Privacy Policy

Effective Date: October 15, 2025

This Privacy Policy describes how Deer Creek Winery (“Deer Creek,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information across all of our operations, including:

  • The website at deercreekwine.com
  • Online wine sales and shipping
  • Bed & breakfast lodging at Brooks Estate (Shippenville, PA) and Watson Estate (Uniontown, PA)
  • The Brooks Estate cafe and the Watson Estate cafe
  • Wedding and private event venues at both estates
  • Live events at all four locations
  • Our retail tasting room locations at Millcreek Mall Complex and McCandless Crossing
  • Gift cards, newsletter, and promotional offerings
  • All other interactions with Deer Creek Winery, whether online, by phone, by email, or in person

By using our website, booking lodging, dining at our cafes, hosting an event with us, purchasing wine, visiting one of our retail stores, or otherwise interacting with us, you agree to the practices described in this Privacy Policy.

1. Who we are

Deer Creek Winery is a Pennsylvania family-owned winery and hospitality business operating multiple tasting rooms, lodging properties, cafes, retail stores, and event venues across Western Pennsylvania.

Principal address: Deer Creek Winery, 3333 Soap Fat Rd, Shippenville, PA 16254
Privacy contact: info@deercreekwine.com
Phone: 814.354.7392

2. Information We Collect

The personal information we collect depends on which of our services you use. The categories below describe what we collect across all activities.

2.1 Identifiers and contact information

  • First and last name
  • Email address
  • Phone number (including mobile/SMS number when provided through our newsletter signup)
  • Mailing address (billing and shipping)
  • Date of birth (for age verification on wine purchases and where required by law)
  • Government-issued photo ID information (presented at lodging check-in or wine delivery; we do not retain copies)
  • Account credentials (if you create an account)

2.2 Lodging and stay information (Brooks Estate, Watson Estate)

When you book a stay at one of our lodging properties, we collect:

  • Booking dates, room/suite/cottage selection, length of stay
  • Number of guests, including names and ages of all guests where required (children may be guests at our lodging)
  • Special requests (dietary, accessibility, room preferences, occasion)
  • Pet information (for pet-friendly cottages: type, size, vaccination status if requested)
  • Vehicle information (if relevant for parking)
  • Stay history and repeat-guest preferences
  • Communications with our reservations and front-desk staff
  • Photo identification at check-in (verified visually; not retained)

Lodging reservations are processed through our booking partner, ThinkReservations, which collects and processes payment and reservation information on our behalf.

2.3 Restaurant / cafe information (Brooks Estate Cafe, Watson Estate Cafe)

When you visit our cafes or make a reservation, we may collect:

  • Reservation details (name, party size, date, time)
  • Phone number or email for confirmation
  • Special occasion notes
  • Dietary restrictions and allergies (when shared with us)
  • Order and payment information at point of sale, processed through Heartland POS

2.4 Wine purchase information (online and in-store)

For online wine purchases through deercreekwine.com:

  • Order details (products, quantities, vintages)
  • Shipping and billing addresses
  • Payment information (processed by our fulfillment partner Vinoshipper and applicable payment processors; we do not store full payment card numbers on our servers)
  • Date of birth for age verification (21+)

For in-store purchases at our retail tasting rooms and cafes:

  • Items purchased (recorded in our point-of-sale system, Heartland POS)
  • Payment information (processed by Heartland)
  • Email address (if you sign up for our newsletter or receive a digital receipt)

2.5 Event and wedding information

For weddings, private events, and other gatherings hosted at Brooks or Watson Estate:

  • Event details (date, time, type of event, guest count)
  • Contact information for hosts and event planners
  • Vendor coordination information (caterers, photographers, florists, etc.)
  • Guest list (when shared with us for seating, dining, or accommodation purposes)
  • Dietary restrictions, accessibility needs, and special requests for event guests
  • Deposits and payment information
  • Photographs and video taken at events (used for marketing only with appropriate permission, see Section 4)

