Privacy Policy

Your privacy is important to us

Last Updated: January 15, 2025

1. Introduction

Welcome to Swiss Chalet. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, share, and protect your information when you visit our restaurant, use our website, mobile applications, or interact with our services.

This policy applies to all services offered by Swiss Chalet, including dining experiences, online ordering, delivery services, catering, and loyalty programs. By using our services, you agree to the collection and use of information in accordance with this policy.

Important Note: We never sell your personal data to third parties. Your privacy and trust are fundamental to our business relationship.

2. Information We Collect

2.1 Information You Provide

We collect information you voluntarily provide to us, including:

  • Personal identification: Name, email address, phone number, delivery address, billing address
  • Account information: Username, password, profile picture, purchase history, saved payment methods
  • Dining preferences: Dietary restrictions, allergen information, favorite menu items, spice preferences
  • Special requirements: Accessibility needs, special dietary requirements (vegan, vegetarian, halal, kosher, gluten-free)
  • Payment information: Credit card details (stored in encrypted format through secure payment processors)
  • Order details: Menu items ordered, customizations, delivery instructions, table reservation preferences
  • Loyalty program data: Rewards points, membership tier, promotional preferences
  • Catering information: Event details, guest count, special requirements, venue information
  • Communication data: Contact form submissions, customer service interactions, reviews and feedback
  • Marketing preferences: Email subscription preferences, promotional interests, communication frequency

2.2 Automatically Collected Information

When you use our services, we automatically collect certain information:

  • Device information: IP address, browser type and version, operating system, device identifiers
  • Usage data: Pages visited, time spent on site, click patterns, search queries, order frequency
  • Location data: Approximate location based on IP address, GPS location (with permission) for delivery services
  • Cookie data: Session IDs, user preferences, shopping cart contents, analytics data
  • Performance data: Page load times, error reports, feature usage statistics

2.3 Information from Third Parties

We may receive information about you from third-party sources:

  • Social media platforms: Profile information if you connect your social media accounts
  • Payment processors: Transaction verification and fraud prevention data
  • Delivery partners: Delivery confirmation, location updates, delivery feedback
  • Marketing partners: Aggregated demographic and preference data for targeted advertising
  • Data verification services: Address validation, identity verification for fraud prevention

3. How We Use Your Information

3.1 Service Provision

  • Order processing: Preparing, cooking, and delivering your food orders accurately and efficiently
  • Table reservations: Managing restaurant seating, wait times, and dining preferences
  • Customer support: Responding to inquiries, resolving issues, providing assistance
  • Account management: User authentication, profile updates, order history maintenance
  • Payment processing: Secure transaction handling, refund processing, billing support
  • Quality improvement: Menu optimization, service enhancement, user experience improvements

3.2 Communication

  • Order confirmations: Real-time updates on order status, preparation time, delivery tracking
  • Delivery notifications: Driver assignment, location updates, delivery confirmations
  • Customer support: Response to inquiries, issue resolution, feedback collection
  • Service notices: Important updates about our services, menu changes, restaurant hours
  • Marketing communications: Promotional offers, new menu items, special events (with your consent)
  • Loyalty program updates: Points balance, tier benefits, exclusive offers

3.3 Marketing and Analytics

  • Personalized advertising: Customized promotional offers based on dining preferences and order history
  • Website analytics: Traffic analysis, user behavior patterns, conversion rate optimization
  • Campaign effectiveness: Measuring success of marketing initiatives and promotional campaigns
  • Market research: Understanding customer preferences for new product development
  • Customer segmentation: Grouping customers for targeted marketing and improved service delivery

3.4 Legal Compliance

  • Legal obligations: Responding to court orders, subpoenas, and regulatory requirements
  • Fraud prevention: Detecting and preventing fraudulent transactions and account abuse
  • Safety protection: Ensuring customer and employee safety, protecting rights and property
  • Dispute resolution: Resolving conflicts, investigating complaints, enforcing terms of service
  • Tax compliance: Maintaining records for tax reporting and audit requirements

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who help us operate our business:

  • Payment processors: Stripe, PayPal, and other secure payment gateways for transaction processing
  • Delivery services: Third-party delivery companies for food delivery and logistics
  • Cloud storage providers: Amazon Web Services, Google Cloud for secure data storage and backup
  • Email service providers: Mailchimp, SendGrid for marketing communications and order notifications
  • Analytics services: Google Analytics, Mixpanel for website performance and user behavior analysis
  • Customer support tools: Zendesk, Intercom for managing customer inquiries and support tickets

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

  • Court orders and subpoenas: Compliance with judicial proceedings and legal investigations
  • Regulatory compliance: Meeting requirements from health departments, tax authorities, and other regulators
  • Law enforcement: Cooperating with police investigations and public safety initiatives
  • Emergency situations: Protecting life, safety, or preventing serious harm

