Our web servers honour the DNT setting in all web browsers that currently support it. This means that you
opt out of our and third-party tracking services, including behaviour advertising.
Communicating With Us
If you choose to contact Coravin staff using an email address, a discussion forum, a blog, a text
message or other electronic communications method, or if you choose to complete an online form
provided on a Coravin website (for example, a customer feedback form), we may ask you to provide
your name, email address or other personal data. You will be provided with a notice of collection
statement, which includes Coravin's legal authority for the collection; the principal purposes for
which the personal data is intended to be used; and the title, business address and business
telephone number of a Coravin employee who can answer questions about the collection.
The purpose of collecting this information is to allow staff to respond to your inquiry or to
evaluate individual web services. Only authorised staff will have access to the information
provided, and the information will be used only for the purpose for which it was intended.
Completed surveys are sent to staff anonymously. We will ask you to provide us only with a method of
contacting you (email, phone, fax or mailing address) if you wish to be included in future surveys
or to have us respond to you.
Coravin implements commercially reasonable technical and organisational security controls to protect
your personal data against theft, loss or misuse. Your data will be stored in a secure operating
environment that is not accessible without authorisation. Coravin applies mitigation measures
following periodic risk assessments to ensure an adequate level of protection of your personal data.
Coravin has put in place appropriate physical, technical and administrative procedures to safeguard
and secure the information from loss, misuse, unauthorised access, disclosure, alteration or
destruction. Coravin cannot guarantee the security of information on or transmitted via the
When you enter sensitive information (such as credit card numbers and passwords):
- We encrypt that information to protect against eavesdropping using an industry-standard Secure
Hash Algorithm (SHA-256) to hash all data that does not require decryption such as password.
- This data is further protected by encryption in storage.
- When you purchase items on the Coravin web sites, the order information, including your billing
address and credit card information, will be provided to a PCI-compliant third party payment
processor and the transmissions of credit card information always will be encrypted using
industry standard encryption technology called secure socket layers (SSL). Coravin does not
store credit card information on our servers. Only a validation code is transmitted to us over
the internet allowing us to proceed with the transaction.
- We also use measures to enhance security, such as analysing account behaviour for fraudulent or
otherwise anomalous behaviour.
- We may limit use of site features in response to possible signs of abuse, may remove
inappropriate content or links to illegal content, and may suspend or disable accounts for
violations of our terms and conditions https://www.coravin.com/privacy-legal/.
Personal Data About Minors and Children
If you are under 18, please do not provide any personal data about yourself to us. If we learn that
we have collected personal data from a child under 18, we will delete that information as quickly as
possible. If you believe that we might have any information from a child under the age of 18,
without covering parental or guardian consent, please inform us through the "Contact Us" page.
Coravin does not knowingly collect data from or about children under 18. If we learn that we have
collected personal information from a child under 18, we will delete that information as quickly as
possible. If you believe that we might have any information from or about a child under 18, please
contact us at email@example.com
What Personal Data We Use
Coravin uses the following personal data in line with the use purposes explained below:
- Your name and contact details
- Communication details
- Authentication data
- Online profile data
- Online activity/profile usage
- Purchasing information
- Payment methods and history
- Information about the device(s) you use
- Information about the service usage
- Support information
- Social media profile plug-in information
- Date of birth
- Copy of prove of purchase
- Your credit card information
- Subscription preferences
- Any other information you upload or provide us with
How We Use Personal Data
Coravin uses the information collected to provide a safe, efficient and customized experience.
Here are some of the details on how we do that:
- To process your purchase orders — We use the information we collect to
process and fulfill our purchase orders, to measure and improve your purchase experience and
web site navigation, and to provide you with customer service. We use the information to
prevent potentially illegal activities and to enforce our terms and conditions. We also use
a variety of technological systems to detect and address anomalous activity and to prevent
abuse or fraud. These efforts may, on occasion, result in a temporary or permanent
suspension or termination of some functions for some users.
- To manage product registration and the Club Coravin — We use the
information we collect to provide our services and features to you, to measure and improve
those services and features, and to provide you with customer support.
- To offer promotions, personalized communication and experiences - We use
the information we collect to enable personalized communication, web experience and content
or deliver targeted promotions. You may opt out of all communications except for the order
confirmation, invoices and shipment notification that are essential to your purchase order
How Long We Use Personal Data
To maximise privacy protection, Coravin structurally deletes your personal information after the
useful period. Following legal requirements:
- To process your purchase orders — We retain the personal data as indicated
for this purpose for 3 years after the last purchase for financial audit.
- To manage product registration and the Club Coravin — We retain the
personal data as indicated for this purpose for 3 years after the last product registration
for warranty management.
- To offer promotions, personalized communication and experiences - We retain
the personal data as indicated for this purpose for 3 years.
Who Else May Process Personal Data
Coravin may share the information collected with third parties to provide a safe and efficient
payment processing and fulfil the orders. Here are some of the details on how we do that:
- To make a payment or manage subscriptions: When you make payments on
Coravin's website or subscribe to automatic delivery, we will share transaction information
with those third parties necessary to complete the transaction. We will require those third
parties to respect your privacy, and adequately protect your information.
