Privacy Policy
This Privacy Policy describes how Church's Chicken ("we," "us," "our," or the "Company") collects, uses, discloses, retains, and protects the personal information of visitors and users ("you" or "your") who interact with our website located at churchickens.digital (the "Website"), our mobile applications, and any other digital or physical services we offer (collectively, the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms set forth herein, please discontinue your use of our Services immediately.
We are committed to protecting your privacy and handling your personal information with the highest standards of transparency and security. This policy has been prepared in accordance with applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act).
1. About Us and How to Contact Us
Church's Chicken operates the Website at churchickens.digital and is responsible for the collection and processing of your personal information as described in this Privacy Policy.
Contact Information
- Company: Church's Chicken
- Website: churchickens.digital
- Email: [email protected]
- Country: United States
For all privacy-related inquiries, requests, or complaints, please contact us at the email address provided above. We endeavor to respond to all privacy-related communications within thirty (30) calendar days of receipt.
2. Scope of This Privacy Policy
This Privacy Policy applies to all personal information collected by Church's Chicken through the following channels:
- Our Website at churchickens.digital
- Our mobile applications and digital platforms
- Online ordering systems and reservation platforms
- Loyalty programs, promotional campaigns, and sweepstakes
- Customer support and feedback channels
- In-restaurant digital interactions such as kiosks and Wi-Fi sign-ups
- Social media accounts and advertising interactions
- Email, SMS, push notifications, and other electronic communications
This Privacy Policy does not apply to information collected by third-party websites, services, or applications that may be linked to or integrated with our Services, as those are governed by their own privacy policies.
3. Information We Collect
We collect various categories of personal information depending on how you interact with our Services. Below is a comprehensive description of the types of data we may collect:
3.1 Personal Identification Information
When you register for an account, place an order, sign up for our loyalty program, or contact us, we may collect:
- Full name
- Email address
- Phone number
- Mailing or delivery address
- Date of birth (to verify age eligibility for certain promotions)
- Username and encrypted password
- Profile photograph (if voluntarily uploaded)
3.2 Payment and Financial Information
When you make a purchase through our Website or mobile app, we collect payment-related information necessary to process your transaction. This includes:
- Credit or debit card number (last four digits only, retained by us)
- Billing address
- Payment method type
- Transaction history and order details
Full payment card details are processed by our PCI-DSS-compliant third-party payment processors and are not stored on our servers in an unencrypted format.
3.3 Usage and Behavioral Data
We automatically collect information about how you interact with our Website and applications, including:
- Pages visited, features used, and time spent on each page
- Links clicked and content viewed
- Search queries entered within our Website
- Items added to your cart or wishlist
- Order frequency and purchasing patterns
- Navigation paths and exit pages
3.4 Device and Technical Information
When you access our Services, we automatically receive technical information from your device, including:
- IP address and approximate geolocation derived therefrom
- Browser type, version, and language settings
- Operating system and device type (desktop, mobile, tablet)
- Screen resolution and display settings
- Referring URLs and exit URLs
- Device identifiers (such as advertising IDs)
- Session timestamps and duration
3.5 Location Data
With your permission, we may collect precise geolocation data from your mobile device to help you find nearby Church's Chicken locations, estimate delivery times, and provide location-based offers. You may revoke this permission at any time through your device settings. We may also derive general location information from your IP address.
3.6 Cookie and Tracking Technology Data
We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect data about your browsing activity. For more detailed information, please refer to Section 9 (Cookie Usage) of this Privacy Policy.
3.7 Communications and Feedback Data
When you contact us through customer support, submit feedback, respond to surveys, participate in promotions, or interact with us on social media, we collect:
- The content of your messages and communications
- Survey responses and ratings
- Photographs or videos you voluntarily submit (e.g., food photos for contests)
- Social media handles and publicly available profile information
3.8 Loyalty Program Data
If you participate in our loyalty or rewards program, we collect information related to your participation, including points earned, rewards redeemed, tier status, and preferences expressed within the program.
