Privacy Policy
1. Introduction
Just Fast Food (“Company,” “we,” “our,” or “us”) is committed to protecting the privacy and personal data of our users in accordance with the highest standards of data protection. This Privacy Policy outlines how we collect, use, share, and protect personal information gathered through our website, just-fastfood.com (“Website”). We place a premium on transparency and adhere strictly to relevant laws and regulations, including the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
2. Scope of the Policy and Our Role as Data Controller
This Privacy Policy applies to all personal data collected through our Website, including when users browse, create an account, place orders, interact with features, or communicate with our support channels. For the purposes of the GDPR and other applicable data protection laws, we act as the Data Controller when we determine the purposes and means of processing your personal data.
Our services are primarily intended for individuals who interact with just-fastfood.com within the scope of online food ordering and customer service.
3. Categories of Data Processed
We may collect and process the following categories of personal data:
a. Usage Data
This includes information about how you use our Website, such as IP addresses, browser type, device identifiers, operating system version, referral URLs, pages viewed, access times, and session duration.
b. Account Data
When you create an account with us, we may collect and process your full name, postal and delivery address, email address, phone number, and login credentials.
c. Profile Data
We process information concerning your order history, food preferences, saved payment methods, favorites, and account customization settings.
d. Communication Data
This comprises the content and metadata of inquiries or feedback submitted through our customer service portals, including email correspondence and any follow-up communications with support agents.
e. Technical Data
Includes data about the devices you use to access our Website, such as device type, operating system, language preference, mobile network details, screen resolution, and browser settings.
f. Transaction Data
We collect and process payment information (excluding full payment card details, which are handled securely by third-party payment processors), delivery instructions, and transaction histories.
g. Preference Data
Includes marketing communications preferences, feedback provided, browsing patterns on our platform, and expressed interests in products or services, as collected through cookies and account settings.
4. Legal Bases for Processing
We rely on the following legal bases for processing personal data:
– Performance of a contract: Such as processing orders, fulfilling deliveries, and managing user accounts.
– Legitimate interests: Including fraud prevention, network and information security, improvement of Website usability, and marketing our services (provided such interests do not override your rights).
– Consent: In situations where legally required (e.g., non-essential cookies or direct marketing to individuals without a business relationship).
– Compliance with legal obligations: Such as invoicing, tax records, and responding to lawful government requests.
5. Your Rights
Under GDPR, CCPA, and other data protection laws, you have specific rights concerning your personal data. These include:
– Right of Access: You may request a copy of personal data we hold about you.
– Right to Rectification: You may request correction of incomplete or inaccurate data.
– Right to Erasure: In certain circumstances, you may request that we delete your personal data.
– Right to Restriction of Processing: You may request limitations on how we process your data in certain conditions.
– Right to Data Portability: You may request to receive your data in a commonly used format for use elsewhere.
– Right to Object: You can object to specific types of data processing, such as direct marketing.
– Right to Withdraw Consent: If processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing based on consent before withdrawal.
Under CCPA, California residents also have the right to opt out of the sale or sharing of personal information and not to be discriminated against for exercising their privacy rights.
To exercise any of these rights, please contact us at: [email protected].
6. Security Measures
We implement a range of security measures appropriate to the risk level and nature of the data we process, including:
– Data encryption in transit and at rest
– Role-based access control and authentication procedures
– Secure data backups and redundancy
– Regular vulnerability scans and software updates
– Employee privacy and data protection training
– Strict internal data access protocols
Despite these safeguards, please note that no method of electronic transmission or storage is 100% secure, and we recommend that you also take appropriate steps to protect your data when using public networks or unsecured devices.
7. International Data Transfers
Your data may be processed or stored outside your jurisdiction, including in countries that may not offer the same level of legal protection as your home country. When we transfer personal data internationally, including to third-party service providers, such transfers will be conducted in accordance with applicable law, including but not limited to:
– Standard Contractual Clauses approved by the European Commission;
– Adequacy decisions by the European Commission for specific countries;
– Other approved mechanisms ensuring legal safeguards.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes we collected it for, including satisfying legal, accounting, and regulatory obligations.
– Account and Profile Data: Retained until user account is closed or after inactivity of 24 months.
– Transaction Data: Retained for a minimum of 7 years for tax and financial compliance.
– Communication Data: Retained for up to 36 months post-interaction.
– Usage and Technical Data: Retained for 12–24 months for analytics and security purposes.
– Cookie Data: Retention period varies depending on cookie purpose (see Section 9).
Upon expiry of retention periods, data will be securely deleted, anonymized, or aggregated unless required for legitimate legal interests.
9. Cookie Policy
We use cookies and similar tracking technologies to optimize your experience on just-fastfood.com. The following types of cookies may be used on our Website:
– Essential Cookies: Required for core functionalities such as order processing, security, and account authentication.
– Functional Cookies: Support personalization features including language preferences, saved locations, and remembered settings.
– Analytics Cookies: Help us measure performance, user journeys, and usage trends via platforms like Google Analytics.
– Performance Cookies: Improve speed, responsiveness, and feature optimization across devices and sessions.
Please note that disabling some types of cookies may impact the user experience.
10. Cookie Management and Compliance with GDPR & CCPA
On your first visit to just-fastfood.com, and periodically thereafter, you will be presented with a cookie banner and/or preference center that allows you to manage cookie settings in compliance with GDPR and CCPA requirements.
You may also change your preferences at any time or block cookies using your browser’s settings. For a more detailed explanation of cookies we use and their purposes, please review our separate Cookie Notice available on the Website.
11. Protection of Children
Our Website is not intended for children under the age of 13, and we do not knowingly collect personal data from children. If we become aware that we have inadvertently collected personal data from a child under 13, we will take prompt steps to delete such information.
Parents or guardians who believe their child has provided personal data to us are encouraged to contact us immediately at [email protected].
12. Policy Updates and Notification
We may update this Privacy Policy from time to time to reflect changes in legal requirements, technology, or our business practices. When changes occur, we will post the revised policy on just-fastfood.com and, where appropriate, notify users of significant updates via email or via the Website interface. We encourage users to review this Policy periodically.
13. Contact Us
If you have any questions about this Privacy Policy, our data processing practices, or if you wish to exercise your data protection rights, you may contact us at:
Email: [email protected]
We are committed to ensuring your personal data is handled in compliance with GDPR, CCPA, and other applicable privacy laws. Please contact us at any time if you have concerns regarding your privacy or the information we hold about you.