Privacy Policy

1. Introduction

Welcome to Slim Chickens. We are committed to protecting your privacy and ensuring the security of your personal information. This comprehensive Privacy Policy explains how we collect, use, protect, and share your information when you use our food services, website, mobile applications, and related services.

This policy applies to all interactions you have with Slim Chickens, including:

• Visiting our website at slim-chickens.top
• Using our mobile applications
• Placing orders for delivery, pickup, or dine-in
• Participating in our loyalty programs
• Attending catering events
• Making table reservations
• Contacting our customer support
• Engaging with us on social media

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our services.

2. Information We Collect

We collect various types of information to provide and improve our food services. This information falls into three main categories:

2.1 Information You Provide Directly

This includes information you voluntarily provide when using our services:

Personal Identification Information:

• Name (first and last)
• Email address
• Phone number
• Delivery and billing addresses
• Date of birth (for age verification and special offers)

Account and Order Information:

• Username and encrypted password
• Order history and preferences
• Favorite menu items
• Dietary preferences and restrictions
• Allergen information you provide
• Special dietary requirements (vegan, halal, kosher, gluten-free, etc.)
• Loyalty program membership and rewards data
• Table reservation details and preferences
• Catering event information and requirements

Payment Information:

• Credit/debit card details (securely encrypted and stored by certified payment processors)
• Billing address
• Payment history and transaction records
• Gift card information

Communication Data:

• Contact form submissions
• Customer service correspondence
• Reviews and feedback
• Marketing communication preferences
• Survey responses

2.2 Automatically Collected Information

When you use our services, we automatically collect certain information:

Device and Technical Information:

• IP address and approximate geographic location
• Browser type and version
• Operating system
• Device type (mobile, tablet, desktop)
• Screen resolution and device capabilities
• Unique device identifiers

Usage and Behavioral Data:

• Pages visited and time spent on each page
• Click patterns and navigation paths
• Search queries and menu browsing behavior
• Order frequency and timing patterns
• App usage statistics and performance data
• Referring websites and traffic sources

Location Data:

• Precise location (when you grant permission for delivery services)
• Approximate location derived from IP address
• Store visit data (when using location services)

2.3 Information from Third Parties

We may receive information about you from various external sources:

Social Media Platforms:

• Profile information when you connect social media accounts
• Friend lists and social connections (if you choose to share)
• Social media activity related to our brand

Business Partners:

• Delivery service providers (address verification, delivery status)
• Payment processors (transaction verification, fraud detection)
• Marketing partners (campaign performance, audience insights)
• Data analytics providers (market research, trend analysis)

3. How We Use Your Information

We use the collected information for various purposes to provide, maintain, and improve our food services:

3.1 Service Provision and Operations

Order Processing and Fulfillment:

• Processing and confirming your food orders
• Coordinating delivery and pickup services
• Managing table reservations and wait times
• Handling special dietary requests and allergen considerations
• Processing payments and managing billing
• Coordinating catering events and large orders

Account Management:

• Creating and maintaining your user account
• Authenticating your identity for secure access
• Managing loyalty program benefits and rewards
• Storing order history and preferences for convenience
• Enabling quick reordering of favorite items

Customer Support:

• Responding to inquiries and resolving issues
• Processing refunds and order modifications
• Providing technical support for app and website issues
• Handling complaints and feedback

Quality Assurance and Improvement:

• Monitoring food quality and safety standards
• Analyzing order patterns to optimize menu offerings
• Improving delivery times and service efficiency
• Enhancing user experience based on feedback

3.2 Communication and Notifications

Transactional Communications:

• Order confirmations and receipt delivery
• Delivery status updates and tracking information
• Table reservation confirmations and reminders
• Payment confirmations and billing statements
• Account security notifications

Customer Service Communications:

• Responses to your inquiries and support requests
• Updates on order issues or delays
• Follow-up communications after service interactions
• Surveys to gather feedback on our services

Important Service Notices:

• Changes to menu items or pricing
• Store hours or location changes
• Service interruptions or maintenance notifications
• Updates to terms of service or privacy policy
• Food safety recalls or allergen alerts

Marketing Communications (with your consent):

• Promotional offers and discounts
• New menu item announcements
• Seasonal specials and limited-time offers
• Loyalty program updates and rewards notifications
• Event invitations and special promotions

3.3 Marketing and Analytics

Personalized Marketing:

• Customizing promotional offers based on your preferences
• Recommending menu items based on order history
• Targeting relevant advertisements across digital platforms
• Creating personalized dining experiences

Analytics and Business Intelligence:

• Analyzing website and app traffic patterns
• Understanding customer preferences and trends
• Measuring marketing campaign effectiveness
• Optimizing menu pricing and availability
• Identifying opportunities for service improvements

Market Research:

• Conducting surveys and focus groups
• Analyzing market trends in the food industry
• Testing new menu items and concepts
• Understanding demographic preferences

3.4 Legal Compliance and Protection

Legal Obligations:

• Complying with food safety regulations
• Meeting tax reporting requirements
• Responding to lawful requests from authorities
• Maintaining records as required by law

Fraud Prevention and Security:

• Detecting and preventing fraudulent transactions
• Protecting against unauthorized account access
• Monitoring for suspicious activity
• Implementing security measures to protect data

Rights Protection:

• Protecting our intellectual property
• Defending against legal claims
• Enforcing our terms of service
• Ensuring public safety

4. Information Sharing and Disclosure

We may share your information in specific circumstances, always with appropriate safeguards in place:

4.1 Service Providers and Business Partners

We work with trusted third-party companies to help us provide our services:

Payment Processing:

• Payment Processors: Secure handling of credit card transactions, fraud detection, and payment verification
• Banking Partners: Processing refunds and managing financial transactions
• Security Measures: All payment data is encrypted and handled according to PCI DSS standards

Delivery and Logistics:

• Delivery Services: Sharing delivery addresses and contact information for order fulfillment
• Logistics Partners: Coordinating pickup and delivery times
• Location Services: Providing GPS coordinates for accurate delivery

Technology and Infrastructure:

• Cloud Storage Providers: Secure data storage and backup services
• Analytics Platforms: Website and app performance analysis
• Customer Support Tools: Managing customer service interactions
• Security Services: Monitoring for cyber threats and data breaches

Marketing and Communication:

• Email Service Providers: Sending transactional and marketing emails
• SMS Providers: Delivering order updates and notifications
• Advertising Platforms: Running targeted advertising campaigns
• Social Media Platforms: Managing social media presence and advertising

4.2 Legal Requirements and Protection

Government Requests:

• Court orders, subpoenas, and search warrants
• Regulatory investigations and compliance audits
• Tax authority requests and reporting requirements
• Health department inquiries related to food safety

Legal Compliance:

• Meeting data protection and privacy law requirements
• Complying with consumer protection regulations
• Fulfilling employment and labor law obligations
• Adhering to food service industry regulations

Safety and Protection:

• Protecting the rights, property, and safety of Slim Chickens
• Safeguarding our customers, employees, and the public
• Preventing fraud and unauthorized access
• Responding to emergencies and public safety concerns

4.3 Business Transfers

In the event of a business transaction involving Slim Chickens:

Types of Transfers:

• Mergers with other companies
• Acquisition by another business
• Sale of company assets
• Bankruptcy or reorganization proceedings

Customer Protection:

• Advanced notice to customers about any planned transfer
• Ensuring the acquiring party commits to similar privacy protections
• Providing options for customers to opt-out if desired
• Maintaining continuity of service during transitions

4.4 With Your Explicit Consent

We may share your information for other purposes when you provide clear, explicit consent:

• Participating in joint marketing campaigns with partners
• Sharing testimonials or reviews publicly
• Including your information in case studies or research
• Connecting with third-party services you choose to use

5. Data Security

Protecting your personal information is a top priority. We implement comprehensive security measures at multiple levels:

5.1 Technical Security Measures

Encryption and Data Protection:

• SSL/TLS Encryption: All data transmitted between your device and our servers is encrypted using industry-standard SSL/TLS protocols
• Data Encryption at Rest: Sensitive information stored in our databases is encrypted using AES-256 encryption
• Payment Security: Credit card information is processed using PCI DSS compliant systems and is never stored on our servers
• API Security: All API communications are secured with authentication tokens and encryption

Infrastructure Security:

• Advanced Firewall Systems: Multi-layer firewall protection to prevent unauthorized access
• Intrusion Detection: Real-time monitoring for suspicious activity and potential security threats
• DDoS Protection: Distributed denial-of-service attack prevention and mitigation
• Secure Hosting: Servers hosted in certified data centers with physical security measures

Access Controls:

• Role-Based Access: Employees have access only to information necessary for their job functions
• Multi-Factor Authentication: Additional security layers for staff accessing sensitive systems
• Regular Access Reviews: Periodic audits of who has access to what information
• Automatic Session Management: Automatic logout after periods of inactivity

Monitoring and Detection:

• 24/7 Security Monitoring: Continuous surveillance of our systems for potential threats
• Anomaly Detection: Automated systems to identify unusual patterns or behavior
• Log Analysis: Regular review of system logs to identify potential security issues
• Vulnerability Scanning: Regular testing for security weaknesses

Data Backup and Recovery:

• Automated Backups: Regular, automated backups of critical data
• Geographic Distribution: Backups stored in multiple secure locations
• Recovery Testing: Regular testing of backup and recovery procedures
• Business Continuity: Plans in place to maintain service during disruptions

5.2 Organizational Security Measures

Employee Training and Awareness:

• Regular Security Training: Comprehensive training programs for all employees on data protection and security best practices
• Privacy Education: Specific training on handling personal information and customer data
• Phishing Awareness: Training to recognize and respond to social engineering attacks
• Ongoing Updates: Regular updates on emerging security threats and prevention measures

Data Handling Procedures:

• Clear Data Policies: Documented procedures for handling, storing, and disposing of personal information
• Data Minimization: Collecting and retaining only the information necessary for our services
• Regular Data Reviews: Periodic assessments of what data we collect and why
• Secure Disposal: Proper procedures for securely deleting data when no longer needed

Third-Party Management:

• Vendor Assessments: Thorough security evaluations of all third-party service providers
• Contractual Protections: Strong data protection clauses in all vendor contracts
• Ongoing Monitoring: Regular audits of third-party security practices
• Confidentiality Agreements: All vendors sign comprehensive confidentiality agreements

Incident Response:

• Response Team: Dedicated security incident response team
• Response Procedures: Clear procedures for identifying, containing, and resolving security incidents
• Communication Plans: Protocols for notifying affected customers and authorities
• Recovery Plans: Procedures for restoring normal operations after an incident

5.3 Your Security Responsibilities

While we implement strong security measures, protecting your information also requires your participation:

Account Security Best Practices:

• Strong Passwords: Use complex passwords with a combination of letters, numbers, and symbols
• Unique Passwords: Don't reuse passwords across multiple accounts
• Regular Updates: Change your password regularly and immediately if you suspect it's compromised
• Password Managers: Consider using a reputable password manager to generate and store secure passwords

Safe Browsing Practices:

• Secure Connections: Always ensure you see "https://" and a lock icon when entering personal information
• Public Wi-Fi Caution: Avoid accessing your account on unsecured public Wi-Fi networks
• Logout Properly: Always log out of your account, especially on shared or public computers
• Keep Software Updated: Ensure your browser and device software are up to date

Recognizing Threats:

• Phishing Awareness: Be cautious of emails asking for personal information or urgent account actions
• Suspicious Links: Don't click on suspicious links or download attachments from unknown sources
• Verify Communications: Contact us directly if you receive suspicious communications claiming to be from Slim Chickens
• Report Issues: Immediately report any suspicious activity on your account

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized services. Here's detailed information about our use of these technologies:

6.1 Types of Cookies We Use

Cookie Type	Purpose	Duration	Examples
Essential Cookies	Required for basic site functionality, login state, shopping cart management	Session (deleted when browser closes)	Authentication tokens, cart contents, security features
Functional Cookies	Remember your preferences and settings for improved user experience	Up to 1 year	Language settings, location preferences, accessibility options
Analytics Cookies	Help us understand how visitors use our website to improve performance	Up to 2 years	Google Analytics, page views, bounce rates, user journey tracking
Marketing Cookies	Track visits across websites to deliver relevant advertising	Up to 1 year	Facebook Pixel, Google Ads, retargeting campaigns, conversion tracking
Social Media Cookies	Enable social media features and track social sharing	Up to 1 year	Social sharing buttons, embedded content, social login features

6.2 Other Tracking Technologies

Web Beacons (Pixel Tags):

• Email Tracking: Monitor email open rates and engagement with our communications
• Website Analytics: Track page views and user interactions
• Advertising Measurement: Measure the effectiveness of online advertising campaigns

Local Storage:

• Browser Storage: Store preferences and settings locally on your device
• Application Data: Cache frequently used data to improve app performance
• Offline Functionality: Enable certain features to work without internet connection

Device Fingerprinting:

• Fraud Prevention: Identify potentially fraudulent activity
• Security Enhancement: Detect unauthorized access attempts
• User Experience: Provide consistent experience across devices

6.3 Third-Party Analytics and Marketing Tools

Google Analytics:

• Tracks website traffic, user behavior, and conversion rates
• Provides insights into popular menu items and user preferences
• Helps optimize website performance and user experience
• Data is anonymized and aggregated for privacy protection

Facebook Pixel:

• Measures the effectiveness of Facebook advertising campaigns
• Enables retargeting of website visitors on Facebook and Instagram
• Tracks conversions from social media advertising
• Helps create lookalike audiences for advertising

Google Ads:

• Tracks conversions from search and display advertising
• Enables retargeting through Google's advertising network
• Measures return on advertising investment
• Helps optimize ad campaigns for better performance

Email Marketing Platforms:

• Track email open rates and click-through rates
• Monitor engagement with promotional content
• Segment audiences based on behavior and preferences
• Automate personalized email campaigns

6.4 Cookie Management and Control

Browser Settings:

You can control cookies through your browser settings:

• Accept/Reject Cookies: Choose to accept or reject all cookies
• Selective Control: Allow cookies from specific websites only
• Delete Cookies: Remove existing cookies from your browser
• Session Cookies: Choose to accept session cookies but reject persistent ones

Our Cookie Preference Center:

• Granular control over different types of cookies
• Easy toggle switches for each cookie category
• Detailed information about each cookie's purpose
• Ability to change preferences at any time

Impact of Disabling Cookies:

• Essential Cookies: Disabling may prevent core website functionality
• Functional Cookies: May lose personalized settings and preferences
• Analytics Cookies: Won't affect your experience but limits our ability to improve services
• Marketing Cookies: May still see ads but they will be less relevant

Opt-Out Resources:

• Google Analytics: Use Google's opt-out browser add-on
• Facebook: Adjust ad preferences in your Facebook account settings
• Industry Tools: Use tools like the Digital Advertising Alliance's opt-out page
• Do Not Track: We respect browser Do Not Track signals where technically feasible

7. Your Rights (GDPR/CCPA Compliance)

We respect your privacy rights and provide comprehensive controls over your personal information. Depending on your location, you may have the following rights:

7.1 Right of Access

You have the right to know what personal information we have about you and how we use it.

What You Can Access:

• All personal information we store about you
• The sources from which we obtained your information
• The purposes for processing your data
• Third parties with whom we share your information
• How long we plan to retain your information
• Your rights regarding your data

How to Request Access:

• Log into your account to view basic information
• Contact our privacy team for comprehensive data report
• We will provide information in a commonly used electronic format
• Response time: Within 30 days of request verification

7.2 Right to Rectification (Correction)

You can request correction of inaccurate or incomplete personal information.

What You Can Correct:

• Contact information (name, email, phone, address)
• Account preferences and settings
• Dietary restrictions and allergen information
• Payment information and billing details
• Marketing communication preferences

How to Request Corrections:

• Update information directly in your account settings
• Contact customer support for assistance
• We may ask for verification of new information
• Changes will be reflected within 5 business days

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information under certain circumstances.