2.6 Retail tasting room interactions

At our retail locations (DCW Millcreek Mall and DCW McCandless Crossing), we may collect:

  • Point-of-sale purchase information processed through Heartland POS
  • Email address for newsletter signup or digital receipts
  • Loyalty program data (if applicable)

2.7 Gift card purchases and redemptions

We issue gift cards through two systems depending on what they are intended for:

  • Lodging gift cards and certain experience-related gift cards are issued and managed through ThinkReservations.
  • In-store, retail, and cafe gift cards are issued and managed through our Heartland POS system.

When you purchase or redeem a gift card, we collect:

  • Purchaser name, email, and billing information
  • Recipient name and (if delivered electronically) email address
  • Personal message included with the gift card
  • Gift card balance and redemption history

2.8 Newsletter, marketing, and communications

When you subscribe to our newsletter or otherwise opt in to marketing, we collect:

  • Email address
  • Phone number, including mobile/SMS number when provided
  • Communication preferences and topics of interest
  • Engagement data (whether you open emails, click links, etc.)
  • Inquiries you submit via contact forms

Our email marketing is managed through Brevo (formerly Sendinblue). When you sign up for our newsletter, the form may include a phone or SMS number field. As of the Effective Date of this Privacy Policy, we do not currently send marketing or transactional SMS / text messages, and any phone or SMS number collected through our newsletter is stored in Brevo for potential future use. If we begin sending SMS communications in the future, we will obtain your express consent before doing so consistent with applicable law (including the TCPA), and you will be able to opt out at any time.

2.9 Internet, device, and online activity

When you visit deercreekwine.com:

  • IP address, browser type and version, operating system, device identifiers
  • Referring/exit pages, pages viewed, time spent, clickstream data
  • Cookie and pixel data (see Section 5)
  • General location derived from IP address (city/region; we do not collect precise GPS location through the website)

2.10 On-premises security and monitoring

Some of our properties (lodging, cafes, retail stores, event venues) use security cameras and similar monitoring for safety and security. By visiting our properties, you may be recorded by these systems. Recordings are retained for a limited time and used only for security, safety, and legal compliance.

2.11 Photography and marketing imagery

We may take photographs and video at our properties — including during events, in tasting rooms, at the cafes, and at lodging — for marketing purposes. Where individuals are recognizable, we obtain consent through signage, event contracts, or signed releases as appropriate. If you do not wish to be photographed, please let our staff know.

2.12 Information from third parties

We may receive information about you from:

  • Vinoshipper (wine ecommerce and fulfillment partner)
  • ThinkReservations (lodging booking and gift card platform)
  • Heartland POS (retail and cafe point-of-sale provider)
  • Brevo (email marketing platform)
  • Payment processors and credit card networks
  • Social media platforms (when you interact with our content)
  • Wedding/event vendors and partners
  • Public databases and marketing data providers

3. How We Collect Information

We collect personal information:

  • Directly from you — when you book a stay, place a wine order, dine at our cafes, host an event, sign up for our newsletter, contact us, visit our retail stores, or otherwise interact with us.
  • Automatically — through cookies, pixels, and similar technologies on our website, and through point-of-sale and reservation systems used at our properties.
  • From third parties — including booking platforms, ecommerce partners, payment processors, social media platforms, and analytics providers.

4. How We Use Your Information

We use personal information to:

  • Process, fulfill, and manage your wine orders, lodging reservations, cafe reservations, event bookings, gift card purchases, and other transactions
  • Communicate with you about reservations, orders, events, and inquiries
  • Verify your age and eligibility to purchase or consume alcohol
  • Personalize your experience as a guest, customer, or repeat visitor
  • Send marketing emails, newsletters, and promotional offers via Brevo (where permitted by law and where you have not opted out)
  • Coordinate with vendors and service providers for events and lodging
  • Operate, maintain, and improve our properties, website, and services
  • Take and use photography and video of our properties and events for marketing, with appropriate notice and consent
  • Operate security and safety systems on our properties
  • Detect, prevent, and address fraud, security incidents, and unlawful activity
  • Comply with legal obligations, including federal and Pennsylvania alcohol laws, tax laws, lodging laws, and accessibility laws
  • Enforce our Terms & Conditions and protect our rights, property, and the safety of our guests, employees, and visitors

5. Cookies and Tracking Technologies

The deercreekwine.com website uses cookies and similar tracking technologies. A “cookie” is a small text file stored on your device.

