Privacy Policy
Effective Date: July 8, 2026 | Last Updated: July 8, 2026
1. Introduction and Overview
Welcome to Chopt. We are committed to protecting your privacy and ensuring that your personal information is handled in a safe, responsible, and transparent manner. This Privacy Policy has been prepared in compliance with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable data protection regulations.
By accessing or using our website at chopt-newhot.click, placing orders through our digital platforms, subscribing to our newsletters, or otherwise engaging with our services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with any part of this policy, please discontinue your use of our services immediately.
Chopt operates as a food service business in the United States. We take our obligations as a data controller seriously and have implemented appropriate measures to safeguard your personal information in accordance with applicable law.
For questions, concerns, or requests related to this Privacy Policy, please contact us at:
Contact Information
- Company: Chopt
- Email: [email protected]
- Website: chopt-newhot.click
2. Information We Collect
We collect various categories of information about you when you interact with our website, services, and communications. The categories below describe the types of personal information we may collect:
2.1 Personal Identification Information
When you create an account, place an order, sign up for our loyalty program, or contact us, we may collect the following personal identification information:
- Full name
- Email address
- Phone number
- Mailing address and delivery address
- Date of birth (where relevant to age verification or promotional purposes)
- Username and password credentials for your account
- Profile photograph (if voluntarily provided)
2.2 Payment and Financial Information
When you make a purchase through our website or mobile ordering platform, we collect payment information necessary to complete your transaction. This may include:
- Credit card or debit card details (processed through secure, PCI-DSS-compliant payment processors)
- Billing address
- Transaction history and order records
- Gift card or promotional code information
Please note that we do not store full credit card numbers on our servers. Payment processing is handled by trusted third-party payment service providers who maintain their own security standards.
2.3 Order and Dietary Information
As a food service provider, we collect information directly related to your food orders and preferences, including:
- Your order history and frequently ordered items
- Dietary preferences and restrictions you voluntarily provide (e.g., vegan, gluten-free)
- Customization preferences and saved favorite meals
- Delivery or pickup location preferences
- Special instructions you provide with your orders
2.4 Usage and Technical Data
When you visit our website or use our digital platforms, we automatically collect certain technical and usage data, including:
- IP address and approximate geographic location
- Browser type, version, and settings
- Operating system and device type
- Pages visited on our website, time spent, and navigation paths
- Referring URLs (the website you visited before coming to ours)
- Links clicked and features used
- Search queries entered on our website
- Date and time stamps of visits
- Error logs and crash reports
2.5 Cookie and Tracking Technology Data
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect data about your interactions with our website. This data may include session identifiers, preferences, and behavioral data used to personalize your experience. Please refer to Section 8 of this Privacy Policy for detailed information about our use of cookies.
2.6 Communications Data
If you contact us via email, phone, social media, or any other communication channel, we may collect and retain:
- The content of your messages and inquiries
- Your contact details as provided in the communication
- Records of correspondence for customer service purposes
- Feedback, reviews, and survey responses you submit
2.7 Marketing and Preference Data
With your consent, we collect information about your marketing preferences, including:
- Email marketing subscription status and preferences
- SMS marketing opt-in status
- Notification preferences for app alerts and promotions
- Loyalty program participation and reward redemption history
3. How We Use Your Information
We use the personal information we collect for specific, legitimate purposes related to our food service operations and to improve your experience with Chopt. The following describes how we use the data we collect:
3.1 Providing and Managing Our Services
The primary purpose for which we collect your information is to provide you with our food ordering and delivery services. This includes:
- Processing and fulfilling your food orders
- Coordinating delivery or pickup logistics
- Managing your account and preferences
- Sending order confirmations, receipts, and status updates
- Processing payments and refunds
- Administering loyalty rewards and promotional programs
3.2 Customer Support and Communications
We use your information to respond to your inquiries, resolve complaints, and provide effective customer support, including:
- Responding to questions and feedback submitted via email or our website
- Investigating and resolving order-related issues or disputes
- Sending important service-related notifications and policy updates
- Conducting customer satisfaction surveys (with your consent)
3.3 Analytics and Service Improvement
We analyze usage data and order information to improve our menu offerings, website functionality, and overall service quality, including:
- Understanding customer behavior and preferences on our website
- Identifying popular menu items and optimizing offerings
- Improving website performance, navigation, and user experience
- Conducting internal research and business analytics
- Testing new features and website updates before deployment
3.4 Marketing and Promotional Activities
Where you have provided your consent or where permitted by applicable law, we may use your information for marketing purposes, including:
- Sending promotional emails about new menu items, special offers, and seasonal promotions
- Delivering personalized offers and recommendations based on your order history
- Running targeted advertising campaigns through online platforms
- Notifying you about loyalty program updates and reward opportunities
You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email, contacting us at [email protected], or adjusting your account notification settings.
