Privacy Policy

Your privacy is our priority. Learn how we protect and use your personal information.

Last Updated: December 20, 2024

1. Introduction

Welcome to Church's Chicken. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our website, mobile applications, order food, visit our restaurants, or interact with our services.

This policy applies to all information collected through our digital platforms, in-store interactions, delivery services, catering orders, loyalty programs, and any other touchpoints with Church's Chicken. By using our services, ordering food, creating an account, or engaging with our brand, you agree to the collection and use of information in accordance with this policy.

We never sell your personal data. Your trust is fundamental to our relationship, and we are committed to maintaining the highest standards of privacy protection. This policy is designed to be transparent about our data practices and your rights regarding your personal information.

If you have any questions about this Privacy Policy or our data practices, please contact us using the information provided in Section 13.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

  • Create an Account: Name, email address, phone number, date of birth, username, and password
  • Place Orders: Delivery addresses, payment information, order history, dietary preferences, allergen information, and special dietary requirements (vegan, halal, kosher, gluten-free)
  • Join Loyalty Programs: Rewards data, favorite orders, purchase history, and preferences
  • Make Reservations: Table reservation information, party size, special requests, and contact details
  • Book Catering: Event details, guest count, menu preferences, delivery information, and special instructions
  • Contact Us: Customer service inquiries, feedback, reviews, complaints, and correspondence
  • Marketing Preferences: Communication preferences, subscription choices, and promotional opt-ins
  • Apply for Jobs: Employment applications, resumes, cover letters, and professional references
  • Franchise Inquiries: Business experience, financial information, and location preferences

2.2 Information Collected Automatically

When you use our digital services, we automatically collect certain information:

  • Device Information: IP address, browser type and version, operating system, device identifiers, and mobile device information
  • Usage Data: Pages visited, time spent on site, click patterns, search queries, referral sources, and interaction with content
  • Location Data: Approximate location based on IP address, GPS coordinates (with permission), and delivery addresses
  • Cookie Data: Session IDs, user preferences, authentication tokens, and analytics data
  • Performance Data: Website loading times, error reports, and technical diagnostics

2.3 Information from Third Parties

We may receive information about you from third-party sources:

  • Social Media Platforms: When you connect your social media accounts or interact with our social content
  • Payment Processors: Transaction confirmation, payment verification, and fraud prevention data
  • Delivery Partners: Delivery status updates, driver information, and delivery confirmation
  • Marketing Partners: Demographic data, interest categories, and advertising effectiveness metrics
  • Data Aggregators: Publicly available information, demographic insights, and contact verification

3. How We Use Your Information

3.1 Service Provision

  • Order Processing: Managing food orders, payment processing, preparation coordination, and delivery arrangement
  • Account Management: Creating and maintaining user accounts, authentication, and profile management
  • Customer Support: Responding to inquiries, resolving issues, processing refunds, and providing assistance
  • Quality Improvement: Analyzing service performance, identifying improvement opportunities, and enhancing user experience
  • Loyalty Programs: Managing rewards, tracking points, processing redemptions, and providing member benefits
  • Reservation Management: Processing table bookings, managing availability, and coordinating restaurant capacity

3.2 Communication

  • Order Communications: Confirmation emails, SMS updates, delivery notifications, and receipt delivery
  • Customer Service: Support responses, issue resolution updates, and follow-up communications
  • Important Notices: Policy changes, service updates, security alerts, and account notifications
  • Marketing Communications: Promotional offers, new menu items, special events, and newsletter content (with explicit consent)
  • Loyalty Communications: Rewards updates, points balance, exclusive offers, and program benefits

3.3 Marketing and Analytics

  • Personalized Marketing: Customized offers, targeted advertising, and relevant content delivery
  • Website Analytics: Traffic analysis, user behavior tracking, conversion measurement, and performance optimization
  • Campaign Effectiveness: Measuring advertising success, ROI analysis, and marketing attribution
  • Market Research: Understanding customer preferences, developing new products, and improving services
  • Competitive Analysis: Industry benchmarking, trend identification, and strategic planning

3.4 Legal Compliance and Safety

  • Legal Obligations: Complying with applicable laws, regulations, and industry standards
  • Fraud Prevention: Detecting suspicious activity, preventing unauthorized access, and protecting against security threats
  • Rights Protection: Protecting our intellectual property, enforcing terms of service, and defending legal claims
  • Public Safety: Responding to emergencies, cooperating with law enforcement, and ensuring customer safety
  • Dispute Resolution: Investigating complaints, mediating conflicts, and resolving legal disputes

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who help us operate our business:

  • Payment Processors: Secure payment processing, fraud detection, and transaction verification
  • Delivery Services: Order fulfillment, driver coordination, delivery tracking, and customer communication
  • Cloud Storage Providers: Secure data hosting, backup services, and technical infrastructure
  • Email Marketing Services: Newsletter delivery, promotional campaigns, and communication management
  • Analytics Tools: Website performance analysis, user behavior tracking, and business intelligence
  • Customer Support Tools: Help desk services, chat support, and ticket management
  • POS System Providers: Restaurant order management, inventory tracking, and sales reporting