Categories of cookies:

  • Strictly necessary — required for the site to function (shopping cart, age verification, security, booking forms). Cannot be disabled.
  • Performance and analytics — help us understand how visitors use the site, including Google Analytics via Google Tag Manager.
  • Functionality — remember your preferences, including age verification and language choices.
  • Marketing and targeting — used to deliver relevant advertising and measure marketing campaigns.

Third-party services that may set cookies through the site include:

  • Google (Google Tag Manager, Google Analytics, Google Ads, Google Maps embeds)
  • Cloudflare (security and performance)
  • Vinoshipper (ecommerce checkout and order processing)
  • ThinkReservations (lodging booking and gift card system, when used through our site)
  • Brevo (email marketing tracking pixels and form embeds)
  • Instagram / Meta (embedded social media feeds via Smash Balloon)
  • NitroPack (site performance optimization)
  • Other analytics, marketing, or advertising vendors as we engage them from time to time

Your choices: You can manage your cookie preferences through our cookie consent banner on first visit, by clicking “Cookie Settings” in the site footer, or by adjusting your browser settings. Disabling certain cookies may impact site functionality.

6. How We Share Your Information

We share personal information only as described below. We do not sell personal information for monetary consideration.

6.1 Service providers and partners

  • Vinoshipper — wine ecommerce, payment processing, age verification, customer service, and shipping coordination for online wine orders.
  • UPS — for shipping wine orders to customers.
  • ThinkReservations — for managing lodging reservations, payments, guest communications, and certain gift card sales and redemptions at Brooks and Watson Estate.
  • Heartland POS — for retail tasting room and cafe transactions, including in-store gift card sales and redemptions.
  • Brevo — for newsletter, email marketing, and form submissions, including the storage of any phone or SMS number you provide.
  • Payment processors — including Vinoshipper’s processor, ThinkReservations’ processor, and Heartland’s processor for processing payments.
  • Google — for analytics, tag management, advertising, and Maps.
  • Cloudflare — for security and content delivery.
  • WordPress hosting and platform providers — to host and operate the website.
  • Wedding and event vendors — caterers, florists, photographers, planners, and entertainment providers, when coordinating your event with your knowledge and direction.

6.2 Legal compliance and protection

We may disclose personal information when required by law, in response to lawful requests by government authorities (including the Pennsylvania Liquor Control Board, taxing authorities, and law enforcement), or to enforce our rights, protect our property, or protect the safety of our guests, employees, or others.

6.3 Business transfers

In the event of a merger, acquisition, sale of assets, financing transaction, or similar event, personal information may be transferred to the successor entity, subject to the terms of this Privacy Policy.

6.4 With your consent

We may share personal information for other purposes with your express consent — for example, when you ask us to coordinate with a wedding vendor, or when you opt in to receive communications from a partner.

6.5 Aggregated or de-identified information

We may share aggregated or de-identified information that cannot reasonably be used to identify you for marketing, analytics, research, and other purposes.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, including:

  • Wine sales records: 7 years (to comply with tax, accounting, and federal/state alcohol compliance laws)
  • Lodging reservation records: 7 years (for tax, occupancy, and dispute resolution purposes)
  • Cafe and retail POS data: consistent with tax/accounting retention, typically 7 years
  • Event contracts and event-related data: 7 years following the event
  • Gift card records: until the card is fully redeemed or expired under applicable law, plus reasonable retention thereafter
  • Newsletter and marketing data: until you opt out, plus a brief period to honor your opt-out preference
  • Security camera footage: typically 30–90 days, depending on the property, unless retained longer for legal or security reasons
  • Analytics data: typically 26 months for Google Analytics standard retention, configurable

When personal information is no longer needed, we either delete it or de-identify it.

