Privacy Policy
At Tootsies Restaurants (“Tootsies”, “we”, “us”, or “our”), accessible at tootsiesrestaurants.com, we are deeply committed to safeguarding your personal data and upholding your privacy rights. We understand the importance of maintaining the confidentiality, integrity, and security of your information and take our obligations under relevant privacy laws, including the General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”), as amended, seriously.
This Privacy Policy outlines how we collect, use, disclose, and protect your personal information in connection with our website and services. We encourage you to read this Policy carefully to understand your rights and how we protect them.
1. Scope of Policy and Data Controller Role
This Privacy Policy applies to all users of our website, tootsiesrestaurants.com, and to individuals who interact with us through any channel, including email, forms, or customer service inquiries. Tootsies Restaurants is the data controller in respect of all personal data collected and processed through our website and related services.
If you are a California resident, this Policy is also provided in compliance with the CCPA and supplements any rights available to you under state law.
2. Categories of Data Processed
We collect and process various categories of personal data, which may include but are not limited to:
Usage Data
Includes information such as your IP address, geographic region, browser type, operating system, device identifier, referral URLs, pages viewed, time and date of visits, and session duration.
Account Data
Collected when you create an account, make reservations, or place orders, including your name, email address, phone number, username, and mailing address.
Profile Data
Includes your reservation history, dining preferences, food allergies, frequency of visits, and purchase behaviors.
Communication Data
Includes records of your communications with us such as customer service queries, feedback forms, email correspondence, and any other interactions.
Technical Data
Comprises data from your device, such as device model, system configuration, browser settings, time zone, and language preferences.
Transaction Data
Includes payment details (processed through third-party secure providers), reservation confirmations, and delivery or order information.
Preference Data
Includes your communication preferences, marketing and promotional consents, product and content interests, and opt-in/opt-out history.
3. Legal Bases for Processing
Under the GDPR, we process your data based on the following lawful grounds:
– Performance of a Contract: To fulfill services or transactions you request (e.g., reservations, orders, customer support).
– Legitimate Interests: To improve the functionality and performance of tootsiesrestaurants.com, prevent fraud, protect our website, and analyze usage.
– Consent: Where required, such as for marketing communications or non-essential cookies.
– Legal Obligations: To comply with applicable legal, regulatory, or tax obligations.
For users in California, we process your data in line with “business purposes” as defined by the CCPA.
4. Your Privacy Rights
Pursuant to GDPR, CCPA, and other applicable laws, you have the right to:
– Access: Obtain confirmation as to whether we process your personal data and, if so, access a copy.
– Rectification: Request correction of inaccurate or incomplete personal information.
– Erasure: Request deletion of your personal data (subject to limitations).
– Restriction: Request restriction of processing in certain cases (e.g., pending a data accuracy challenge).
– Portability: Obtain your data in a structured, commonly used, and machine-readable format and transmit it to another controller.
– Objection & Opt-Out: In certain situations, object or opt-out of direct marketing or automated processing.
To exercise any of these rights, please contact us at [email protected].
5. Security Measures
We implement industry-standard technical and organizational safeguards to maintain the security of your data. Our protective measures include:
– Encryption of data during transfer and storage
– Secure data centers and physical access control
– Role-based access to data-processing systems
– Regular training for staff authorized to process personal data
– Routine backups and recovery systems
6. International Transfers
Where personal data is transferred outside the European Economic Area (EEA) or other jurisdictions with strict data protection regimes, we ensure it is protected by appropriate safeguards. These may include Standard Contractual Clauses approved by the European Commission or other legally compliant mechanisms.
7. Data Retention
We retain personal data only as long as necessary for the purposes outlined in this Policy or as required by applicable laws.
Retention periods vary based on the data type:
– Usage Data: Up to 12 months
– Account Data: As long as the account is active, plus 2 years
– Communication Data: Up to 3 years after the last interaction
– Transaction Data: Up to 7 years (for accounting and tax purposes)
– Technical and Preference Data: Up to 24 months or until consent is withdrawn
Upon expiration of the retention period, data is securely deleted or anonymized.
8. Cookie Policy
Tootsiesrestaurants.com uses cookies and similar technologies to enhance your experience. These include:
– Essential Cookies: Necessary for site functionality (e.g., booking system, login).
– Functional Cookies: Enhance usability, such as saving preferences.
– Analytics Cookies: Track website usage for performance optimization.
– Performance Cookies: Monitor page speed and error rates.
Third-party cookies (e.g., Google Analytics) may also be used, subject to your consent, for analytics and reporting.
9. Cookie Management and GDPR/CCPA Compliance
Upon your first visit to tootsiesrestaurants.com, you are given the option to accept or reject non-essential cookies. You can update your preferences at any time via the Cookie Settings link available on our website footer.
California residents have the right to “opt-out” of the sale of personal data; however, we do not sell your personal data in the conventional sense. We also honor “Do Not Track” signals in compliance with applicable requirements.
10. Children’s Privacy
We do not knowingly collect or process personal data from children under 13 years of age. If we become aware that we have inadvertently collected data from a child, we will delete such information promptly. Parents or legal guardians with concerns are encouraged to contact us at [email protected].
11. Policy Updates and Notifications
We may amend this Privacy Policy from time to time to reflect legal updates or changes in our operational practices concerning privacy. Where material changes are made, we will provide notification via the website or by other appropriate communication channels.
We encourage you to check this page periodically to review any updates.
12. Contact Us
For any questions regarding this Privacy Policy or to exercise any of your data protection rights, please contact us using the details below:
Email: [email protected]
Website: https://www.tootsiesrestaurants.com
We are committed to honoring your privacy rights and ensuring transparent data practices. If you have any concerns about how your personal data is handled, we encourage you to reach out.