Privacy Policy

This Privacy Policy describes how Chopt ("we," "us," or "our") collects, uses, shares, and protects your personal information when you visit our website at cafe-chopt.click, place orders, use our services, or otherwise interact with us. Please read this policy carefully. By using our website or services, you agree to the practices described in this Privacy Policy.

We are committed to protecting your privacy and handling your personal information with transparency and integrity. This Privacy Policy is designed to comply with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant regulations governing data privacy and consumer protection.

1. About Us

Chopt is a food service business operating in the United States. We operate the website cafe-chopt.click and provide food-related services to our customers. If you have any questions or concerns about this Privacy Policy or our data practices, please contact us using the information below:

2. Information We Collect

We collect various categories of personal information depending on how you interact with our website and services. The types of information we may collect include, but are not limited to, the following:

2.1 Personal Identification Information

When you create an account, place an order, sign up for our newsletter, or contact us, we may collect personally identifiable information, including:

• Full name
• Email address
• Phone number
• Billing and delivery address
• Date of birth (when required for age verification)
• Payment card details (processed securely through third-party payment processors)
• Profile photographs or avatars (if you choose to upload one)
• Username and password credentials

2.2 Order and Transaction Information

When you place an order through our website, we collect information related to your food orders, transaction history, preferences, special dietary requests, and purchase records. This includes details about the items you order, payment methods used, and delivery instructions.

2.3 Usage Data and Behavioral Information

We automatically collect certain information about how you interact with our website and services. This includes:

• Pages you visit and the duration of your visit
• Links and buttons you click
• Search terms entered on our website
• Items browsed or added to your cart
• Referring website addresses (i.e., where you came from before visiting our site)
• Date and time of your visit
• Error logs and crash reports

2.4 Device and Technical Information

We collect technical information about the device and browser you use to access our website, including:

• IP address
• Browser type and version
• Operating system and version
• Device type (desktop, mobile, tablet)
• Device identifiers
• Screen resolution
• Language settings
• Internet service provider (ISP)
• Geographic location (derived from IP address)

2.5 Cookie and Tracking Data

We use cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing behavior on our website. For more detailed information about our use of cookies, please refer to Section 9 of this Privacy Policy and our dedicated Cookie Policy.

2.6 Communications Data

When you contact us by email, phone, or through any contact form on our website, we may collect and store the content of your communications, your contact details, and the nature of your inquiry or complaint.

2.7 Marketing Preferences

If you sign up for our mailing list or marketing communications, we collect your email address and your stated preferences regarding the types of communications you wish to receive.

2.8 Information from Third Parties

We may receive information about you from third-party sources, such as social media platforms (if you connect your account or interact with our social media pages), delivery partners, analytics providers, and advertising partners. This information may be combined with data we already hold about you.

3. How We Use Your Information

We use the personal information we collect for a variety of business and operational purposes. Specifically, we use your data to:

3.1 Service Provision and Order Fulfillment

• Process and fulfill your food orders
• Manage your account and provide customer support
• Facilitate payment processing and issue receipts
• Arrange delivery or pickup of your orders
• Communicate with you about the status of your order
• Respond to your inquiries, complaints, and requests

3.2 Analytics and Website Improvement

• Analyze website traffic and usage patterns
• Understand customer preferences and behaviors
• Improve our website design, functionality, and user experience
• Conduct internal research and development
• Monitor and address technical issues or errors

3.3 Marketing and Promotional Communications

• Send you promotional emails, newsletters, and special offers (where you have consented or where we have a legitimate interest)
• Personalize marketing content based on your preferences and order history
• Display targeted advertisements on our website and third-party platforms
• Manage loyalty programs or referral campaigns

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send, or by contacting us at [email protected].

3.4 Legal and Compliance Purposes

• Comply with applicable laws, regulations, and legal obligations
• Respond to lawful requests from law enforcement and government authorities
• Protect our legal rights and defend against legal claims
• Detect and prevent fraud, abuse, or unauthorized use of our services
• Enforce our Terms of Service and other agreements

3.5 Safety and Security

• Monitor our systems for security threats, vulnerabilities, or breaches
• Verify the identity of users and prevent unauthorized account access
• Protect the safety of our customers, staff, and business operations

4. Sharing Your Information with Third Parties

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. However, we may share your information with selected third parties in the following circumstances:

4.1 Service Providers and Business Partners

We work with trusted third-party service providers who assist us in operating our website and delivering our services. These include:

All service providers are contractually obligated to protect your personal information and use it only for the specific purposes for which it was shared. They are not permitted to use your data for their own independent marketing or commercial purposes.

