Castello di Amorosa Privacy Policy


Castello di Amorosa (“CdA,” “we” or “us”) is committed to protecting the privacy of individuals’ personal information. This Privacy Policy applies to the information we collect about you (“personal information”) in the course of our business, including through our websites, mobile applications, and services that link to this Privacy Policy and our related marketing activities, research, and other related offline offerings operated by or on behalf of CdA (collectively, the ”Services”). Please do not provide us with your personal information if you are not of legal age to purchase alcohol in the jurisdiction where you live or if you do not agree to the terms in this policy.

This Policy applies across all jurisdictions in which CdA conducts business. Residents in various regions (for example, California) can find additional information in region-specific subsections below. Where there is any conflict between the region-specific subsection and the generalized provisions, the region-specific subsection controls. 


This Policy applies to consumers’ personal information.


1. Summary

This Policy explains how CdA collects, uses, and discloses information about you, and your rights and choices with respect to such information. Below is a summary of our practices; please read the full Policy for more details: 

  • Information we collect: We collect information directly from you, automatically through cookies and similar technologies, and in certain circumstances from third-party sources that support our business. We do not knowingly collect information from individuals under the legal drinking age.
  • Use of your information: We use your information for a variety of purposes, including to fulfill orders, provide and personalize the Services, support website functionality, improve the Services, secure the Services, advertise and market the Services, defend and exercise our rights, and as required by law.
  • Disclosure of information: We disclose information to our service providers and contractors, as well as to third parties that provide advertising and advertising analytics services, and social media services. We may also disclose information in connection with a business transaction, at your direction, or as otherwise required by law.
  • Data retention and security: Generally, we will retain your information for the period necessary to fulfil the purposes for which we collected it, and take a variety of measures to keep that information secure.
  • Your Rights and Choices: Depending on where you live, you may have the right to request access to, or correction or deletion of, your information, and to opt out of “sales” and targeted advertising. You may also opt out of receiving marketing communications from us.

Our full Policy contains additional information for residents of California; please see below for more details.


2. Information We Collect

The information we collect about you depends on the Services you use, how you use them, and how you otherwise interact with us. We collect information when you provide it directly to us, and through automated technology when you use the Services. Although you can decide whether to provide information to CdA, in some instances, the provision of information to us is required to allow us to provide the Services. 


A. Information you provide to us

We collect personal information that you provide to us. This includes information you provide us when corresponding with us, entering our competitions, buying our wines, selling goods or services to us, visiting us at our property, becoming a member of a wine club, or when using or registering on our websites. This category also includes information that you provide to us through CdA-branded ads on third-party websites, including social media sites.


B. Information collected through automated technologies

Apart from the information you give us directly, we and our vendors also automatically collect information about you when you visit our websites, including through the use of cookies, tags, pixels, web beacons, and similar automated tracking technologies. Cookies are small data files that are downloaded onto your computer when you visit a particular website. Pixels work similarly, but the information is sent to a third-party server. For purposes of this policy, we collectively refer to these tracking technologies as “cookies.” The information we and our vendors collect via cookies may include information such as:

  • technical information such as your computer’s IP address, device or cookie ID, hardware type, browser type, operating system, device identifier and screen type/resolution;
  • any search terms entered on our website;
  • general location data based on your device or IP address;
  • any technical errors or exceptions; and information about your visit such as the products you viewed or searched for, the length of your visit, time visited, page load speed, and the pages that you visited.

Cookies help us gather and store information about visitors to our websites. They help our websites remember what you chose on previous pages (to avoid having to re-enter information) and can help us to identify you as a unique visitor, tailor content based on past visitation and provide you with an optimized experience. They can also help us understand when you have found our brands or products through third-party websites. 


C. Information We Receive from Third Parties

We may receive information about you from third-party sources, including advertising partners, social media platforms, analytics providers, business partners, publicly available sources, and other service providers that support our business. The information we receive may include contact information, demographic information, marketing preferences, social media profile information, and information related to your interactions with our advertisements, websites, or services. We may combine information collected from third-party sources with information we collect directly from you and use such information as described in this Privacy Policy.


