Privacy Policy

Your privacy is our priority. Learn how we protect your personal information.

Last Updated: December 12, 2024

1. Introduction

At Supermacs, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our services, visit our website at supermaxs.com, order food for delivery or pickup, dine in our restaurants, or interact with us through any other means.

This policy applies to all personal information we process about you, regardless of how it was collected or stored. By using our services, visiting our website, or providing us with your personal information, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection and privacy.

2. Information We Collect

2.1 Information You Provide Directly

  • Personal Identification: Name, email address, phone number, postal address, date of birth
  • Account Information: Username, password, order history, favorite items, delivery preferences
  • Payment Information: Credit card details, billing address (stored securely with our payment processors)
  • Food Preferences: Dietary requirements, allergen information, special requests, favorite menu items
  • Order Details: Food selections, delivery addresses, special instructions, preferred delivery times
  • Reservation Information: Table booking details, party size, special occasion notes
  • Catering Information: Event details, guest count, dietary restrictions, delivery locations
  • Loyalty Program Data: Points earned, rewards claimed, membership tier, participation history
  • Communication Preferences: Marketing consent, notification preferences, communication channels
  • Feedback and Reviews: Restaurant reviews, food ratings, service feedback, survey responses

2.2 Information We Collect Automatically

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on site, click patterns, search queries, menu browsing history
  • Location Data: Approximate location from IP address, precise location (with consent) for delivery services
  • Cookie Data: Session identifiers, preferences, shopping cart contents, authentication tokens
  • Performance Data: Page loading times, error reports, feature usage statistics

2.3 Information from Third Parties

  • Social Media: Profile information if you connect social media accounts
  • Payment Processors: Transaction confirmation and fraud prevention data
  • Delivery Partners: Delivery status updates, driver location, completion confirmations
  • Marketing Partners: Campaign performance data, audience insights (anonymized)

3. How We Use Your Information

3.1 Service Provision

  • Processing and fulfilling your food orders
  • Managing table reservations and restaurant bookings
  • Coordinating catering services and special events
  • Providing customer support and resolving issues
  • Maintaining and improving our loyalty program
  • Personalizing your dining experience based on preferences
  • Ensuring food safety by tracking allergen preferences

3.2 Communication

  • Sending order confirmations and delivery updates
  • Providing customer support responses
  • Sharing important policy changes and service notices
  • Sending marketing communications (with your consent)
  • Notifying you about loyalty program benefits and rewards
  • Requesting feedback on your dining experience

3.3 Marketing and Analytics

  • Personalizing advertisements and promotional offers
  • Analyzing website traffic and user behavior patterns
  • Measuring the effectiveness of marketing campaigns
  • Conducting market research for menu development
  • Improving website functionality and user experience

3.4 Legal Compliance and Security

  • Complying with legal obligations and regulatory requirements
  • Preventing and detecting fraud, abuse, and security breaches
  • Protecting our rights, property, and safety
  • Resolving disputes and enforcing our terms of service
  • Responding to law enforcement requests and legal proceedings

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who help us operate our business:

  • Payment Processors: Secure handling of credit card transactions and payment processing
  • Delivery Companies: Coordinating food delivery to your specified address
  • Cloud Storage Providers: Secure data storage and backup services
  • Email Service Providers: Sending order confirmations and marketing communications
  • Analytics Services: Website usage analysis and performance optimization
  • Customer Support Tools: Managing support tickets and customer inquiries

4.2 Legal Requirements

  • Complying with court orders, subpoenas, and legal proceedings
  • Meeting regulatory compliance requirements
  • Protecting against fraud, security breaches, and illegal activities
  • Ensuring public safety in emergency situations

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. We will provide notice and ensure the new owner complies with this Privacy Policy.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent or at your direction.

5. Data Security

5.1 Technical Security Measures

  • Encryption: SSL/TLS encryption for all data transmission
  • Secure Servers: Advanced firewall systems and intrusion detection
  • Access Controls: Restricted access to authorized personnel only
  • Monitoring: 24/7 security monitoring and threat detection
  • Data Backups: Regular encrypted backups with secure storage

5.2 Organizational Security Measures

  • Regular security training for all employees
  • Comprehensive data handling procedures and protocols
  • Confidentiality agreements with all third-party providers
  • Incident response plan for security breaches
  • Annual security audits and assessments

5.3 Your Security Responsibilities

  • Use strong, unique passwords for your account
  • Never share your login credentials
  • Log out of your account on shared or public computers
  • Be cautious of phishing emails and suspicious links
  • Report any unauthorized account access immediately

Security Breach Notification: In the unlikely event of a data breach that affects your personal information, we will promptly notify you and relevant authorities as required by law, typically within 72 hours of discovery.

