By swiping to enter, you are automatically accepting the use of cookies on this site and confirming you are of legal drinking age in your country.
If you have an account please login below
Dear member, To gain access to our events, case discounts and more please login to your account below. Your account will have been set up offline with the Hundred Hills team.
If you would like to purchase our wines online please register for an account
Register NowIf you would like to purchase our wines online please register for an account
Hundred Hills respects your privacy and is committed to protecting your personal data. This Privacy Policy (the “Policy”) describes how we collect, process and share your personal data in the course of our business, when you visit our online shop www.hundredhills.wine, your privacy rights, and how the law protects you.
This Policy is issued on behalf of the The Winery at Hundred Hills Limited (“Hundred Hills”), so when we mention “we”, “us” or “our” in this Policy, we are referring to Hundred Hills who are responsible for processing your data. The Winery at Hundred Hills Limited (reg. no. 8269454), with registered address at 2 Communications Road, Greenham Business Park, Newbury, Berkshire, United Kingdom, RG19 6AB as the controller and responsible for this website.
We are registered as a Data Controller under the Data Protection Act 2018 with the Information Commissioner’s Office under registration number ZA669673.
If you have any questions about this policy or if you want to exercise any of your data protection rights then you can contact us by email to info@hundredhills.wine or by post to the registered address.
This Policy applies to anybody who browses our webpage(s) or who provides personal data via our website at www.hundredhills.wine (our “Website”). It also applies to those who request communication via our Website, orders products via our Website, those who post material on our Website or social media sites, and to personal data processed in pursuit of our own marketing and business development efforts. We may also ask you for personal data when you report a problem on our Website.
This policy does not apply to the personal data of our Job Applicants, Employees, Agents and Contractors. The fair, lawful and secure processing of these types of data is governed by other company policies outside the scope of this Policy.
This Website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this Policy together with any other privacy policy or fair processing policy we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Policy supplements other notices and privacy policies and is not intended to override them.
This Policy was last updated on 9 December 2024. Future changes we may make to our Privacy Policy will be uploaded to our website. If the changes are significant then we will notify you directly.
By submitting personal data to Hundred Hills you acknowledge and accept the practices described in this Policy.
We will endeavour to bring this Policy to your attention every time we ask for your personal information and we will seek your specific consent whenever this is required.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity concerned has been removed.
We may collect (and subsequently use, store and transfer) the following personal data about you:
You are not obliged to provide your personal data to us, but if you fail to provide personal data required to allow us to fulfil our contract with you, for example a delivery order for our products, we may not be able to carry out the contract and may have to cancel the relevant order or service in these circumstances.
How we process your personal data
This section explains what data we process about you, the purpose of the processing and what lawful basis we rely upon to carry out that processing.
Categories of data | Purpose | Lawful basis |
Customers and prospective customers | ||
Name, contact information. | To respond to your enquiry by email, phone, in person or through our website. | We have a legitimate interest in responding to your enquiry. |
To send you marketing communications about our business. | We have obtained your opt-in consent.
If you are an existing customer of ours, we instead have a legitimate interest in advertising similar goods/services to you under the soft opt-in. |
|
Name, contact information, payment information. | To provide you (or your organisation) with the services you have requested from us. | If the contract is with you directly, the processing is necessary for us to comply with our contractual obligations, including if we need to take pre-contractual steps such as providing a fee quote.
If the contract is with your organisation then we have a legitimate interest in processing your information because it is necessary to provide our services to your organisation. |
For record-keeping. | We have a legal duty to keep certain records.
For other records we have a legitimate interest in keeping records to help operate our business. In particular, to help us resolve any disputes which might arise in the future. |
|
Suppliers, contractors and intermediaries | ||
Name, contact information, payment information. | To administer the contract between us (or your organisation), including making payment. | If the contract is with you directly, the processing is necessary for us to comply with our contractual obligations, including if we need to take pre-contractual steps such as requesting a fee quote.