When Deletion Applies:

• The information is no longer necessary for the original purpose
• You withdraw consent and there's no other legal basis for processing
• The information has been unlawfully processed
• Deletion is required for compliance with legal obligations

Information We May Retain:

• Transaction records required for tax and accounting purposes (up to 7 years)
• Information needed to defend legal claims
• Data required by law enforcement or regulatory authorities
• Anonymized data that cannot identify you personally

7.4 Right to Restrict Processing

You can request that we limit how we use your information in specific situations.

When Restriction Applies:

• You contest the accuracy of information (during verification)
• Processing is unlawful but you don't want deletion
• We no longer need the data but you need it for legal claims
• You object to processing while we verify legitimate grounds

Effects of Restriction:

• We will store your information but not actively process it
• Some services may be limited or unavailable
• We may still process data with your consent
• Processing may continue for legal claims or protection of others

7.5 Right to Data Portability

You can receive your personal information in a portable format and transfer it to another service.

What's Included:

• Personal information you provided to us
• Information generated through your use of our services
• Data in a structured, machine-readable format (JSON, CSV)
• Order history, preferences, and account data

Limitations:

• Only applies to automated processing based on consent or contract
• Doesn't include information that affects others' rights
• May not include proprietary algorithms or business processes
• Technical feasibility may limit some transfers

7.6 Right to Object

You can object to processing of your personal information in certain circumstances.

Direct Marketing:

• You can object to marketing communications at any time
• Use unsubscribe links in emails
• Adjust preferences in your account settings
• Contact customer support for immediate removal

Legitimate Interest Processing:

• Object to processing based on legitimate interests
• We will stop unless we demonstrate compelling grounds
• Processing may continue if necessary for legal claims
• Some services may be affected by your objection

7.7 Right Against Automated Decision-Making

You have rights regarding automated decision-making and profiling.

Our Automated Processing:

• Fraud detection algorithms for payment security
• Recommendation systems for menu suggestions
• Automated customer service responses
• Marketing segmentation and targeting

Your Rights:

• Request human intervention in automated decisions
• Express your point of view about automated decisions
• Contest decisions that significantly affect you
• Request explanation of automated decision logic

7.8 How to Exercise Your Rights

Verification Process:

• We may need to verify your identity before processing requests
• Provide information that matches your account details
• Additional verification may be required for sensitive requests
• Authorized representatives must provide proper documentation

Free Services:

• Most rights requests are processed free of charge
• Excessive or repetitive requests may incur reasonable fees
• We will inform you of any fees before processing
• Fees are based on administrative costs only

8. Children's Privacy

Protecting children's privacy is particularly important to us. We are committed to complying with all applicable children's privacy laws and regulations.

8.1 Age Restrictions

• Minimum Age: Our services are not intended for children under 16 years of age
• Account Creation: Users must be at least 16 years old to create an account
• Parental Supervision: Children under 16 may use our services only with parental supervision
• Family Orders: Parents/guardians are responsible for orders placed on behalf of minors

8.2 Information Collection from Children

• We do not knowingly collect personal information from children under 16
• If we discover we have collected information from a child under 16, we will delete it immediately
• Parents who believe we may have collected their child's information should contact us immediately
• We do not knowingly allow children under 16 to participate in online activities without parental consent

8.3 Parental Rights and Controls

If We Learn of Child Information:

• Immediate cessation of collection and use
• Prompt deletion from our systems and backups
• Notification to parents/guardians
• Review of our processes to prevent future incidents

Parental Notification:

Parents who become aware that their child has provided us with personal information should contact us at:

• Email: [email protected]
• Phone: +1 206-283-3313
• Subject Line: "Child Privacy Concern"
• Information to Include: Child's name, age, and details about the information provided

8.4 Safe Online Environment

• We maintain family-friendly content on our platforms
• User-generated content is moderated for appropriate content
• We do not display advertising specifically targeted at children
• Social media interactions are monitored for child safety

9. International Data Transfers

As a company operating in the global marketplace, we may transfer your personal information across international borders. We ensure appropriate safeguards are in place for all such transfers.

9.1 Legal Basis for International Transfers

Adequacy Decisions:

• European Commission Adequacy Decisions: We may transfer data to countries deemed to have adequate data protection by the European Commission
• Current Adequate Countries: Including Japan, South Korea, and others with equivalent protection standards
• Ongoing Assessments: We monitor changes in adequacy decisions and adjust practices accordingly

Standard Contractual Clauses (SCCs):

• EU-Approved Clauses: We use European Commission-approved Standard Contractual Clauses for transfers to countries without adequacy decisions
• Data Processing Agreements: Comprehensive agreements with all third-party processors that handle international transfers
• Regular Reviews: We regularly review and update our contractual clauses to ensure compliance

Binding Corporate Rules:

• Internal data protection policies for intra-corporate transfers
• Approved by relevant data protection authorities
• Enforceable rights for individuals whose data is transferred

9.2 International Transfer Destinations

Primary Transfer Locations:

• United States: Cloud storage and data analytics services
• European Union: Data processing and customer support operations
• Canada: Backup storage and disaster recovery
• Japan: Technology infrastructure and analytics

Reasons for International Transfers:

• Cloud storage and computing services
• Customer support operations in different time zones
• Data analytics and business intelligence
• Backup and disaster recovery services
• Global delivery and logistics coordination

9.3 Safeguards for International Transfers

Technical Safeguards:

• Encryption in Transit: All data is encrypted during international transmission
• Encryption at Rest: Data stored internationally is encrypted using strong encryption standards
• Access Controls: Strict controls over who can access internationally transferred data
• Secure Channels: Use of secure, private networks for data transmission

Legal and Contractual Safeguards:

• Data Processing Agreements: Comprehensive contracts with all international processors
• Privacy Impact Assessments: Regular assessments of international transfer risks
• Local Law Compliance: Ensuring compliance with local privacy laws in destination countries
• Data Subject Rights: Maintaining individual rights regardless of data location

Organizational Safeguards:

• Due Diligence: Thorough vetting of all international transfer recipients
• Regular Audits: Ongoing monitoring of international processors' security and privacy practices
• Incident Response: Coordinated incident response procedures across all locations
• Training: Privacy and security training for all staff handling internationally transferred data

9.4 Your Rights Regarding International Transfers

• Information Rights: You can request information about where your data is transferred
• Objection Rights: You may object to transfers in certain circumstances
• Remedies: You have access to legal remedies if transfer safeguards are inadequate
• Complaints: You can file complaints with relevant data protection authorities

10. Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this privacy policy, comply with legal obligations, resolve disputes, and enforce our agreements.

10.1 Retention Schedule

Information Type	Retention Period	Reason for Retention	Legal Basis
Account Information (Name, email, phone, address)	6 months after account deletion or inactivity	Legal obligations, dispute resolution, fraud prevention	Contract performance, legal obligations
Purchase History (Orders, payments, receipts)	7 years from transaction date	Tax and accounting requirements, warranty claims, consumer protection	Legal obligations, legitimate interests
Payment Information (Credit card details, billing)	Immediately after transaction completion (not stored)	PCI DSS compliance, security best practices	Legal obligations, legitimate interests
Marketing Consent (Email preferences, opt-ins)	3 months after consent withdrawal	Consent record keeping, compliance demonstration	Legal obligations, legitimate interests
Website Usage Logs (IP addresses, browsing data)	Up to 2 years	Security monitoring, analytics, fraud detection	Legitimate interests, legal obligations
Customer Support Records (Inquiries, complaints, communications)	3 years from last contact	Service quality improvement, training, dispute resolution	Legitimate interests, contract performance
Loyalty Program Data (Points, rewards, tier status)	2 years after account closure	Program administration, fraud prevention, audit requirements	Contract performance, legitimate interests
Dietary Preferences (Allergens, restrictions, favorites)	Until account deletion or updated by user	Service personalization, food safety, health protection	Contract performance, vital interests
Location Data (Delivery addresses, GPS coordinates)	1 year after last use	Delivery optimization, fraud prevention, service improvement	Contract performance, legitimate interests
Catering Event Data (Event details, contacts, preferences)	3 years after event completion	Future event planning, billing records, quality assurance	Contract performance, legitimate interests

10.2 Factors Influencing Retention

Legal and Regulatory Requirements:

• Tax Laws: Business records must be retained for 7 years for tax purposes
• Consumer Protection: Transaction records needed for warranty and return policies
• Food Safety Regulations: Traceability records for food safety incidents
• Employment Laws: Employee-related records have specific retention requirements

Business and Operational Needs:

• Customer Service: Order history needed to resolve future inquiries
• Fraud Prevention: Historical data helps identify suspicious patterns
• Service Improvement: Analytics data used to enhance offerings
• Personalization: Preference data enables customized experiences

Risk Management:

• Legal Claims: Records may be needed to defend against claims
• Insurance Requirements: Some data retention is required by insurance policies
• Audit Purposes: Financial and operational audits require historical data
• Regulatory Investigations: Authorities may require access to historical records

10.3 Data Deletion and Disposal Procedures

Secure Electronic Deletion:

• Complete Overwriting: Data is overwritten multiple times to ensure it cannot be recovered
• Cryptographic Deletion: Encryption keys are securely destroyed, rendering encrypted data unreadable
• Database Purging: Systematic removal of records from all database systems and backups
• Verification: Deletion processes are verified to ensure completeness

Physical Record Destruction:

• Secure Shredding: Physical documents are cross-cut shredded to prevent reconstruction
• Hard Drive Destruction: Physical destruction of storage devices containing sensitive data
• Certified Disposal: Use of certified document destruction services with certificates of destruction
• Chain of Custody: Maintained throughout the disposal process

Backup and Archive Management:

• Backup Purging: Regular purging of expired data from backup systems
• Archive Reviews: Periodic reviews of archived data to identify expired information
• Retention Scheduling: Automated systems to flag data approaching retention limits
• Documentation: Comprehensive records of all data disposal activities

10.4 User-Initiated Deletion

Account Deletion:

• Users can request account deletion at any time
• We will delete personal information within 30 days of request
• Some information may be retained as required by law
• Anonymized data may be retained for analytics purposes

Selective Data Deletion:

• Users can request deletion of specific categories of information
• Order history can be deleted after legal retention periods expire
• Marketing preferences can be removed immediately
• Profile information can be updated or removed upon request

11. Third-Party Links and Services

Our website and mobile applications may contain links to third-party websites, applications, or services. This section explains our relationship with these third parties and your responsibilities when using them.