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

  • Legal Process: Court orders, subpoenas, search warrants, and other legal demands
  • Regulatory Compliance: Health department requirements, tax obligations, and industry regulations
  • Law Enforcement: Criminal investigations, public safety concerns, and emergency situations
  • Legal Claims: Defending against lawsuits, protecting intellectual property, and enforcing contracts

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Customer data may be transferred to the new owner
  • We will notify customers before any transfer occurs
  • The new owner must comply with this privacy policy
  • Customers will have the right to opt-out if they disagree with the transfer

4.4 With Your Consent

We may share information for other purposes with your explicit consent, such as:

  • Sharing reviews or testimonials publicly (with permission)
  • Participating in joint marketing campaigns with partners
  • Including customer success stories in promotional materials

5. Data Security

5.1 Technical Measures

We implement comprehensive technical safeguards to protect your data:

  • Encryption: All sensitive data is encrypted using industry-standard SSL/TLS protocols during transmission and AES-256 encryption at rest
  • Firewall Systems: Advanced firewall protection and intrusion detection systems monitor network traffic 24/7
  • Access Controls: Multi-factor authentication, role-based permissions, and principle of least privilege access
  • Security Monitoring: Continuous monitoring for suspicious activity, automated threat detection, and incident response protocols
  • Regular Backups: Automated data backups with secure off-site storage and disaster recovery procedures
  • Vulnerability Management: Regular security assessments, penetration testing, and software updates

5.2 Organizational Measures

Our team follows strict security protocols:

  • Employee Training: Regular security awareness training and privacy protection education
  • Data Handling Procedures: Standardized processes for data collection, processing, and disposal
  • Confidentiality Agreements: All employees and contractors sign confidentiality agreements
  • Incident Response: Documented procedures for security breach response and customer notification
  • Third-Party Audits: Regular security audits and compliance assessments by independent firms
  • Privacy by Design: Security considerations integrated into all system development and updates

5.3 Your Security Responsibilities

You can help protect your information by:

  • Strong Passwords: Use unique, complex passwords and update them regularly
  • Account Protection: Never share your login credentials with others
  • Public Computer Safety: Always log out when using shared or public computers
  • Phishing Awareness: Be cautious of suspicious emails or links claiming to be from us
  • Breach Reporting: Immediately report any unauthorized account access or suspicious activity

Security Breach Notification: In the unlikely event of a data breach that affects your personal information, we will promptly notify you within 72 hours of discovery and take immediate action to secure your data and prevent further unauthorized access.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website and mobile applications. The table below details the types of cookies we use:

Cookie Type Purpose Duration
Essential Cookies Basic site functionality, shopping cart, login state, security features Session
Functional Cookies User preferences, language settings, location data, customization Up to 1 year
Analytics Cookies Website usage analysis, performance tracking, user behavior insights Up to 2 years
Marketing Cookies Personalized advertising, campaign tracking, retargeting Up to 1 year

Tracking Technologies We Use

  • Google Analytics: Website traffic analysis, user behavior tracking, and conversion measurement
  • Facebook Pixel: Social media advertising effectiveness and audience building
  • Web Beacons: Email open rate tracking and engagement measurement
  • Local Storage: Browser-based data storage for enhanced functionality
  • Session Storage: Temporary data storage for current browsing session

Cookie Management

You have control over cookies through your browser settings. You can:

  • Accept or reject cookies before they are stored
  • Delete existing cookies from your device
  • Set your browser to notify you when cookies are sent
  • Block all cookies (note: this may affect website functionality)

Please note that disabling certain cookies may impact your ability to use some features of our website, including placing orders and accessing your account.

7. Your Privacy Rights (GDPR/CCPA Compliance)

Depending on your location, you may have the following rights regarding your personal data:

7.1 Right of Access

You have the right to request a copy of all personal data we hold about you. This includes order history, account information, and any data collected through our services.

7.2 Right to Rectification

You can request that we correct any inaccurate or incomplete personal data. This includes updating your contact information, delivery addresses, or dietary preferences.

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data when it is no longer necessary for the purposes it was collected or when you withdraw consent.

7.4 Right to Restrict Processing

You can request that we limit how we use your data while we address your concerns about accuracy or lawfulness of processing.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format and to transmit this data to another organization.

7.6 Right to Object

You can object to our processing of your data for direct marketing purposes or when processing is based on legitimate interests.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

How to Exercise Your Rights

To exercise any of these rights, please contact us:

  • Email: [email protected]
  • Phone: +1 651-340-3568
  • Mail: 470 Cleveland Ave S, St Paul, MN 55105, USA

We will respond to your request within 30 days and may require verification of your identity for security purposes.

8. Children's Privacy

Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under 16 without parental consent.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately. We will take steps to remove such information from our systems and terminate any accounts created by underage users.

If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take immediate action to delete such information from our servers.

Parents can contact us using the information in Section 13 to review, update, or delete their child's information if any was inadvertently collected.