- To fulfill purchase orders, Coravin makes use of external service providers
that may process your personal data on our behalf. Coravin ensures via contracts and
assurance measures that our promise to protect your privacy is extended to apply to the
processing of personal data by these third parties, where such processing activities are
under the responsibility of Coravin. The following aspects are highlighted for relevance
- To respond to legal requests and prevent harm: Coravin reserves the right
to share your information to respond to duly authorised information requests of governmental
authorities or where required by law. In exceptionally rare circumstances where national,
state or company security is at issue (such as terrorist attacks), Coravin reserves the
right to share our entire database of visitors and customers with appropriate governmental
We never sell your personal data to third parties, such as marketers, without your consent. We do
not provide any personal data to "people finder," "public directory" or "white pages" sites.
If our company is involved in a bankruptcy, merger, acquisition, reorganisation or sale of
assets, your information may be sold or transferred as part of that transaction. The promises in
Your Right to Access Personal Data
In addition to the information that is available on Coravin's website, you have the right to
access the personal data that Coravin holds about you, all subject to the exemptions as
contained in applicable laws and regulations. If you request the data, then Coravin will assist
you. Your identity will need to be confirmed before you are provided with access to personal
data. Generally, Coravin does not charge for providing information, but if the request requires
significant staff time, Coravin reserves the right to charge a fee for such requests.
We ask that you put your request in writing. An access request form is available on Coravin's
website and in all locations for you to fill out.
All formal access requests will be directed to the chief privacy officer, who will then review
each request to determine whether Coravin will disclose the requested information. The privacy
officer will also receive and address all privacy complaints that Coravin receives. The privacy
officer can be reached at the address listed on the "Contact Us" page.
You will be notified if access to the records you have requested is granted or denied, and which
Your Right to Correct or Amend Personal Data
If you believe there is a mistake in your personal data, you have a right to ask for the
information to be corrected. We may ask you to provide documentation to show where Coravin's
files are incorrect. We will amend the erroneous data within 30 days and will notify you once
the correction you have requested has been completed.
Your Right to Be Forgotten
Coravin does not store personal data without a predefined and documented purpose. We follow laws
that require us to delete personal data if the reason for its collection and storage no longer
exists. We believe this fulfils the requirements of the privacy principle of "the right to be
Where the personal data that Coravin holds is based on the consent you provided, and you wish to
be removed from our systems prior to the retention period indicated in the "How Long We Use
Personal Data" section, please contact our privacy officer at the address listed on the "Contact
Enforcement and Audit
periodically verifies that the policy is accurate, comprehensive for the information intended to
be covered, prominently displayed, completely implemented and accessible, and in conformity with
We encourage anyone interested to raise any concerns using the contact information provided in
our "Contact Us" page, and we will investigate and attempt to resolve any complaints and
disputes regarding the use and disclosure of personal data.
Collaboration With Authorities
Coravin will cooperate with the regulatory authorities — in particular, data protection agencies
of the countries in which Coravin operates. This relates in particular to the notification of
privacy breaches as required by law. Coravin will observe the authorities' findings, provided
that they have been rendered following due process of law.
Certain countries provide restrictions relating to automated decisions that affect individuals.
Such automated decisions that affect individuals are decisions that are the result of the
automated processing of personal data and that have a legal effect on the individual or affect
him or her negatively.
Coravin does not render any automated decisions that affect individuals.
Review and Ratification
the home page of our website or, if legally required, by directly sending you a notification. We
helping to protect the personal data we collect. Your continued use of the service constitutes
"Personal data" (or "personal information") means any information relating to an identified or
identifiable natural person. An identifiable person is one who can be identified, directly or
indirectly — in particular, by reference to an identification number or to one or more factors
specific to his or her physical, physiological, mental, economic, cultural or social identity.
"Special Categories of Personal Data" pertains to personal data that reveals racial or ethnic
origin, political opinions, religious or philosophical beliefs, trade union membership, and the
processing of data concerning health or sex life.
"Sensitive personal data" either indicates "special categories" (see above) or is personal data
of which the sensitivity level has been assessed and classified, indicating potential severe
impact on an individual when confidentiality of such data is breached.
" Anonymisation" is the deletion or changing of personal data in such a way that this personal
data can no longer be assigned to a certain or ascertainable individual or only with a
disproportionately high effort in terms of time, cost and work.
"Pseudonymization" is the replacement of an individual's name and other identifiable
characteristics with a label to prevent identification of the individual by unauthorised parties
or to render such identification substantially difficult. Pseudonymization techniques include
certain levels of masking, redaction, tokenisation and/or encryption of personal data.
"Consent" is any freely given, specific and transparently, well-informed indication of the will
of the individual, whereby the individual agrees that his or her personal data may be processed.
Particular requirements about consent can arise from the respective national laws. Where
possible, consent is obtained in an explicit manner (unambiguously).
Complaints and Communication ("Contact Us")
Coravin's website and all its gateways are governed by the policies and principles outlined
above. For more information relating to your privacy, contact:
800 District Avenue
Burlington MA - 01803
+ 1 781 262 3500
Sources and References
Standards and frameworks:
1 EU General Data Protection Regulation (GDPR)