Privacy Policy

1. Introduction

Welcome to Church's Chicken. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our mobile application, order our food products, or interact with our services.

This policy applies to all users of our services, including customers who place orders, sign up for loyalty programs, make reservations, or simply browse our website. By using our services, you agree to the terms outlined in this Privacy Policy.

Important Note: We never sell your personal data to third parties. Your trust is paramount to us, and we maintain strict standards for data protection and privacy.

2. Information We Collect

2.1 Information You Provide

• Personal Identification Information: Name, email address, phone number, mailing address, billing address, and delivery address
• Account Information: Username, password, purchase history, order preferences, and account settings
• Food Service Information: Order history, dietary preferences, allergen information, special dietary requirements (vegan, halal, kosher, gluten-free), favorite orders, and meal customizations
• Payment Information: Credit card details, billing information (encrypted and securely stored), and payment method preferences
• Location Data: Delivery addresses, restaurant preferences, and location for nearby store finder
• Loyalty Program Data: Rewards points, redemption history, tier status, and program preferences
• Reservation Information: Table booking details, party size, special requests, and dining preferences
• Catering Information: Event details, guest count, menu selections, dietary accommodations, and delivery requirements
• Communication Data: Contact form submissions, customer service interactions, reviews, feedback, and marketing preferences

2.2 Automatically Collected Information

• Device Information: IP address, browser type, operating system, device identifiers, and mobile device information
• Usage Data: Pages visited, time spent on site, click patterns, search queries, and app usage statistics
• Cookie Data: Session IDs, user preferences, shopping cart contents, and analytics data
• Location Information: Approximate location derived from IP address (with your permission for precise location)

2.3 Information from Third Parties

• Social Media: Profile information when you connect social media accounts or use social login features
• Payment Processors: Transaction verification and fraud prevention data from payment service providers
• Delivery Partners: Delivery status updates and location information from third-party delivery services
• Marketing Partners: Campaign performance data and customer insights from authorized marketing platforms

3. How We Use Your Information

3.1 Service Provision

• Order Processing: Processing and fulfilling your food orders, managing delivery and pickup, and handling special requests
• Account Management: Creating and maintaining your account, authenticating users, and providing customer support
• Service Improvement: Analyzing usage patterns to enhance our menu, services, website functionality, and customer experience
• Personalization: Customizing your experience based on preferences, order history, and dietary requirements

3.2 Communication

• Order Updates: Sending order confirmations, preparation status, delivery notifications, and pickup alerts
• Customer Support: Responding to inquiries, resolving issues, and providing assistance with orders and services
• Important Notices: Communicating policy changes, service updates, security alerts, and account-related information
• Marketing Communications: Sending promotional emails, special offers, new menu items, and loyalty program updates (only with your explicit consent)

3.3 Marketing and Analytics

• Personalized Advertising: Showing relevant ads based on your preferences and order history
• Website Analytics: Analyzing traffic patterns, user behavior, and site performance to improve our digital platforms
• Campaign Measurement: Evaluating the effectiveness of marketing campaigns and promotional activities
• Market Research: Conducting research to develop new menu items, services, and improve customer satisfaction

3.4 Legal Compliance

• Legal Requests: Responding to subpoenas, court orders, and other legal process requirements
• Fraud Prevention: Detecting and preventing fraudulent activities, unauthorized access, and payment fraud
• Safety Protection: Protecting the rights, property, and safety of our customers, employees, and business
• Dispute Resolution: Resolving customer complaints, billing disputes, and other legal matters

4. Information Sharing and Disclosure

4.1 Service Providers

• Payment Processors: Secure transaction processing, fraud detection, and payment verification services
• Delivery Services: Third-party delivery partners for order fulfillment and real-time tracking
• Cloud Storage Providers: Secure data storage, backup services, and infrastructure management
• Marketing Services: Email marketing platforms, advertising networks, and customer communication tools
• Analytics Tools: Website analytics, user behavior analysis, and performance monitoring services

4.2 Legal Requirements

• Court Orders: Complying with subpoenas, warrants, and other legal demands from law enforcement
• Regulatory Compliance: Meeting food safety regulations, health department requirements, and industry standards
• Rights Protection: Defending our legal rights, intellectual property, and business interests
• Public Safety: Addressing emergencies, public health concerns, and safety threats

4.3 Business Transfers

• Mergers and Acquisitions: Transferring data in connection with business sales, mergers, or asset transfers
• Customer Notification: Providing advance notice before any data transfer to new ownership
• Policy Compliance: Ensuring new owners comply with equivalent privacy protection standards

4.4 With Your Consent

• Explicit Consent: Sharing information for other purposes only with your clear and informed consent

5. Data Security

5.1 Technical Measures

• Encryption: SSL/TLS encryption for all data transmission between your device and our servers
• Firewall Protection: Advanced firewall systems protecting against unauthorized access and cyber threats
• Access Control: Limiting access to personal data to authorized personnel on a need-to-know basis
• Monitoring: 24/7 security monitoring and intrusion detection systems
• Data Backup: Regular secure backups to prevent data loss and ensure business continuity

5.2 Organizational Measures

• Employee Training: Regular security training for all staff handling personal information
• Data Handling Procedures: Strict protocols for collecting, processing, storing, and disposing of personal data
• Third-Party Agreements: Confidentiality and data protection agreements with all service providers
• Incident Response: Comprehensive security incident response plan and breach notification procedures
• Security Audits: Regular security assessments and compliance audits by independent security experts

5.3 Your Responsibilities

• Strong Passwords: Creating unique, complex passwords for your account and changing them regularly
• Account Security: Keeping your login credentials confidential and not sharing them with others
• Public Computers: Logging out completely when using public or shared computers
• Suspicious Activity: Being cautious of phishing emails and reporting suspicious communications
• Immediate Reporting: Notifying us immediately of any unauthorized account access or security concerns

Security Breach Notification: In the unlikely event of a data breach affecting your personal information, we will promptly notify you and relevant authorities as required by law, typically within 72 hours of discovery.

