Privacy Policy

1. Introduction

Church's Chicken ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, share, and protect information about you when you use our food delivery services, visit our restaurants, use our website at churchschickens.digital, mobile applications, or interact with us in any other way.

This policy applies to all aspects of our food service operations, including online ordering, delivery services, dine-in experiences, catering services, loyalty programs, and customer support. By using our services, you agree to the collection and use of information in accordance with this policy.

We never sell your personal data to third parties. Your trust is paramount to us, and we are committed to maintaining the highest standards of data protection and privacy.

2. Information We Collect

2.1 Information You Provide Directly

• Personal Identification Information: Name, email address, phone number, postal address, date of birth
• Account Information: Username, password, purchase history, order preferences, favorite menu items
• Payment Information: Credit/debit card details, billing address, payment method preferences (stored securely with encryption)
• Delivery Information: Delivery addresses, special delivery instructions, preferred delivery times
• Dietary Information: Food allergies, dietary restrictions (vegan, vegetarian, halal, kosher), special nutritional requirements
• Order History: Previous orders, meal preferences, customization requests, feedback and ratings
• Communication Records: Contact form submissions, customer service interactions, reviews, survey responses
• Marketing Preferences: Email subscription choices, SMS preferences, promotional offer interests
• Loyalty Program Data: Reward points, membership level, redemption history, bonus offers
• Catering Information: Event details, guest counts, special requests, corporate account information
• Reservation Data: Table booking preferences, party size, special occasion notes

2.2 Information We Collect Automatically

• Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution
• Usage Data: Pages visited, time spent on site, clicks, navigation patterns, search queries, menu browsing behavior
• Location Information: Approximate location based on IP address, GPS location (with permission) for delivery optimization
• Cookie Data: Session identifiers, user preferences, shopping cart contents, analytics information
• Performance Data: App performance metrics, loading times, error logs, crash reports

2.3 Information from Third Parties

• Social Media: Profile information if you connect social media accounts
• Payment Processors: Transaction verification, fraud detection data
• Delivery Partners: Delivery status updates, driver location information
• Marketing Partners: Campaign effectiveness data, audience insights (aggregated and anonymized)

3. How We Use Your Information

3.1 Service Provision

• Order Processing: Taking, preparing, and fulfilling your food orders
• Delivery Services: Coordinating deliveries, tracking orders, optimizing delivery routes
• Payment Processing: Secure transaction handling, refund processing
• Account Management: Creating and maintaining user accounts, authentication
• Customer Support: Responding to inquiries, resolving issues, providing assistance
• Quality Improvement: Analyzing usage patterns to enhance our services and menu offerings
• Personalization: Customizing your experience based on preferences and order history

3.2 Communication

• Order Notifications: Confirmation emails, preparation updates, delivery notifications
• Account Communications: Password resets, account verification, security alerts
• Customer Service: Response to support requests, follow-up communications
• Important Notices: Policy changes, service updates, security notifications
• Marketing Communications: Promotional offers, new menu items, special deals (only with your consent)

3.3 Marketing and Analytics

• Personalized Advertising: Relevant promotional content based on your preferences
• Website Analytics: Understanding user behavior, improving website performance
• Campaign Measurement: Evaluating marketing effectiveness, ROI analysis
• Market Research: Developing new products, understanding customer needs
• Loyalty Programs: Managing rewards, tracking points, offering personalized benefits

3.4 Legal Compliance and Security

• Legal Obligations: Complying with applicable laws and regulations
• Fraud Prevention: Detecting and preventing fraudulent activities
• Security Protection: Safeguarding our systems and your information
• Dispute Resolution: Handling complaints, legal claims, and disputes
• Emergency Situations: Protecting health, safety, and rights of individuals

4. Information Sharing and Disclosure

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our business:

• Payment Processors: Secure handling of financial transactions (e.g., Stripe, PayPal)
• Delivery Companies: Coordinating food delivery services and tracking
• Cloud Storage Providers: Secure data storage and backup services
• Email Marketing Services: Managing email campaigns and communications
• Analytics Tools: Website and app performance analysis
• Customer Support Platforms: Managing customer service interactions
• Security Services: Fraud detection and prevention systems

4.2 Legal Requirements

We may disclose your information when required by law or in response to:

• Court orders, subpoenas, or other legal processes
• Government investigations or regulatory requirements
• Protection of our rights, property, or safety
• Prevention of fraud or other illegal activities
• Emergency situations involving public safety

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new owner. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5. Data Security

5.1 Technical Security Measures

• Encryption: SSL/TLS encryption for all data transmission and storage
• Firewall Protection: Advanced firewall systems to prevent unauthorized access
• Access Controls: Strict access limitations on a need-to-know basis
• Security Monitoring: 24/7 monitoring for suspicious activities and threats
• Data Backups: Regular, secure backups with encryption
• Vulnerability Testing: Regular security assessments and penetration testing

5.2 Organizational Security Measures

• Employee Training: Regular privacy and security training for all staff
• Data Handling Procedures: Strict protocols for personal data processing
• Confidentiality Agreements: All employees and contractors sign confidentiality agreements
• Incident Response Plan: Comprehensive plan for handling security breaches
• Regular Audits: Internal and external security audits

5.3 Your Security Responsibilities

• Use strong, unique passwords for your account
• Never share your login credentials with others
• Log out of your account on shared or public computers
• Be cautious of phishing emails and suspicious links
• Report any unauthorized access immediately
• Keep your contact information up to date

Security Breach Notification: In the unlikely event of a data breach that affects your personal information, we will notify you and relevant authorities within 72 hours of becoming aware of the breach, as required by law.

