top of page

The Whiskey Project Group Website
Privacy Policy

Effective Date: May 2025

Introduction: The Whiskey Project Group ("we," "our," or "us") is a leader in the maritime industry, recognised for expertise in naval architecture and engineering innovative, purpose-built watercraft. Backed by a network of expert marine technology partners, we seamlessly integrate international maritime special operations acumen with over 50 years of business excellence in maritime design, engineering, and manufacturing across Australia, New Zealand, and the United States of America.This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information when you visit our website and use our online services. It is designed to comply with privacy and data protection laws in Australia, New Zealand, and the United States of America.

1. Scope of This Policy

This Privacy Policy applies specifically to:

  • The Whiskey Project Group’s website (https://www.thewhiskeyprojectgroup.com)

  • Any online forms, portals, or communication channels hosted by us.

  • User interactions with cookies and tracking technologies on our website.Links to third-party websites are not governed by this policy.

We encourage you to review the privacy policies of any external sites you visit through our website.

2. Information We Collect
We may collect the following types of personal and non-personal information:
Personal Information

  • Contact Details: Name, email address, phone number, and mailing address

  • Demographic Details: Age, gender, and geographic location.

  • Communication Records: Information provided through website forms, such as inquiries or feedback.

 

Non-Personal Information

  • Usage Data: IP address, browser type, operating system, pages visited, and time spent on the website.

  • Cookies and Analytics Data: Information collected through cookies and similar technologies.
     

We may also collect information automatically through your interaction with our website to improve user experience and website functionality.

3. How We Use Your Information
We use your information to:

  • Provide and maintain our website and online services.

  • Respond to inquiries, requests, or feedback submitted through online forms.

  • Improve our website's functionality and user experience.

  • Deliver targeted marketing or promotional content (with your consent).

  • Comply with legal obligations or enforce our terms of use.

​​​

Legal Basis for Processing
We process personal information in compliance with applicable privacy and data protection laws in Australia, New Zealand, and the United States of America. The legal basis for processing varies depending on the jurisdiction, purpose of processing, and specific user context.


General Legal Basis
Across all jurisdictions, we rely on the following legal bases for processing personal information:

  • Consent: When you explicitly provide consent for us to collect, use, or disclose your personal information (eg. subscribing to marketing communications).

  • Contractual Necessity: When processing is necessary to fulfill the terms of a contract (e.g. delivering services or products you have purchased).

  • Legal Obligations: When we are required to process information to comply with applicable laws, regulations, or legal processes.

  • Legitimate Interests: When processing is necessary to pursue our legitimate business interests, provided these interests do not override your fundamental rights and freedoms.

​​​

Jurisdiction-Specific Legal Basis
Australia
Under the Privacy Act 1988 and the Australian Privacy Principles (APPs):

  1. Collection of Information: 

    • We collect information that is reasonably necessary for our business operations.

    • Sensitive information (e.g. racial or health data) is collected only with explicit consent or as permitted by law.

  2. Use and Disclosure: 

    • Personal information is used or disclosed for purposes directly related to the original reason for collection unless the user has consented to another use or disclosure.

    • De-identified data may be used for analytics or research purposes.

  3. Access and Correction: 

    • Individuals have the right to access their personal information and request corrections where needed.

  4. Overseas Transfers: 

    • We ensure that personal information transferred outside Australia is protected by laws or agreements that uphold the same privacy standards as APPs.

​​​​

New Zealand
Under the Privacy Act 2020 and the Information Privacy Principles (IPPs):

  1. Lawful Purpose: 

    • Personal information is collected and processed for lawful purposes directly related to our business activities.

    • Data must be collected by fair and lawful means.

  2. Cross-Border Transfers: 

    • When transferring personal information outside of New Zealand, we ensure adequate protections are in place, such as contractual agreements or secure technical measures.

    • The Privacy Act requires that comparable protections are maintained for international data transfers.

  3. Access and Correction: 

    • Users have the right to access their personal information held by us and request amendments to ensure accuracy.

  4. Retention Limits: 

    • We retain personal information only as long as it is required for business operations or legal compliance.

​

United States of America 
In the United States of America, processing of personal information is subject to both federal and state laws:

  1. Federal Privacy Laws: 

    • Compliance with laws such as the Children’s Online Privacy Protection Act (COPPA) ensures protection for children under 13.

