This policy has been updated to include Privacy Provisions for Visitors from EU countries following the Global Data Privacy Regulations – GDPR
The European Union has enacted legislation that governs the way in which privacy is maintained especially for any guests from the EU. Pursuant to that statute, Big Creek Winery (Website Owner) has undertaken a review of the various places in BigCreekWineryTennessee.com (Site) in which your personal information might be seen or listed by the Site. Your personally identifiable information (PII) and other personal data (your “user information”) will be collected, used and share in connection with your access to and/or use of Site and any content features, services or other offerings that Website Owner may provide in connection with the Site.
By using the Site, you consent to the use of your user information in accordance with this Privacy Statement. If you are located in the EU or are covered by the GDPR statute you will be asked to provide clear and affirmative consent to the collection, processing and sharing of your user information via cookies and similar technologies. Site is owned and operated by Big Creek Winery.
In tracking the Site navigation and viewership of the Site, an analytic tool is incorporated into the website. This information is stored for a period of 26 months and any PII is deleted at that time.
Any white papers or newsletters that a user may voluntarily sign up to receive collects names and email addresses submitted by the user. That information is used to return to the user white papers or newsletters and announcements that have been requested. While white papers are downloaded by Visitors as PDFs, newsletters and announcements will arrive periodically. Visitors may elect to discontinue receipts of these newsletters and announcements by dis-enrolling as any communication is received OR by contacting Website Owner directly. All PII information is removed upon that request.
Any Site that incorporates “Forms” create platforms that enable Visitors to voluntarily submit information to Website Owner for use as employment applications, applications for specific service or to submit reviews and feedback to Website Owner. These forms are cleared from the Site monthly. Information from Forms is used by Website Owner to provide the requested services or pursue employment opportunities. This information is considered confidentially submitted by the Visitor to Website Owner and is covered by applicable statutes pursuant to HIPAA, Employment and Labor Law, Credit Application and similar privacy statutes. Additionally, the Software used to establish the Forms is certified as compliant with the GDPR.
For All Users:
What personal information do we collect from the people that visit our blog, website or app?
We do not collect information from visitors of our site without your knowledge or any other details to help you with your experience.
When do we collect information?
We collect information from you when you subscribe to a newsletter or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
• To send periodic emails regarding your order or other products and services.
• Information submitted on online forms is used exclusively for facilitating the patient experience.
How do we protect your information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser’s Help Menu to learn the correct way to modify your cookies.
If you turn cookies off, Some of the features that make your site experience more efficient may not function properly.
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.
Social Media links exist to FaceBook, Google+, Pinterest and Twitter. Google business page links are available for anyone wanting to write a review of your experience. It should be noted that all information written on Google’s review site or any of the social media sites is public and in no way protected content. Those wanting to receive regular newsletters may choose to provide email addresses and names in a secure Google MailChimp database.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en
We have not enabled Google AdSense on our site but we may do so in the future.
California Online Privacy Protection Act
According to CalOPPA, we agree to the following: Users can visit our site anonymously.
Can change your personal information: • By emailing us
How does our site handle Do Not Track signals?
We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third-party behavioral tracking?
It’s also important to note that we do not allow third-party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under the age of 13 years old.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur: We will notify you via email
• Within 7 business days
We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to: • Send information, respond to inquiries, and/or other requests or questions
• Process orders and to send information and updates pertaining to orders.
• Send you additional information related to your product and/or service
• Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CANSPAM, we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can email us at
and we will promptly remove you from ALL correspondence.
Last Edited on 2018-06-04