3.5 Legal Compliance and Safety
We may use your information as necessary to comply with applicable legal obligations, enforce our terms, and protect the safety and security of our business and customers, including:
- Complying with federal, state, and local laws and regulations
- Responding to lawful requests from government authorities or law enforcement
- Detecting, investigating, and preventing fraudulent transactions or abuse
- Enforcing our Terms of Service and other applicable agreements
- Protecting the rights and safety of Chopt, our employees, and our customers
4. Sharing Your Information with Third Parties
We do not sell your personal information to third parties for their own independent marketing purposes. However, we may share your information with trusted third parties in the following circumstances:
4.1 Service Providers and Business Partners
We work with carefully selected third-party service providers who assist us in operating our business and delivering services to you. These providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures. Categories of service providers include:
| Category | Purpose |
|---|---|
| Payment Processors | Secure processing of credit/debit card transactions |
| Delivery Partners | Coordinating third-party food delivery logistics |
| Email Marketing Platforms | Managing and sending promotional communications |
| Analytics Providers | Website traffic analysis and user behavior insights |
| Cloud Hosting Providers | Secure storage and management of business data |
| Customer Support Tools | Managing customer inquiries and support tickets |
| Advertising Networks | Delivering targeted online advertising |
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information if required to do so by law or in response to valid legal processes, including:
- Court orders, subpoenas, or other legal process
- Requests from law enforcement agencies or government authorities
- Situations where disclosure is necessary to protect public safety or prevent imminent harm
- Compliance with the FTC Act, state consumer protection laws, or other applicable regulations
4.3 Business Transfers
In the event of a merger, acquisition, asset sale, reorganization, or other business transaction involving Chopt, your personal information may be transferred as part of the business assets. We will notify you of any such change and the resulting changes to this Privacy Policy through appropriate means, including posting a notice on our website.
4.4 With Your Consent
We may share your information with other third parties when you have provided explicit consent to such sharing, such as when participating in joint promotional activities or cross-platform loyalty programs.
5. Data Security Measures
We take the security of your personal information seriously and have implemented a comprehensive set of technical, organizational, and administrative safeguards to protect your data against unauthorized access, alteration, disclosure, or destruction.
5.1 Technical Security Measures
- SSL/TLS Encryption: All data transmitted between your browser and our website is protected using industry-standard Secure Socket Layer (SSL) or Transport Layer Security (TLS) encryption protocols.
- Secure Payment Processing: Payment data is processed through PCI-DSS-compliant payment processors, ensuring that sensitive financial information is handled according to the highest industry standards.
- Access Controls: Access to personal information within our organization is strictly limited to employees and contractors who have a legitimate need to access such data to perform their job functions.
- Data Encryption at Rest: Sensitive personal data stored in our systems is encrypted using robust encryption algorithms.
- Firewalls and Intrusion Detection: Our network infrastructure is protected by firewalls and monitored by intrusion detection systems to identify and respond to potential security threats.
5.2 Organizational Security Measures
- Regular employee training on data privacy and security best practices
- Strict internal data handling policies and procedures
- Background checks for employees with access to sensitive personal data
- Confidentiality agreements for all employees and contractors
- Regular security audits and vulnerability assessments
5.3 Data Breach Response
In the event of a data breach that affects your personal information, we will take immediate steps to contain and investigate the incident. Where required by applicable law, including state data breach notification laws, we will notify affected individuals and relevant regulatory authorities within the legally mandated timeframes. Notifications will be provided via email to the address associated with your account or through other appropriate communication channels.
6. Your Privacy Rights
Depending on your state of residence in the United States, you may have certain rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.
