Privacy Policy

This Privacy Policy describes how churchchicks.click ("we," "us," "our," or the "Company") collects, uses, discloses, and safeguards your personal information when you visit our website at churchchicks.click, place orders, use our digital services, or otherwise interact with us. Please read this policy carefully. By using our website or services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.

We are committed to protecting your privacy and handling your personal information with transparency and care, consistent with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act).

1. Information We Collect

We collect various categories of information depending on how you interact with us. This includes information you provide directly, information collected automatically, and information obtained from third-party sources.

1.1 Personal Information You Provide Directly

When you create an account, place an order, sign up for promotions, contact our customer support team, or otherwise engage with our services, you may provide us with the following types of personal information:

• Contact Information: Your full name, mailing address, email address, and telephone number.
• Account Credentials: Username, password, and security questions when you create an online account.
• Order and Transaction Information: Details about the food items you purchase, order history, delivery address, and special instructions.
• Payment Information: Credit card numbers, debit card numbers, billing address, and other financial information required to process transactions. Note that full payment card details are processed by our PCI-DSS compliant third-party payment processors and are not stored on our servers.
• Communications: Messages, feedback, survey responses, complaints, and any other content you send to us through our contact forms, email, or customer service channels.
• Loyalty and Rewards Program Information: Points balances, redemption history, and participation records if you join our rewards or loyalty program.
• Marketing Preferences: Your preferences regarding whether you wish to receive promotional emails, SMS messages, or push notifications.

1.2 Information Collected Automatically

When you visit churchchicks.click, we and our technology partners automatically collect certain information about your device and your interactions with our website. This includes:

• Device Information: Device type, operating system and version, browser type and version, unique device identifiers, and mobile network information.
• Usage Data: Pages you visit, links you click, the time and duration of your visits, the website that referred you to us, search queries you enter, and other browsing behavior on our platform.
• IP Address: Your Internet Protocol (IP) address, which may be used to approximate your general geographic location.
• Log Data: Server logs that record information such as access times, error messages, and other diagnostic data.
• Location Data: With your permission, we may collect precise geolocation data from your mobile device to help you find nearby restaurant locations or facilitate delivery services.
• Cookie and Tracking Data: Information gathered through cookies, web beacons, pixel tags, and similar tracking technologies as described in Section 7 of this policy.

1.3 Information From Third-Party Sources

We may receive information about you from third-party sources, which we may combine with information we have collected about you. These sources include:

• Social Media Platforms: If you connect your social media account to our services or log in using a social media account (e.g., Facebook, Google), we may receive profile information such as your name, email address, profile photo, and friend list as permitted by your social media settings.
• Delivery and Fulfillment Partners: Third-party delivery services such as DoorDash, Uber Eats, or Grubhub may share limited transaction information with us.
• Analytics Providers: Companies that provide analytics services may supply us with aggregated or anonymized data about website visitors.
• Advertising Networks: We may receive data from advertising partners to help us better understand our audiences and improve the relevance of our marketing.
• Business Partners: Other companies or organizations with which we have partnerships or joint promotional programs.

2. How We Use Your Information

We use the personal information we collect for the following purposes, all of which are based on legitimate business interests, contractual necessity, legal obligation, or your explicit consent:

2.1 Providing and Improving Our Services

• Processing and fulfilling your food orders, including online orders and delivery requests.
• Managing your account, including authentication, security, and account recovery.
• Facilitating payment processing through our secure third-party payment processors.
• Delivering food to your specified address through our own delivery infrastructure or third-party delivery partners.
• Responding to your customer service inquiries, complaints, or feedback in a timely manner.
• Operating and administering our loyalty and rewards programs.
• Improving our menu offerings, website functionality, mobile application performance, and overall user experience based on usage patterns and feedback.
• Conducting research, testing, and development of new features, services, and products.

2.2 Analytics and Personalization

• Analyzing how users interact with our website and services to understand trends, preferences, and popular menu items.
• Personalizing your experience on our platform, including recommending menu items based on your order history and preferences.
• Creating aggregated, anonymized statistical reports about user behavior and website performance.
• Conducting market research and consumer behavior analysis to better understand our customer base.

2.3 Marketing and Communications

• Sending you promotional emails, newsletters, special offers, and information about new menu items or limited-time deals, where you have opted in or where permitted by applicable law.
• Sending transactional communications such as order confirmations, delivery updates, and receipts.
• Serving targeted advertisements on our website, on third-party websites, and on social media platforms based on your interests and browsing behavior.
• Conducting promotional campaigns, contests, sweepstakes, and other marketing activities.
• Measuring the effectiveness of our marketing campaigns and advertising spend.