11.1 Third-Party Websites and Applications

Types of Third-Party Links:

• Social Media Platforms: Links to our Facebook, Instagram, and Twitter profiles
• Payment Processors: Secure payment gateways for transaction processing
• Delivery Partners: Third-party delivery service websites and apps
• Review Sites: Restaurant review platforms like Google Reviews, Yelp
• Supplier Websites: Information about ingredient sources and certifications
• News and Media: Press releases and media coverage links

Our Responsibility:

• We are not responsible for the privacy practices of third-party websites
• Third-party sites have their own terms of service and privacy policies
• We do not control the content, services, or functionality of third-party sites
• Links do not imply endorsement of third-party practices or content

11.2 Embedded Third-Party Content

Social Media Widgets:

• Facebook Like Button: May collect information about your visit
• Instagram Feed: Displays our latest Instagram posts
• Twitter Timeline: Shows our recent tweets and interactions
• YouTube Videos: Embedded promotional and instructional videos

Maps and Location Services:

• Google Maps: Store location mapping and directions
• Location APIs: Finding nearby store locations
• GPS Integration: Delivery location services

Analytics and Advertising:

• Google Analytics: Website traffic and behavior analysis
• Facebook Pixel: Social media advertising measurement
• Google Ads: Search and display advertising tracking
• Third-Party Ad Networks: Relevant advertising delivery

11.3 Third-Party Service Providers

Payment Processing Services:

• Credit Card Processors: Secure payment transaction handling
• Digital Wallets: Apple Pay, Google Pay, PayPal integration
• Gift Card Services: Third-party gift card management platforms
• Refund Processing: Automated refund and chargeback handling

Delivery and Logistics:

• Delivery Platforms: Third-party delivery service partnerships
• Logistics Providers: Supply chain and inventory management
• Shipping Companies: Gift card and merchandise delivery

Communication Services:

• Email Services: Transactional and marketing email delivery
• SMS Providers: Order notifications and updates
• Customer Support: Live chat and support ticket systems
• Survey Platforms: Customer satisfaction and feedback collection

11.4 Your Responsibilities

Before Using Third-Party Services:

• Read Privacy Policies: Review the privacy policies of any third-party sites you visit
• Understand Terms: Familiarize yourself with third-party terms of service
• Check Security: Ensure third-party sites use appropriate security measures
• Verify Legitimacy: Confirm that third-party links lead to legitimate, authorized sites

When Providing Information:

• Be cautious about sharing personal information on third-party sites
• Understand how third parties will use your information
• Check privacy settings on social media platforms
• Review and adjust cookie preferences for third-party services

Ongoing Vigilance:

• Monitor your accounts for unusual activity
• Report suspicious third-party communications to us
• Keep third-party app permissions up to date
• Regularly review and update your privacy settings

11.5 Third-Party Privacy Policies

We encourage you to review the privacy policies of commonly linked third-party services:

Social Media Platforms:

• Facebook: facebook.com/policy
• Instagram: help.instagram.com/privacy
• Twitter: twitter.com/privacy
• YouTube: policies.google.com/privacy

Payment Services:

• PayPal: paypal.com/privacy
• Apple Pay: apple.com/privacy
• Google Pay: payments.google.com/privacy

Analytics and Advertising:

• Google Analytics: policies.google.com/privacy
• Facebook Ads: facebook.com/about/privacy
• Google Ads: policies.google.com/technologies/ads

12. Policy Changes and Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. This section explains how we handle policy changes and keep you informed.

12.1 Types of Changes

Routine Updates:

• Contact Information: Updates to our business address, phone numbers, or email addresses
• Technical Details: Clarifications about existing practices or technologies
• Formatting: Improvements to readability and organization
• Links: Updates to third-party links and resources

Substantive Changes:

• New Data Collection: Adding new types of information we collect
• New Uses: Introducing new ways we use your information
• New Sharing: Adding new categories of third parties who receive your information
• Rights Changes: Modifications to your privacy rights or how to exercise them

Legal and Regulatory Changes:

• New Laws: Updates required by new privacy legislation
• Regulatory Guidance: Changes based on regulatory authority interpretations
• Court Decisions: Updates required by relevant legal precedents
• International Requirements: Changes for different jurisdictions we serve

12.2 Notification Methods

Website Notice:

• Prominent Banner: Visible notification at the top of our website
• Updated Date: Clear "Last Updated" date at the beginning of the policy
• Summary of Changes: Brief overview of major modifications
• Highlight Changes: Visual indicators showing modified sections

Direct Communication:

• Email Notifications: Sent to all registered users for significant changes
• App Push Notifications: In-app alerts about privacy policy updates
• Account Dashboard: Notifications in your account settings area
• SMS Alerts: Text message notifications for major changes (if opted in)

Social Media and Public Channels:

• Social Media Posts: Announcements on our official social media accounts
• Blog Posts: Detailed explanations of significant policy changes
• Press Releases: Public announcements for major privacy practice changes
• Newsletter: Privacy updates included in our regular communications

12.3 Notice Periods and Timing

Advance Notice:

• Routine Changes: Available immediately upon posting
• Substantive Changes: 30 days advance notice before effective date
• Rights-Affecting Changes: 60 days advance notice with explanation
• Emergency Changes: Immediate notice with follow-up explanation

Effective Dates:

• Clear Dating: All changes include clear effective dates
• Transition Period: Reasonable time to review and understand changes
• Grandfathering: Existing preferences honored during transition periods
• Grace Period: Additional time for users to adjust settings if needed

12.4 Consent and Agreement

Explicit Consent for Material Changes:

• Pop-up Notifications: Clear consent requests for significant changes
• Email Confirmations: Click-through consent for new data uses
• Account Settings: Opt-in requirements for expanded data sharing
• Service Continuation: Clear explanation of consent implications

Implied Consent:

• Continued Use: Ongoing service use implies acceptance of routine updates
• Clear Notification: Prominent notice that continued use equals acceptance
• Opt-out Options: Clear instructions for discontinuing service if disagreeing
• Reasonable Time: Sufficient time to review changes before implied consent

