Privacy Policy

1. Introduction

At Church's Chicken, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, store, and protect your data when you visit our website, use our mobile applications, dine at our restaurants, or engage with our services.

This policy applies to all services offered by Church's Chicken, including our website (churchschicken.click), mobile applications, in-store experiences, delivery services, catering, franchise operations, and any other services we provide. By using our services, you agree to the terms outlined in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide to Us

• Personal Identification: Name, email address, phone number, postal address, date of birth
• Account Information: Username, password, account preferences, order history, saved payment methods
• Food Service Information: Dietary preferences, allergen information, special dietary requirements (vegan, halal, kosher), favorite orders, portion preferences
• Delivery & Location Data: Delivery addresses, location data for nearby restaurant finder, GPS coordinates for delivery tracking
• Payment Information: Credit card details, billing address, payment history (encrypted and securely stored)
• Communication Data: Contact form submissions, customer service interactions, reviews, feedback, marketing preferences
• Loyalty Program Data: Rewards points, membership status, promotional preferences, birthday and anniversary dates
• Reservation & Catering: Table reservation details, party size, special occasion information, catering event details, guest count

2.2 Information Automatically Collected

• Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution
• Usage Data: Pages visited, time spent on site, click patterns, search queries, menu items viewed, order frequency
• Cookie Data: Session IDs, user preferences, authentication tokens, shopping cart contents, analytics data
• Location Information: Approximate location based on IP address, GPS data (with permission), time zone
• Performance Data: Website load times, error messages, feature usage statistics

2.3 Information from Third Parties

• Social Media: Profile information if you connect social media accounts (Facebook, Google, Instagram)
• Payment Processors: Transaction verification, fraud prevention data, payment method validation
• Delivery Partners: Delivery status updates, driver location, delivery completion confirmations
• Marketing Partners: Advertising performance data, campaign effectiveness metrics, demographic insights
• Review Platforms: Public reviews and ratings you post on third-party platforms

3. How We Use Your Information

3.1 Service Provision

• Order Processing: Processing and fulfilling your food orders, managing delivery and pickup
• Account Management: Creating and maintaining your account, authentication, password resets
• Customer Support: Responding to inquiries, resolving issues, providing technical assistance
• Quality Improvement: Analyzing usage patterns to improve our services, menu offerings, and user experience
• Personalization: Customizing menu recommendations based on dietary preferences and order history

3.2 Communication

• Order Communications: Order confirmations, preparation updates, delivery notifications, pickup reminders
• Customer Support: Responding to questions, complaints, and feedback
• Important Notices: Service updates, policy changes, security alerts, restaurant closures
• Marketing Communications: Promotional offers, new menu items, loyalty rewards, special events (with your consent)

3.3 Marketing and Analytics

• Personalized Advertising: Showing relevant ads based on your preferences and order history
• Performance Analysis: Measuring website traffic, user engagement, conversion rates
• Campaign Effectiveness: Tracking marketing campaign performance and ROI
• Market Research: Understanding customer preferences for new product development

3.4 Legal Compliance

• Legal Requests: Responding to lawful requests from law enforcement and regulatory authorities
• Fraud Prevention: Detecting and preventing fraudulent transactions and activities
• Rights Protection: Protecting our rights, property, safety, and that of our customers and employees
• Dispute Resolution: Resolving customer complaints, refund requests, and legal disputes

4. Information Sharing and Disclosure

4.1 Service Providers

• Payment Processors: Secure processing of credit card and digital payment transactions
• Delivery Services: Third-party delivery partners for order fulfillment and tracking
• Cloud Storage: Secure data storage and backup services with enterprise-grade security
• Marketing Services: Email campaign management, SMS notifications, advertising platforms
• Analytics Tools: Website analytics, user behavior analysis, performance monitoring
• Customer Support: Third-party support platforms for chat, phone, and ticket management

4.2 Legal Requirements

• Court Orders: Complying with valid court orders, subpoenas, and legal processes
• Regulatory Compliance: Meeting food safety, health department, and business licensing requirements
• Rights Protection: Protecting intellectual property, preventing fraud, ensuring public safety
• Emergency Situations: Sharing information necessary to address immediate threats to health or safety

4.3 Business Transfers

• Corporate Transactions: In case of merger, acquisition, asset sale, or business reorganization
• Customer Notification: We will notify customers before personal information is transferred
• Policy Compliance: New owners must comply with this privacy policy or provide notice of changes

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as participation in surveys, contests, or special promotional events.