2.4 Legal and Security Purposes

• Complying with applicable federal, state, and local laws and regulations.
• Detecting, preventing, and responding to fraud, unauthorized access, data security incidents, and other harmful or illegal activities.
• Enforcing our Terms of Service and other applicable policies.
• Protecting the rights, property, and safety of our Company, our employees, our customers, and the public.
• Responding to legal processes, court orders, subpoenas, or government requests as required by law.

3. Sharing Your Information With Third Parties

We do not sell your personal information for monetary consideration. However, we may share your personal information with third parties in the following circumstances:

3.1 Service Providers

We engage trusted third-party service providers who perform services on our behalf, including but not limited to:

• Payment processing companies (e.g., Stripe, PayPal, Square)
• Food delivery and logistics partners
• Cloud hosting and data storage providers
• Email marketing and communications platforms
• Customer relationship management (CRM) software providers
• Analytics and data intelligence platforms (e.g., Google Analytics)
• Fraud detection and cybersecurity firms
• Customer support and call center services

These service providers are contractually obligated to use your personal information only as necessary to provide services to us and are prohibited from using it for their own independent purposes. They are required to implement appropriate technical and organizational measures to protect your data.

3.2 Business Transfers

If we are involved in a merger, acquisition, asset sale, reorganization, bankruptcy, or similar corporate transaction, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any such change in ownership or use of your personal information and your choices in that event.

3.3 Legal Requirements and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

• Comply with a legal obligation, applicable law, regulation, court order, or governmental request.
• Protect and defend the rights or property of our Company.
• Prevent or investigate possible wrongdoing in connection with our services.
• Protect the personal safety of users of our services or the public.
• Protect against legal liability.

3.4 Advertising and Analytics Partners

We may share anonymized or aggregated data, or allow third-party advertising networks and analytics companies to collect data directly from your browser or device using cookies and similar technologies, for the purpose of serving targeted advertisements and measuring campaign effectiveness. Please refer to Section 7 (Cookies and Tracking Technologies) for more information.

3.5 With Your Consent

We may share your personal information with other third parties when you have provided explicit consent for us to do so, such as when you participate in co-branded promotions or partner loyalty programs.

4. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical security measures designed to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include:

4.1 Technical Safeguards

• Encryption: We use industry-standard Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers. Sensitive data at rest, such as account credentials and payment records, is encrypted using AES-256 or equivalent encryption standards.
• Firewalls and Intrusion Detection: Our servers and networks are protected by firewalls and intrusion detection systems that monitor for and block suspicious activity.
• Access Controls: Access to personal information is restricted to employees and service providers who have a legitimate business need to access such data. We enforce role-based access controls and require multi-factor authentication for administrative systems.
• Secure Payment Processing: Payment transactions are processed through PCI-DSS compliant third-party processors, and we do not store full credit card numbers on our own systems.

4.2 Organizational Safeguards

• Regular employee training on data privacy best practices and security awareness.
• Internal data governance policies that govern how personal information is handled, stored, and disposed of.
• Regular security audits and vulnerability assessments of our systems and infrastructure.
• Incident response procedures to address data breaches promptly and effectively.

While we employ these safeguards, please be aware that no security measure is perfect or impenetrable, and no method of data transmission over the Internet can be guaranteed to be 100% secure. If you believe your account or personal information has been compromised, please contact us immediately at [email protected].

5. Your Privacy Rights

Depending on your state of residence within the United States, you may have certain rights with respect to your personal information. We are committed to honoring these rights in accordance with applicable law.

5.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

5.2 Rights Available to All U.S. Users

Regardless of your state of residence, we provide all users with the following rights, to the extent technically and legally feasible:

• Right to Access and Correction: You may log into your account at any time to review and update your personal information. You may also contact us to request access to or correction of any personal information we hold about you.
• Right to Deletion: You may request that we delete your account and associated personal information by contacting us at the information provided in Section 10.
• Right to Data Portability: You may request a copy of your personal information in a structured, commonly used, and machine-readable format.
• Right to Opt-Out of Marketing: You may opt out of receiving marketing emails at any time by clicking the "unsubscribe" link in any marketing email or by contacting us directly. Note that you may still receive transactional or service-related communications.
• Right to Opt-Out of SMS Marketing: You may opt out of SMS marketing messages by replying "STOP" to any such message.

5.3 How to Submit a Privacy Request

To exercise any of your privacy rights, please submit a verifiable consumer request by:

• Emailing us at: [email protected]
• Visiting our website at: churchchicks.click

We will verify your identity before processing your request by asking you to provide information that matches the records we have on file. We will respond to verifiable consumer requests within 45 days of receipt. If we require additional time, we will inform you of the extension and the reason for it within the initial 45-day period. We will not charge a fee for processing your request unless it is excessive, repetitive, or manifestly unfounded.