12.5 How to Stay Informed

Checking for Updates:

• Regular Review: Check the "Last Updated" date periodically
• Bookmark Policy: Save the privacy policy page for easy access
• Account Notifications: Enable privacy-related notifications in your account
• Newsletter Subscription: Subscribe to updates about privacy and policy changes

Understanding Changes:

• Change Summary: We provide plain-language summaries of updates
• FAQ Updates: Frequently asked questions about policy changes
• Customer Support: Contact us with questions about privacy policy changes
• Comparison Tools: Side-by-side comparisons of old and new policies when available

12.6 Your Options After Changes

If You Agree with Changes:

• Continue using our services normally
• Update your privacy preferences if desired
• Review new features or options that may be available
• Contact us with any questions about new practices

If You Disagree with Changes:

• Opt-out: Disable specific features or data uses you disagree with
• Account Deletion: Delete your account before changes take effect
• Data Export: Request a copy of your data before discontinuing service
• Feedback: Share your concerns with our privacy team

13. Contact Information

We are committed to addressing your privacy concerns and questions promptly and thoroughly. Here are the various ways you can contact us regarding privacy matters:

13.1 Contact Methods by Issue Type

General Privacy Questions:

• Email: [email protected]
• Phone: +1 206-283-3313 (Mon-Fri, 9 AM - 6 PM PST)
• Live Chat: Available on our website during business hours
• Contact Form: Privacy inquiry form on our website

Data Rights Requests:

• Email: [email protected]
• Subject Line: "Data Rights Request - [Type of Request]"
• Include: Your full name, email address, and specific request details
• Response Time: Within 30 days of verification

Security Concerns:

• Email: [email protected]
• Phone: +1 206-283-3313 (24/7 for urgent security issues)
• Report: Suspected data breaches, unauthorized access, or security vulnerabilities
• Response: Immediate acknowledgment for urgent issues

Children's Privacy Concerns:

• Email: [email protected]
• Subject Line: "Child Privacy Concern - URGENT"
• Include: Child's name, age, and details of information collected
• Response: Within 24 hours for child privacy issues

13.2 Business Hours and Response Times

Regular Business Hours:

• Phone Support: Monday - Friday, 9:00 AM - 6:00 PM (PST)
• Live Chat: Monday - Friday, 8:00 AM - 8:00 PM (PST)
• Saturday: 10:00 AM - 4:00 PM (PST) - Limited support
• Sunday: Closed (except for security emergencies)

Response Time Commitments:

• General Inquiries: Within 3 business days
• Privacy Rights Requests: Within 30 days of identity verification
• Security Issues: Immediate acknowledgment, resolution within 24-72 hours
• Child Privacy Concerns: Within 24 hours
• Complaints: Initial response within 1 business day

13.3 Information to Include in Your Contact

For All Privacy Inquiries:

• Contact Information: Your name, email address, and phone number
• Account Details: Username or account ID (if applicable)
• Specific Issue: Clear description of your privacy concern or question
• Preferred Response: How you'd like us to respond (email, phone, mail)

For Data Rights Requests:

• Identity Verification: Information to verify your identity
• Specific Request: Exactly what you want us to do (access, correct, delete, etc.)
• Scope: What information or time period your request covers
• Authorization: If requesting on behalf of someone else, proper authorization

13.4 Alternative Contact Methods

Postal Mail:

For formal complaints or legal notices:

Slim Chickens
Attention: Privacy Officer
2576 Aurora Ave N
Seattle, WA 98109
United States

Social Media:

• Facebook: Message us through our official Facebook page
• Twitter: Direct message @SlimChickens for non-sensitive inquiries
• Instagram: Direct message through our official Instagram account
• Note: Do not share sensitive personal information through social media

13.5 Complaint Resolution Process

Internal Resolution:

• Step 1: Contact our privacy team with your complaint
• Step 2: We investigate and respond within 5 business days
• Step 3: If unsatisfied, escalate to our Privacy Officer
• Step 4: Final internal review and resolution within 15 business days

External Complaint Options:

If you're unsatisfied with our response, you may contact:

United States:

• Federal Trade Commission (FTC)
• Website: consumer.ftc.gov/feature/feature-0014-identity-theft
• Phone: 1-877-FTC-HELP (1-877-382-4357)

European Union:

• Local Data Protection Authority
• Find Your DPA: ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm
• European Data Protection Board: edpb.europa.eu

California (CCPA):

• California Attorney General
• Website: oag.ca.gov/privacy/ccpa
• Phone: (916) 210-6276

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing at any time. This section explains how to withdraw consent for different types of data processing and what happens when you do.

14.1 Marketing Consent Withdrawal

Email Marketing Opt-Out:

• Unsubscribe Link: Click the "Unsubscribe" link at the bottom of any marketing email
• Account Settings: Log into your account and update email preferences
• Email Request: Send an email to [email protected] with subject "Unsubscribe"
• Customer Support: Call +1 206-283-3313 to speak with a representative
• Processing Time: Opt-out requests are processed within 48 hours

SMS Marketing Opt-Out:

• Text "STOP": Reply "STOP" to any marketing text message
• Account Settings: Disable SMS notifications in your account preferences
• Customer Support: Contact support to remove your number from SMS lists
• Immediate Effect: SMS opt-outs take effect immediately

Push Notification Opt-Out:

• Device Settings: Disable notifications for our app in your device settings
• App Settings: Turn off push notifications within the app
• Selective Opt-Out: Choose which types of notifications to receive
• Account Preferences: Manage notification preferences in your account

