take to protect personal information and how it can be reviewed and corrected are also covered here. By accessing our websites, users are consenting to the information collection and use practices described in this privacy statement.
Our collection of information
In the course of a visit to a Cedar Ridge website, we collect a variety of information directly from visitors and customers. Anyone can visit any Cedar Ridge website without entering any personal information. On certain pages, users may be asked for personal information to provide a service or carry out a transaction that they have requested. The personal information we collect from a user in any of these circumstances may include:
- contact details, such as a user’s name, company/organization name, e-mail address, telephone and fax numbers, and physical address;
- information about the user’s company/organization and role;
- country of residence, which allows us to determine a user’s eligibility under export control regulations to receive shipments of certain products;
- e-mail marketing preferences;
- information used to customize and facilitate the use of our websites, including login and technical information;
- financial information, including credit card or bank account information;
- inquiries about and orders for our products and services;
- information that assists us in identifying the products and services that best meet our customers’ and visitors’ needs;
- event and service registration information;
- feedback from users about our websites and about our products and services in general;
- the content of a testimonial, rating, review or comment, or other user-generated content that may be posted publicly on our sites. We also collect and securely store information about our customers from sources other than our websites:
- information about our customers’ transactions with us and our affiliates, such as account balances, payment history and account activity, for web transactions as well as purchases made via telephone, fax or at one of our retail locations.
INFORMATION WE COLLECT FROM VISITORS TO OUR WEB SITES
Web Server Log Files
As is common with websites providing e-commerce services, a record of all visits to the Cedar Ridge family of sites is stored on our web servers. These log files include data that is not associated with any visitor’s identity that is not used to associate with personally identifiable information provided by any visitors to our sites. Information collected in these logs includes details such as a visitor’s IP address, browser type, referring page and time of visit. We also collect information about visits to our sites, including what pages are viewed, the number of bytes transferred, the links clicked, the materials accessed, and other actions taken within Cedar Ridge’s sites. On sites that are entered with a user ID, we may connect this information with the identity of the registered user to provide the user restricted access to transaction histories, to allow the user to view and modify personal data and preferences, and to determine the user’s potential interest in our products and services.
Many of the advanced functions available to users of our sites require the use of files called cookies, which store a small digital record of user preferences and recent activity on our visitor’s computers. While cookies are not required in order to browse our site, they are an integral part of the purchasing process.
When customers register an account with a Cedar Ridge site, we gather the email address and password provided. Passwords are stored in an encrypted format for the protection of our customers. Email addresses provided to us for the purposes of creating an account or subscribing to a newsletter are stored securely on our servers.
We maintain data on customer transactions made on our websites, and store that data securely on our servers.
Credit Card Information
In the course of completing an online transaction, we collect credit card information from customers using secure industry-standard data encryption technology.
HOW WE USE THE COLLECTED INFORMATION
We use our customers’ personal information to deliver services or carry out transactions they have requested, such as providing information on products, processing orders, answering customer service requests, facilitating the use of our websites, and so forth. In order to offer a more consistent experience in interactions with Cedar Ridge, information collected by our websites may be combined with information we collect by other means.
Web Server Log Files
We use the information collected in our server logs to analyze how visitors use our sites, to improve the efficiency of our systems and to enhance the quality of the user experience on our sites. This data is useful in analyzing the performance of the hardware and software that run our sites, as well as supporting the analysis of site security. Cedar Ridge uses the Constant Contact CRM and marketing platform to securely retain data. All users have a “right to be forgotten” and may request so by calling our offices at 319-857-4300 or sending an email to firstname.lastname@example.org.
Cookies and Tracking Pixels
We may use session cookies (cookies that are deleted when the browser session ends) to store user IDs, elements of user profiles, to facilitate movement around our websites (particularly in connection with information searches and order placement) and other information useful in administering the session. We may also use this information to make our websites easier to use by eliminating the need for customers to repeatedly enter the same information or by customizing our websites to their particular preference or interests. Our sites also may contain electronic images known as tracking pixels that allow us to count the number of users who have visited those pages. We may include tracking pixels in promotional e-mail messages or newsletters in order to determine whether messages have been opened and acted upon.
We use Google Analytics, Google AdWords Conversion tracker, and other Google services that place cookies on browsers visiting our websites. These cookies are set and read by Google, and they are used to increase the effectiveness of our websites for our visitors. To opt out of Google tracking, please visit this page.
We use Google AdWords remarketing to market our sites across the web, which places a cookie on browsers visiting our sites. Google reads these cookies and may serve ads on other sites based on pages and products viewed on our sites. You may opt out of this advertising program by visiting Google’s opt out page. If you are concerned about 3rd party cookies served by other networks, you should also visit the Network Advertising Initiative opt-out page.
We use Constant marketing platform and CRM to collect insights on user behavior and manage our content marketing to subscribers and contacts who provide us with their contact information for the purpose of communications.
Email addresses provided to us for the purpose of creating an account are used in the course of communications concerning transactions or other customer service activities. Email addresses provided to us by those opting in to our newsletters and marketing communications are used to inform participants of sales, promotions, events and activities we feel might be of interest to our subscribers. It is the policy of Cedar Ridge not to sell, rent, lease or otherwise distribute email addresses of our customers or subscribers to any third parties for any purpose.