6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)
If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:
- Right to Know: You have the right to request that we disclose what personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we have shared it.
- Right to Access: You have the right to request a copy of the specific personal information we have collected about you over the past 12 months.
- Right to Deletion: You have the right to request that we delete the personal information we have collected from you, subject to certain legal exceptions.
- Right to Correction: You have the right to request that we correct inaccurate personal information we hold about you.
- Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes. We do not sell your personal information; however, we respect your opt-out preferences regarding sharing for advertising.
- Right to Limit Use of Sensitive Personal Information: Where applicable, you have the right to limit our use of sensitive personal information to what is necessary to provide our services.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you services, charge different prices, or provide a different quality of service solely because you exercised a privacy right.
6.2 General Privacy Rights (All U.S. Residents)
Regardless of your state of residence, we provide the following privacy rights to all users:
- Right of Access: You may request access to the personal information we hold about you.
- Right to Correction: You may request that we update or correct inaccurate information in your account.
- Right to Deletion: You may request deletion of your account and personal information, subject to legal retention requirements.
- Right to Portability: You may request a copy of your personal information in a commonly used, machine-readable format.
- Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.
- Right to Opt Out of Marketing: You may opt out of receiving marketing communications from us at any time.
6.3 How to Exercise Your Rights
To exercise any of the rights described above, please submit a verifiable request to us using the following methods:
- Email: [email protected]
- Website: Through the contact form available at chopt-newhot.click
For security purposes, we may need to verify your identity before processing your request. Verification may require you to provide information that matches what we have on file, or to confirm access to the email address associated with your account. We will respond to verifiable requests within 45 days of receipt. If additional time is required, we will notify you of the extension and the reasons for the delay, as permitted by applicable law.
You may designate an authorized agent to submit requests on your behalf. Authorized agents must provide written authorization from you and may be required to provide proof of their own identity.
7. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by applicable law. The following table outlines our general data retention practices:
| Category of Data | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account plus 3 years after closure | Legal compliance, dispute resolution |
| Order History | 7 years | Tax, accounting, and legal obligations |
| Payment Records | 7 years | Financial record-keeping requirements |
| Marketing Preferences | Until opt-out or 3 years from last interaction | Consent management |
| Usage and Analytics Data | Up to 26 months | Performance analysis and improvement |
| Customer Support Records | 3 years from resolution | Quality assurance and dispute resolution |
| Cookie Data | Varies (see Cookie Policy) | Functionality and analytics |
Following the expiration of applicable retention periods, we will securely delete or anonymize your personal information in accordance with our internal data disposal procedures.
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience on our website, analyze website traffic, and deliver relevant advertising content. Our use of these technologies is described briefly below.
8.1 Types of Cookies We Use
- Strictly Necessary Cookies: These cookies are essential for the operation of our website and enable core functions such as security, order processing, and account management. They cannot be disabled.
- Performance and Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting anonymous data about page visits and navigation patterns. We use services such as Google Analytics for this purpose.
- Functional Cookies: These cookies allow our website to remember your preferences, such as your saved delivery address or language settings, to provide you with a more personalized experience.
- Marketing and Advertising Cookies: These cookies are used to deliver targeted advertisements based on your interests and browsing behavior. They may be set by us or by third-party advertising partners.
8.2 Managing Your Cookie Preferences
You can manage your cookie preferences through your browser settings, which allow you to block or delete cookies. Please note that disabling certain cookies may affect the functionality of our website. Most browsers also offer "Do Not Track" (DNT) settings, and we respect DNT signals to the extent required by applicable law.
For comprehensive information about our use of cookies, including a full list of cookies we use and instructions on how to manage them, please refer to our Cookie Policy available on our website at chopt-newhot.click.
9. Children's Privacy
Our website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from individuals under the age of 18.
In compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable laws, we do not intentionally market to or solicit information from children. If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon receiving such a notification and verifying the information, we will take prompt steps to delete the child's personal information from our systems.
If we discover that we have inadvertently collected personal information from a child under 18, we will delete that information as quickly as possible. We encourage parents and guardians to monitor their children's online activities and to educate them about safe internet use.