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience and improve our services:

Type	Purpose	Duration
Essential Cookies	Basic site functionality, login state, shopping cart	Session only
Functional Cookies	User preferences, language settings, location memory	Up to 1 year
Analytics Cookies	Usage analysis, performance monitoring, site improvement	Up to 2 years
Marketing Cookies	Personalized advertising, campaign measurement	Up to 1 year

Tracking Technologies Used:

• Google Analytics: Website traffic analysis and user behavior insights
• Facebook Pixel: Social media advertising effectiveness measurement
• Web Beacons: Email open rates and engagement tracking
• Local Storage: Browser-based data storage for improved performance

Cookie Management: You can control cookies through your browser settings to accept, reject, or delete cookies. Please note that disabling certain cookies may affect website functionality and your user experience.

7. Your Rights (GDPR/CCPA Compliance)

You have several important rights regarding your personal information:

7.1 Right of Access

You have the right to request access to your personal data and receive information about how we process it.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information we hold about you.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data, subject to certain legal and business requirements.

7.4 Right to Restrict Processing

You can request limitations on how we use your personal data in certain circumstances.

7.5 Right to Data Portability

You can request to receive your personal data in a machine-readable format or have it transferred to another service.

7.6 Right to Object

You can object to processing of your personal data, particularly for direct marketing purposes.

7.7 Right Against Automated Decision-Making

You have rights regarding automated decision-making and profiling that significantly affects you.

How to Exercise Your Rights: Contact us using the information provided in the Contact section below. We will respond to your request within 30 days and may require verification of your identity before processing your request.

8. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we discover that we have collected personal information from a child under 16 without proper parental consent, we will promptly delete such information from our systems.

9. International Data Transfers

9.1 Protection Measures

When we transfer personal data internationally, we implement appropriate safeguards:

• Adequacy Decisions: Transfers to countries with EU adequacy decisions (such as Japan)
• Standard Contractual Clauses (SCCs): Using EU-approved contract terms for international transfers
• Data Processing Agreements: Contractual protections with all international service providers
• Security Measures: Implementing appropriate technical and organizational security measures
• Compliance Audits: Regular reviews to ensure continued protection of transferred data

9.2 Transfer Destinations

We may transfer your personal data to:

• United States: Cloud storage and data processing services
• European Union: Data analytics and customer support services
• Other Countries: As needed for business operations, always with appropriate protections in place

10. Data Retention Periods

We retain personal information only as long as necessary for the purposes described in this policy:

Information Type	Retention Period	Reason
Account Information	6 months after account deletion	Legal obligations, dispute resolution
Purchase History	7 years	Tax and accounting requirements
Marketing Consent	3 months after withdrawal	Consent record keeping
Website Usage Logs	Up to 2 years	Security monitoring, analytics
Customer Support Records	3 years	Service quality improvement
Order History	5 years	Customer service, loyalty programs
Payment Information	As required by payment processors	Fraud prevention, chargebacks

Safe Data Disposal

When personal data reaches the end of its retention period, we securely dispose of it through:

• Complete Electronic Deletion: Permanent, unrecoverable deletion from all systems
• Physical Record Destruction: Secure shredding of physical documents
• Backup Data Removal: Deletion from all backup and archive systems
• Disposal Documentation: Maintaining records of data disposal activities

11. Third-Party Links

Our website may contain links to third-party websites, social media platforms, and services. We are not responsible for the privacy practices or content of these external sites.

We encourage you to review the privacy policies of any third-party sites before providing them with your personal information. Your interactions with third-party sites are governed by their respective privacy policies, not ours.

When you click on third-party links, you are leaving our site and our Privacy Policy no longer applies. We recommend exercising caution when sharing personal information on external platforms.

12. Policy Changes

12.1 Change Notification

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. When we make changes, we will notify you through:

• Website Notice: Prominent notification on our website homepage
• Email Notification: Direct email to registered users for significant changes
• App Notification: In-app notifications for mobile users
• Login Notification: Pop-up notification when you log into your account
• Explicit Consent: Requesting new consent for material changes that affect your rights

12.2 Checking for Changes

• Current Version: The most current version is always available on our website
• Last Updated Date: Check the "Last Updated" date at the top of this policy
• Continued Use: Continued use of our services after changes indicates acceptance
• Disagreement Option: You may discontinue using our services if you disagree with changes

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

• Email Unsubscribe: Click the unsubscribe link in any marketing email
• Account Settings: Update your communication preferences in your account dashboard
• Customer Support: Contact our customer service team to opt out
• Phone Request: Call us during business hours to update your preferences

14.2 Account Deletion

To permanently delete your account and associated data:

1. Log into your account and go to account settings
2. Select "Delete Account" option
3. Confirm your identity and deletion request
4. Note: Some information may be retained for legal compliance purposes
5. You will receive confirmation of account deletion within 5 business days

15. Conclusion

At Church's Chicken, protecting your privacy is fundamental to our relationship with you. We are committed to maintaining the highest standards of data protection and transparency in all our practices.

Your trust is essential to our business, and we continuously work to earn and maintain that trust through responsible data handling, robust security measures, and clear communication about our privacy practices.

We invite you to contact us with any questions or concerns about this Privacy Policy or our data practices. Your feedback helps us improve our services and better protect your privacy.

Thank you for choosing Church's Chicken. We appreciate your business and your confidence in our commitment to protecting your personal information.

Remember to check this page periodically for updates, as indicated by the "Last Updated" date at the top of this policy.