Privacy Policy

1. Introduction

Welcome to Church's Chicken. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, share, and protect your personal information when you visit our website, mobile applications, or use our food delivery and catering services.

This policy applies to all interactions you have with Church's Chicken, including ordering food online, visiting our restaurants, signing up for loyalty programs, making table reservations, or requesting catering services. By using our services, you agree to the collection and use of information in accordance with this policy.

The scope of this policy covers all personal information collected through our digital platforms, in-restaurant interactions, and third-party service integrations. By continuing to use our services, you acknowledge that you have read and understood this privacy policy and agree to its terms.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when using our services:

• Personal Identification: Name, email address, phone number, postal address, date of birth
• Account Information: Username, password, purchase history, order preferences, favorite items
• Payment Information: Credit/debit card details, billing address (stored in encrypted format through secure payment processors)
• Order Information: Food items ordered, delivery address, special instructions, dietary preferences and restrictions
• Allergen Information: Food allergies and intolerances you share with us for safe food preparation
• Dietary Requirements: Special dietary needs such as vegan, halal, kosher, gluten-free preferences
• Loyalty Program Data: Rewards points, membership level, participation in promotions
• Reservation Information: Table booking details, party size, special occasion notes
• Catering Details: Event information, guest count, menu selections, delivery logistics
• Communication: Contact form submissions, customer service inquiries, reviews and feedback
• Marketing Preferences: Newsletter subscriptions, promotional communications preferences

2.2 Automatically Collected Information

We automatically collect certain information when you interact with our services:

• Device Information: IP address, browser type and version, operating system, device identifiers
• Usage Data: Pages visited, time spent on site, click patterns, search queries, order completion rates
• Location Data: Approximate location derived from IP address for delivery zone determination
• Cookie Data: Session identifiers, user preferences, shopping cart contents, analytics data
• Performance Data: Website loading times, error reports, technical diagnostics

2.3 Information from Third Parties

We may receive information about you from third-party sources:

• Social Media: Profile information when you connect social media accounts
• Payment Processors: Transaction verification and fraud prevention data
• Delivery Partners: Delivery status updates, driver location for order tracking
• Marketing Partners: Campaign performance data, advertising effectiveness metrics
• Data Enrichment Services: Additional contact information to improve service delivery

3. How We Use Your Information

3.1 Service Provision

• Order Processing: Fulfilling your food orders, coordinating delivery, managing table reservations
• Payment Processing: Handling transactions securely and preventing fraudulent activities
• Customer Support: Responding to inquiries, resolving issues, providing order assistance
• Account Management: Maintaining your profile, order history, and preference settings
• Quality Improvement: Analyzing usage patterns to enhance our services and user experience
• Food Safety: Managing allergen information and dietary restrictions for safe food preparation

3.2 Communication

• Order Communications: Confirmation emails, delivery notifications, order status updates
• Customer Support: Responding to questions, complaints, and feedback
• Service Notifications: Important updates about our services, policy changes, security alerts
• Marketing Communications: Promotional offers, new menu items, special events (with your consent only)
• Loyalty Programs: Points balance updates, reward notifications, tier status changes

3.3 Marketing and Analytics

• Personalization: Customizing recommendations based on your order history and preferences
• Advertising: Delivering targeted advertisements across digital platforms
• Analytics: Understanding customer behavior, popular menu items, peak ordering times
• Market Research: Developing new products and services based on customer insights
• Campaign Measurement: Evaluating the effectiveness of marketing initiatives

3.4 Legal Compliance and Protection

• Legal Requirements: Complying with applicable laws, regulations, and legal processes
• Fraud Prevention: Detecting and preventing fraudulent transactions and activities
• Security: Protecting our systems, customers, and business from security threats
• Dispute Resolution: Resolving conflicts and enforcing our terms of service
• Emergency Response: Responding to health and safety emergencies when necessary

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who assist us in operating our business:

