Effective October 1, 2019.
Our Site is operated in the United States but can be accessed worldwide. Residents of the European Economic Area (“EEA”), which includes the member states of the European Union (“EU”), should consult the sections of this policy relating to the “Rights of EEA Residents” and “International Data Transfers” for provisions that may apply to them.
We may send out emails regarding our restaurants and their menus (our “Services”). No outside parties are given your contact information, nor do they have access to it, except as outlined below.
Information We Collect
“Personal Data” is information that may be used to directly or indirectly identify you (which some cases, may include certain Device Information). Such information includes your name, e-mail address, physical address, phone number or other information about you such as your birth date. Most of the Personal Data we collect is contact information about yourself, including e-mail address, telephone numbers, physical address or other information you provide to us. You may provide such information online or through other communications with us, including visits to our restaurants. We may combine the Personal Data that we obtain about you from these sources.
We collect Personal Data about you to (i) provide information to you regarding the Services we provide; (ii) provide answers to your inquiries or questions; and (iii) maintain regular communication with you as may be necessary to inform you of offers, updates and other information regarding us and our Services.
Non-Identifiable Data and Aggregated Personal Data
Regardless of whether you register for an account or submit information to us, SNG and third parties performing services for us also collect unidentifiable or aggregated Personal Data pertaining to your Site visits that help us maintain the appropriate features, functionality and user experience.
We and our service providers may also collect Device Identification information and web surfing data related to your use of the Sites. Such information may include: your Internet Protocol (IP) address, browser type, and internet service provider (ISP); your operating system; which of our web pages you access and how frequently you access them; referral or exit pages; clickstream data; and the dates and times that you visit the Sites. This data may be collected using cookies, web beacons, page tags or similar tools. As with cookies, the web surfing information is anonymous, “click stream” transactional data that is not associated with any users as individuals.
Web surfing data and similar information may be aggregated for administrative purposes. We may, for example, use this aggregated information in the administration of the Sites to improve their usability and to evaluate the success of marketing and advertising campaigns, search engine optimization strategies, operation and effectiveness of pages on our website, and other marketing activities. We also use it to help optimize the Sites based on the needs of our users.
How and When Your Information Is Shared With Other Parties
We do not sell, trade or license Personal Data about our users or customers for marketing purposes. We do, however, work with a number of trusted partners who perform vital functions as part of our operations, including managing customer support services, purchasing gift cards, facilitating marketing communications by e-mail and post, and other functions. We do not share your Personal Data unless it is necessary to fulfill our responsibilities, including providing information or Services to you. In the event of a sale to a third party of our business assets, we may transfer your Personal Data to such third party.
Additional Sharing of Information
We may engage third parties to help us carry out certain other internal functions such as account processing, client services, or other data collection relevant to our business. Personal Data is shared with these third parties only to the extent necessary for us to process the transactions you initiate or perform other specific Services. Our partners are legally required to keep your Personal Data private and secure.
We may share your Personal Data with law enforcement or other government agencies as required by law or for the purposes of limiting fraud. We reserve the right to disclose your Personal Data when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order or legal process. We further reserve the right to disclose any of your Personal Data that we believe, in good faith, appropriate or necessary to take precautions against liability, to investigate and defend against any third-party claims or allegations, to assist government enforcement agencies, to protect the security or integrity of the Site or our Services, or to protect the rights, property or personal safety of us, our users, customers, or others.
We will not share your Personal Data if such sharing is prohibited by applicable privacy and data protection law, including, without limitation, the EEA’s General Data Protection Regulation effective May 25, 2018.
Notifications and Communications from Our Website/Opt-Out Rights
We will send you email notifications from time to time. Some notifications are marketing communications relating to us or our Services. You may always stop receiving marketing communications from us by following the “Unsubscribe” link provided on the bottom of an email or contacting us at email@example.com.
Legal or Security Communications
We also send out notices that are required for legal or security purposes. For example, certain notifications are sent for your own protection. In other cases, these notifications involve changes to various legal agreements or Site policies. Generally, you may not opt-out of such emails.
Account and Order Communications
If you purchase gift cards from us or use our Services we may send you confirmations of the purchase and updates as to the status of the purchase. Generally, you may not opt-out of such emails.
We may also send you responses to emails you send us, if appropriate. From time to time, we will also send user surveys, requests for user feedback regarding user experience and Website operations, or marketing offers from us or from us. Completing these surveys, answering requests for feedback, or accepting any offer is strictly voluntary. If you do not wish to receive these surveys, user feedback emails, and/or marketing offers, please opt-out in any offer email you receive from us.
If you have any questions regarding your opt-out rights, please contact us at firstname.lastname@example.org.
- Opting Out of Communications
As described above, we may use the Personal Data we collect from you to send you newsletters or other communications from us, including those promotional in nature. If you do not want to receive such communications, you can opt-out by using the unsubscribe link at the bottom of our communications. You may also at any time opt-out of receiving communications from us by sending an e-mail to email@example.com with the subject line “Opt-Out.”
- Disallowing Cookies and Location Data Collection
You can opt-out of the collection and use of certain information, which we collect about you by automated means, by changing the settings in the device you use to access the Platform. In addition, your browser may tell you how to be notified and opt-out of receiving certain types of cookies. Please note, however, that without cookies you may not be able to use all of the features of the Platform.
- Your Right to Access, Review, and Delete Personal Data
Under certain laws, including the GDPR or, after January 1, 2020 the California Consumer Privacy Act (CCPA), which is described further below in the section headed “Your California Privacy Rights,” you may also have the right to: obtain confirmation that we hold Personal Data about you, request access to and receive information about the Personal Data we maintain about you, receive copies of the Personal Data we maintain about you, update and correct inaccuracies in your Personal Data, object to the continued processing of your Personal Data, and have the Personal Data blocked, anonymized or deleted, as appropriate. The right to access Personal Data may be limited in some circumstances by local law. If you qualify, in order to exercise these rights, please contact us as set forth below.
