Privacy Policy

Effective Date: March 28, 2026  |  Last Updated: March 28, 2026

This Privacy Policy explains how Church's Chicken ("we," "us," "our," or "the Company") collects, uses, discloses, retains, and protects your personal information when you visit our website at churchchicks.digital, use our digital services, place orders online, participate in loyalty programs, or otherwise interact with us. We are committed to protecting your privacy and handling your personal data in a transparent, lawful, and responsible manner.

Please read this Privacy Policy carefully. By accessing or using our website and services, you acknowledge that you have read and understood this policy. If you do not agree with its terms, please discontinue use of our digital services immediately.

Important Notice: Our digital services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 13. If you are under 18, please do not use our services without parental or guardian supervision.

1. About Us and Our Contact Information

Church's Chicken operates this website and related digital services. For any privacy-related questions, concerns, or requests, you may contact us using the following details:

Company Name Church's Chicken
Website churchchicks.digital
Email Address [email protected]

For privacy-specific inquiries, including requests to access, correct, or delete your personal information, please contact us directly at [email protected] with the subject line "Privacy Request."

2. Legal Framework and Applicable Laws

We operate in the United States and comply with applicable federal and state privacy laws, including but not limited to:

  • The Federal Trade Commission Act (FTC Act) – which governs unfair or deceptive practices in commerce, including privacy and data security.
  • The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) – which grants California residents specific rights regarding their personal information.
  • The Children's Online Privacy Protection Act (COPPA) – which protects the privacy of children under the age of 13.
  • The CAN-SPAM Act – which governs commercial email communications.
  • The Telephone Consumer Protection Act (TCPA) – which governs telephone and text message marketing communications.
  • Other applicable state privacy laws where required by law.

Where state-specific rights apply, we will honor those rights as described in Section 10 of this Privacy Policy.

3. Information We Collect

We collect various categories of personal information depending on how you interact with us. Below is a comprehensive breakdown of the information we may collect:

3.1 Information You Provide Directly

When you create an account, place an order, sign up for promotions, participate in surveys, or contact our customer service team, you may provide us with the following types of personal information:

  • Identity Information: Full name, username, date of birth, and profile photograph.
  • Contact Information: Email address, mailing address, billing address, and telephone number.
  • Account Credentials: Username, password (stored in encrypted form), and security questions.
  • Payment Information: Credit card numbers, debit card numbers, billing addresses, and other financial information necessary to process your transactions. Note: We do not store complete payment card details on our servers; these are processed through PCI-DSS compliant third-party payment processors.
  • Order Information: Menu selections, order history, delivery addresses, special dietary preferences or requests, and order preferences.
  • Communication Data: The content of messages, feedback, complaints, or inquiries you send us via email, contact forms, or other communication channels.
  • Loyalty Program Data: Points balances, redemption history, participation history, and preferences associated with any loyalty or rewards programs.
  • Survey and Promotion Data: Responses to surveys, sweepstakes entries, contest submissions, and promotional preferences.

3.2 Information We Collect Automatically

When you visit our website or use our digital services, we automatically collect certain technical and behavioral data, including:

  • Usage Data: Pages visited, features used, links clicked, time spent on pages, navigation paths, and search queries within our website.
  • Device Information: Device type, operating system, browser type and version, screen resolution, language settings, and unique device identifiers.
  • Log Data: IP address, access dates and times, referring URLs, error logs, and server activity logs.
  • Location Data: General geographic location based on IP address. If you grant permission, we may also collect precise geolocation data from your mobile device to provide location-based services such as finding nearby restaurant locations.
  • Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, local storage, and similar tracking technologies. Please see Section 8 for more details on our use of cookies.

3.3 Information Collected from Third Parties

We may receive personal information about you from third parties in certain circumstances, including:

  • Social Media Platforms: If you connect your social media account (e.g., Facebook, Google, Apple) to our services or interact with our branded pages, we may receive certain profile information permitted by your social media account settings.
  • Third-Party Delivery Partners: Delivery service providers may share order and contact information with us to fulfill your orders.
  • Analytics Providers: Third-party analytics services may provide us with aggregated and de-identified insights about how users interact with our digital services.
  • Marketing Partners: We may receive information about your interests and preferences from advertising partners and data brokers to help us tailor marketing communications.
  • Publicly Available Sources: We may supplement your information with data from publicly available sources where permitted by law.