• Payment Processors: Stripe, PayPal, and other payment services for secure transaction processing
• Delivery Services: DoorDash, Uber Eats, and our own delivery partners for order fulfillment
• Cloud Storage Providers: Amazon Web Services, Microsoft Azure for secure data storage and backup
• Email Services: Mailchimp, SendGrid for marketing communications and order notifications
• Analytics Tools: Google Analytics, Facebook Analytics for website usage analysis
• Customer Support: Zendesk, Intercom for managing customer service interactions

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

• Legal Process: Court orders, subpoenas, government investigations
• Regulatory Compliance: Health department inspections, food safety investigations
• Rights Protection: Defending against legal claims, protecting intellectual property
• Public Safety: Emergency situations that threaten public health or safety
• Fraud Investigation: Cooperating with law enforcement in fraud prevention efforts

4.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets:

• We will notify customers before personal information is transferred
• The new owner must comply with this privacy policy
• You will have the option to delete your account before any transfer
• Your rights under this policy will remain protected

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

• Participating in partner promotions or loyalty programs
• Sharing reviews and testimonials (with your permission)
• Connecting with social media platforms

5. Data Security

5.1 Technical Security Measures

• Encryption: All data transmission is protected using SSL/TLS encryption protocols
• Secure Storage: Personal data is stored in encrypted databases with access controls
• Firewall Protection: Advanced firewall systems protect against unauthorized access
• Access Control: Strict employee access controls based on job requirements
• Monitoring: 24/7 security monitoring and intrusion detection systems
• Regular Backups: Automated data backups stored in secure, encrypted environments
• Vulnerability Testing: Regular security assessments and penetration testing

5.2 Organizational Security Measures

• Employee Training: Regular security awareness training for all staff members
• Data Handling Procedures: Strict protocols for accessing, processing, and storing personal data
• Confidentiality Agreements: All employees and contractors sign confidentiality agreements
• Incident Response Plan: Comprehensive procedures for handling security breaches
• Regular Audits: Periodic security audits and compliance assessments
• Vendor Security: Security requirements for all third-party service providers

5.3 Your Security Responsibilities

You can help protect your personal information by:

• Strong Passwords: Using complex, unique passwords for your account
• Account Security: Not sharing login credentials with others
• Public Computers: Always logging out when using shared or public computers
• Phishing Awareness: Being cautious of suspicious emails or links claiming to be from us
• Reporting: Immediately reporting any unauthorized account access

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience and provide personalized services. Below is a comprehensive overview of the types of cookies we use:

Tracking Technologies We Use:

• Google Analytics: Website traffic analysis and user behavior insights
• Facebook Pixel: Advertising campaign measurement and audience targeting
• Web Beacons: Email open rates and engagement tracking
• Local Storage: Storing user preferences and shopping cart data
• Session Storage: Temporary data storage during your visit

Cookie Management

You can control cookie settings through your browser preferences. Most browsers allow you to:

• View which cookies are stored on your device
• Delete cookies individually or all at once
• Block cookies from specific websites
• Block third-party cookies
• Delete cookies when you close your browser

7. Your Rights (GDPR/CCPA Compliance)

Under applicable data protection laws, you have several rights regarding your personal information:

7.1 Right of Access

You have the right to request access to your personal data and receive information about how we process it.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data under certain circumstances.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information.

7.5 Right to Data Portability

You can request a copy of your personal data in a machine-readable format.

7.6 Right to Object

You can object to processing of your personal data, especially for marketing purposes.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing.

8. Children's Privacy

Church's Chicken is committed to protecting children's privacy online. Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children under 16.

Our Commitment:

• We do not intentionally collect personal information from children under 16
• We do not sell or share children's personal information
• We do not use children's information for marketing purposes
• We implement age-appropriate design principles on our platforms

Parent/Guardian Notice

If you believe that we have inadvertently collected personal information from a child under 16, please contact us immediately at [email protected]. We will promptly investigate and delete any such information from our systems.