With our customers’ permission, we may use their personal information gathered via our websites to inform them of products or services available from Cedar Ridge. When collecting information that might be used to contact customers about our products and services, we will always provide the opportunity to opt-out of receiving such communications. Moreover, each e-mail communication we send includes an unsubscribe link allowing customers to stop delivery of that type of communication. If they elect to unsubscribe, we will remove them from the relevant list immediately.
Records of online customer transactions are stored securely on our servers, and accessible to our accounting and customer service staff. Customers who have made purchases on a Cedar Ridge web site will have access to records of their past online purchases by logging in to the appropriate site with their email address and password.
Credit Card Information
Credit card information collected from customers is used to process payment for orders.
Financial Information collected from other sources
Information about our customers’ transactions with us and our affiliates, such as account balances, payment history and account activity, for web transactions as well as purchases made via telephone, fax or at our retail locations may be reviewed in the course of our relationship with our customers or at the request of our customers. Access to order history for offline transactions may be requested at any time from a customer service representative.
Our use of web analytics
Cedar Ridge uses industry standard web analytics to track web visits. Users may opt out of web analytics by installing the following tools on their computer. Please visit https://tools.google.com/dlpage/gaoptout for more information.
DISCLOSURE OF PERSONAL INFORMATION
Except as described below, personal information provided to Cedar Ridge through our websites will not be shared outside of Cedar Ridge without permission. Cedar Ridge contracts with other companies to provide services on our behalf, such as hosting websites, sending out information, processing transactions, and analyzing our websites. We provide these companies with only those elements of our customers’ personal information they need to deliver those services. These companies and their employees are prohibited from using that personal information for any other purpose.
In responding to requests made by customers, we may share their personal information with companies that distribute our products. In those cases, we provide these companies with only those elements of personal information they need to respond to those requests, and these companies and their employees are prohibited from using that personal information for any other purpose.
In connection with standard business practice, we may disclose some or all of our customers’ personal information to financial institutions and shipping companies or postal services involved in fulfillment.
We may disclose personal information if required to do so by law or in the good-faith belief that such action is necessary to comply with legal requirements or with legal process served on us, to protect and defend our rights or property, or in urgent circumstances to protect the personal safety of any individual.
Cedar Ridge is committed to protecting the security of the non-public personal information shared with us by our customers. We maintain physical, electronic and procedural safeguards to help protect that non-public personal information from unauthorized access, use, or disclosure. Our payment processing systems, as well as those of our partners in payment processing, are PCI compliant, using industry-standard Secure Socket Layer (SSL) technology to encrypt sensitive customer data both in transit and in storage. This technology is designed to prevent unauthorized persons from accessing your personal information in the course of a transaction. We store the personal information provided electronically by our customers on computer systems with limited access, that are located in facilities to which access is limited. When our users visit any of our sites that require a login, or move from one site to another that uses the same login mechanism, we authenticate and verify users’ identities by means of an encrypted cookie placed on their computers. For sites using a login, it is each user’s responsibility to ensure the security of their password and not to reveal this information to others.
Reviewing personal information
In some cases, our customers can review and correct personal information provided through our websites by going to the page on which they provided the information. Customers can make a request to review and correct any personal information collected via our websites, or request Cedar Ridge to stop using it by completing our Contact Us form. We may take steps to verify the identity of the person making the request before providing any access to personal information. Customers can help us to maintain the accuracy of their information by notifying us of any change to their mailing address, phone number, or e-mail address.
Children’s online privacy
Cedar Ridge is committed to protecting the online privacy of children. Our websites and online marketing activities are designed and intended for a general audience, and are not meant to market directly to children. To protect the privacy of children, Cedar Ridge websites and mobile applications do not knowingly collect personal information from anyone under the age of 13 without prior parental consent. If you believe we may have collected information from your child without your consent, please use our contact form in the footer of this site to inform us of this collection, and we will work to correct the situation in a timely manner.
Links to other sites
Our websites may contain links to other sites and content such as social media, video archives, professional, non-profit and government organizations, and publications. We also link to third-party providers that host, maintain and operate a variety of web-based services. While we try to link only to sites and services that share our high standards and respect for privacy, we are not responsible for the content, security, or privacy practices employed by other companies and their sites. For sites using a login, it is each user’s responsibility to ensure the security of their password and not to reveal this information to others.
COMPLIANCE WITH THE GENERAL DATA PROTECTION REGULATION (GDPR)
Cedar Ridge’s procedures and policies meet the general spirit of GDPR. In the event of a security breach of our contact’s private data, all reporting protocols will be met. Data collection will be considered valid until a contact requests to be removed from communications, have their data deleted or otherwise requests clarification on data use.
Should a contact residing in the EU at the time submit their information, Cedar Ridge will follow GDPR requirements as they pertain to all policies stated within this statement.
Questions regarding this statement or our handling of personal information should be addressed through our Contact Form. We will promptly address any concerns and strive to reach a satisfactory resolution.
Changes to this privacy statement
Cedar Ridge may occasionally update this privacy statement. When we do, we will revise the “last updated” date at the bottom of the privacy statement.
March 14, 2019