Direct Mail Opt-Out:

• Written Request: Send a written request to our mailing address
• Email Request: Email [email protected] with your mailing address
• Phone Request: Call customer support to remove your address
• Processing Time: 4-6 weeks to fully remove from mailing lists

14.2 Data Processing Consent Withdrawal

Analytics and Tracking:

• Cookie Settings: Use our cookie preference center to opt-out of analytics
• Browser Settings: Disable cookies and tracking in your browser
• Google Analytics: Install the Google Analytics opt-out browser extension
• Do Not Track: Enable "Do Not Track" signals in your browser

Personalization:

• Account Settings: Disable personalized recommendations and suggestions
• Generic Experience: Choose to receive a non-personalized service experience
• Data Deletion: Request deletion of preference and behavioral data
• Fresh Start: Reset your profile to remove personalization history

Location Services:

• Device Settings: Disable location access for our app
• Browser Settings: Block location access for our website
• Manual Entry: Manually enter addresses instead of using GPS
• Delivery Impact: Note that disabling may affect delivery services

14.3 Account Deletion Process

Complete Account Deletion:

• Account Settings: Use the "Delete Account" option in your account settings
• Email Request: Send a deletion request to [email protected]
• Phone Request: Call customer support for assistance with deletion
• Verification: We may need to verify your identity before deletion

What Gets Deleted:

• Personal Information: Name, email, phone, address, preferences
• Account Data: Login credentials, settings, saved information
• Marketing Data: Email lists, communication preferences, marketing profiles
• Behavioral Data: Website activity, app usage, personalization data

What May Be Retained:

• Legal Requirements: Transaction records for tax and legal compliance
• Security Logs: Information needed for fraud prevention and security
• Aggregated Data: Anonymized data that cannot identify you
• Backup Systems: Data in backups will be deleted during regular purge cycles

14.4 Partial Consent Withdrawal

Service-Specific Opt-Outs:

• Loyalty Program: Withdraw from rewards program while keeping account
• Social Sharing: Disconnect social media integrations
• Third-Party Services: Opt-out of specific third-party data sharing
• Research Participation: Withdraw from surveys and market research

Data Category Opt-Outs:

• Browsing Data: Stop collection of website and app usage data
• Purchase History: Limit use of transaction data for marketing
• Device Information: Reduce collection of device and technical data
• Communication Data: Opt-out of communication monitoring and analysis

14.5 Impact of Consent Withdrawal

Service Limitations:

• Reduced Functionality: Some features may become unavailable
• Generic Experience: Less personalized service and recommendations
• Manual Processes: May need to provide information manually each time
• Support Limitations: Reduced ability to provide personalized support

Continued Services:

• Core Functions: Basic ordering and account services continue
• Transaction Processing: Payment and order processing remain available
• Customer Support: Support services continue with limited personalization
• Legal Communications: Important notices and legal requirements still sent

14.6 Re-Consent Process

Changing Your Mind:

• Account Settings: Re-enable services through your account preferences
• Opt-In Communications: Respond to opt-in requests we may send
• Customer Support: Contact support to restore specific services
• New Consent: Provide fresh consent for data processing activities

Granular Control:

• Choose specific types of processing to resume
• Select which communications you want to receive
• Decide which data categories to share
• Control the level of personalization you prefer

15. Conclusion

At Slim Chickens, protecting your privacy and personal information is not just a legal obligation—it's a fundamental part of our commitment to providing exceptional service and building lasting relationships with our customers.

15.1 Our Privacy Commitment

We are dedicated to:

• Transparency: Providing clear, understandable information about our privacy practices
• Control: Giving you meaningful choices about how your information is collected, used, and shared
• Security: Implementing robust measures to protect your personal information
• Respect: Honoring your privacy preferences and responding promptly to your requests
• Compliance: Meeting or exceeding all applicable privacy laws and regulations
• Continuous Improvement: Regularly reviewing and enhancing our privacy practices

15.2 Trust and Relationship

Your trust is essential to our business, and we recognize that trust must be earned through consistent, responsible behavior. We believe that strong privacy practices are not just about compliance—they're about building the foundation for a lasting relationship based on mutual respect and transparency.

Every day, we work to ensure that:

• Your personal information is handled with the highest level of care and security
• You have the information and tools you need to make informed decisions about your privacy
• Our data practices support and enhance your experience with our services
• We remain accountable for our privacy commitments and practices

15.3 Ongoing Dialogue

Privacy is not a one-time conversation—it's an ongoing dialogue between Slim Chickens and our customers. We encourage you to:

• Stay Informed: Regularly review this privacy policy and stay updated on changes
• Ask Questions: Contact us whenever you have concerns or need clarification
• Provide Feedback: Share your thoughts on how we can improve our privacy practices
• Exercise Your Rights: Use the tools and processes we provide to control your privacy
• Stay Engaged: Participate in our efforts to build better privacy practices

15.4 Contact Us

We welcome your questions, concerns, and feedback about this privacy policy or our privacy practices. Whether you need to exercise your privacy rights, have concerns about how your information is handled, or simply want to learn more about our privacy practices, we're here to help.

15.5 Thank You

Thank you for taking the time to read our Privacy Policy and for trusting Slim Chickens with your personal information. We are committed to earning and maintaining that trust through our actions, not just our words.

We look forward to continuing to serve you while protecting your privacy every step of the way. Your satisfaction and trust are our greatest rewards, and we will continue to work hard to deserve both.

For the most current version of this Privacy Policy, please visit: slim-chickens.top/privacy.html