Privacy Policy

Welcome to Church's Chicken (referred to herein as "we," "us," "our," or the "Company"). We operate the website churchickens.top and are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, place orders, use our digital services, or otherwise interact with us.

Please read this Privacy Policy carefully. If you disagree with its terms, please discontinue use of our website and services immediately. This policy applies to all users of churchickens.top and any related services offered by Church's Chicken.

By accessing or using our website and services, you acknowledge that you have read, understood, and agree to be bound by all the terms of this Privacy Policy. We encourage you to review this document periodically, as it may be updated from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

1. Company Information and Contact Details

The entity responsible for processing your personal data under this Privacy Policy is:

For all privacy-related inquiries, requests, or complaints, please contact us at [email protected]. We are committed to responding to all legitimate privacy requests in a timely and thorough manner.

2. Scope and Applicability

This Privacy Policy applies to all personal information collected through our website churchickens.top, our online ordering platform, our email communications, our promotional programs, our loyalty programs, our customer feedback mechanisms, and any other digital or physical touchpoints through which you interact with Church's Chicken.

This policy does not apply to third-party websites, applications, or services that may be linked to or from our website. We encourage you to review the privacy policies of any third-party sites you visit, as we have no control over their privacy practices and are not responsible for their content or policies.

3. Information We Collect

We collect various types of information in connection with your use of our website and services. The categories of information we may collect include, but are not limited to, the following:

3.1 Personal Identification Information

When you create an account, place an order, sign up for our newsletter, participate in a promotional campaign, or otherwise voluntarily provide information to us, we may collect:

• Full name
• Email address
• Phone number (mobile and/or landline)
• Mailing and billing address (including street address, city, state, ZIP code)
• Date of birth (for age verification and personalized promotions)
• Username and password for account registration
• Profile photo or avatar (if uploaded voluntarily)
• Payment information, including credit/debit card numbers, expiration dates, and billing details (processed through secure third-party payment processors)
• Dietary preferences, allergen information, and food choices (if provided voluntarily)

3.2 Transaction and Order Information

When you place an order through our website or related applications, we collect:

• Order history and details (items ordered, quantities, customizations)
• Payment transaction records
• Delivery address and preferred delivery times
• Restaurant location preferences
• Discount codes, loyalty points, and promotional redemption records

3.3 Usage and Activity Data

We automatically collect certain information about how you interact with our website, including:

• Pages visited, time spent on each page, and the sequence of page visits
• Links clicked and buttons interacted with
• Search queries entered on our website
• Referring website or URL that directed you to our site
• Date and time of your visit
• Frequency and duration of visits
• Errors encountered and performance data

3.4 Device and Technical Information

We collect technical information about the device and internet connection you use to access our website, including:

• IP address
• Browser type and version
• Operating system and version
• Device type (desktop, tablet, mobile)
• Screen resolution
• Device identifiers and hardware model
• Mobile network information
• Language settings
• Time zone settings

3.5 Location Data

With your permission, we may collect precise or approximate geographic location data from your device to help you find the nearest Church's Chicken location, enable delivery services, and provide location-based offers. You may disable location sharing at any time through your device's settings; however, this may limit certain features of our website or app.

3.6 Communications Data

If you contact us through email, our customer service portal, or social media channels, we collect the content of those communications, including any attachments, feedback, complaints, or suggestions you provide. This helps us improve our services and respond effectively to your inquiries.

3.7 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage objects, and similar tracking technologies to collect information about your browsing behavior and preferences. Please refer to Section 9 of this Privacy Policy for more detailed information about our use of cookies.