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Customer data may be transferred to the new owner
  • We will provide advance notice before your information is transferred
  • The new owner must comply with this privacy policy
  • You will have the option to delete your account before the transfer

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

  • Participating in third-party loyalty programs
  • Sharing testimonials or reviews with your name
  • Connecting with social media platforms for promotional activities

5. Data Security

5.1 Technical Measures

We implement industry-standard security measures to protect your information:

  • Encryption: SSL/TLS encryption for all data transmission between your device and our servers
  • Secure storage: Database encryption and secure cloud storage with enterprise-grade security
  • Access control: Role-based access with minimum necessary permissions for employees
  • Monitoring: 24/7 security monitoring and intrusion detection systems
  • Firewalls: Advanced firewall systems to prevent unauthorized access
  • Regular backups: Secure, encrypted backups stored in multiple geographic locations

5.2 Organizational Measures

  • Employee training: Regular security awareness training for all staff members
  • Data handling procedures: Established protocols for collecting, processing, and storing personal data
  • Confidentiality agreements: All employees and contractors sign confidentiality agreements
  • Incident response: Comprehensive plan for responding to security breaches or data incidents
  • Regular audits: Periodic security assessments and vulnerability testing
  • Vendor management: Due diligence and security requirements for all third-party providers

5.3 Your Responsibilities

You can help protect your information by:

  • Strong passwords: Using unique, complex passwords for your account
  • Account security: Not sharing your login credentials with others
  • Public computers: Logging out completely when using shared or public devices
  • Suspicious activity: Being cautious of phishing emails and suspicious links
  • Reporting: Notifying us immediately if you suspect unauthorized access to your account

Security Breach Notification: In the unlikely event of a data breach that affects your personal information, we will promptly notify you and relevant authorities within 72 hours as required by law.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience on our website and mobile applications. Here's how we use different types of cookies:

Cookie Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart contents, security features Session (deleted when browser closes)
Functional Cookies User preferences, language settings, location preferences, accessibility options Up to 1 year
Analytics Cookies Usage analysis, performance monitoring, feature optimization, conversion tracking Up to 2 years
Marketing Cookies Personalized advertising, retargeting campaigns, social media integration Up to 1 year

Tracking Technologies Used

  • Google Analytics: Website traffic analysis and user behavior insights
  • Facebook Pixel: Advertising effectiveness measurement and custom audience creation
  • Web beacons: Email open rate tracking and delivery confirmation
  • Local storage: Browser-based storage for user preferences and settings
  • Session storage: Temporary storage for shopping cart and form data

Cookie Management

You can control cookie preferences through your browser settings. Most browsers allow you to:

  • Accept or reject all cookies
  • Accept only first-party cookies
  • Delete existing cookies
  • Receive notifications before cookies are stored

Note: Disabling certain cookies may affect website functionality, including the ability to place orders or access your account.

7. Your Rights (GDPR/CCPA Compliance)

Depending on your location, you may have certain rights regarding your personal information:

7.1 Right of Access

You have the right to request access to your personal data and receive information about how we process it, including:

  • Categories of personal information collected
  • Sources of personal information
  • Purposes for processing
  • Categories of third parties with whom we share information

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data. This includes:

  • Updating contact information
  • Correcting order history
  • Modifying dietary preferences and allergen information

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data when:

  • The information is no longer necessary for the purposes collected
  • You withdraw consent and no other legal ground exists
  • The data has been unlawfully processed
  • Deletion is required for legal compliance

7.4 Right to Restrict Processing

You can request limitation of how we use your data in certain circumstances:

  • When you contest the accuracy of the data
  • When processing is unlawful but you prefer restriction over deletion
  • When you need the data for legal claims

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and transfer it to another service provider.

7.6 Right to Object

You can object to processing of your personal data for:

  • Direct marketing purposes (including profiling)
  • Processing based on legitimate interests
  • Research and statistical purposes

7.7 Right Against Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces significant legal or similarly significant effects.

How to Exercise Your Rights

To exercise any of these rights, contact us using the information provided in Section 13. We will respond to your request within 30 days and may require identity verification for security purposes.

8. Children's Privacy

Swiss Chalet is committed to protecting children's privacy online. Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under 16.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover we have collected personal information from a child under 16 without parental consent, we will promptly delete such information from our records.

For children between 13-16 years old, we require parental consent before collecting any personal information. We encourage parents to monitor their children's online activities and help enforce this privacy policy.

