(As of: July 26, 2023)
The Information We Collect
We explain the two ways that we collect and process information about individual users and restaurant users. These two methods of collection include when you provide us information, and when we gather information you provide indirectly while using our Services.
- Information You Provide to Us
Restaurant User – Account Information: When you create a restaurant account, we collect the following information in order to fulfill our contract with you:
- restaurant name
- phone number
- contact person information, including full name, phone number and email address; and credit card information, only in the event that the restaurant is on credit card terms
- contact information of restaurant users (i.e., staff), including full name and phone number
If any portion of the account information listed above is not provided as required by our contract with you, a restaurant account cannot be created.
Public Content: When you post social media content (such as ratings, reviews, tips, photos, comments, likes, bookmarks, friends, lists) through our Services we may collect some of the information you publicly posted during that process.
Communications: When you participate in a survey, poll, promotion, contest, or sweepstakes; submit a customer service or other inquiry to us; request to receive certain communications from us; we may collect contact information such as your name, address, email address, or telephone number as a result of your participation.
- Information We Collect When You Use the Services
When an individual user uses the Services, we automatically collect and store certain information, including:
- IP address of your computer
- Unique mobile device identifier
- Technical information about your computer or mobile device such as type of device, mobile device ID number, web browser, other browser information (e.g. size, connection speed and connection type), and operating system or platform.
- Your preferences and settings (time zone, language, etc.)
- If you are using a mobile device, your mobile device’s geographic location (specific geographic location if you’ve enabled collection of that information, or general geographic location automatically). Please see the section “How to Disable the Collection of Mobile Device Location Information” below for further information.
- Internet provider (Verizon, Comcast, etc.) or mobile carrier name (AT&T, Sprint, T-Mobile, etc.)
- The URL of the last webpage you visited
- Information about your activity on the Services (e.g., your search queries, comments, search results selected, clicks, pages viewed, how long you visited our Services, etc.)
- Communications between you and other users or merchants through our Services.
When a restaurant user uses the Services, we automatically collect and store all of the information noted above. Also, we will have all the information that you submit or provide with respect to your restaurant and customers through your account with us or through your other communications such as notifications to a party, seatings of a party, messaging activity, restaurant layout, etc. (“Transactional Data”).
Cookies, Mobile Device IDs and Online Advertising
What is a “Cookie”?
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies may be either “persistent” cookies or “session” cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
What Cookies do we use and why?
Essential: These are all the cookies without which the website could not perform basic functions. They may be set automatically when pages load, or as a result of a user request that cannot be fulfilled without the use of the cookie. Generally, these are session cookies that expire on closing the browser but not always.
Personalization: These cookies allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.
Marketing: These cookies are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.
Analytics: These cookies help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.
Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. You can however obtain up-to-date information about blocking and deleting cookies via these links:
- https://support.google.com/chrome/answer/95647 (Chrome);
- https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences (Firefox);
- https://www.opera.com/help/tutorials/security/cookies/ (Opera);
- https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies (Internet Explorer);
- https://support.apple.com/kb/PH21411 (Safari); and
- https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy (Edge).
How We May Use the Information We Collect
We may use the information we collect from and about you for a variety of purposes, with your consent, for the performance of a contract to which you are a party, or when we have assessed it is necessary for the purposes of our legitimate interests including to:
- Provide direct communication between an individual user and a restaurant.
- Provide restaurant users the various services we offer through ConnectSmart Kitchen.
- To process and manage any equipment returns.
- Respond to your queries.
- Understand our users (their demographics, what they do on our Services, what features they like, how they use them, etc.), improve our Services, such as by personalizing content to your interests, process and complete your transactions, and make special offers.
- Administer our Services and diagnose technical problems.
- Collect payment from restaurant users if any payment is due under the then in effect payment schedule.
- To manage the performance and security of our website and provide you with personalization and advertising that is relevant to you.
Where your personal information is required in order for us to fulfill our contract with you, we may be unable to provide you with the products and/or services under our agreement if you choose not to provide us with your personal information.
How We May Share the Information We Collect
We may share your personal information in the following ways:
- We may share personal information about you with our service providers that are contracted to assist us with business functions, such as, for example, service providers that assist us with processing email communications or order fulfillment.
