Privacy Policy
This Privacy Policy describes how Chuys ("we," "us," or "our") collects, uses, discloses, and safeguards your personal information when you visit our website at chuysmexfood.rest, place orders, interact with our services, or otherwise engage with us. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and care.
Please read this Privacy Policy carefully. By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described in this policy. If you do not agree with the terms of this Privacy Policy, please discontinue your use of our website and services immediately.
This Privacy Policy applies to all users located in the United States and is governed by applicable federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act).
1. About Us
Chuys is a food business operating in the United States, dedicated to serving authentic and delicious Mexican cuisine. We take the privacy of our customers, website visitors, and all individuals who interact with us very seriously.
Contact Information
- Company Name: Chuys
- Email: [email protected]
- Website: chuysmexfood.rest
2. Information We Collect
We collect various categories of personal information to provide you with our services, improve your experience, and fulfill our business obligations. The types of information we collect include the following:
2.1 Personal Identification Information
When you interact with us — whether by placing an order, creating an account, signing up for our newsletter, contacting our support team, or participating in promotions — we may collect the following personal identification information:
- Full name
- Email address
- Phone number
- Billing and delivery address (street address, city, state, ZIP code)
- Date of birth (when required for age verification or promotional purposes)
- Username and password (if you create an account with us)
- Payment information (credit/debit card numbers, billing details — processed securely through third-party payment processors)
2.2 Order and Transaction Information
When you place an order or make a purchase through our website or affiliated platforms, we collect:
- Items ordered and customization preferences
- Order history and frequency
- Transaction amounts and payment methods used
- Delivery instructions and notes
- Promotional codes or gift card information used
2.3 Usage and Behavioral Data
We automatically collect information about how you interact with our website and digital services, including:
- Pages visited and time spent on each page
- Links clicked and menu items browsed
- Search queries entered on our website
- Referring URLs (which website or link directed you to us)
- User journey and navigation patterns
- Frequency and duration of visits
2.4 Device and Technical Information
We collect technical data about the device and network you use to access our website, including:
- IP address
- Browser type and version
- Operating system and device type (desktop, mobile, tablet)
- Device identifiers and unique device IDs
- Screen resolution and language settings
- Time zone settings
- Mobile network information (where applicable)
2.5 Location Data
With your consent or as necessary to provide delivery services, we may collect:
- Precise geolocation data (GPS coordinates) from your mobile device
- General location inferred from your IP address
- Delivery address you provide when placing an order
2.6 Communications Data
When you contact us via email, phone, or online forms, we collect:
- The content of your messages and communications
- Records of correspondence for quality assurance and compliance purposes
- Feedback, complaints, and survey responses
2.7 Cookie and Tracking Data
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing activities on our website. This includes session cookies, persistent cookies, and third-party cookies used for analytics and advertising. For full details, please refer to Section 8 (Cookie Usage) of this Privacy Policy.
2.8 Information From Third Parties
We may receive information about you from third-party sources, including:
- Social media platforms (if you log in or interact with us through social media)
- Third-party delivery and ordering platforms
- Analytics providers and advertising partners
- Payment processors and fraud prevention services
3. How We Use Your Information
We use the personal information we collect for a variety of legitimate business purposes. We will only process your personal data when we have a valid legal basis to do so, including your consent, contractual necessity, legitimate business interests, or compliance with legal obligations.
3.1 Providing and Managing Our Services
- Processing and fulfilling your food orders and managing deliveries
- Creating and managing your user account
- Processing payments and issuing receipts and invoices
- Communicating order confirmations, updates, and delivery status
- Providing customer support and resolving complaints or disputes
- Managing loyalty programs, rewards, and promotional offers
3.2 Analytics and Service Improvement
- Analyzing usage patterns and customer preferences to improve our menu and services
- Conducting research and surveys to better understand customer satisfaction
- Monitoring and improving website performance and user experience
- Developing new features, products, and service offerings
- Generating aggregated, anonymized statistical reports about our user base
3.3 Marketing and Communications
- Sending you promotional emails, newsletters, and special offers with your consent
- Personalizing marketing content and recommendations based on your preferences and order history
- Sending SMS or push notifications about deals and promotions (where you have opted in)
- Conducting targeted advertising campaigns through social media and digital advertising networks
- Measuring the effectiveness of our marketing campaigns and promotions
You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at [email protected].