10. International Data Transfers
Chopt operates primarily within the United States. However, some of our third-party service providers, including cloud hosting providers, analytics platforms, and email marketing services, may process or store data on servers located outside the United States.
If your personal information is transferred to, stored in, or processed in a country outside the United States, we take steps to ensure that adequate protections are in place to safeguard your information. These protections may include:
- Standard contractual clauses or data processing agreements with international service providers
- Selecting providers who are certified under applicable international data transfer frameworks
- Implementing technical and organizational measures to ensure the security of transferred data
By using our services, you acknowledge and consent to the potential transfer of your personal information to countries outside your country of residence, where data protection laws may differ from those in your jurisdiction. We will always ensure that any international data transfers comply with applicable U.S. law and that your information remains protected to the standards described in this Privacy Policy.
11. Third-Party Websites and Links
Our website may contain links to third-party websites, social media platforms, or other online services that are not operated by Chopt. This Privacy Policy applies only to our website and services at chopt-newhot.click. We are not responsible for the privacy practices of third-party websites and encourage you to review the privacy policies of any external websites you visit.
Third-party integrations we may use include social media sharing buttons (such as Facebook, Instagram, or Twitter), third-party payment gateways, and online food delivery aggregator platforms. Each of these third parties has its own privacy policy, which governs how they collect and use your information.
12. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or technological developments. When we make material changes to this policy, we will:
- Update the "Last Updated" date at the top of this Privacy Policy
- Post a prominent notice on our website informing visitors of the change
- Send an email notification to registered account holders where required by law
We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website and services after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms.
If we make changes that materially reduce your rights or significantly change how we use your personal information, we will provide you with a more prominent notice and, where required by law, seek your renewed consent before applying such changes to your personal data.
13. Filing a Privacy Complaint
If you believe that we have not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to contact us first so that we can attempt to resolve your concern directly.
To file a privacy complaint with Chopt, please contact us at:
- Email: [email protected]
We will acknowledge receipt of your complaint within 10 business days and will work to provide a substantive response within 30 days of receipt, unless the complexity of the issue requires additional time, in which case we will keep you informed of our progress.
13.1 Filing a Complaint with Regulatory Authorities
If you are not satisfied with our response or believe that we are processing your personal information in violation of applicable law, you have the right to file a complaint with the appropriate regulatory authority:
- Federal Trade Commission (FTC): For complaints related to unfair or deceptive trade practices, you may contact the FTC at ftc.gov/contact or by calling 1-877-FTC-HELP (1-877-382-4357).
- California Attorney General (California Residents): California residents may submit privacy complaints to the California Attorney General's Office at oag.ca.gov/privacy.
- California Privacy Protection Agency (CPPA): California residents may also file complaints with the CPPA, the state agency responsible for enforcing CCPA/CPRA, at cppa.ca.gov.
- State Attorney General Offices: Residents of other U.S. states may file complaints with their respective State Attorney General's office regarding violations of state consumer protection or privacy laws.
14. Legal Basis and Applicable Law
This Privacy Policy is governed by the laws of the United States, including but not limited to:
- Federal Trade Commission Act (15 U.S.C. § 45): Prohibiting unfair or deceptive practices in commerce, including with respect to privacy and data security.
- California Consumer Privacy Act (Cal. Civ. Code § 1798.100 et seq.) as amended by the California Privacy Rights Act (CPRA): Providing California residents with specific rights regarding their personal information.
- Children's Online Privacy Protection Act (COPPA) (15 U.S.C. § 6501 et seq.): Governing the online collection of information from children under the age of 13.
- CAN-SPAM Act (15 U.S.C. § 7701 et seq.): Governing commercial email practices.
- Applicable State Data Breach Notification Laws: State laws requiring notification to affected individuals in the event of a security breach.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal information, please do not hesitate to contact our privacy team using the details below. We are committed to responding to all legitimate privacy inquiries in a timely and thorough manner.
Privacy Inquiries — Chopt
| Company: | Chopt |
|---|---|
| Email: | [email protected] |
| Website: | chopt-newhot.click |
Effective Date: This Privacy Policy is effective as of July 8, 2026. We encourage you to review this policy periodically for any updates. Thank you for trusting Chopt with your personal information. Your privacy is important to us, and we are dedicated to protecting it with the highest standards of care and transparency.