3.8 Information from Third Parties

We may also receive personal information about you from third-party sources, including:

• Social media platforms (when you log in using a social media account or share content)
• Third-party delivery partners and food delivery aggregator platforms
• Loyalty program partners
• Marketing and analytics partners
• Publicly available sources
• Customer review platforms

4. How We Use Your Information

We use the information we collect for a variety of purposes, all aimed at providing you with a better, safer, and more personalized experience. Specifically, we may use your information to:

4.1 Provide and Manage Our Services

• Process and fulfill your food orders
• Create and manage your account on our website
• Facilitate delivery and pickup services
• Process payments and prevent fraudulent transactions
• Send order confirmations, receipts, and delivery notifications
• Manage loyalty points, rewards, and promotional redemptions

4.2 Customer Service and Support

• Respond to your questions, complaints, and feedback
• Resolve disputes and troubleshoot issues
• Communicate updates about your orders and account
• Provide accessibility accommodations where required

4.3 Marketing and Promotional Communications

• Send promotional emails, newsletters, and special offers (with your consent or as permitted by law)
• Personalize marketing messages based on your order history and preferences
• Run contests, sweepstakes, and promotional campaigns
• Display targeted advertisements on our website and third-party platforms
• Conduct direct marketing via email, SMS, or push notifications (where you have opted in)

4.4 Analytics and Website Improvement

• Analyze usage patterns to improve our website, menu, and services
• Conduct internal research and analytics
• Monitor and improve the performance and security of our website
• Develop new features and functionality
• Measure the effectiveness of our marketing campaigns

4.5 Legal Compliance and Safety

• Comply with applicable federal and state laws, regulations, and legal processes
• Enforce our Terms of Service and other agreements
• Detect, investigate, and prevent fraudulent or unauthorized activity
• Protect the rights, property, and safety of our users, employees, and the public
• Respond to lawful requests from law enforcement or government authorities

5. Legal Basis for Processing (Applicable Laws)

As a company operating in the United States, we process your personal information in accordance with applicable U.S. federal and state privacy laws. Our primary legal framework includes:

• The Federal Trade Commission Act (FTC Act) — which governs unfair or deceptive practices related to data collection and consumer protection at the federal level.
• The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) — which grants California residents enhanced rights regarding their personal information. Please see Section 11 for a full description of CCPA/CPRA rights.
• CAN-SPAM Act — which governs our commercial email communications.
• Children's Online Privacy Protection Act (COPPA) — which restricts our collection of data from children under 13 years of age.
• Other applicable state privacy laws, including but not limited to those of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Texas (TDPSA), where applicable.

6. Sharing Your Information with Third Parties

We do not sell your personal information to third parties for monetary consideration. However, we may share your information with certain trusted third parties under the circumstances described below:

6.1 Service Providers and Business Partners

We share your information with third-party vendors and service providers who perform functions on our behalf, including:

• Payment processors and financial institutions (to handle billing and fraud prevention)
• Cloud hosting and data storage providers
• Email and SMS marketing platforms
• Analytics and data insight providers (e.g., Google Analytics)
• Customer relationship management (CRM) software providers
• Food delivery logistics partners
• Customer service and helpdesk platforms
• Advertising technology companies

All such service providers are contractually obligated to use your information only for the purposes for which it was shared and to maintain appropriate security standards.

6.2 Legal and Regulatory Authorities

We may disclose your personal information when required to do so by law, court order, subpoena, or government regulation. We may also disclose information to:

• Respond to lawful requests by public authorities, including law enforcement
• Protect and defend our legal rights or property
• Prevent or investigate possible wrongdoing in connection with our services
• Protect the personal safety of users or the public

6.3 Business Transfers

In the event that Church's Chicken undergoes a merger, acquisition, reorganization, sale of assets, or bankruptcy proceeding, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information via a prominent notice on our website or by direct communication.

6.4 With Your Consent

We may share your information with third parties when you have explicitly consented to such sharing or have directed us to do so (for example, when linking your account to a third-party loyalty platform or social media service).

6.5 Aggregate and De-Identified Data

We may share aggregated, anonymized, or de-identified data with third parties for research, marketing, analytics, and other business purposes. This data cannot reasonably be used to identify any individual.

7. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical security measures to protect your data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS (Secure Socket Layer/Transport Layer Security) technology.
• Access Controls: Access to personal data is restricted to authorized personnel who have a legitimate business need to access it. We enforce role-based access controls and require multi-factor authentication for administrative access.
• Secure Payment Processing: We do not store full credit card numbers on our servers. Payment data is processed by PCI-DSS compliant third-party payment processors.
• Regular Security Audits: We conduct regular security assessments, penetration testing, and vulnerability scans of our systems.
• Data Minimization: We collect only the minimum amount of personal data necessary for the stated purposes.
• Employee Training: All employees who handle personal data receive regular training on data protection practices and our internal privacy policies.
• Incident Response: We maintain a data breach response plan and will notify affected users and relevant authorities in the event of a security breach, as required by applicable law.

