Your Shopping Cart

It appears that your cart is currently empty!


Privacy Policy

This Privacy Policy describes how Sweet&Chilli Pty Ltd A.B.N. 21 139 941 594 trading as “The Whisky Mill” collects, holds, discloses and otherwise processes personal data and the steps that it takes to secure the personal data that it holds. In this Privacy Policy, "we", "our" and "us" are all references to Sweet&Chilli Pty Ltd A.B.N. 21 139 941 594 trading as “The Whisky Mill”.

We are committed to complying with our privacy obligations in accordance with all applicable data protection laws, including the Australian Privacy Principles contained in Schedule 1 to the Privacy Act 1988 (Cth) (the "Privacy Act"). We comply with the EU General Data Protection Regulation ("GDPR") to the extent it applies to the personal data that we collect, hold, disclose and otherwise process ("GDPR Data").

If we amend or update this Policy, we will post the updated version on this webpage so that you will always know what personal data we gather, how we might use that information, and whether we will disclose it to anyone. 

1.     What is personal data?

1.1       "Personal data" has the meaning given to the term "personal information" in the Privacy Act (except in relation to GDPR Data – in which case "personal data" has the meaning given to it in the GDPR). The Privacy Act defines "personal information" as information or an opinion about an identified individual, or an individual who is reasonably identifiable:

(a)       whether the information or opinion is true or not; and

(b)       whether the information or opinion is recorded in a material form or not.

1.2       Section 187LA of the Telecommunications (Interception and Access) Act 1979 extends the meaning of personal information to cover information kept under Part 5‑1A of that Act.

1.3       Article 4(1) of the GDPR defines "personal data" as any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2.    Types of personal information we collect

Our goal is to minimise the amount of personal data we collect. Accordingly, we only collect personal data that is adequate, relevant and limited to what is necessary for the purpose for which it is to be processed and only where we are entitled by law to collect it. We may also use collected personal data for other related, directly related or compatible purposes (if and where permitted by applicable law). 

2.1       In order to provide a better service to you, we may collect and process the following data about you:

(a) information that you provide by filling in forms on our site https://thewhiskymill/ ("our site"). This includes information provided at the time of registering to use our site, subscribing to our service, posting material or requesting further services. We may also ask you for information at other times, for example in connection with a promotion or when you report a problem with our site;

(b) if you contact us, we may keep a record of that correspondence;

(c) details of transactions you carry out through our site and of the fulfilment of your orders;

(d) details of your visits to our site and the resources that you access.

2.2       We only retain personal data for so long as it is necessary. Data may be archived as long as the purpose for which the data was used still exists.

3.     Uses made of the information

3.1 The purposes for which information may be used by us include:

(a) ensuring that content from our site is presented in the most effective manner for you and for your computer;

(b) providing you with alerts, newsletter, education materials or information that you requested or signed up to;

(c) carrying out our obligations arising from any contracts entered into between you and us;

(d) allowing you to participate in interactive features of our service, when you choose to do so;

(e) designing and conducting surveys/questionnaires for client profiling/segmentation, statistical analysis, improving and furthering the provision our products and services;

(f) complying with laws and regulations applicable to us or any of our affiliates in or outside Australia;

(g) legal proceedings, including collecting overdue amounts and seeking professional advices;

(h) researching, designing and launching services or products including seminars/events/forums;

(i) marketing; or

(j) purposes directly related or incidental to the above.

3.2       We intend to use your data in direct marketing and we require your consent (which includes an indication of no objection) for that purpose. By using our site, unless you tell us otherwise, you agree that:

(a) your name, contact details (including address, contact number, email address),

products and services information, transaction pattern and behaviour, background and demographic data held by us from time to time may be used by us in direct marketing;

(b) the following classes of services, products and subjects may be marketed to


(i) services and products related to our site and/or our affiliates (including marketing affiliates programs we are a part of);

(ii) reward, loyalty or privileges programmes, promotional offers and related services; and

(iii) invitations to events such as seminars/webinars/tele-seminars, conferences, live programs or events.

(c) We may conduct direct marketing via fax, email, direct mail, telephone and

other means of communication or send e-newsletters to you. You may choose

not to receive promotional materials, by simply telling us (see below for contact

details), and we will cease to do so, without charge.