American Cheeseburger, LLC,
2501 W. Burbank Blvd. Suite 306
Burbank CA 91505
We may ask you to provide additional information for identity verification purposes or to verify that you are in possession of an applicable email account.
Please understand, however, that we reserve the right to retain an archive of such Personal Data for a commercially reasonable time to ensure that its deletion does not affect the integrity of our data; and we further reserve the right to retain an anonymous version of such Information.
- Your California Privacy Rights
Under certain circumstances, California Civil Code Section 1798.83 states that, upon receipt of a request by a California customer, a business may be required to provide detailed information regarding how that business has shared that customer’s Personal Data with third parties for direct marking purposes. However, the foregoing does not apply to businesses like ours that do not disclose Personal Data to third parties for direct marketing purposes without prior approval or give customers a free mechanism to opt-out of having their Personal Data disclosed to third parties for their direct marketing purposes.
After January 1, 2020, the CCPA (California Civil Code Section 1798.100) will provide California residents with additional protections for personal information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. Under the CCPA, you may have a right to request disclosure of the categories and specific information that we have collected. If you wish to make such a request, please contact us at firstname.lastname@example.org.
California Do Not Track Disclosures: Although some browsers currently offer a “do not track (‘DNT’) option,” no common industry standard for DNT exists. We, therefore, do not currently commit to responding to browsers’ DNT signals.
- Rights of EEA Residents
From May 25, 2018, all processing of Personal Data of EEA Residents is performed by us in accordance with the General Data Protection Regulation (2016/679) of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Data and on the free movement of such data (“GDPR”).
Under the GDPR, we are both the controller and a co-processor of the Personal Data of EEA Residents. Our purpose for collecting and processing Personal Data from EEA Residents is to authenticate subscription to our mailing lists, to provide marketing information about our Services, and to facilitate purchases of gift cards. The legal basis for collecting Personal Data is to fulfill these purposes, including contracts between us and those who purchase gift cards. We also rely on your consent to use our Services, including purchases and receiving communications regarding us and our Services.
We will not share the Personal Data that we obtain from you with third parties except as described above regarding Personal Data.
If you are a resident of the EEA or it is otherwise permitted by applicable law and you wish to access or correct, amend, or delete the Personal Data that we have about you where it is inaccurate or have any questions relating to the processing of your Personal Data, please contact us at email@example.com with the subject line “GDPR Data.” Please include your full name, the email address associated with your account, and a detailed description of your data request.
For information regarding your opt-out rights to communications from us please see the above section regarding “Notifications and Communications from Our Website/Opt-Out Rights.”
International Data Transfers
If you are a resident outside the United States, including in the EEA, we transfer Personal Data provided to you for processing in the United States. Under the GDPR, we are considered a “controller” and a “co-processor” of the Personal Data of EEA Residents. By providing Personal Data to us for the purpose of obtaining information about us and our Services, you consent to the processing of such data in the United States. The transfer of your Personal Data to the United States is necessary for the performance of a contract between you and us. Please note that you may always remove yourself from our mailing list by contacting us at firstname.lastname@example.org.
Please note that the United States does not have data protection laws equivalent to those in the EEA and other jurisdictions.
Personal Data Retention
Links to Other Sites
Our Sites or communications may contain links to third party websites, including Postmates, over which we exercise no control, including the form of embedded content, sponsored content or co-branded content. Except as set forth in this Policy, we do not share your Personal Data with those third parties and are not responsible for the privacy policies of any third parties or their management of your Personal Data. Because they may treat your information differently than we do, we suggest you read the privacy policies on those third-party websites prior to submitting any Personal Data to such sites.
Privacy in Submitted Materials
If you submit any photos to us or to a social media site, such photos may be displayed on the site, including photos of yourself or other individuals. If you submit product reviews or comments to us, such reviews or comments may also be displayed on the Site. By submitting such materials, you forego any privacy rights in such materials. We may share product reviews and postings submitted by you with third parties. We will not include any Personal Data with the product reviews that we share with such third parties but may include your first name with the contents of the review or posting. Please consult the Terms of Service for other conditions relating to the submission of materials to us through social media sites.
We limit access to the Personal Data we have about you to those employees who have a legitimate business need to access such information. We take commercially reasonable steps to protect our customers’ Personal Data against unauthorized disclosure or loss. However, no data transmission over the Internet can be guaranteed to be 100% secure. Therefore, while we strive to protect user-information we cannot ensure or warrant the security of any information you transmit to us or from the Site. You engage in such transmissions at your risk.
If you believe your Personal Data is being improperly used by us or any third party, please immediately notify us via email at email@example.com.
Children Under 13
This Site is restricted to the use of adults over the age of majority in their place of residence. No portion of the Site is directed to children under the age of 13. Consequently, we do not knowingly collect personal identifying information from any person we know is a child under the age of 13.
We ask that you keep the Personal Data that you provide to us currently and that you correct any information you have provided us by contacting us at firstname.lastname@example.org. You represent and warrant that all Personal Data you provide us is true and correct and relates to you and not to any other person.
If you use the Site, you are responsible for maintaining the confidentiality of your account and for restricting access to your computer or device, and you agree to accept responsibility for all activities that occur under your account.
How to Contact Us
American Cheeseburger, LLC
2501 W. Burbank Blvd. Suite 306
Burbank CA 91505