  2. State Laws: 

    • For California residents, we comply with the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA): 

    • Users can request access to the data we hold about them and learn how it is shared or used.

    • Users can opt out of the sale of their personal information (although we do not sell user data).

    • Users can request deletion of personal information, subject to exceptions (e.g. legal obligations or business needs).

    • Other states may provide similar rights, such as opting out of profiling or targeted advertising.

  3. Legitimate Business Interests: 

    • Processing is conducted under legitimate business interests, such as service improvement, fraud prevention, and communication of relevant updates.

​​

Additional Safeguards
Across all jurisdictions, we apply the following safeguards to ensure lawful processing:

  1. Transparency: 

    • We inform individuals of the purpose, scope, and legal basis for processing their information via this Privacy Policy and related communications.

  2. Data Minimisation: 

    • We limit the collection and use of personal information to what is strictly necessary for the intended purpose.

  3. Accountability: 

    • We maintain internal systems and processes to track and audit compliance with applicable laws and standards.

Questions or Concerns
If you have questions or concerns about the legal basis for processing your personal information, or if you wish to exercise your rights, please contact us using the details provided in the Contact Us section.​

4. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance the functionality of our website, improve user experience, and gather insights into website usage. This section explains what cookies are, how we use them, and how you can manage your preferences.


What Are Cookies?
Cookies are small text files placed on your device (e.g., computer or mobile phone) when you visit our website. They allow us to recognize your device and store certain information about your preferences and actions on our site.
Cookies can be categorised as:

  • First-Party Cookies: Set by our website directly.

  • Third-Party Cookies: Set by other websites or services (e.g. analytics providers).

 

Types of Cookies We Use
We use the following types of cookies:

  1. Essential Cookies:

    • These cookies are necessary for the website to function properl

    • They enable features such as secure login and page navigation.

    • Without these cookies, certain services on the website may not be accessible.

  2. Performance and Analytics Cookies:

    • These cookies collect information about how users interact with the website.

    • Examples include tracking the pages visited, time spent on the site, and error messages encountered.

    • We use this data to improve website functionality and user experience.

  3. Functionality Cookies:

    • These cookies remember your preferences and choices, such as language settings or login details.

    • They help personalise your experience on the website.

  4. Targeting and Advertising Cookies:

    • These cookies are used to deliver relevant advertisements to you.

    • They may also limit the number of times an ad is shown and measure the effectiveness of campaigns.

​

Third-Party Tracking Technologies
Our website may also use third-party tracking technologies, such as:

  • Google Analytics: To analyse website traffic and user behaviour. Google Analytics may collect information such as your IP address and browsing activity. For more information, see Google’s Privacy Policy.

  • Social Media Plugins: Some pages may include social media buttons (e.g., Facebook or Twitter), which use cookies to integrate with your accounts.

 

Why We Use Cookies
We use cookies for the following purposes:

  • To provide essential website functions.

  • To improve website performance and analyse usage trends.

  • To personalise your experience based on preferences and previous interactions.

  • To deliver targeted advertisements (where applicable).

 

Managing Your Cookie Preferences
You can manage or disable cookies through your browser settings. However, disabling cookies may limit the functionality of certain website features.
Most browsers allow you to:

  • View and delete cookies stored on your device.

  • Block or restrict cookies from being set.

  • Enable notifications when cookies are being used.

 

Consent for Cookies
By using our website, you consent to the use of cookies unless you choose to disable them. For regions with stricter privacy regulations (e.g., the European Union), visitors may see a cookie consent banner when accessing the site, allowing them to choose which cookies to enable or disable.


Do Not Track (DNT) Signals
Some web browsers provide a "Do Not Track" (DNT) option that allows users to signal their privacy preferences. While we strive to honour DNT signals where feasible, some third-party services may not respond to these signals.

5. Your Rights
We are committed to ensuring that you have clear and actionable rights regarding the personal information we collect and process. Your rights may vary depending on your location and the applicable laws in Australia, New Zealand, and the United States of America.


General Rights Applicable Across All Jurisdictions
Regardless of your location, you may have the following rights:

  1. Access Your Information: 

    •   You can request details about the personal information we hold about you, including how we use it and with whom it is shared.

  2. Correct Your Information: 

    • You can ask us to correct or update any inaccurate or incomplete personal information.

  3. Withdraw Consent: 

    • If we rely on your consent to process your information, you may withdraw it at any time. This will not affect the lawfulness of processing based on consent before withdrawal.