4. How We Use Your Information

We use the personal information we collect for the following purposes, all of which are necessary for legitimate business operations or conducted with your consent:

4.1 Providing and Managing Our Services

  • Processing and fulfilling your food orders and delivery requests.
  • Creating and managing your user account.
  • Administering loyalty and rewards programs.
  • Processing payments and managing billing.
  • Providing customer support and responding to your inquiries and complaints.
  • Sending transactional communications such as order confirmations, receipts, and delivery updates.

4.2 Improving Our Services and User Experience

  • Analyzing how users interact with our website and digital services to identify areas for improvement.
  • Conducting research and development to improve menu offerings, services, and digital features.
  • Testing new features, functionalities, and promotional offerings.
  • Monitoring and troubleshooting technical issues and security incidents.

4.3 Marketing and Promotional Communications

  • Sending promotional emails, newsletters, offers, and special deals — with your consent where required by law.
  • Displaying personalized advertisements on our website and third-party platforms based on your browsing and purchase history.
  • Conducting targeted marketing campaigns through social media platforms and digital advertising networks.
  • Inviting you to participate in surveys, contests, sweepstakes, and focus groups.

You may opt out of marketing communications at any time by clicking the "Unsubscribe" link in any marketing email, updating your account preferences, or contacting us at [email protected].

4.4 Legal Compliance and Safety

  • Complying with applicable federal and state laws, regulations, and legal obligations.
  • Responding to lawful requests from government authorities, courts, and law enforcement agencies.
  • Enforcing our Terms of Service and other applicable policies.
  • Protecting the rights, property, and safety of our company, employees, customers, and the public.
  • Detecting, preventing, and investigating fraud, security breaches, and other prohibited activities.

4.5 Business Operations and Administration

  • Managing internal business operations, record-keeping, and audits.
  • Evaluating and completing mergers, acquisitions, divestitures, or other corporate transactions.
  • Generating aggregated, de-identified statistical reports for internal and external business purposes.

5. Sharing Your Information with Third Parties

We do not sell your personal information to third parties for their own marketing purposes. However, we may share your personal information in the following circumstances:

5.1 Service Providers and Business Partners

We engage trusted third-party service providers who perform functions on our behalf, including:

  • Payment Processors: To securely process your transactions (e.g., Stripe, PayPal, Braintree).
  • Delivery Partners: Third-party delivery platforms that fulfill your food delivery orders.
  • Cloud and Hosting Providers: Companies that host our website and store our data securely.
  • Analytics Providers: Services such as Google Analytics that help us understand website usage patterns.
  • Email and Marketing Platforms: Providers that help us send promotional and transactional emails.
  • Customer Support Tools: Platforms that help us manage customer inquiries and support tickets.
  • Advertising Networks: Partners that help us deliver targeted digital advertisements.

All third-party service providers are contractually required to handle your personal information in accordance with this Privacy Policy and applicable law, and to use your information only for the purposes we specify.

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information when we believe disclosure is necessary to:

  • Comply with a legal obligation, court order, or government request.
  • Enforce our Terms of Service or other agreements.
  • Protect the safety and rights of our users, employees, or the general public.
  • Investigate or prevent fraud, security threats, or other illegal activities.

5.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, asset sale, or other corporate transaction, your personal information may be transferred to the acquiring entity. We will notify you of any such change by updating this Privacy Policy and, where required, obtaining your consent.

5.4 With Your Consent

We may share your personal information with additional third parties when you have explicitly consented to such sharing.