3.9 Information from Third Parties
We may receive information about you from third-party sources, such as:
- Social media platforms (if you connect your account or log in via social sign-on)
- Third-party delivery platforms and aggregators
- Marketing and advertising partners
- Analytics providers
- Publicly available databases
4. How We Use Your Information
We use the personal information we collect for the following purposes, in accordance with applicable law:
4.1 Service Provision and Order Fulfillment
- Processing and fulfilling your food orders, including delivery and pick-up
- Managing your account registration and profile
- Administering loyalty program memberships and rewards
- Communicating with you about your orders, account, or inquiries
- Providing customer support and resolving disputes
4.2 Analytics and Service Improvement
- Analyzing usage patterns to improve our Website, app, and menu offerings
- Conducting internal research and development
- Monitoring and improving Website performance and security
- Testing new features and functionalities
- Generating aggregated, anonymized statistical reports
4.3 Marketing and Personalization
- Sending promotional emails, SMS messages, and push notifications about offers, new menu items, and events (subject to your communication preferences)
- Personalizing your experience based on your order history, preferences, and behavior
- Displaying targeted advertisements on our Website and third-party platforms
- Conducting surveys, sweepstakes, contests, and promotional campaigns
- Retargeting visitors who have previously interacted with our Website
4.4 Legal and Compliance Purposes
- Complying with applicable federal, state, and local laws and regulations
- Responding to legal process, court orders, or government requests
- Enforcing our Terms of Service and other legal agreements
- Protecting the rights, property, and safety of Church's Chicken, our customers, and the public
- Detecting, preventing, and investigating fraud, security breaches, and other prohibited activities
4.5 Business Operations
- Processing payments and refunds
- Managing relationships with vendors and service providers
- Conducting due diligence in connection with potential business transactions such as mergers, acquisitions, or asset sales
5. Legal Basis for Processing Personal Information
Under applicable U.S. privacy laws, including the CCPA/CPRA, our processing of your personal information is based on one or more of the following grounds:
- Contractual necessity: Processing required to fulfill your orders and provide the Services you have requested
- Legitimate interests: Processing necessary for our legitimate business interests, such as fraud prevention, security, and service improvement, provided these interests do not override your privacy rights
- Consent: Where you have given explicit consent for specific processing activities, such as receiving marketing communications
- Legal obligation: Processing required to comply with applicable laws and regulatory requirements
- Vital interests: Processing necessary to protect the vital interests of individuals in emergency situations
6. Sharing of Personal Information with Third Parties
We do not sell, rent, or trade your personal information to unaffiliated third parties for their own independent marketing purposes without your explicit consent. However, we do share your information in the following circumstances:
6.1 Service Providers and Vendors
We engage trusted third-party service providers who assist us in operating our business and delivering Services to you. These providers are contractually obligated to use your information only as instructed by us and to implement appropriate security measures. They include:
- Payment processors and fraud prevention services
- Cloud hosting and data storage providers
- Email marketing and communication platforms
- Analytics and reporting services
- Customer relationship management (CRM) software providers
- Food delivery and logistics partners
- Advertising networks and retargeting platforms
- IT security and cybersecurity firms
6.2 Business Partners
We may share information with carefully selected business partners for the purposes of offering joint promotions, co-branded services, or integrated loyalty programs. In such cases, we will notify you in advance and obtain appropriate consent where required.
6.3 Legal Requirements and Law Enforcement
We may disclose your personal information to government authorities, law enforcement agencies, or other parties when we reasonably believe disclosure is required or permitted by law, including to:
- Comply with a subpoena, court order, or other legal process
- Respond to lawful requests by public authorities, including national security or law enforcement
- Protect and defend the legal rights of Church's Chicken
- Investigate and prevent fraud, cyber attacks, or other illegal activity
- Protect the safety of our customers, employees, or the general public
6.4 Corporate Transactions
In the event of a merger, acquisition, restructuring, sale of assets, or bankruptcy, your personal information may be transferred to or shared with the acquiring entity or successor. We will notify you of any such transfer and any resulting changes to this Privacy Policy.
6.5 Aggregated or De-Identified Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, analytics, or marketing purposes, without restriction.
7. Data Security Measures
We take the security of your personal information seriously and implement a comprehensive set of technical and organizational measures designed to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security practices include:
7.1 Technical Safeguards
- Encryption: We use industry-standard Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers. Sensitive data at rest is encrypted using AES-256 or equivalent standards.
- Firewalls and Intrusion Detection: We deploy firewalls, intrusion detection systems, and network monitoring tools to prevent unauthorized access.
- Access Controls: Access to personal information is restricted to authorized personnel on a need-to-know basis, enforced through role-based access controls and multi-factor authentication.
- Vulnerability Management: We conduct regular security assessments, penetration testing, and vulnerability scans to identify and remediate security risks.
7.2 Organizational Safeguards
- Staff training and awareness programs on data privacy and security best practices
- Data processing agreements with all third-party vendors who handle personal information
- Internal privacy and security policies and procedures
- Incident response plans and breach notification protocols
Despite our best efforts, no method of data transmission or storage is completely secure. In the unlikely event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the appropriate regulatory authorities as required by applicable law, including within the timeframes prescribed by U.S. state breach notification statutes.