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law or in good faith belief that such disclosure is necessary to:

• Comply with a legal obligation, court order, subpoena, or governmental request
• Enforce our Terms of Service or other contractual agreements
• Protect and defend our rights, property, or safety
• Protect the rights, property, or safety of our customers or the public
• Investigate suspected fraud, illegal activity, or violations of our policies

4.3 Business Transfers

In the event that Chopt undergoes a merger, acquisition, sale of all or a portion of its assets, or any other form of business transfer, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website if such a transfer occurs, and you will have the opportunity to exercise your rights regarding your data.

4.4 With Your Consent

We may share your information with third parties in other circumstances not described above when you have given us your explicit consent to do so.

5. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical safeguards to protect your data from unauthorized access, loss, alteration, or disclosure. Our security measures include:

5.1 Technical Safeguards

• SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using Secure Socket Layer (SSL) or Transport Layer Security (TLS) technology.
• Encrypted Storage: Sensitive data, including payment information and passwords, is stored using industry-standard encryption protocols.
• Firewalls and Intrusion Detection: We maintain firewalls and intrusion detection systems to monitor and protect our network infrastructure.
• Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis.
• Regular Security Testing: We conduct periodic security assessments, vulnerability scans, and penetration testing.

5.2 Administrative Safeguards

• Employee training on data privacy and security practices
• Data handling policies and procedures for internal staff
• Vendor due diligence and data processing agreements with third parties
• Incident response plans for potential data breaches

5.3 Data Breach Notification

In the event of a data breach that may compromise your personal information, we will notify affected individuals and relevant authorities as required by applicable law. Notification will be provided via email and/or a prominent notice on our website as promptly as reasonably possible.

While we strive to protect your personal information, please note that no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your data, and you use our services at your own risk.

6. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information under applicable law. We are committed to honoring these rights and making it easy for you to exercise them.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared.
• Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions provided by law.
• Right to Correct: You have the right to request that we correct inaccurate personal information we hold about you.
• Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information with third parties for cross-context behavioral advertising. We do not sell your personal information in the traditional sense, but we may share data with advertising partners. You may opt out by contacting us at [email protected].
• Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of your sensitive personal information to specific permitted purposes.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level of quality because you exercised your rights.

6.2 General Privacy Rights (All Users)

Regardless of your location, we strive to provide all users with the following rights where practicable:

• Right of Access: You may request a copy of the personal information we hold about you.
• Right to Rectification: You may request correction of any inaccurate or incomplete personal information.
• Right to Erasure: You may request that we delete your personal data in certain circumstances.
• Right to Data Portability: You may request that we provide your personal data in a structured, commonly used, and machine-readable format so that you can transfer it to another service provider.
• Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Right to Object to Marketing: You may object to the use of your personal data for direct marketing purposes at any time.

6.3 How to Exercise Your Rights

To exercise any of your privacy rights, please contact us using the following methods:

We will respond to your request within 45 days of receipt. In some cases, we may require up to an additional 45 days to respond, in which case we will notify you. We may need to verify your identity before processing your request to ensure that we do not disclose your information to an unauthorized individual.

You may designate an authorized agent to submit requests on your behalf. Authorized agents must provide written proof of authorization and may be required to verify their identity.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The following general retention periods apply:

When your personal data is no longer required, we will securely delete or anonymize it so that it can no longer be associated with you. In some cases, we may retain anonymized, aggregated data indefinitely for statistical and research purposes, as this data does not identify any individual.

8. Children's Privacy

Our website and services are intended for individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, as defined by the Children's Online Privacy Protection Act (COPPA).

If you are under the age of 18, you are not permitted to use our website, create an account, or place orders without the supervision and consent of a parent or legal guardian. We encourage parents and guardians to monitor their children's online activities and to instruct them not to provide personal information on any website without parental permission.