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience and analyze how our services are used:

Type	Purpose	Duration
Essential Cookies	Basic site functions, login state, shopping cart	Session
Functional Cookies	User preferences, language settings, location	Up to 1 year
Analytics Cookies	Usage analysis, performance monitoring	Up to 2 years
Marketing Cookies	Personalized advertising, campaign tracking	Up to 1 year

Other Tracking Technologies Used:

• Google Analytics: Website traffic analysis and user behavior insights
• Facebook Pixel: Ad performance measurement and audience building
• Web Beacons: Email open rate tracking and engagement measurement
• Local Storage: Storing user preferences and app data locally

Cookie Management: You can control cookies through your browser settings. Most browsers allow you to accept, reject, or delete cookies. Please note that disabling certain cookies may affect website functionality and your user experience.

7. Your Privacy Rights

Under applicable privacy laws, including GDPR and CCPA, you have the following rights:

7.1 Right of Access

You can request to view the personal data we hold about you, including how it's used and who it's shared with.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data under certain circumstances.

7.4 Right to Restrict Processing

You can request limitation on how we use your data in specific situations.

7.5 Right to Data Portability

You can request to receive your data in a machine-readable format for transfer to another service.

7.6 Right to Object

You can object to processing of your data, especially for marketing purposes.

7.7 Right Against Automated Decision-Making

You can request human review of automated decisions that significantly affect you.

How to Exercise Your Rights: Contact us using the information in Section 13. We will respond to your request within 30 days and may require verification of your identity.

8. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to delete that information promptly.

Parents and guardians are encouraged to monitor their children's online activities and help enforce this policy by instructing their children never to provide personal information through our services without permission.

9. International Data Transfers

9.1 Protection Measures

When we transfer your data internationally, we implement appropriate safeguards including:

• EU Commission adequacy decisions for approved countries
• Standard Contractual Clauses (SCC) approved by the EU Commission
• Binding Corporate Rules for intra-group transfers
• Appropriate technical and organizational security measures
• Regular compliance audits and assessments

9.2 Transfer Destinations

Your data may be transferred to and stored in:

• United States: Cloud storage and data processing services
• European Union: Analytics and customer service operations
• Other countries: As necessary for service provision with appropriate protections

10. Data Retention Periods

Information Type	Retention Period	Reason
Account Information	6 months after deletion	Legal obligations, dispute resolution
Order and Purchase History	7 years	Tax and accounting requirements
Payment Information	As required by payment processors	Fraud prevention, chargeback protection
Marketing Consent Records	3 months after withdrawal	Consent record keeping
Website Usage Logs	Up to 2 years	Security, analytics, service improvement
Customer Support Records	3 years	Service quality improvement
Delivery Information	1 year	Service optimization, dispute resolution
Loyalty Program Data	Duration of membership + 2 years	Program administration, fraud prevention

Safe Data Disposal

When data retention periods expire, we ensure secure deletion through:

• Complete electronic deletion using industry-standard methods
• Physical destruction of paper records through secure shredding
• Deletion from backup systems within reasonable timeframes
• Maintenance of disposal records for audit purposes

11. Third-Party Links

Our website and mobile applications may contain links to external websites, social media platforms, or other services operated by third parties. We are not responsible for the privacy practices or content of these external sites.

Before providing any personal information to third-party websites, we encourage you to review their privacy policies and terms of service. Your interactions with these sites are solely between you and the third party.

Third-party services we may link to include:

• Social media platforms (Facebook, Instagram, Twitter)
• Payment processors and financial institutions
• Review and rating platforms
• Partner restaurant websites
• Nutritional information databases

12. Privacy Policy Changes

12.1 Change Notification Process

We may update this Privacy Policy from time to time. When we make changes, we will notify you through:

• Prominent notice on our website homepage
• Email notification to registered users
• Pop-up notification when you next log in
• Push notifications through our mobile app

For significant changes that affect your rights or how we use your data, we will obtain your explicit consent before implementing the changes.

12.2 Staying Informed

• The latest version of this policy is always available on our website
• Check the "Last Updated" date at the top of this policy
• Continued use of our services after changes indicates acceptance
• You always have the option to stop using our services if you disagree with changes

13. Contact Information

13.1 Filing Complaints

If you have concerns about our privacy practices, please contact us first. If you're not satisfied with our response, you can file a complaint with your local data protection authority:

• EU residents: Contact your national Data Protection Authority
• California residents: California Attorney General's Office
• Other jurisdictions: Contact your relevant privacy regulator

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time through:

• Clicking the "unsubscribe" link in any marketing email
• Updating your preferences in your account settings
• Contacting our customer support team
• Replying "STOP" to SMS marketing messages

14.2 Account Deletion Process

To delete your account and associated data:

1. Log into your account and go to account settings
2. Select "Delete Account" option
3. Confirm your identity for security purposes
4. Review information about data that will be retained for legal compliance
5. Confirm deletion request

Important Note: Some data may be retained as required by law, including transaction records for tax purposes and fraud prevention data as permitted by applicable regulations.

15. Conclusion

At Church's Chicken, we are committed to maintaining the highest standards of privacy protection and data security. Your trust is fundamental to our business, and we take our responsibility to protect your personal information seriously.

We believe that transparency about our data practices helps build a stronger relationship with our customers. This Privacy Policy reflects our commitment to giving you control over your personal information while enabling us to provide you with the best possible dining experience.

If you have any questions about this Privacy Policy or our privacy practices, please don't hesitate to contact us. We welcome your feedback and are always looking for ways to improve our privacy protections.

Thank you for choosing Church's Chicken and for trusting us with your personal information. We look forward to serving you delicious food while keeping your data safe and secure.

Remember: This Privacy Policy was last updated on January 15, 2026. Please check back regularly for any updates or changes.