8. Your Privacy Rights
Depending on your state of residence within the United States, you may have the following rights with respect to your personal information. We are committed to honoring these rights in accordance with applicable law:
8.1 Right to Know and Access
You have the right to request that we disclose what personal information we have collected about you over the past twelve (12) months, including the categories of information collected, the sources from which it was collected, the purposes for which it was used, and the categories of third parties with whom it was shared.
8.2 Right to Correction
You have the right to request that we correct inaccurate personal information that we maintain about you, subject to certain exceptions.
8.3 Right to Deletion
You have the right to request that we delete personal information we have collected about you, subject to certain exceptions, such as where retention is required to complete a transaction, comply with a legal obligation, detect security incidents, or exercise our legal rights.
8.4 Right to Data Portability
Where technically feasible, you have the right to receive a copy of the personal information you have provided to us in a structured, commonly used, and machine-readable format, or to have it transmitted directly to another organization.
8.5 Right to Opt-Out of Sale or Sharing
Under the CCPA/CPRA, California residents have the right to opt out of the "sale" or "sharing" of their personal information. If we engage in activities that constitute a sale or sharing under California law (such as sharing data with advertising partners for cross-context behavioral advertising), you may exercise this right by contacting us at [email protected] or by clicking the "Do Not Sell or Share My Personal Information" link on our Website.
8.6 Right to Limit Use of Sensitive Personal Information
California residents have the right to limit the use and disclosure of their sensitive personal information to uses that are necessary to perform the Services or as otherwise permitted by the CPRA.
8.7 Right to Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices, provide a different level of quality of services, or suggest that you will receive a different price or level of quality because you exercised your privacy rights.
8.8 Right to Opt-Out of Marketing Communications
You may opt out of receiving marketing emails at any time by clicking the "unsubscribe" link included in our promotional emails, adjusting your notification preferences in your account settings, or by contacting us directly. Please note that even after opting out of marketing communications, you may continue to receive transactional or service-related messages.
8.9 How to Submit a Privacy Rights Request
To exercise any of the rights described above, please submit a verifiable consumer request to us by:
- Email: [email protected]
- Website: churchickens.digital (via our privacy request form, if available)
We will respond to your verifiable consumer request within forty-five (45) calendar days of receipt. If we require additional time, we will notify you in writing of the reason and the extension period. We may need to verify your identity before processing your request to protect your information from unauthorized access.
8.10 Authorized Agent
You may designate an authorized agent to submit privacy rights requests on your behalf. The authorized agent must provide written authorization signed by you, and we may still require you to verify your identity directly with us before processing the request.
9. Cookie Usage
Our Website uses cookies and similar tracking technologies to enhance your user experience, analyze website traffic, personalize content, and deliver targeted advertising. The types of cookies we use include:
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for website functionality, including login sessions, shopping cart, and security features | Session / Up to 1 year |
| Performance / Analytics | Collect anonymized data about how visitors use our Website (e.g., Google Analytics) | Up to 2 years |
| Functional | Remember your preferences, such as language, location, and past orders | Up to 1 year |
| Marketing / Advertising | Track your visits to deliver relevant advertisements and measure campaign effectiveness | Up to 2 years |
You can manage or disable cookies through your browser settings at any time. Please note that disabling certain cookies may impact the functionality and performance of our Website. For a full description of the cookies we use and how to manage your preferences, please refer to our Cookie Policy.
We also honor browser-based opt-out signals such as the Global Privacy Control (GPC), as required under California law. When we detect a GPC signal from your browser, we will treat it as an opt-out of the sale or sharing of your personal information.
10. Data Retention
We retain your personal information only for as long as is necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by applicable law. Our retention practices are as follows:
| Data Category | Retention Period |
|---|---|
| Account and profile information | Duration of your account plus 3 years after account closure |
| Order history and transaction records | 7 years (for tax, accounting, and legal compliance purposes) |
| Marketing preferences and consent records | Duration of relationship plus 3 years |
| Customer support records | 3 years from the date of last interaction |
| Website analytics and usage data | 26 months (in accordance with analytics platform standards) |
| Cookie and tracking data | As specified per cookie type (see Section 9) |
| Legal and compliance records | As required by applicable law (typically 7–10 years) |
After the applicable retention period expires, we will securely delete or anonymize your personal information in accordance with our data disposal procedures.
11. Children's Privacy
Our Services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from children under the age of 13 without verifiable parental consent, in compliance with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect personal information from minors under 16 years of age for the purpose of targeted advertising without affirmative authorization, in compliance with applicable state laws.
If you believe we have inadvertently collected personal information from a child under the age of 13 without the appropriate parental consent, please contact us immediately at [email protected]. Upon verification, we will promptly delete such information from our records.