9. International Data Transfers

9.1 Protection Measures

When we transfer your personal data outside of your country or region, we ensure adequate protection through:

  • Adequacy decisions: Transfers to countries recognized as providing adequate data protection
  • Standard Contractual Clauses (SCC): EU-approved contractual terms for international transfers
  • Data processing agreements: Binding commitments with international service providers
  • Security measures: Additional technical and organizational safeguards for transferred data
  • Regular monitoring: Ongoing compliance audits and assessments

9.2 Transfer Destinations

Your personal data may be transferred to and processed in:

  • United States: Cloud storage and data processing services
  • European Union: Data analytics and customer support operations
  • Other countries: As needed for service provision with appropriate safeguards

10. Data Retention Periods

We retain personal information only as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, and resolve disputes.

Information Type Retention Period Reason
Account information (active accounts) Duration of account + 6 months after deletion Legal obligations, dispute resolution
Order and transaction history 7 years Tax and accounting requirements, warranty claims
Marketing consent records 3 years after consent withdrawal Consent record keeping, compliance proof
Website usage logs and analytics Up to 2 years Security monitoring, service improvement
Customer support records 3 years Service quality improvement, dispute resolution
CCTV footage (restaurant) 30 days Security and safety purposes
Payment information As required by payment processors Fraud prevention, chargeback protection
Loyalty program data 2 years after account inactivity Program administration, benefit delivery

Safe Data Disposal

When data retention periods expire, we securely dispose of personal information through:

  • Electronic deletion: Complete and unrecoverable deletion from all systems
  • Physical destruction: Secure shredding of paper records
  • Backup removal: Deletion from all backup systems and archives
  • Documentation: Maintaining records of data disposal activities

11. Third-Party Links

Our website and mobile applications may contain links to third-party websites, applications, or services that are not owned or operated by Swiss Chalet. This includes:

  • Social media platforms (Facebook, Instagram, Twitter)
  • Payment service providers
  • Delivery partner applications
  • Review and rating platforms
  • Promotional partner websites

We are not responsible for the privacy practices or content of these third-party services. We encourage you to review the privacy policies of any third-party sites you visit before providing personal information.

When you click on third-party links or use third-party services, your activities are governed by their terms of service and privacy policies, not ours. Exercise caution when sharing personal information on these platforms.

12. Policy Changes

12.1 Change Notification

We may update this privacy policy periodically to reflect changes in our practices, technology, legal requirements, or business operations. When we make changes, we will notify you through:

  • Website notice: Prominent banner on our homepage and privacy policy page
  • Email notification: Message to registered users about significant changes
  • In-app notification: Pop-up or banner in our mobile applications
  • Account notification: Message in your account dashboard

12.2 Checking for Changes

We recommend that you review this policy periodically to stay informed about how we protect your information:

  • The most current version is always available on our website
  • Check the "Last Updated" date at the top of this policy
  • Continued use of our services constitutes acceptance of changes
  • Contact us if you have questions about any changes

For significant changes that affect your rights or how we use your information, we may require your explicit consent before the changes take effect.

13. Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us:

Swiss Chalet

2179 Dundas St E, Mississauga, ON L4X 1M3, Canada

+1 905-625-1137

[email protected]

Business Hours: Monday - Sunday, 11:00 AM - 10:00 PM

Response Commitment: We aim to respond to all privacy-related inquiries within 3 business days.

13.1 Complaints

If you are not satisfied with our response to your privacy concerns, you may file a complaint with the relevant supervisory authority in your jurisdiction:

  • Canada: Office of the Privacy Commissioner of Canada
  • European Union: Your local Data Protection Authority
  • United States: Federal Trade Commission or your state's Attorney General

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time through:

  • Unsubscribe links: Click the unsubscribe link in any promotional email
  • Account settings: Update your communication preferences in your online account
  • Customer support: Contact us directly to opt out of marketing communications
  • Phone: Call us at +1 905-625-1137 to update your preferences

14.2 Account Deletion

To request complete deletion of your account and associated personal data:

  1. Log into your account and go to account settings
  2. Select "Delete Account" option
  3. Confirm your identity for security purposes
  4. Review what data will be deleted and what may be retained for legal compliance
  5. Confirm deletion request

Note: Some data may be retained for legal compliance, fraud prevention, or dispute resolution as outlined in our data retention policy.

15. Conclusion

At Swiss Chalet, protecting your privacy is not just a legal requirement—it's a fundamental part of our commitment to you as a valued customer. We strive to be transparent about our data practices and provide you with meaningful control over your personal information.

We understand that trust is earned through consistent action and transparency. Our privacy practices are regularly reviewed and updated to reflect evolving privacy standards, technological advances, and regulatory requirements.

Your relationship with us is built on trust, and we take that responsibility seriously. Whether you're dining in our restaurant, ordering online, or participating in our loyalty program, we want you to feel confident that your personal information is handled with care and respect.

If you have any questions about this privacy policy or our data practices, we encourage you to contact us. We're here to help and ensure you have a positive experience with Swiss Chalet.

Thank you for choosing Swiss Chalet and for trusting us with your personal information.

Remember to check this policy periodically for updates. Last updated: January 15, 2025