9. International Data Transfers

9.1 Protection Measures

When we transfer your data internationally, we ensure appropriate safeguards are in place:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws as recognized by relevant authorities
  • Standard Contractual Clauses (SCCs): EU-approved contract terms that ensure GDPR-level protection
  • Data Processing Agreements: Comprehensive contracts with all data processors and sub-processors
  • Security Measures: Technical and organizational measures equivalent to those required by GDPR
  • Regular Compliance Audits: Ongoing monitoring and assessment of international data handling practices

9.2 Transfer Destinations

Your data may be transferred to and stored in the following locations:

  • United States: Cloud storage and data processing (with appropriate safeguards)
  • European Union: Analytics and marketing services (adequacy decision)
  • Other Countries: As necessary for service provision, always with appropriate protection measures

10. Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected. The table below outlines our retention periods:

Information Type Retention Period Reason for Retention
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order History & Payment Records 7 years Tax and accounting requirements, warranty claims
Marketing Consent Records 3 months after consent withdrawal Proof of consent withdrawal
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement, training
Loyalty Program Data 2 years after program exit Program administration, fraud prevention
Employment Applications 1 year after application Equal opportunity compliance

Safe Data Disposal

When data retention periods expire, we ensure secure deletion through:

  • Electronic Deletion: Complete removal of digital data using secure deletion protocols that make recovery impossible
  • Physical Destruction: Secure shredding of physical documents containing personal information
  • Backup Purging: Removal of personal data from all backup systems and archives
  • Disposal Documentation: Maintaining records of data disposal for compliance purposes

11. Third-Party Links

Our website and mobile applications may contain links to third-party websites, services, or applications that are not owned or controlled by Church's Chicken. This includes:

  • Social media platforms (Facebook, Instagram, Twitter)
  • Payment processors and financial institutions
  • Delivery service platforms
  • Partner restaurant websites
  • Supplier and vendor websites

We are not responsible for the privacy practices or content of these third-party sites. These external sites may have their own privacy policies and data collection practices that differ from ours.

Your Responsibility: We strongly encourage you to review the privacy policies of any third-party sites you visit before providing them with your personal information. Any interaction you have with these sites is governed by their terms and privacy policies, not ours.

We do not endorse or make any representations about third-party websites or their privacy practices. Links to external sites are provided for convenience only.

12. Policy Changes

12.1 Change Notification

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make changes, we will notify you through:

  • Website Notice: Prominent notification on our homepage and privacy policy page
  • Email Notification: Direct email to registered users for significant changes
  • In-App Notifications: Pop-up notifications when you log into your account
  • Push Notifications: Mobile app notifications for material changes

For significant changes that materially affect how we collect, use, or share your personal information, we will obtain your explicit consent before implementing the changes.

12.2 Checking for Changes

To stay informed about our privacy practices:

  • The most current version of this policy is always available on our website
  • Check the "Last Updated" date at the top of this policy
  • Your continued use of our services after changes constitutes acceptance of the updated policy
  • If you disagree with changes, you may discontinue using our services and request account deletion

13. Contact Information

Church's Chicken

470 Cleveland Ave S, St Paul, MN 55105, USA

+1 651-340-3568

[email protected]

Business Hours: Monday - Friday, 9:00 AM - 6:00 PM CST

We are committed to responding to all privacy-related inquiries within 3 business days. For urgent privacy concerns, please call us directly.

13.1 Privacy Complaints

If you have a complaint about how we handle your personal information:

  • Contact Us First: Please reach out to us using the contact information above to resolve the issue
  • Supervisory Authority: If you're not satisfied with our response, you may contact your local data protection authority
  • US Residents: You may file a complaint with the Federal Trade Commission (FTC) or your state's Attorney General
  • EU Residents: You may contact your local Data Protection Authority (DPA)

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

  • Email Unsubscribe: Click the unsubscribe link in any promotional email
  • Account Settings: Log into your account and update your communication preferences
  • Customer Support: Contact us directly to remove you from marketing lists
  • SMS Opt-Out: Reply "STOP" to any promotional text message

Please note that withdrawing marketing consent will not affect transactional communications (order confirmations, delivery updates, etc.).

14.2 Account Deletion

To delete your account and personal data:

  1. Log into your account and go to account settings
  2. Select "Delete Account" and follow the confirmation steps
  3. Alternatively, contact customer support for assistance
  4. We will confirm account deletion within 3 business days

Note: Some data may be retained for legal compliance purposes as outlined in our retention policy (Section 10).

15. Conclusion

At Church's Chicken, protecting your privacy is not just a legal obligation—it's a fundamental part of building and maintaining trust with our customers. We are committed to being transparent about our data practices and providing you with meaningful choices about your personal information.

This Privacy Policy reflects our dedication to safeguarding your data while delivering the exceptional food service experience you expect from Church's Chicken. We understand that privacy is personal, and we respect your right to control how your information is collected, used, and shared.

We encourage you to reach out to us with any questions, concerns, or feedback about this Privacy Policy or our privacy practices. Your input helps us improve and ensures we continue to meet your expectations for privacy protection.

Thank you for choosing Church's Chicken and for trusting us with your personal information. We look forward to serving you while keeping your privacy protected.

Remember: This Privacy Policy was last updated on December 20, 2024. Please check back regularly for any updates or changes.