Parents and guardians who wish to review, correct, or request the deletion of their child's personal information may contact us using the contact details provided in Section 1 of this Privacy Policy.
12. International Data Transfers
Church's Chicken is based in the United States, and all personal information we collect is primarily processed and stored on servers located within the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your home country.
By using our Services from a location outside the United States, you acknowledge and consent to the transfer of your personal information to the United States for the purposes described in this Privacy Policy. We take appropriate steps to ensure that any such international transfers are conducted in compliance with applicable legal requirements and that your personal information receives an adequate level of protection.
For users in jurisdictions with specific data transfer requirements (such as the European Economic Area or the United Kingdom), we rely on appropriate transfer mechanisms, including Standard Contractual Clauses (SCCs) or equivalent safeguards, where applicable. Please contact us at [email protected] for more information about our international transfer safeguards.
13. California Residents — Additional Disclosures
If you are a resident of California, the following additional rights and disclosures apply to you pursuant to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), California Civil Code Section 1798.100 et seq.:
13.1 Categories of Personal Information Collected in the Past 12 Months
| Category | Collected |
|---|---|
| Identifiers (name, email, IP address) | Yes |
| Personal information under Cal. Civ. Code §1798.80 | Yes |
| Characteristics of protected classifications | No |
| Commercial information (purchase history) | Yes |
| Biometric information | No |
| Internet or network activity | Yes |
| Geolocation data | Yes (with consent) |
| Sensory data (audio, visual) | No |
| Professional or employment information | No |
| Inferences drawn from personal information | Yes |
| Sensitive personal information | Limited (payment data, precise geolocation) |
13.2 "Shine the Light" Law
California Civil Code Section 1798.83 (the "Shine the Light" law) permits California residents to request information about personal information shared with third parties for their direct marketing purposes. To make such a request, please contact us at [email protected].
14. Other U.S. State Privacy Rights
Residents of certain other U.S. states, including but not limited to Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other states with enacted comprehensive privacy legislation, may have additional privacy rights similar to those described in Section 8, including rights of access, correction, deletion, portability, and opt-out of targeted advertising and profiling. We will honor applicable rights requests from residents of those states in accordance with the relevant statutes. To submit a request, please contact us at [email protected].
15. Third-Party Links and Services
Our Website and digital platforms may contain links to third-party websites, applications, or services that are not owned or controlled by Church's Chicken. This Privacy Policy applies only to our Services and does not extend to any third-party sites or services. We encourage you to review the privacy policies of any third-party services you visit or use, as we have no control over and assume no responsibility for the content, privacy practices, or policies of those third parties.
Our Website may also integrate third-party tools such as Google Analytics, Facebook Pixel, and other advertising technologies. These third parties may independently collect data about your online activities across different websites and services over time. Their collection and use of your data are governed by their own privacy policies.
16. How to File a Complaint
If you have concerns or complaints about how we handle your personal information, we encourage you to contact us first so we can address your concerns directly:
We will acknowledge your complaint within ten (10) business days and endeavor to resolve it within thirty (30) calendar days. If you are not satisfied with our response, you may have the right to escalate your complaint to the appropriate regulatory authority:
16.1 California Residents
California residents may file complaints with the California Privacy Protection Agency (CPPA), which is responsible for enforcing the CCPA/CPRA:
- Website: cppa.ca.gov
16.2 Federal Consumer Protection
Consumers in all U.S. states may file complaints with the Federal Trade Commission (FTC), which enforces federal consumer protection laws including the FTC Act:
- Website: reportfraud.ftc.gov
- Phone: 1-877-FTC-HELP (1-877-382-4357)
16.3 State Attorneys General
You may also file complaints with the Attorney General's office of your state of residence. Most state attorneys general have consumer protection divisions that handle privacy-related complaints.
17. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, the Services we offer, applicable laws, or for other operational, legal, or regulatory reasons. When we make material changes to this Privacy Policy, we will:
- Update the "Effective Date" and "Last Updated" date at the top of this page
- Post the revised Privacy Policy on our Website at churchickens.digital
- Send an email notification to registered users where required by law
- Display a prominent notice on our Website or within our mobile application
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our Services after the effective date of any changes constitutes your acknowledgment of the updated Privacy Policy.
18. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out to us. We are committed to addressing your privacy concerns promptly and transparently.
Privacy Contact Information
- Company: Church's Chicken
- Website: churchickens.digital
- Privacy Email: [email protected]
- Country: United States
This Privacy Policy was last reviewed and updated on April 3, 2026. We are dedicated to maintaining the privacy and security of your personal information and to conducting our business in compliance with all applicable United States federal and state privacy laws and regulations.