If the contract is with your organisation then we have a legitimate interest in processing your information because it is necessary for us to comply with our contractual obligations to your organisation. |
For record-keeping. | We have a legal duty to keep certain records.
For other records we have a legitimate interest in keeping records to help operate our business. In particular, to help us resolve any disputes which might arise in the future. |
Under data protection law you can exercise your right of access (also known as a ‘subject access request’) by making a written request to receive copies of some of the information we hold about you. We may request proof of your identity, or proof of your authority if making the request on behalf of someone else, before we can supply the information to you. Requests should be sent to us using the contact details set out at the top of this policy.
You do not need to pay a fee to exercise this right unless you are requesting copies of documents you already hold, in which case we may charge our reasonable administrative costs. We are also allowed to charge you for our reasonable administrative costs in collating and providing you with details of the requested information which we hold about you if your request is clearly unfounded or excessive.
In very limited circumstances, data protection law permits us to refuse to comply with your request. If we refuse to comply then we will notify you of that fact.
Your personal information is not shared with anyone except where we are required to do so to comply with the law, to protect our rights, or to effectively operate our business.
We may share your information with the following people or groups of people:
We do not transfer your information outside of the UK.
Under data protection law you have the following rights:
You also have the general right to complain to us (in the first instance) and to the Information Commissioner’s Office (if you are not satisfied by our response) if you have any concerns about how we hold and process your information. The Information Commissioner’s Office website is www.ico.org.uk.
For further information on your rights under data protection law and how to exercise them, you can contact the Information Commissioner’s Office (www.ico.org.uk).
We only keep your information for as long as it reasonably takes to achieve the purpose we collected it for. Generally speaking, we keep your information for the following periods of time:
We have taken appropriate technical and organisational measures to ensure our own and our suppliers’ information security standards are appropriate to the risks associated with the personal data processing we undertake. Our security objectives include guaranteeing the confidentiality, integrity and availability of personal data and the resilience of the systems that process it. We have also put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
It is your responsibility to keep the password provided to you on registration secure and confidential at all times. We will not be held liable for any breach of data protection law arising from your improper use of the Website, or due to your password details being disclosed to any third party. In the event you have reason to believe your interactions with us are not secure, or the integrity of your login has been compromised, please contact us immediately.
Our Website uses cookies. By using our Website and agreeing to this policy, you consent to our use of cookies in accordance with the terms of this policy.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. Cookies are very easy to delete and block.
We use cookies for the following purposes:
Our service providers use cookies and those cookies may be stored on your computer when you visit our Website.
Like most modern websites we use Google Analytics to analyse the use of our Website. We also use Social Media buttons to connect our visitors to their social accounts on Instagram, LinkedIn and others. Google Analytics gathers information about website use by means of cookies. The information gathered relating to our Website is used to create reports about the use of our Website. Google’s privacy policy is available at: www.google.com/policies/privacy. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google.
Most, if not all, browsers allow you to refuse to accept cookies by adjusting your settings. For example: (1) in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector; (2) in Firefox you can block all cookies by clicking “Tools”, “Options”, and un-checking “Accept cookies from sites” in the “Privacy” box.
You can also delete cookies already stored on your computer: (1) in Internet Explorer, you must manually delete cookie files (you can find instructions for doing so at http://support.microsoft.com/kb/278835); (2) in Firefox, you can delete cookies by, first ensuring that cookies are to be deleted when you “clear private data” (this setting can be changed by clicking “Tools”, “Options” and “Settings” in the “Private Data” box) and then clicking “Clear private data” in the “Tools” menu.
Doing this may have a negative impact on the usability of many websites. In the case of our Website, disabling cookies means its functionality will be impaired.
In relation to any queries about this Policy or any other data protection matters, please email our DPO at fiona@hundredhills.wine
December 2024
© The Winery at Hundred Hills Limited. Registered in England No. 8269454. VAT NUMBER GB 220 7596 15. Registered Office: 2 Communications Road, Greenham Business Park, Newbury, Berkshire, United Kingdom, RG19 6AB.