- We may disclose data we collect about you when we believe disclosure is necessary to investigate, prevent, or respond to suspected illegal or fraudulent activity or to protect the safety, rights, or property of us, our users, or others.
- If requested or required by government authorities, such as law enforcement authorities, courts, or regulators, or otherwise to comply with the law, we may disclose any information we have about our users. We also may disclose information collected about you in order to exercise or protect legal rights or defend against legal claims.
- We may transfer your information to a third party if we or any of our affiliates are involved in a corporate restructuring (including, a sale, merger, or other transfer of some or all of our assets).
- We may use, publish, share and disclose non-personal information (e.g., de-identified or aggregate data or statistics) to third parties.
- We may use a third-party intermediary to manage credit card processing. Such intermediary is contractually permitted to use your payment information solely to effect payment and for billing for the Services and any other purchases you may make through us.
How Long We Keep Your Information
We retain the information we collect about and from you for as long as necessary to fulfill a business purpose or comply with a legal request. We may also choose to anonymize certain of the information you provide to us so that it can no longer be attributed to you if we would like to retain it for longer periods of time.
QSR Automations takes the security of your personal information very seriously. We have implemented commercially reasonable security measures that are designed to prevent unauthorized or unlawful access to and misuse of the information we collect, including technological and physical security measures as well as procedural safeguards. However, because no security system can be 100% effective, and we cannot completely guarantee the security of any information we may have collected from or about you.
Users Under 18
The Services are not intended for users under the age of 18. We do not knowingly collect any personal information from individuals under 18 or market to or solicit information from anyone under the age of 18. If we become aware that a person submitting personal information is under 18, we will attempt to delete the account and any related information as soon as possible. You hereby represent that you are at least 18.
Your California Privacy Rights
The following applies solely to California consumers, defined as residents of the state under Section 17014 of Title 18 of the California Code of Regulations. We adopt this notice to comply with the California Consumer Privacy Act of 2018 (CCPA).
Personal Information We Collect
We have collected the following categories of personal information from consumers within the last twelve (12) months:
- Identifiers, such as name, phone number, postal address, email address, etc.
- Customer Records, such as name, signature, address, phone number, payment information, etc.
- Professional or employment-related information, such as job title.
- Internet or other similar network activity, such as IP addresses, information on a consumer’s interaction with a website from first and third-party cookies, etc.
- Geolocation data, such as IP address location.
We do not collect “sensitive personal information” as that term is defined by the CCPA.
We obtain the categories of personal information listed above from the following categories of sources:
- Directly from you. For example, from forms you complete on our website related to the services for which you engage us.
- Indirectly from you. For example, website usage details collected.
- From third parties that interact with us in connection with the services we perform.
Use of Personal Information
We may use the personal information we collect for the following business purposes:
- Performing services on behalf of the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing similar services on behalf of the business.
- Providing advertising and marketing services.
- Auditing related to counting ad impressions to unique visitors, verifying positioning and quality of ad impressions, and auditing compliance with this specification and other standards.
- Helping to ensure security and integrity.
- Debugging to identify and repair errors that impair existing intended functionality.
- Short-term, transient use, including, but not limited to, non-personalized advertising shown as part of a consumer’s current interaction with the business.
- Undertaking internal research for technological development and demonstration.
- Undertaking activities to verify or maintain the quality or safety of a service or device that is owned, manufactured, manufactured for, or controlled by the business, and to improve, upgrade, or enhance the service or device that is owned, manufactured, manufactured for, or controlled by the business.
Disclosure of Personal Information
Within the preceding twelve (12) months, we have disclosed the categories of personal information listed above to our service providers for the business purpose of performing services on our behalf such as maintaining or servicing accounts, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing advertising or marketing services, providing analytic services, or providing similar services on our behalf.
We may also disclose your personal information if to our advertising providers, if requested by government authorities, and if necessary as part of a corporate restructuring. For more detail, please see the “How We May Share the Information We Collect” section above.