8. Your Privacy Rights

Depending on your state of residence, you may have the following rights with respect to your personal information:

8.1 Right to Know and Access

You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the purposes for which we use it, and the categories of third parties with whom we share it.

8.2 Right to Correction

You have the right to request that we correct inaccurate personal information we hold about you. We will make commercially reasonable efforts to honor such requests in a timely manner.

8.3 Right to Deletion

You have the right to request that we delete the personal information we have collected from you, subject to certain exceptions (such as when we are required to retain data by law, to complete a transaction, or to detect security incidents).

8.4 Right to Data Portability

Where technically feasible, you have the right to request that we provide your personal information in a structured, commonly used, and machine-readable format so that you can transfer it to another service provider.

8.5 Right to Opt-Out of Sale or Sharing

Under the CCPA/CPRA, California residents have the right to opt out of the "sale" or "sharing" of their personal information for cross-context behavioral advertising purposes. To exercise this right, please contact us at [email protected] or use the opt-out mechanisms provided on our website.

8.6 Right to Limit Use of Sensitive Personal Information

California residents have the right to limit our use and disclosure of sensitive personal information (such as precise geolocation, health data, and payment credentials) to only that which is necessary to provide our services.

8.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you goods or services, charge you different prices, provide a different level of service quality, or suggest that you will receive a different level of quality of goods or services as a result of exercising your rights.

8.8 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a verifiable consumer request to us by:

• Emailing us at: [email protected]
• Visiting our website: churchickens.top

We will respond to verifiable consumer requests within 45 days of receipt, as required by the CCPA/CPRA. If we need more time (up to 90 days total), we will inform you of the reason and extension in writing. We may need to verify your identity before processing your request. Authorized agents may submit requests on your behalf with proper written authorization.

9. Cookie Policy and Tracking Technologies

Our website churchickens.top uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, personalize content, and deliver targeted advertising. Cookies are small text files placed on your device when you visit our website.

9.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the operation of our website, including enabling you to log in to your account, maintain your shopping cart, and complete transactions. These cannot be disabled without affecting website functionality.
• Performance and Analytics Cookies: These collect information about how visitors use our website, such as which pages are most visited and where errors occur. We use tools such as Google Analytics for this purpose.
• Functional Cookies: These allow our website to remember your preferences (such as language settings and location) to provide a more personalized experience.
• Targeting and Advertising Cookies: These are set by us and our advertising partners to build a profile of your interests and show you relevant advertisements on our website and other platforms.

9.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of our website. For more information about managing cookies, visit www.allaboutcookies.org.

For detailed information about the specific cookies we use and your options for managing them, please refer to our full Cookie Policy available on our website at churchickens.top.

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention periods are as follows:

When personal information is no longer needed, we will securely delete or anonymize it in accordance with our internal data disposal policies.

11. California Privacy Rights (CCPA/CPRA)

If you are a resident of the State of California, you have specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA) (effective January 1, 2023). These rights include:

• The right to know what personal information is collected, used, shared, or sold about you
• The right to delete personal information held by us and our service providers (subject to certain exceptions)
• The right to correct inaccurate personal information
• The right to opt out of the sale or sharing of your personal information
• The right to limit the use of your sensitive personal information
• The right to non-discrimination for exercising your CCPA/CPRA rights
• The right to data portability

Categories of personal information collected: As described in Section 3, we collect identifiers, commercial information, internet or electronic network activity, geolocation data, and inferences drawn from this information.

Categories of personal information disclosed for business purposes: We disclose identifiers, commercial information, and usage data to our service providers as described in Section 6.

To submit a CCPA/CPRA request, please email us at [email protected]. We will verify your identity before processing your request and will respond within the timeframes required by law.

12. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect, use, or disclose personal information from children under the age of 13 without verifiable parental consent. If we become aware that we have inadvertently collected personal information from a child under 13 without appropriate parental consent, we will take steps to delete such information as soon as possible.

If you are between the ages of 13 and 17, please do not use our website without the supervision and consent of a parent or legal guardian. We encourage parents and guardians to monitor their children's online activities and to help enforce this Privacy Policy by instructing children not to provide personal information through our website without parental permission.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected] and we will take prompt action to delete such information from our records.

13. International Data Transfers

Church's Chicken is headquartered in the United States of America, and all data we collect is processed and stored on servers located within the United States. If you are accessing our website from outside the United States, please be aware that your personal information will be transferred to, processed, and stored in the United States, where data protection laws may differ from those of your home country.

By using our website and services and providing us with your personal information, you acknowledge and consent to the transfer of your data to the United States. We take reasonable steps to ensure that any data transferred internationally is handled securely and in accordance with this Privacy Policy and applicable privacy laws.

If your country of residence has specific laws governing international data transfers (for example, the EU General Data Protection Regulation or similar frameworks), and those laws apply to your use of our website, we will take appropriate steps to comply with such requirements, which may include the use of standard contractual clauses or other approved data transfer mechanisms.

14. Third-Party Links and Integrations

Our website may contain links to third-party websites, applications, and services, including social media platforms, payment gateways, and food delivery partners. These third parties have their own privacy policies, and we do not accept any responsibility or liability for their practices, content, or policies.

When you click on a link to a third-party website or use a third-party integration (such as social login or a delivery platform), you leave our website and are subject to the terms and privacy policies of that third party. We encourage you to review the privacy policies of any third-party websites or services before providing them with your personal information.

15. Marketing Communications and Opt-Out

With your consent or as otherwise permitted by law, we may send you promotional emails, newsletters, SMS messages, push notifications, and other marketing communications about our products, services, offers, and events.

You can opt out of receiving marketing communications from us at any time by:

• Clicking the "unsubscribe" link at the bottom of any marketing email
• Replying "STOP" to any marketing SMS message
• Updating your communication preferences in your account settings
• Contacting us directly at [email protected]

Please note that even if you opt out of marketing communications, we may still send you transactional and service-related communications (such as order confirmations, receipts, and security alerts) that are necessary for the administration of your account or the services you have requested.

16. How to File a Complaint with a Data Protection Authority

If you believe that we have violated your privacy rights or applicable data protection laws, you have the right to file a complaint with the relevant authorities. In the United States, the following options are available to you:

16.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) is the primary federal agency responsible for consumer protection and enforcing laws against deceptive or unfair business practices, including those related to privacy and data security. You may file a complaint with the FTC at:

• Website: reportfraud.ftc.gov
• Phone: 1-877-382-4357
• Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

16.2 California Attorney General (for California Residents)

If you are a California resident and believe your CCPA/CPRA rights have been violated, you may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

• California Privacy Protection Agency: cppa.ca.gov
• California Attorney General: oag.ca.gov/privacy/ccpa

16.3 State Attorney General Offices

Residents of other states may also have the right to file complaints with their respective state Attorney General offices or state-specific data protection authorities, depending on the privacy laws applicable in their state.

Before filing a complaint with any authority, we strongly encourage you to contact us first at [email protected] so that we can attempt to resolve your concern directly and promptly.

17. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time and at our sole discretion. Any changes will be effective immediately upon posting the updated policy to our website at churchickens.top, with the revised "Last Updated" date reflected at the top of this page.

For significant changes to this Privacy Policy, we will provide more prominent notice, such as a banner notification on our website, or by sending an email notification to registered users. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information.

Your continued use of our website and services following the posting of changes to this Privacy Policy constitutes your acceptance of those changes.

18. Contact Us for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team. We are committed to addressing your inquiries in a timely and thorough manner.

We will make every effort to respond to your privacy-related requests within 30 business days. If you are a California resident exercising your CCPA/CPRA rights, we will respond within the timeframes mandated by applicable law (generally 45 days, with a possible extension to 90 days).