8. Your Privacy Rights

Depending on where you live, you may have certain rights regarding your personal information.

8.1 California Residents (CCPA / CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect, use, disclose, and sell or share about you
  • Access and request a copy of your personal information
  • Correct inaccurate personal information
  • Delete your personal information, subject to legal exceptions
  • Opt out of the sale or sharing of your personal information for cross-context behavioral advertising
  • Limit the use and disclosure of sensitive personal information
  • Non-discrimination for exercising these rights

We do not sell personal information for monetary consideration. To exercise opt-out of any “sharing” of personal information for cross-context behavioral advertising (as defined by the CPRA), click the “Do Not Sell or Share My Personal Information” link in our footer, or contact us at info@deercreekwine.com.

8.2 Other U.S. State Residents

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), and other states with comprehensive privacy laws may have similar rights, including the rights to access, correct, delete, and obtain a portable copy of personal information, as well as the right to opt out of targeted advertising and the sale of personal information. To exercise these rights, contact us at info@deercreekwine.com.

8.3 European Visitors (GDPR / UK GDPR)

If you visit from the European Economic Area, United Kingdom, or Switzerland, you have rights under the GDPR including access, rectification, erasure, restriction, portability, and objection. The legal bases on which we process data include performance of a contract (orders and reservations), legitimate interests (operations, analytics, security), consent (marketing and non-essential cookies), and legal obligation (tax, alcohol, and lodging compliance). We are a U.S.-based business and primarily operate within the United States.

8.4 How to Exercise Your Rights

Contact us at info@deercreekwine.com with your request. We may need to verify your identity. We respond within the timeframe required by applicable law (typically 45 days, with possible extensions).

9. Children’s Privacy

9.1 Online services

The deercreekwine.com website and our wine ecommerce, event-booking, and online services are intended for users 21 years of age or older. We do not knowingly collect personal information from anyone under 13. If you believe a child under 13 has provided us with personal information through the website, please contact us at info@deercreekwine.com and we will delete the information.

9.2 Lodging and on-premises

Children may be guests at our lodging properties when accompanying a parent or guardian. In those cases, we collect only the limited information necessary to manage the booking (such as the number and ages of children in the party) and we treat that information consistent with this Privacy Policy. Children under 21 may not consume alcohol at our properties.

10. Data Security

We use commercially reasonable physical, technical, and administrative safeguards to protect personal information. These include access controls, encryption in transit, and secure handling of payment information through our PCI-compliant payment processors. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential.

11. Third-Party Links and Embedded Content

Our website and our communications may include links to third-party websites and embedded content (Vinoshipper checkout, ThinkReservations booking, Brevo forms, Instagram feeds, embedded YouTube videos, Google Maps, etc.). We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party site or service you visit.

12. Do Not Track

Some browsers offer a “Do Not Track” signal. There is no industry consensus on how to interpret this signal. Our website does not currently respond to Do Not Track signals. You can manage tracking on the site using the cookie controls described in Section 5.

13. International Visitors

Our website and services are intended for use within the United States. If you are accessing our site from outside the U.S., be aware that information you provide will be transferred to and processed in the United States, where data protection laws may differ from those in your country.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. The “Effective Date” at the top reflects the latest revision. Material changes will be communicated by posting the updated policy on the site and, where appropriate, by other means (such as email to current guests with upcoming reservations).

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Email: info@deercreekwine.com
Phone: 814.354.7392
Mail: Deer Creek Winery, Attn: Privacy, 3333 Soap Fat Rd, Shippenville, PA 16254