  4. Opt Out of Marketing Communications: 

    • You can opt out of receiving marketing materials from us by using the unsubscribe link in our emails or contacting us directly.

  5. Restrict Processing: 

    • You can request that we limit how we process your personal information in certain circumstances (e.g. if you contest the accuracy of the information).


Jurisdiction-Specific Rights
Australia
Under the Privacy Act 1988, you have the right to:

  • Request access to personal information we hold about you and ask that we take reasonable steps to correct or update it.

  • Lodge complaints with the Office of the Australian Information Commissioner (OAIC) if you believe your privacy rights have been violated.
     

New Zealand
Under the Privacy Act 2020, you have the right to:

  • Request confirmation of whether we hold your personal information and obtain access to it.

  • Request correction of your personal information if you believe it is inaccurate, out of date, incomplete, or misleading.

  • Lodge complaints with the Office of the Privacy Commissioner (OPC) if you believe your data rights have been infringed.

​

United States of America 

If you reside in the United States of America, your rights may vary based on state or federal laws. For example:

  • Under the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA): 

    • You can request a copy of the personal information we hold about you (a "Right to Know" request).

    • You can request deletion of your personal information, subject to exceptions (e.g. legal obligations).

    • You can opt out of the sale of your personal information (note: we do not sell personal information).

    • You have the right to request correction of inaccurate personal information.

    • You have the right to know how we collect, use, and share your personal information in compliance with CCPA/CPRA.

  • Other state laws may provide additional rights, such as opting out of targeted advertising or profiling.


Exercising Your Rights

To exercise any of your rights, please contact us using the information provided in the Contact Us section. Depending on your jurisdiction, we may require verification of your identity before responding to your request.


Timeframes for Response
We will respond to your request within a reasonable timeframe, as required by the applicable laws:

  • Australia and New Zealand: Typically, within 30 calendar days of receiving the request.

  • United States of America: Within 45 days, with a possible 45-day extension under certain circumstances (e.g. high volumes of requests).


Lodging Complaints

If you are dissatisfied with our response or believe that your rights have been violated, you may lodge a complaint with the relevant data protection authority in your jurisdiction:

  • Australia: Office of the Australian Information Commissioner (www.oaic.gov.au).

  • New Zealand: Office of the Privacy Commissioner (www.privacy.org.nz).

  • United States of America: Contact your state’s Attorney General or data protection authority, if applicable.

6. Sharing Your Information
We value your privacy and are committed to ensuring that your personal information is only shared in ways that are transparent and necessary to support our services, comply with legal obligations, or otherwise as outlined below.


Categories of Third Parties We Share Your Information With
We may share your personal information with the following categories of third parties:

  1. Service Providers:

    • These are entities that assist us in providing, operating, or improving our website and services. Examples include: 

    • IT service providers for hosting, maintenance, and security of our website.

    • Marketing and advertising platforms for delivering personalized content (if applicable).

    • These entities are bound by confidentiality and data protection agreements to ensure your data is safeguarded.

  2. Affiliated Companies:

    • We may share your information within The Whiskey Project Group locations, which includes our distinct watercraft brands (The Whiskey Project, NAiAD, and VYCOR). This sharing is necessary to provide you with seamless service and support across our brands.

  3.  3. Regulatory Authorities or Legal Obligations:

    • We may disclose your information to comply with: 

      • Applicable laws, regulations, or legal processes.

      • Government requests, law enforcement agencies, or judicial proceedings (such as subpoenas or court orders). In such cases, we will ensure disclosures are lawful and limited to what is required.

  4. Business Transactions:

    • In the event of a merger, acquisition, sale of company assets, or other business transfer, your personal information may be shared with the acquiring entity. We will notify affected users of such changes through an update to this Privacy Policy or other appropriate means.

  5. With Your Consent:

    • ​In certain cases, we may share your information with third parties when you explicitly provide your consent.

​

Prohibited Uses
We do not sell or rent your personal information to third parties for their independent use. We are committed to using your information in accordance with this Privacy Policy.


Data Sharing Safeguards
When we share your personal information, we implement the following safeguards to ensure its protection:

  • Contractual Protections: 

    • Service providers and third parties must adhere to strict data protection agreements that align with applicable laws and our Privacy Policy.

  • Data Minimisation: 

    • Only the data necessary to fulfil the specific purpose is shared.