What Parents Can Do:

• Review and discuss internet safety with children
• Monitor children's online activities
• Contact us if you discover unauthorized information collection
• Request deletion of any child's information we may have

9. International Data Transfers

As a business operating in multiple regions, we may transfer your personal data internationally. We ensure appropriate protection through:

9.1 Protection Measures

• Adequacy Decisions: Transfers to countries with adequate data protection laws
• Standard Contractual Clauses (SCC): Legal frameworks ensuring data protection
• Data Processing Agreements: Binding contracts with international partners
• Security Measures: Technical and organizational safeguards during transfer
• Regular Audits: Compliance monitoring and assessment

9.2 Transfer Destinations

• United States: Cloud storage and data processing facilities
• European Union: Analytics and marketing services
• Canada: Customer support and technical services
• Other Jurisdictions: As needed for service delivery with appropriate protections

10. Data Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy or as required by law:

Safe Data Disposal

When personal data reaches its retention limit, we ensure secure disposal through:

• Electronic Deletion: Complete and unrecoverable deletion of digital data
• Physical Destruction: Secure shredding of paper records
• Backup Purging: Removal from all backup systems and archives
• Documentation: Maintaining records of disposal activities

11. Third-Party Links

Our website and mobile applications may contain links to third-party websites, social media platforms, or services. This privacy policy does not apply to these external sites.

Important Considerations:

• We are not responsible for the privacy practices of third-party websites
• Third-party sites have their own privacy policies and terms of service
• We recommend reviewing privacy policies before providing personal information
• Links do not constitute an endorsement of third-party privacy practices

Your Responsibility

When clicking on external links or using third-party services, you are responsible for:

• Reading and understanding their privacy policies
• Deciding whether to provide personal information
• Understanding how your data will be used
• Exercising your rights under their policies

12. Policy Changes

12.1 Change Notification

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes through:

• Website Notice: Prominent banner on our homepage
• Email Notification: Direct communication to registered users
• App Notifications: Push notifications through mobile applications
• Account Dashboard: Notification upon login to your account

12.2 Checking for Updates

You can stay informed about policy changes by:

• Regularly checking the "Last Updated" date at the top of this policy
• Subscribing to our newsletter for important updates
• Following our social media channels
• Contacting us directly with questions

Continued use of our services after policy changes constitutes acceptance of the updated terms. If you disagree with changes, you have the option to discontinue using our services and delete your account.

13. Contact Information

13.1 Filing Complaints

If you have privacy concerns that we cannot resolve directly, you may contact relevant supervisory authorities:

• US Residents: Federal Trade Commission (FTC) - consumer.ftc.gov
• EU Residents: Your local Data Protection Authority
• California Residents: California Attorney General's Office

We encourage you to contact us first so we can address your concerns directly and maintain a positive relationship.

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time through:

• Unsubscribe Links: Click unsubscribe in any marketing email
• Account Settings: Update preferences in your online account
• Customer Service: Contact our support team directly
• Phone: Call us during business hours

14.2 Account Deletion Process

To permanently delete your account and personal data:

1. Log into your account or contact customer service
2. Submit a formal deletion request
3. Verify your identity for security purposes
4. Receive confirmation of deletion within 30 days

Note: Some information may be retained for legal compliance, fraud prevention, or legitimate business purposes as outlined in our retention policy.

15. Conclusion

At Church's Chicken, protecting your privacy is fundamental to our business values and customer relationships. We are committed to transparency, security, and giving you control over your personal information.

This privacy policy reflects our dedication to:

• Transparency: Clear communication about our data practices
• Control: Giving you choices about your personal information
• Security: Protecting your data with industry-standard measures
• Compliance: Meeting all applicable privacy laws and regulations
• Trust: Building and maintaining your confidence in our services

We understand that trust is earned through actions, not just words. Our privacy practices are regularly reviewed and updated to ensure we meet the highest standards of data protection.

Thank you for trusting Church's Chicken with your personal information. We look forward to serving you delicious food while protecting your privacy.

Last Updated: December 14, 2024