5. Data Security

5.1 Technical Measures

• Encryption: SSL/TLS encryption for all data transmission, end-to-end encryption for sensitive data
• Firewall Protection: Advanced firewall systems to prevent unauthorized access
• Access Control: Role-based access with minimum necessary permissions for employees
• Monitoring: 24/7 security monitoring and intrusion detection systems
• Data Backup: Regular automated backups with secure off-site storage
• Vulnerability Testing: Regular security audits and penetration testing

5.2 Organizational Measures

• Employee Training: Regular security awareness training for all staff members
• Data Handling: Strict procedures for personal data access, processing, and storage
• Confidentiality: Signed confidentiality agreements with employees and third-party partners
• Incident Response: Comprehensive security incident response and notification procedures
• Regular Audits: Periodic internal and external security audits and compliance reviews

5.3 Your Security Responsibilities

• Strong Passwords: Use complex passwords and update them regularly
• Account Security: Don't share login credentials with others
• Public Computers: Always log out when using shared or public computers
• Suspicious Activity: Be cautious of phishing emails and suspicious links
• Prompt Reporting: Report any unauthorized account access immediately

6. Cookies and Tracking Technologies

We use various types of cookies and tracking technologies to enhance your experience on our website and mobile applications. The following table outlines the types of cookies we use:

Cookie Type	Purpose	Duration
Essential Cookies	Basic site functionality, user authentication, shopping cart, login state maintenance	Session (deleted when browser closes)
Functional Cookies	User preferences, language settings, location preferences, accessibility options	Up to 1 year
Analytics Cookies	Website usage analysis, performance monitoring, user behavior insights	Up to 2 years
Marketing Cookies	Personalized advertising, campaign tracking, social media integration	Up to 1 year

Other Tracking Technologies

• Google Analytics: Website traffic analysis and user behavior tracking
• Facebook Pixel: Social media advertising measurement and optimization
• Web Beacons: Email open rate tracking and engagement measurement
• Local Storage: Browser-based data storage for enhanced user experience
• Mobile Analytics: App usage tracking and performance monitoring

Cookie Management

You can control cookie settings through your browser preferences. Most browsers allow you to accept, reject, or delete cookies. Please note that disabling certain cookies may affect website functionality and your user experience. For detailed instructions on managing cookies, please refer to your browser's help documentation.

7. Your Rights (GDPR/CCPA Compliance)

Depending on your location, you may have certain rights regarding your personal information under data protection laws such as GDPR, CCPA, and other applicable privacy regulations.

7.1 Right of Access

You have the right to request and receive information about the personal data we hold about you, including the purposes of processing and categories of data.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information in your account at any time.

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data, subject to certain legal obligations and legitimate business needs.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal data in certain circumstances.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format and transmit it to another service provider.

7.6 Right to Object

You can object to processing of your personal data, especially for direct marketing purposes.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling.

8. Children's Privacy

Church's Chicken services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under 16 years of age. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

If we discover that we have collected personal information from a child under 16 without verified parental consent, we will take immediate steps to delete such information from our systems. We encourage parents and guardians to monitor their children's internet usage and help enforce this Privacy Policy.

9. International Data Transfers

9.1 Protection Measures

When we transfer personal data internationally, we ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries recognized as providing adequate protection (EU-US, EU-Japan adequacy decisions)
• Standard Contractual Clauses: Using EU-approved Standard Contractual Clauses (SCCs) for international transfers
• Data Processing Agreements: Comprehensive agreements with international service providers
• Security Measures: Additional technical and organizational security measures for international transfers
• Regular Reviews: Ongoing compliance monitoring and regular audits of international partners

9.2 Transfer Destinations

• United States: Cloud storage services, payment processing, customer support systems
• European Union: Data analytics services, marketing platforms, security monitoring
• Other Countries: As needed for business operations, always with appropriate legal safeguards