3.4 Legal Compliance and Safety
- Complying with applicable federal and state laws and regulations
- Responding to lawful requests from law enforcement and government authorities
- Preventing fraud, unauthorized access, and other illegal activities
- Protecting the rights, property, and safety of our company, customers, and the public
- Enforcing our Terms of Service and other applicable agreements
3.5 Business Operations
- Managing our internal business operations, financial reporting, and recordkeeping
- Conducting due diligence in connection with potential business transactions or partnerships
- Training our staff and improving service quality
4. Sharing Your Information With Third Parties
We respect your privacy and do not sell your personal information to third parties for their own marketing purposes. However, we may share your information in the following circumstances:
4.1 Service Providers and Business Partners
We engage trusted third-party service providers to help us deliver our services and operate our business. These providers may have access to your personal information only to the extent necessary to perform their functions and are contractually obligated to protect your data. Our service providers include:
- Payment processors: To securely process credit/debit card transactions and prevent fraud
- Delivery and logistics partners: To fulfill your food delivery orders
- Cloud hosting and IT infrastructure providers: To store and manage our data securely
- Email and SMS marketing platforms: To send promotional and transactional communications
- Analytics providers: To analyze website traffic and user behavior (e.g., Google Analytics)
- Customer support platforms: To manage and track customer inquiries and complaints
- Advertising networks: To deliver targeted advertisements on our behalf
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information when required by law or in good-faith belief that such disclosure is necessary to:
- Comply with a legal obligation, court order, subpoena, or governmental request
- Protect and defend our legal rights and interests
- Investigate or prevent fraud, security breaches, or other illegal activities
- Protect the safety and well-being of our customers, employees, or the general public
4.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or part of our business assets, your personal information may be transferred to the acquiring entity as part of such a transaction. We will notify you via email or a prominent notice on our website if such a transfer occurs and inform you of any choices you may have regarding your data.
4.4 Aggregated and Anonymized Data
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other business purposes.
4.5 With Your Consent
We may share your personal information with other third parties when you have provided explicit consent for us to do so.
5. Data Security
The security of your personal information is of paramount importance to us. We implement a comprehensive range of technical, administrative, and physical security measures designed to protect your personal data from unauthorized access, disclosure, alteration, or destruction.
5.1 Technical Security Measures
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using industry-standard Secure Socket Layer (SSL) / Transport Layer Security (TLS) technology.
- Data Encryption at Rest: Sensitive personal and financial information stored in our systems is encrypted at rest using strong encryption algorithms.
- Firewalls and Intrusion Detection: We use advanced firewalls, intrusion detection systems, and network monitoring tools to protect our infrastructure.
- Secure Payment Processing: Payment card information is processed through PCI-DSS compliant third-party payment processors and is never stored on our servers.
- Access Controls: We implement strict role-based access controls to ensure that only authorized personnel can access personal data.
5.2 Administrative Security Measures
- Regular employee training on data privacy, security protocols, and best practices
- Confidentiality agreements with all employees and contractors who have access to personal data
- Internal data privacy policies and procedures
- Regular security audits and vulnerability assessments
5.3 Incident Response
In the event of a data breach that poses a risk to your rights and freedoms, we will notify affected individuals and relevant authorities as required by applicable law. We maintain a comprehensive data breach response plan to address security incidents promptly and effectively.
6. Your Privacy Rights
Depending on your state of residence in the United States, you may have certain rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.
6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)
If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:
| Right | Description |
|---|---|
| Right to Know | You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared. |
| Right to Delete | You have the right to request that we delete the personal information we have collected from you, subject to certain exceptions permitted by law. |
| Right to Correct | You have the right to request that we correct inaccurate personal information we maintain about you. |
| Right to Opt-Out of Sale/Sharing | You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes. |
| Right to Limit Use of Sensitive Personal Information | You have the right to limit our use and disclosure of your sensitive personal information to purposes necessary to provide the requested services. |
| Right to Data Portability | You have the right to receive a copy of your personal information in a portable, readily usable format. |
| Right to Non-Discrimination | We will not discriminate against you for exercising any of your CCPA/CPRA rights. You will not be denied goods or services, charged different prices, or provided a different quality of service as a result of exercising your privacy rights. |
6.2 General Privacy Rights for All U.S. Users
Regardless of your state of residence, we offer all users the following options:
- Access: You may request access to the personal information we hold about you at any time.
- Correction: You may request that we correct any inaccurate or incomplete personal information we hold about you.
- Deletion: You may request that we delete your personal information, subject to certain legal exceptions.
- Opt-Out of Marketing: You may opt out of receiving marketing communications from us at any time.
- Account Management: If you have created an account, you may update your personal information directly through your account settings.
6.3 How to Exercise Your Rights
To exercise any of your privacy rights, please submit a verifiable request to us by:
- Sending an email to: [email protected]
We will respond to your request within 45 days of receipt. If we require additional time (up to 90 days total), we will notify you in writing. We may need to verify your identity before processing your request to ensure the security of your personal data. We will not charge a fee for processing your request unless it is excessive, repetitive, or manifestly unfounded.
6.4 Authorized Agents
California residents may designate an authorized agent to submit requests on their behalf. To do so, you must provide the authorized agent with written permission and verify your own identity directly with us. We reserve the right to deny requests from agents who do not provide adequate proof of authorization.
7. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention periods vary based on the type of data and the purpose for which it was collected.
| Data Category | Retention Period |
|---|---|
| Account and registration information | Duration of the account plus 3 years after account closure |
| Order and transaction records | 7 years (for tax and accounting compliance) |
| Payment information | Retained only for the duration necessary to process the transaction; card details are not stored on our servers |
| Marketing preferences and communications | Until you opt out or withdraw consent, plus 2 years |
| Customer support communications | 3 years from the date of the last interaction |
| Website usage and analytics data | 26 months (Google Analytics default) or until cookies are cleared |
| Legal compliance and dispute resolution records | As required by applicable law, typically 5–7 years |
When personal information is no longer needed for the purposes for which it was collected, we will securely delete, destroy, or anonymize it in accordance with our data retention and disposal policies.
8. Cookie Usage
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertisements.
8.1 What Are Cookies?
Cookies are small text files that are placed on your device when you visit a website. They help the website remember your actions and preferences (such as login status, language, and other display settings) over a period of time, so you do not have to re-enter them whenever you return to the site or navigate between pages.
8.2 Types of Cookies We Use
- Strictly Necessary Cookies: Essential for the website to function properly. These cannot be disabled without affecting core functionality.
- Performance and Analytics Cookies: Collect information about how visitors use our website to help us improve performance and user experience (e.g., Google Analytics).
- Functionality Cookies: Remember your preferences and settings to provide a more personalized experience.
- Targeting and Advertising Cookies: Used to deliver relevant advertisements and track the effectiveness of marketing campaigns.
8.3 Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a new cookie is placed on your device. Please note that disabling certain cookies may affect the functionality and performance of our website.
For more detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy, which is available on our website at chuysmexfood.rest.
9. Children's Privacy
Our website and services are intended for adults aged 18 years and older. We do not knowingly collect, solicit, or process personal information from children under the age of 18. Our services are not directed at minors, and we do not market our products or services to individuals under 18 years of age.
If we become aware that we have inadvertently collected personal information from a child under the age of 18 without verifiable parental consent, we will take prompt steps to delete such information from our records. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected].
We comply with the Children's Online Privacy Protection Act (COPPA) and other applicable laws protecting the privacy of minors.
10. International Data Transfers
Chuys is based in the United States, and your personal information is primarily collected, stored, and processed within the United States. However, some of our third-party service providers may operate in countries outside the United States. If your personal information is transferred to or processed in a country other than the United States, we will take appropriate steps to ensure that such transfers are conducted in compliance with applicable law and that adequate levels of data protection are maintained.
Such steps may include entering into Standard Contractual Clauses approved by relevant data protection authorities, relying on adequacy decisions, or implementing other appropriate safeguards to protect your personal data during international transfers.
By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and, where applicable, to other countries in which our service providers operate.
11. Third-Party Links and Services
Our website may contain links to third-party websites, applications, or services that are not operated or controlled by Chuys. This Privacy Policy does not apply to those third-party sites, and we are not responsible for the privacy practices or content of such external websites. We encourage you to review the privacy policies of any third-party websites you visit before providing any personal information.
Additionally, if you access our services through a third-party platform (such as a food delivery app or social media platform), the privacy practices of that third party will also apply, and you should review their privacy policies accordingly.
12. Do Not Track Signals
Some browsers transmit "Do Not Track" (DNT) signals to websites. Currently, there is no universally accepted standard for responding to DNT signals, and our website does not alter its data collection and usage practices in response to DNT signals. We will continue to monitor developments in this area and update our practices as standards evolve.
13. California Shine the Light Law
California Civil Code Section 1798.83, known as the "Shine the Light" law, permits California residents to request, once per year, information about the categories of personal information we disclosed to third parties for direct marketing purposes during the preceding calendar year, and the names and addresses of those third parties. If you are a California resident and wish to make such a request, please contact us at [email protected].
14. How to File a Complaint With a Data Protection Authority
If you believe that we have violated your privacy rights or failed to comply with applicable privacy laws, you have the right to file a complaint with the appropriate regulatory authority.
14.1 For California Residents
California residents may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:
- California Privacy Protection Agency: cppa.ca.gov
- California Attorney General: oag.ca.gov/privacy
- Phone: (916) 210-6276
14.2 For All U.S. Residents
U.S. residents may file a complaint with the Federal Trade Commission (FTC), which is the primary federal consumer protection authority in the United States:
- FTC Website: ftc.gov/complaint
- FTC Helpline: 1-877-FTC-HELP (1-877-382-4357)
We encourage you to contact us first at [email protected] so that we have the opportunity to address your concerns before you escalate to a regulatory authority.
15. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or technology. When we make significant changes, we will notify you by:
- Posting the updated Privacy Policy on our website with a revised "Last Updated" date
- Sending an email notification to registered users (for material changes)
- Displaying a prominent notice on our website homepage
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, or if you wish to exercise any of your privacy rights, please do not hesitate to contact us using the information below:
Privacy Inquiries — Chuys
- Company: Chuys
- Email: [email protected]
- Website: chuysmexfood.rest
We are committed to responding to all privacy-related inquiries within 45 days of receipt. For California residents exercising rights under the CCPA/CPRA, we will respond within the timeframes required by applicable law.
We value your trust and are committed to handling your personal information responsibly, transparently, and with the highest standards of privacy protection. Thank you for choosing Chuys.