You may designate an authorized agent to make a privacy rights request on your behalf. We may require the authorized agent to provide proof of your written authorization and may verify your identity directly.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including to comply with our legal obligations, resolve disputes, enforce our agreements, and support our business operations. The specific retention periods we apply depend on the type and nature of the information:

When personal information is no longer required for the purposes for which it was collected and no legal or regulatory obligation requires us to retain it, we will securely delete, destroy, or anonymize the information in accordance with our internal data disposal procedures.

7. Cookies and Tracking Technologies

Our website uses cookies, web beacons, pixel tags, local storage, and similar tracking technologies to enhance your browsing experience, analyze website performance, and serve relevant advertising. Cookies are small text files placed on your device that allow us to recognize you across sessions and personalize your experience.

7.1 Types of Cookies We Use

• Strictly Necessary Cookies: These cookies are essential for the website to function properly and cannot be disabled. They are used for purposes such as maintaining your session, processing your orders, and ensuring website security.
• Performance and Analytics Cookies: These cookies collect information about how visitors use our website, such as which pages are visited most often and how users navigate between pages. We use tools like Google Analytics for this purpose.
• Functional Cookies: These cookies allow the website to remember choices you make (such as your language preference or saved cart) and provide enhanced, more personalized features.
• Targeting and Advertising Cookies: These cookies are used to deliver advertisements that are relevant to you and your interests. They also help us measure the effectiveness of our advertising campaigns.

You can manage your cookie preferences at any time through your browser settings or through our cookie consent management tool available on our website. Please note that disabling certain cookies may affect the functionality of our website. For more detailed information about the specific cookies we use, their purposes, and your options, please review our full Cookie Policy, available at churchchicks.click.

8. Children's Privacy

Our website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, solicit, or maintain personal information from children under the age of 13, or from minors under the age of 18 in connection with account creation, loyalty program enrollment, or marketing activities.

Our practices are consistent with the requirements of the Children's Online Privacy Protection Act (COPPA). If we become aware that we have inadvertently collected personal information from a child under 13 years of age without verifiable parental consent, we will take immediate steps to delete that information from our records.

If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us immediately at [email protected] and we will take prompt action to remove such information.

9. International Data Transfers

Our primary operations are based in the United States. If you are accessing our website or services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.

If we transfer personal information internationally to service providers or other entities, we take appropriate measures to ensure that such transfers are subject to adequate safeguards, including the use of contractual protections such as data processing agreements and standard contractual clauses where applicable. By using our services, you consent to the transfer, storage, and processing of your personal information in the United States.

10. Contact Us for Privacy Inquiries

If you have any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal information, please contact our privacy team using the information below:

We are committed to resolving privacy complaints and requests promptly and fairly. When you contact us, please include your name, contact information, and a detailed description of your privacy concern or request so that we can respond to you effectively.

11. Filing Complaints With Regulatory Authorities

If you are not satisfied with our response to your privacy concern, or if you believe that we are processing your personal information in a manner that does not comply with applicable law, you have the right to file a complaint with the relevant regulatory or data protection authority.

11.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) is the primary federal agency responsible for consumer protection and enforcing privacy-related laws in the United States under the FTC Act (15 U.S.C. § 45). You may file a complaint with the FTC at:

• Website: www.ftc.gov/complaint
• Phone: 1-877-FTC-HELP (1-877-382-4357)
• Mailing Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

11.2 California Privacy Protection Agency (CPPA)

If you are a California resident and have concerns about our compliance with the CCPA/CPRA, you may file a complaint with the California Privacy Protection Agency (CPPA):

• Website: cppa.ca.gov
• Email: [email protected]

11.3 State Attorney General Offices

Many states have Attorney General offices that handle consumer privacy complaints. You may contact your state's Attorney General to file a complaint or seek guidance about your privacy rights under state law. A directory of state Attorney General offices can be found at the National Association of Attorneys General (NAAG) website at www.naag.org.

12. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not owned or controlled by us. This Privacy Policy applies only to our website and services. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We strongly encourage you to review the privacy policies of any third-party sites you visit.

13. Do Not Track Signals

Some web browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. Currently, there is no universally accepted standard for how to respond to DNT signals, and our website does not currently respond to DNT browser signals in a uniform way. However, you may opt out of certain tracking activities through our cookie consent tool and through the opt-out mechanisms described in this Privacy Policy and our Cookie Policy.

14. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes, we will notify you by:

• Posting the updated Privacy Policy on this page with a new "Last Updated" date.
• Sending you an email notification to the email address associated with your account (where applicable).
• Displaying a prominent notice on our website.

Your continued use of our website or services after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. If you do not agree with any changes, you should discontinue your use of our services and may request deletion of your account and personal information.