10. Data Retention Periods

We retain personal information only as long as necessary for the purposes outlined in this policy, to comply with legal obligations, or to resolve disputes. The following table outlines our retention periods:

Information Type	Retention Period	Reason for Retention
Account Information	6 months after account deletion	Legal obligations, dispute resolution, fraud prevention
Order & Purchase History	7 years	Tax requirements, accounting obligations, warranty support
Marketing Consent Records	3 months after consent withdrawal	Consent record keeping, compliance documentation
Website Usage Logs	Up to 2 years	Security monitoring, analytics, performance optimization
Customer Support Records	3 years	Service quality improvement, training, dispute resolution
Payment Information	As required by payment processors	Chargeback protection, fraud prevention, refund processing
CCTV Recordings (In-Store)	30 days	Security, theft prevention, incident investigation

Safe Data Disposal

When personal data reaches the end of its retention period, we ensure secure disposal:

• Electronic Data: Complete deletion using industry-standard methods that make data unrecoverable
• Physical Records: Secure shredding of paper documents and physical media
• Backup Systems: Systematic deletion from all backup and archive systems
• Documentation: Maintaining records of data disposal for compliance purposes

11. Third-Party Links and Services

Our website and mobile applications may contain links to third-party websites, social media platforms, and external services. Please note that we are not responsible for the privacy practices of these external sites and services.

We encourage you to review the privacy policies of any third-party websites you visit before providing personal information. These external sites may have different privacy practices, data collection methods, and security measures than ours.

When you click on third-party links or use external services integrated into our platforms, you are subject to the terms and privacy policies of those third parties. Your interactions with these services are governed by their respective policies, not this Privacy Policy.

12. Policy Changes and Updates

12.1 Notification Methods

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make changes, we will notify you through:

• Website Notice: Prominent notice on our website homepage
• Email Notification: Email alerts to registered users for significant changes
• Mobile App: In-app notifications for mobile application users
• Account Dashboard: Notifications in your account dashboard
• Explicit Consent: Required consent for material changes that affect your rights

12.2 Checking for Changes

• Current Version: The most current version of this policy is always available on our website
• Last Updated Date: Check the "Last Updated" date at the top of this policy
• Continued Use: Continued use of our services after changes indicates acceptance
• Disagreement: If you disagree with changes, you may discontinue using our services

13.1 Privacy-Related Complaints

If you are not satisfied with our response to your privacy inquiry, you may contact your local data protection authority:

• EU Residents: Contact your local Data Protection Authority
• California Residents: California Attorney General's Office
• Canadian Residents: Office of the Privacy Commissioner of Canada
• UK Residents: Information Commissioner's Office (ICO)

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time through:

• Unsubscribe Links: Click the unsubscribe link in any marketing email
• Account Settings: Update preferences in your online account dashboard
• Customer Support: Contact our customer support team directly
• SMS Opt-Out: Reply "STOP" to any promotional text message

14.2 Account Deletion Process

To delete your account and associated personal data:

1. Log into your account and go to Account Settings
2. Select "Delete Account" option
3. Confirm your identity for security purposes
4. Review information that will be deleted
5. Confirm deletion request

Important Note: Some information may be retained for legal compliance, fraud prevention, and legitimate business purposes as outlined in our retention policy.

15. Conclusion

At Church's Chicken, protecting your privacy is not just a legal obligation—it's a fundamental aspect of our commitment to you as our valued customer. We understand that trust is earned through consistent actions and transparent practices, and we are dedicated to maintaining that trust every day.

This Privacy Policy represents our promise to handle your personal information with the utmost care and respect. We recognize that your privacy is essential to your relationship with us, whether you're ordering your favorite meal, participating in our loyalty program, or simply browsing our website.

We encourage you to reach out to us with any questions, concerns, or feedback about our privacy practices. Your input helps us continuously improve our services and ensures that we're meeting your expectations for privacy protection.

Thank you for choosing Church's Chicken and for trusting us with your personal information. We look forward to continuing to serve you while protecting your privacy every step of the way.