3. Our use of your information

We may use or disclose the personal information we collect for one or more of the following purposes in order to conduct our business and pursue our legitimate business interests:

  • To fulfill or meet the reason you provided the information.
  • For example, if you provide your personal information to purchase our products, we will use that information to process and manage your order.
  • To provide, support, personalize, and develop the Services and to help us gain a better understanding of your preferences in order to improve the Services and products we offer.
  • To help maintain the safety, security, and integrity of the Services, and our business.
  • To personalize your website experience and to deliver content and product and service offerings relevant to your interests, including targeted offers and ads through our websites, third-party sites, and via email or text message (consistent with any consent elections you have made, as required by applicable law)
  • To allow you to participate in interactive features of our websites and administering our promotions and competitions.
  • To verify that you are of legal drinking age in your jurisdiction (if applicable).
  • To fulfill a contract we may have with you, such as where you make a purchase from us, sell us goods and services, or enter one of our competitions.
  • In connection with legal claims, compliance, regulatory and investigative purposes as necessary (including to respond to law enforcement requests and as required by applicable law, court order, or governmental regulations).
  • To analyze usage of our Services and produce consumer insights (e.g., general research on our consumers; conduct consumer testing, surveys, and panels; data analytics and modeling).
  • As described to you when collecting your personal information.
  • To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of CdA's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which personal information held by CdA about our website users is among the assets transferred.
  • For other purposes for which you provide your consent.

4. Our disclosure of your information

There will be times when we disclose your personal information to others for the purpose of providing services to you, to facilitate our legitimate interests or if you consent. We do so for the same reasons explained in the “Our use of your information” section, above.

We may disclose your information to:

  • Service Providers who globally support our business and help us administer certain activities on our behalf, such as providing technical infrastructure services, marketing services, customer service, data hosting and management services, processing credit card payments services for us, and providing logistics and delivery services to help us deliver our products and services. The specific entities that receive your personal information will depend on why we are using the information.
  • Contractors and Third Parties, including those that provide advertising, content, or other functionality, and those that provide information technology implementations and formal audits. Third parties may collect or receive certain information about you and/or your use of the Services to provide ads (including targeted ads), content, or functionality, or to measure and analyze ad performance, on our Services or other websites or platforms.
  • Other Parties When Required by Law or As Necessary to Protect Our Users and Services including as we believe is necessary or appropriate to protect, enforce, or defend the legal rights, privacy, safety, or property of the Services, our employees or agents or users, or to comply with applicable law or legal process, including responding to requests from public and government authorities.
  • Other Parties in Connection with a Corporate Transaction. We may disclose information we have about you in the event that we sell or transfer all or a portion of our business or assets to a third party, such as in the event of a merger, acquisition, or in connection with a bankruptcy reorganization, or in contemplation of or due diligence related to such a corporate transaction.
  • Otherwise With Your Consent or At Your Direction. We may also disclose information about you with third parties whenever you consent to or direct such sharing.


5. How long we keep your information

We retain the data we collect for different periods of time depending on what it is and how we use it. Generally, we will retain your personal information for the period necessary to fulfil the purposes for which your personal information has been collected unless a longer retention period is required by law.


6. Opting out of electronic marketing communications from CdA.

If you receive electronic marketing communications from us, we will always provide you with an opportunity to withdraw your consent and unsubscribe from receiving further information from us by, for example, clicking on the unsubscribe link provided in the communication or sending a simple text message in response.
Please note that even if you opt out, we may still send you email communications for transactional or legal purposes, such as updates about orders you have placed with us or notices of updates to our terms and privacy policies.

You may also exercise certain privacy rights by contacting us as described in the "Contact Us" section below. Depending on your state or country of residence, we may need to verify your identity before processing your request. We will respond to privacy rights requests within the timeframes required by applicable law and will endeavor to respond as promptly as practicable. 


7. Security

We take appropriate measures to keep your personal information secure. We have implemented appropriate physical and electronic procedures to protect the personal information we collect.

If you have an account with us, you are responsible for maintaining the confidentiality of your account details including your password, and are responsible for any activity under your account. We will not be responsible for any loss arising from your failure to comply with this obligation.


7A. Data Breach Notification

We maintain procedures designed to detect, investigate, and respond to actual or suspected unauthorized access to personal information. If we determine that a security incident has resulted in unauthorized access to personal information and notification is required under applicable law, we will notify affected individuals and relevant authorities as required by applicable law. We will investigate any such incident promptly and take reasonable measures to mitigate potential harm and prevent future occurrences.