6. Data Security Measures

We take the security of your personal information seriously and implement industry-standard technical, administrative, and physical safeguards to protect your data against unauthorized access, disclosure, alteration, or destruction. Our security measures include:

  • Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers. Sensitive data such as payment information is encrypted both in transit and at rest.
  • Access Controls: We restrict access to personal information to employees, contractors, and service providers who need it to perform their job functions. All authorized personnel are subject to confidentiality obligations.
  • Secure Authentication: We implement multi-factor authentication and secure password hashing for user accounts and internal systems.
  • Regular Security Audits: We conduct periodic security assessments, vulnerability scans, and penetration testing to identify and remediate potential risks.
  • Incident Response: We maintain a documented data breach response plan and will notify affected users and relevant authorities in accordance with applicable law in the event of a data security incident.
  • PCI-DSS Compliance: Our payment processing systems comply with Payment Card Industry Data Security Standards (PCI-DSS).
Please Note: While we employ robust security measures, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of your personal information, and you provide data at your own risk. We encourage you to use strong, unique passwords for your account and to notify us immediately if you suspect unauthorized access.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention practices are as follows:

Category of Data Retention Period
Account and Profile Information Duration of account existence + 3 years after account closure
Order and Transaction Records 7 years (for tax, legal, and audit compliance)
Payment Information As required by PCI-DSS standards; typically not stored after transaction completion
Marketing Preferences and Consent Records Until opt-out + 3 years
Customer Support Communications 3 years from date of last interaction
Website Usage and Analytics Data Up to 26 months (anonymized after this period)
Cookie and Tracking Data As specified in our Cookie Policy; session cookies expire at end of session
Legal Compliance Records As required by applicable law (up to 7 years or longer if legally required)

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention schedules and applicable legal requirements.

8. Cookie Policy and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver relevant advertising. This section provides a brief overview of our cookie practices.

8.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the basic functioning of our website, including maintaining your session, remembering your cart contents, and enabling secure login. These cookies cannot be disabled without affecting website functionality.
  • Performance and Analytics Cookies: These cookies collect information about how visitors use our website, such as which pages are visited most frequently. We use this data to improve website performance and user experience. Examples include Google Analytics cookies.
  • Functionality Cookies: These allow us to remember your preferences (such as language settings, location preferences, and saved addresses) to provide a more personalized experience.
  • Targeting and Advertising Cookies: These cookies track your browsing habits to deliver advertisements that are relevant to your interests, both on our website and on third-party platforms. They are placed by our advertising partners and may track your activity across multiple websites.

8.2 Managing Your Cookie Preferences

You can manage your cookie preferences through our cookie consent tool available on our website, or by adjusting your browser settings to refuse or delete certain types of cookies. Please note that disabling certain cookies may affect the functionality of our website and your user experience.

For more detailed information about the cookies we use, including a complete list of cookies and their specific purposes and durations, please refer to our full Cookie Policy.

9. Children's Privacy

Our digital services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13 without verifiable parental consent, in compliance with the Children's Online Privacy Protection Act (COPPA).

If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will promptly delete such information from our records.

We encourage parents and guardians to actively monitor their children's online activities and educate them about safe internet practices.

10. Your Privacy Rights

Depending on your location and applicable law, you may have the following rights with respect to your personal information:

10.1 Rights Available to All Users

  • Right to Access: You have the right to request a copy of the personal information we hold about you.
  • Right to Correction: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.
  • Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions (e.g., where we are required to retain data for legal compliance purposes).
  • Right to Opt Out of Marketing: You have the right to opt out of receiving marketing and promotional communications from us at any time.
  • Right to Data Portability: Where technically feasible, you may request that we provide your personal information in a structured, commonly used, machine-readable format.

10.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: The right to know what categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, the purposes for which we use it, and the categories of third parties with whom we share it.
  • Right to Delete: The right to request deletion of your personal information, subject to certain legal exceptions.
  • Right to Correct: The right to request correction of inaccurate personal information we maintain about you.
  • Right to Opt Out of Sale or Sharing: We do not sell your personal information. However, if you believe your data is being shared in a manner that constitutes a "sale" or "sharing" under California law, you have the right to opt out.
  • Right to Limit Use of Sensitive Personal Information: You have the right to request that we limit the use and disclosure of your sensitive personal information to purposes authorized by CPRA.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a lower quality of service because you exercised your privacy rights.
How to Submit a Privacy Rights Request: To exercise any of the above rights, please contact us at [email protected] with the subject line "Privacy Rights Request" and include your full name, email address, and a description of the right you wish to exercise. We will respond to verified requests within 45 days (or up to 90 days if an extension is necessary, with prior notice to you).