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience on our website:

Cookie Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart Session only
Functional Cookies User preferences, language settings, location Up to 1 year
Analytics Cookies Usage analysis, performance optimization Up to 2 years
Marketing Cookies Personalized advertising, campaign tracking Up to 1 year

Additional Tracking Technologies

  • Google Analytics: Website traffic analysis and user behavior insights
  • Facebook Pixel: Advertising effectiveness measurement and targeting
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Browser-based data storage for preferences

Cookie Management: You can control cookies through your browser settings to accept, reject, or delete cookies. Note that disabling certain cookies may affect website functionality and your user experience.

7. Your Rights (GDPR/CCPA Compliance)

You have the following rights regarding your personal information:

  • Right of Access: Request to view your personal data we hold
  • Right to Rectification: Correct any inaccurate or incomplete data
  • Right to Erasure (Right to be Forgotten): Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your data
  • Right to Data Portability: Receive your data in machine-readable format
  • Right to Object: Object to processing, especially for marketing purposes
  • Right Against Automated Decision-Making: Opt out of automated profiling

How to Exercise Your Rights: Contact us using the information in Section 13. We will respond to your request within 30 days and may require identity verification for security purposes.

8. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

Upon discovery that we have collected information from a child under 16 without parental consent, we will promptly delete such information from our records.

9. International Data Transfers

9.1 Protection Measures

When transferring your data internationally, we implement appropriate safeguards:

  • EU-Japan adequacy decisions for transfers to approved countries
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Comprehensive data processing agreements with all partners
  • Regular compliance audits and monitoring

9.2 Transfer Destinations

  • United States (cloud storage and analytics)
  • European Union (data processing and analytics)
  • Other countries as needed with appropriate protections

10. Data Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy:

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order History 7 years Tax and accounting requirements
Marketing Consent 3 months after withdrawal Consent record keeping
Website Usage Logs Up to 2 years Security analysis, performance optimization
Customer Support Records 3 years Service quality improvement
Payment Information As required by payment processors Fraud prevention, chargebacks

Safe Data Disposal

When data retention periods expire, we ensure secure deletion through:

  • Complete electronic deletion making data unrecoverable
  • Physical destruction of paper records through secure shredding
  • Verification that all backup copies are also deleted
  • Maintaining disposal records for compliance audits

11. Third-Party Links

Our website may contain links to third-party websites, applications, or services that are not owned or controlled by Supermacs. We are not responsible for the privacy practices or content of these third-party sites.

We encourage you to review the privacy policies of any third-party sites before providing them with your personal information. Your interactions with third-party sites are governed by their respective privacy policies, not this one.

12. Policy Changes

12.1 Change Notification

We may update this Privacy Policy from time to time. When we make changes, we will notify you through:

  • Prominent notice on our website homepage
  • Email notification to registered users
  • Pop-up notification when you log into your account
  • Explicit consent requests for significant changes

12.2 Staying Informed

  • The latest version is always available on our website
  • Check the "Last Updated" date at the top of this policy
  • Continued use of our services constitutes acceptance of changes
  • You may stop using our services if you disagree with changes

13. Contact Information

Data Protection Officer

Company: Supermacs

Address: Main St, Cashel, Co. Tipperary, E25 EF61, Ireland

Phone: +353 62 62002

Email: [email protected]

Business Hours: Monday - Friday, 9:00 AM - 6:00 PM GMT

Response Time: We commit to responding to all privacy inquiries within 3 business days

13.1 Filing Complaints

If you have concerns about our privacy practices, please contact us first so we can work to resolve the issue. If you are not satisfied with our response, you may file a complaint with your local data protection authority:

Ireland Data Protection Commission:
Website: dataprotection.ie
Phone: +353 (0)761 104 800
Email: [email protected]

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

  • Click the "Unsubscribe" link in any marketing email
  • Update your preferences in your account settings
  • Contact our customer support team
  • Reply "STOP" to marketing text messages

14.2 Account Deletion Process

To permanently delete your account and associated data:

  • Log into your account and go to "Account Settings"
  • Select "Delete Account" and confirm your choice
  • Contact customer support for assistance if needed
  • Note: Some data may be retained for legal compliance purposes

15. Conclusion

At Supermacs, protecting your privacy is not just a legal obligation—it's fundamental to maintaining the trust you place in us when you choose our food services. We are committed to transparency about our data practices and continuously improving our privacy protections.

The relationship between Supermacs and our customers is built on trust, quality food, and exceptional service. Your privacy is an essential part of that relationship, and we take our responsibility to protect your personal information very seriously.

If you have any questions about this Privacy Policy, our data practices, or your privacy rights, please don't hesitate to contact us using the information provided in Section 13. We're here to help and appreciate your trust in Supermacs.

Thank you for choosing Supermacs for your dining needs. We look forward to continuing to serve you while protecting your privacy every step of the way.

Remember to check this page periodically for updates. Last Updated: December 12, 2024