Last updated: 28 March 2026

eDistillery is built for Australian distilleries and related producers. Personal and business information is collected only to run the service, keep accounts secure, bill subscriptions, and help when something goes wrong. Information is not sold for marketing lists.

The sections below follow the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).

1. Who this policy applies to

• Business owners and distillery staff who use eDistillery.
• People who contact support or use a website contact form.
• Anyone else whose personal information eDistillery receives in connection with the service.

2. Information collected

Account and business profile

• Name, email address, contact number.
• Business name and business contact details.
• User role, account status, and verification status.

Operational records entered in the app

• Inventory records such as lots, quantities, alcohol details, notes, and dates.
• Production records for fermentation, distillation, maturation, and bottling.
• Dispatch and related status records.

Support, notifications, and billing records

• Support and ticket messages.
• Notification read and open timestamps.
• Subscription and invoice records, plus limited payment method metadata.

Technical and usage records

• Session and security-related records.
• IP address and approximate location data used for security and service insights.

3. How information is used

• Create and manage accounts and a workspace for each business.
• Run day-to-day workflows: inventory, production, bottling, dispatch, reports, and related setup.
• Answer support questions and fix problems.
• Charge subscriptions and issue invoices through the payment provider.
• Keep the service secure, spot misuse, and respond to incidents.
• Keep an activity history so changes can be traced when needed for operations or compliance.
• Keep the platform reliable (for example fixing errors and improving performance).

4. What to expect from eDistillery

• Account and access: sign-in, team roles, and permissions control who can view or change data. Passwords are stored using one-way hashing, not as readable text.
• Inventory and production: figures, lots, notes, and dates entered in the app are stored so workflows work correctly and records stay consistent.
• Dispatch and reporting: dispatch and reports are built from operational records to support day-to-day decisions and record-keeping.
• Notifications: delivery and read or open timestamps show which updates were seen; they are not used for unrelated advertising.
• Support: tickets and messages are used only to understand the issue and respond; they are not repurposed for unrelated marketing.
• Billing: card payments are handled by Stripe. eDistillery does not store full card numbers in its own application database; limited billing metadata (such as card brand and last four digits) may appear for account administration.

5. Disclosure to service providers

Trusted partners receive personal information only when needed to run the service, for example payment processing (Stripe), email delivery, hosting and infrastructure, and limited technical services used to protect or understand how the service is used.

eDistillery does not sell personal information as a normal part of the product.

6. Overseas disclosure

Some partners may store or process data outside Australia (for example cloud or payment infrastructure). Where that happens, eDistillery takes steps that are reasonable in the circumstances to protect personal information in line with the APPs, unless the law allows a different approach.

7. Keeping information accurate and secure

eDistillery uses technical measures, access controls, and operational practices designed to reduce the risk of misuse, loss, or unauthorised access. Within the app, what each person can see or change is limited by roles and permissions for the business account.

8. If something goes wrong

If a serious incident affects personal information and meets the legal threshold, eDistillery will follow the Notifiable Data Breaches (NDB) scheme: assess the situation, contain and fix the issue, and notify affected people and the OAIC when required.

9. Access and correction requests

A request can be made to access personal information held by eDistillery, or to correct information that is wrong or out of date. Send the request to contact@edistillery.com.au. A quick identity check may be needed so information is not released to the wrong person.

10. How long information is kept

Information is kept only as long as needed to run the service, support customers, meet legal and accounting obligations, and handle security reviews. Exact periods by category are set internally and should be confirmed before the policy is marked final.

11. Complaints

Privacy complaints about how eDistillery handles personal information should be sent to contact@edistillery.com.au. Include enough detail for the issue to be understood (for example what happened and when).

How complaints are handled: eDistillery will acknowledge receipt where appropriate, review the matter, and respond within a reasonable time. If more information is needed, eDistillery may ask follow-up questions.

Escalation: If the outcome is not satisfactory, a complaint may be lodged with the Office of the Australian Information Commissioner (OAIC). OAIC privacy complaints

12. Contact details

Legal entity: eDistillery AU

Privacy contact: contact@edistillery.com.au