4.     Disclosure of your information

We will keep the personal data we hold confidential but may provide information to:

(a) personnel, agents, advisers, auditors, contractors, financial institutions, and

service providers in connection with our operations or services;

(b) our offices, affiliates, business partners and counterparts (if any);

(c) persons under a duty of confidentiality to us;

(d) persons to whom we are required to make disclosure under applicable laws

and regulations in or outside Australia; or

(e) actual or proposed transferees or participants of our services in or outside



5.      Cookies and other tracking technologies

5.1       We use cookies and other tracking technologies (such as traffic analytics) on our websites for website functionality, performance and advertising purposes. We will not place such tracking technologies on your computer, smartphone or electronic device without your consent, unless they are required in order for us to provide the functionality supplied by our websites. If they are not installed, features of our websites may be unavailable and your experience may be impaired as a result. Cookies are pieces of information that a website transfers to a computer's hard disk for record-keeping purposes. We may use session cookies, which are only stored for a limited amount of time and persistent cookies that remain indefinitely until they are deleted. Such cookies may be installed by us or by our third party contractors. Cookies enable us to remember and recognise you to better facilitate your user satisfaction when you visit our websites by helping us tailor and improve the information we present to you. The use of cookies is common in the Internet industry, and many major websites use them to understand your usage of websites, to customise websites for you, for statistical purposes and to provide useful relevant features, products, advertisements and services. A cookie may be used to tell when your computer or device has contacted our websites and extracts information such as your IP address, browsing pattern, content that you have viewed and browser type.

5.2       You can block cookies by activating the setting on your browser that allows you to refuse all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.


6.    Security

6.1 All information you provide to us is stored on our secure servers. Any payment

transactions will be encrypted using SSL technology. Where we have given you (or where

you have chosen) a password which enables you to access certain parts of our site, you

are responsible for keeping this password confidential. We ask you not to share a

password with anyone.

6.2 Unfortunately, the transmission of information via the internet is not completely secure.

Although we will do our best to protect your personal data, we cannot guarantee the

security of your data transmitted to our site; any transmission is at your own risk. Once we

have received your information, we will use strict procedures and security features to try to

prevent unauthorised access.


7.     Notifiable data breaches

From 22 February 2018, data breaches that are likely to result in serious harm must be reported to affected individuals and the Office of the Australian Information Commissioner (OAIC), except where limited exceptions apply. For the purposes of the GDPR, certain types of data breaches must also be reported to affected individuals if the breach is likely to result in a high risk of adversely affecting individuals' rights and freedoms. In addition, the GDPR requires organisations to report certain types of data breaches to the relevant supervisory authority. We will notify affected individuals, the OAIC and relevant supervisory authorities of any data breach where we are required to do so in accordance with our legal obligations.


8.     Offshore data transfers

8.1       We may transfer your personal data to our contractors and service providers who assist us with providing our products and services to you, and to assist us with the operation of our business generally, where we consider it necessary for them to provide that assistance.

8.2       Provided that we comply with applicable law, including the provisions of Australian Privacy Principle 8 (Cross-border disclosure of personal information), and the GDPR – in relation to GDPR Data, we may transfer your personal data to our offshore contractors and service providers as well, who may be located outside the European Union (EU) or the European Economic Area (EEA). At present, we do not transfer personal data out of Australia.

8.3       We will only engage new third parties to process GDPR Data that you instruct us to process as a processor on your behalf if you have authorised us to do so pursuant to a specific or general written authorisation and otherwise in compliance with the requirements of the GDPR. 


9.     Your consent and rights

9.1 By using our service, making an application or visiting our website, you consent to the

collection and use of your information and other activities as outlined in this policy.

9.2 Under the Privacy Act (the "Act"), individuals have the right:

(a) to check whether we hold personal data about you and to access such data;

(b) to require us to correct as soon as reasonably practicable any data relating to

you that is inaccurate;

(c) to ascertain our policies and practices in relation to personal data and the kind

of personal data held by us; and

(d) to withdraw your consent to the use of your personal data for marketing

purposes and we shall not use your personal data for marketing purposes after

you communicate your withdrawal of consent to us.

9.3 You may exercise your opt-out right by notifying us if you wish to withdraw your consent to the use of your personal data for direct marketing purposes.


10.     Your rights under the GDPR

Under the GDPR, you have a number of rights, including:

  •           the right to be informed;
  •           the right of access;
  •           the right to rectification;
  •           the right to erasure;
  •           the right to restrict processing;
  •           the right to data portability;
  •           the right to object; and
  •           rights in relation to automated decision making and profiling.


Please contact us if you wish to exercise any of your rights under the GDPR. We will handle all such requests in accordance with our legal obligations.  If you withdraw your consent for processing, object to the processing of your personal data or request us to erase your personal data and as a result it is not possible or practical for us to continue providing you with our services, we may elect to terminate our business relationship with you.

Please send requests to optout and for access to data, correction of data, information regarding policies and practices and kinds of data held, questions or complaints to:


Cameron Northway

1.32/90-96 Bourke Rd, Alexandria NSW 2015

(02) 8399 5122

In accordance with the Act, we have the right to and may charge a reasonable fee for

processing any data access request.


11.     OAIC

If you are not satisfied with the outcome of a complaint or you with to make a complaint about a breach of the Australian Privacy Principles you make refer the complaint to the Office of the Australian Information Commissioner (OAIC) who can be contacted using the following details:


Call: 1300 363 992


Address: GPO Box 5218, Sydney NSW 2001

In relation to GDPR Data, you may lodge a complaint with any relevant supervisory authority.

Last updated: March 2020