If we become aware that we have inadvertently collected personal information from a child under the age of 13 without verifiable parental consent, we will take immediate steps to delete such information from our records. If you believe we may have collected information from a child under 13, please contact us immediately at [email protected].

9. Cookie Policy Summary

We use cookies and similar tracking technologies on our website to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertisements. This section provides a brief overview of our cookie practices.

9.1 What Are Cookies?

Cookies are small text files placed on your device (computer, tablet, or mobile phone) when you visit a website. They help the website remember your preferences and activities over time, making your browsing experience more efficient and personalized.

9.2 Types of Cookies We Use

9.3 Managing Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or receive notifications before a cookie is placed. Please note that disabling certain cookies may affect the functionality of our website.

For detailed information about the specific cookies we use, their duration, and how to manage your preferences, please review our full Cookie Policy available on our website at cafe-chopt.click.

10. International Data Transfers

Chopt is based in the United States. If you are accessing our website or services from outside the United States, please be aware that your personal information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

The data protection laws in these countries may differ from the laws of your country of residence. However, we take steps to ensure that appropriate safeguards are in place to protect your personal information whenever it is transferred internationally. These safeguards may include:

• Standard contractual clauses approved by relevant data protection authorities
• Data processing agreements with our service providers that require equivalent data protection standards
• Use of service providers that participate in recognized compliance frameworks

By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and other countries as described in this Privacy Policy.

11. Do Not Track Signals

Some browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites requesting that they not track your browsing activities. Our website does not currently respond to DNT signals, as there is no universally accepted standard for how websites should respond to such signals. However, you can manage your tracking preferences through our cookie management tools and browser settings, as described in Section 9.

12. Third-Party Websites and Links

Our website may contain links to third-party websites, applications, or services that are not owned or controlled by Chopt. This Privacy Policy applies only to our website and services. We are not responsible for the privacy practices of any third-party websites or services, and we encourage you to review the privacy policies of any third-party platforms you visit.

Clicking on links to external websites or interacting with third-party widgets (such as social media sharing buttons) may allow those third parties to collect or share data about you. We do not control what information these third parties collect or how they use it.

13. How to File a Complaint with a Data Protection Authority

If you believe that we have not complied with applicable privacy laws or that your privacy rights have been violated, you have the right to file a complaint with the appropriate regulatory authority.

13.1 California Residents

California residents may file a complaint with the California Privacy Protection Agency (CPPA), which enforces the CCPA and CPRA:

13.2 Federal Level Complaints

Consumers may also file a complaint with the Federal Trade Commission (FTC), which enforces federal consumer protection and privacy laws:

We encourage you to contact us first before filing a complaint with a regulatory authority, as we are committed to resolving privacy concerns directly and promptly. Please reach out to us at [email protected] and we will do our best to address your concerns.

14. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this policy, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our website notifying users of the changes
• Send an email notification to registered users where required by law or where changes are significant

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our website or services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

15. Legal Basis for Processing

While the United States does not currently have a single comprehensive federal privacy law equivalent to Europe's GDPR, we are committed to processing your personal information lawfully and transparently. We process your data on the following bases:

• Contractual Necessity: Processing necessary to fulfill an order, provide our services, or perform our obligations under a contract with you.
• Legitimate Interests: Processing necessary for our legitimate business interests, such as improving our services, preventing fraud, and marketing to existing customers, provided these interests are not overridden by your rights and interests.
• Legal Obligation: Processing necessary to comply with applicable laws, regulations, or court orders.
• Consent: Processing based on your explicit consent, such as subscribing to our newsletter or accepting non-essential cookies. You may withdraw consent at any time.

16. California "Shine the Light" Law

Under California Civil Code Section 1798.83, California residents who have an established business relationship with us have the right to request information about the categories of personal information we disclosed to third parties for their direct marketing purposes in the preceding calendar year. If you are a California resident and would like to make such a request, please contact us at [email protected] with "Shine the Light Request" in the subject line.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, your personal information, or our data practices, please do not hesitate to contact us. We are happy to assist you and are committed to addressing your privacy concerns promptly and thoroughly.

This Privacy Policy was last updated on June 5, 2026. Thank you for trusting Chopt with your personal information. We value your privacy and are committed to protecting it.