10.3 Authorized Agents

California residents may designate an authorized agent to submit a privacy rights request on their behalf. Authorized agents must provide written proof of authorization, and we may verify the identity of the requesting individual directly.

11. International Data Transfers

Our operations are based in the United States, and the personal information we collect is primarily stored and processed on servers located within the United States. However, some of our third-party service providers may operate in other countries, which means your personal information may be transferred to and processed in countries outside of the United States.

When we transfer personal information internationally, we take appropriate steps to ensure that your data receives an adequate level of protection, including:

  • Entering into data processing agreements with international service providers that include appropriate contractual safeguards.
  • Ensuring that third-party providers maintain adequate data security measures and privacy standards consistent with applicable laws.
  • Conducting due diligence on international service providers to assess their data protection practices.

By using our digital services, you acknowledge and consent to the transfer of your personal information to countries that may have different data protection laws than those in your country of residence.

12. Third-Party Links and Services

Our website may contain links to third-party websites, applications, and services that are not operated by us. These include links to social media platforms, delivery partner websites, and other external resources. This Privacy Policy applies only to our own digital services and does not govern the privacy practices of third-party sites.

We encourage you to review the privacy policies of any third-party websites or services you visit. We are not responsible for the privacy practices or content of third-party sites and do not accept any liability in connection with them.

13. Do Not Track (DNT) Signals

Some web browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not wish to be tracked. Currently, there is no universally accepted standard for responding to DNT signals, and our website does not alter its data collection and use practices in response to DNT signals from your browser. However, you may manage your privacy preferences through our cookie consent tool and the opt-out mechanisms described in this Privacy Policy.

14. How to File a Privacy Complaint

If you have concerns about how we handle your personal information, we encourage you to contact us first so we can address your concerns directly and promptly.

14.1 Contacting Us Directly

Please submit your privacy complaint or concern to:

We will acknowledge receipt of your complaint within 5 business days and aim to resolve it within 30 days. Complex complaints may take longer, and we will keep you informed of progress.

14.2 Filing a Complaint with Regulatory Authorities

If you are not satisfied with our response, or if you believe we have violated your privacy rights under applicable law, you may file a complaint with the relevant regulatory authority:

  • Federal Trade Commission (FTC): The FTC is responsible for enforcing federal consumer protection and privacy laws. You may file a complaint at www.ftc.gov/complaint or by calling 1-877-FTC-HELP (1-877-382-4357).
  • California Privacy Protection Agency (CPPA) (for California residents): California residents may file complaints with the California Privacy Protection Agency regarding violations of the CCPA/CPRA at cppa.ca.gov.
  • California Attorney General's Office: California residents may also report privacy violations to the California Attorney General at oag.ca.gov/privacy/ccpa.
  • State Attorney General Offices: Residents of other states may also contact their respective State Attorney General's Office regarding privacy violations under applicable state law.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this policy, we will:

  • Update the "Last Updated" date at the top of this Privacy Policy.
  • Post a prominent notice on our website informing users of the changes.
  • Send a notification email to registered users where required by law or where changes are significant.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our digital services after any changes to this Privacy Policy constitutes your acknowledgment and acceptance of the updated terms.

16. Contacting Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and transparently.

Company Church's Chicken
Website churchchicks.digital
Email [email protected]
Our Commitment to You

At Church's Chicken, we are deeply committed to protecting your privacy and earning your trust. We will always strive to handle your personal information with the highest standards of integrity, transparency, and respect. Thank you for choosing Church's Chicken and for trusting us with your personal information.

This Privacy Policy was last updated on March 28, 2026. All rights reserved © 2026 Church's Chicken — churchchicks.digital