Sale/Sharing of Personal Information
Under the California Consumer Privacy Act (CCPA), the terms “sale” and “share” are defined broadly and may encompass some of our tracking, analytics, and advertising activities occurring with third parties via cookies and trackers on our website. Therefore, while we do not sell personal information in the traditional sense, we may “sell” and “share” the following categories of personal information as defined by the CCPA to our cookie and tracker providers:
- Internet/Network activity; and
- Geolocation data.
You have the right to opt out of this sale and sharing of your personal information. We have set up the following methods for consumers to exercise their right to opt out of the selling or sharing of their personal information: Modifying Your Cookie Preferences. When you visit one of our websites, the collection of personal information through certain cookies and trackers may constitute a “sale” or “share” of personal information under applicable law. If you wish to amend your choices, you can do so by clicking on Do Not Sell My Personal Information and adjusting your preferences. Please note that your request to opt-out of sale/sharing will be linked to your browser identifier only. If you use a different computer or Internet browser to access our sites, you will need to renew your cookie management choices.
- Global Privacy Control. You may exercise your opt-out right by broadcasting an opt-out preference signal, such as the Global Privacy Control (GPC) (on the browsers and/or browser extensions that support such a signal). To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.
Your CCPA Rights and Choices
The CCPA provides California residents with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
Right to Opt-Out of the Sale/Sharing of Personal Information
You have the right to opt out of the sale/sharing of your personal information as described in this policy. To exercise this right, please see the “Sale/Sharing of Personal Information” section above.
Right to Access
You have the right to request that we disclose certain information to you about our collection and use of your personal information. You may also request a copy of the personal information we have collected on you.
Right to Deletion
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable request, we will delete and direct our service providers to delete your personal information from our records, unless an exception applies.
Right to Correction
You have the right to request that we correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing.
Exercising Access, Correction and Deletion Rights
California residents can exercise the access, deletion, and correction rights described above, by submitting a verifiable consumer request by one of the contact methods in the “Contact Us” section at the end of this policy. We may require you to provide certain personal information in order to verify your identity, such as your phone number or email address. If you use an authorized agent to make a CCPA privacy request, we may ask the agent to verify their own identity and/or directly confirm with you that you provided the authorized agent permission to submit the request.
We will not discriminate against you for exercising any of your CCPA privacy rights. Unless permitted by the CCPA, we will not:
- Deny you goods or services;
- Charge you different prices or rates for goods or services, including granting discounts or other benefits, or imposing penalties;
- Provide you a different level or quality of goods and services; or
- Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
California Shine the Light
We do not share your personal information with unaffiliated third parties for their own independent marketing purposes without your consent. California residents may request the categories of personal information that we shared with third parties for the third parties’ direct marketing purposes during the previous calendar year, if any. Written requests may be sent to the following address:
QSR Automations, Inc.
2700 Buddeke Dr.
Louisville, KY 40206
You must write “Your California Privacy Rights” at the top of your inquiry. We will respond within 30 days to requests regarding the categories of personal information that we shared with third parties for their own direct marketing purposes within the previous calendar year, if any. Requests for this information that come to QSR by other means may result in a delayed response.
EEA Data Subject Rights
QSR works diligently to keep your personal data up to date and accurate. You have the following rights with respect to the personal data we hold about you subject to certain exceptions provided under the General Data Protection Regulation (GDPR):
- The right to request access to the personal data we hold about you;
- The right to request the rectification of any incomplete or inaccurate personal data we hold about you;
- The right to request we delete specific personal data we hold about you;
- The right to request we restrict the processing of your personal data;
- The right to request objection to the processing of your personal data; and
- The right to request the personal data we hold on you be ported to another controller.
Where processing is based on your consent, you also have a right to revoke this consent.
We may transfer your personal data to other countries outside of the European Union and United Kingdom such as the United States. When we do so, we rely on adequacy decisions, transfer agreements, and standard contractual clauses.
QSR Automations, Inc.
2700 Buddeke Dr.
Louisville, KY 40206
EU Representation contact details
Postal Address: The DPO Centre Europe Ltd, Alexandra House, 3 Ballsbridge Park, Dublin, D04C 7H2
Phone number: +353 1 631 9460