8. Contact Us

If you have any questions or concerns about our collection, use, or disclosure of personal information, wish to exercise your privacy rights, or would like to submit a privacy-related request or complaint, please contact us:


Castello di Amorosa
4045 St. Helena Highway
Calistoga, CA 94515 USA

Email: info@castellodiamorosa.com

We may take reasonable steps to verify your identity before responding to certain privacy rights requests.


9. Children’s Privacy

CdA does not knowingly collect or disclose any personal information from children under the age of 18. If CdA learns that a child under the age of 18 has submitted personal information without parental consent, we will take reasonable measures to delete the information as soon as possible and to not use such information for any purpose, except where required or allowed by law. If you believe a child under the age of 18 has provided us with personal information, please contact us as described in Contact Us, above.


10. Additional Information for California Residents

If you are an eligible California resident, the California Consumer Privacy Act and California Privacy Rights Act (together, the “CCPA”) require us to provide you with specific information about our collection and use of your personal information and your rights with respect to your personal information. This California Privacy Rights Section supplements this Privacy Policy and applies solely to eligible California consumers. Any terms not defined in this section have the same meaning as defined in the CCPA.


A. Information We Collect

We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or device ("personal information"). In particular, CdA has collected the following categories of personal information from its consumers within the last twelve (12) months:


1. Identifiers (such as your name, email, postal address, and device identifiers);

2. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) (such as postal address  and telephone number);

3. Commercial information (such as products purchased through the Services);

4. Internet or other electronic network activity information (such as interactions with our website)

5. Geolocation data (such as general location inferred from your IP address, or if you choose to interact with location-based activities, your device’s location within a “geofence”);

6. Inferences drawn from other personal information (such as inferences about your preferences, characteristics, or similar behavioral information).

7. Sensitive personal information, specifically: (1) log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; and (2) precise geolocation information.


Please note that some of the categories of personal information described in the CCPA overlap with each other; for instance, your name is both an Identifier and a type of data described in Cal. Civil Code 1798.80(e).


CdA obtains the categories of personal information listed above directly from you (for example, from forms you complete or products and services you purchase) and/or indirectly from you (for example, via our use of cookies and similar technologies on our Website).


B. Use and Disclosure of Personal Information

We may use or disclose the personal information we collect for the purposes described in the “Our use of your information” Section above.


C. Opt Out of Selling/Sharing Personal Information

We and our advertising partners collect certain information from our visitors, such as device identifiers, cookies, advertising IDs, IP addresses and usage activity and share this information with third parties or combine it with information from other businesses to deliver more relevant (targeted) ads to you and for related advertising activities. This activity is known as “sharing” and may be considered “selling” your personal information under the CCPA.

If you (or, where applicable, your authorized agent) would like to opt out of activities that constitute “sharing” or “selling” your personal information, please click the “Consent Preferences” (or similarly-named) link at the bottom of our site, and customize (where applicable), and click “Save and Finish.” Note, if you use a cookie blocker such as Ghostery, it may block visibility of this tool or link, including in your web footer. You may also need to submit a request via info@castellodiamorosa.com.

Even if you opt out, you will still see advertising, it just may be less relevant to you. Your preference may be lost if you clear, or your browser is set to clear, cookies. 

We honor opt-out preference signals, including Global Privacy Control ("GPC"), where required by applicable law. If your browser or device is configured to send a recognized opt-out preference signal, we will treat such signal as a request to opt out of activities that constitute a sale or sharing of personal information under applicable law for that browser or device. 


D. Your Rights Under “Shine the Light”

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. We do not disclose personal information to third parties for their direct marketing purposes.


11.    Effective Date of Policy

This Privacy Policy is effective and was last updated in June 2026.

We may update this Privacy Policy from time-to-time by posting a new version. We will also inform you of changes to the Privacy Policy in conspicuous ways. 


UPDATES TO OUR INFORMATION PRACTICES

We’re always looking for ways to improve our site’s features and services and to improve the way we communicate our information practices. As a result, this statement is updated from time to time. We encourage you to periodically review this page for the latest information on our privacy practices. We will never change our policies with regard to releasing information to third parties without first notifying all customers and providing them with the opportunity to “opt-in” for correspondence from other companies.


Privacy Policy