  • Audit and Monitoring: 

    • We regularly review third-party compliance with our data protection standards.


Transparency in Data Sharing
We strive to be transparent about the sharing of your personal information. You have the right to request further details about the categories of information we share, the purposes of sharing, and the entities with whom we share it.

If you have concerns or wish to exercise your rights regarding how your information is shared, please contact us through the details in the "Contact Us" section.

 7. Data Security
We take your privacy and the security of your personal information seriously. To safeguard your data, we employ industry-standard security measures, including:
Technical Security Measures

  • Data Encryption: Sensitive information is encrypted during transmission and while stored, using advanced protocols such as HTTPS and AES encryption.

  • Secure Systems: We use firewalls, intrusion detection systems, and anti-malware software to protect our servers and databases.

  • Regular Patching: Software and systems are kept up to date to address vulnerabilities and prevent unauthorized access.

 

Organisational Security Measures

  • Restricted Access: Only authorised personnel with a legitimate need to access your personal information are permitted to do so.

  • Employee Training: Our team is trained in data privacy and security practices to ensure compliance with relevant laws.

  • Vendor Compliance: We work exclusively with third-party service providers that demonstrate compliance with our rigorous security requirements.


Monitoring and Audit Measures

  • Regular Security Audits: Periodic reviews and tests of our systems ensure their integrity and security.

  • Data Breach Protocols: In the event of a data breach, we will act promptly to contain the breach, investigate the incident, notify affected parties, and comply with relevant reporting obligations.


Your Responsibility
While we implement robust measures, the security of information shared online can never be guaranteed. You are encouraged to:

  • Use strong, unique passwords for your accounts.

  • Avoid sharing sensitive information over unsecure networks or platforms.

If you suspect your data has been compromised, please contact us immediately.

8. International Data Transfers
Given our global operations across Australia, New Zealand, and the United States of America, your personal information may be transferred to, stored, or processed in countries other than your country of residence. These transfers occur to support our business functions, including website hosting, data analysis, and customer support.


Compliance with Applicable Laws
We ensure that all international transfers of personal information comply with relevant data protection laws and regulations, including:

  • Australia: Adhering to the requirements of the Privacy Act 1988 and the Australian Privacy Principles (APPs), including ensuring that overseas recipients protect personal information in a manner consistent with Australian standards.

  • New Zealand: Complying with the Privacy Act 2020, ensuring that any data transferred outside of New Zealand is subject to comparable protections.

  • United States of America: Aligning with state and federal data protection regulations, including safeguarding data in accordance with frameworks like the California Consumer Privacy Act (CCPA), where applicable.


Safeguards in Place
To protect your personal information during international transfers, we implement the following safeguards:

 

  • Contractual Obligations: We rely on legally binding agreements, such as Standard Contractual Clauses (SCCs) where required, to ensure a high level of data protection.

  • Security Measures: We use encryption, access controls, and secure transfer protocols to minimize risks during data transmission.

  • Verified Partners: We work only with reputable third-party service providers that meet our strict data protection standards.


Third-Party Service Providers

In some cases, your personal information may be handled by third-party providers located in different jurisdictions. These providers are contractually obligated to maintain the privacy and security of your data in line with applicable laws and this Privacy Policy.


Your Rights Regarding Data Transfers
Depending on your jurisdiction, you may have the right to:

  • Request information about the transfer mechanisms we use.

  • Obtain copies of applicable data protection agreements or safeguards in place (subject to legal and confidentiality limitations).

For further details on how we manage international data transfers, please contact us using the information provided in the "Contact Us" section below.

CONTACT

9. Children's Privacy
Our website is not intended for children under the age of 13. We do not knowingly collect personal information from children.


Parental Consent
If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us immediately. We will promptly remove the data from our records and take any additional measures necessary to ensure compliance with applicable laws.


Educational Content
While our website does not target children, we may provide educational content suitable for all ages. Any such content will comply with relevant regulations to ensure it is age-appropriate and does not involve collecting personal information from minors.


Legal Compliance
We adhere to all relevant laws and regulations concerning children's privacy, including the Children’s Online Privacy Protection Act (COPPA) in the United States.

10. Updates to This Policy
We reserve the right to modify this Privacy Policy at any time. Updates will be posted on this page with a revised effective date. We recommend reviewing this policy periodically to stay informed about how we protect your data.
 
11. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:
The Whiskey Project Group
thewhiskeyprojectgroup.com

bottom of page