Privacy Policy

Last Updated: January 15, 2026

1. Introduction

At Swiss Chalet, we are committed to protecting your privacy and ensuring the security of your personal information. This comprehensive Privacy Policy explains how we collect, use, share, and protect your information when you use our food delivery services, visit our website at swisschaletzz.com, place orders, or interact with our services in any way.

This policy applies to all interactions you have with Swiss Chalet, including but not limited to ordering food, creating accounts, contacting customer service, participating in loyalty programs, and using our website or mobile applications. By using our services, you agree to the terms outlined in this Privacy Policy.

Important Note: We never sell your personal data to third parties. Your information is used solely to provide you with the best possible food delivery experience and to improve our services.

2. Information We Collect

2.1 Information You Provide Directly

We collect various types of information that you provide to us directly when using our services:

  • Personal Identification Information: Full name, email address, phone number, delivery address, billing address
  • Account Information: Username, password (encrypted), account preferences, order history
  • Payment Information: Credit/debit card details, billing address (stored securely with our payment processors)
  • Food Preferences and Dietary Information: Allergen information, dietary restrictions (vegan, vegetarian, gluten-free, halal, kosher), spice preferences, favorite menu items
  • Special Requirements: Delivery instructions, accessibility needs, contact preferences
  • Communication Data: Messages sent through contact forms, customer service interactions, reviews and feedback
  • Loyalty Program Data: Reward points, membership status, earned benefits, participation in promotional campaigns
  • Catering Information: Event details, guest count, special requests for catering orders
  • Marketing Preferences: Email subscription choices, promotional preferences, communication settings

2.2 Automatically Collected Information

When you visit our website or use our services, we automatically collect certain information:

  • Device Information: IP address, browser type and version, operating system, device type, screen resolution
  • Usage Data: Pages visited, time spent on pages, click patterns, search queries, order completion rates
  • Location Information: Approximate location based on IP address, GPS data (when you enable location services)
  • Cookie Data: Session identifiers, user preferences, shopping cart contents, authentication tokens
  • Performance Data: Page load times, error messages, website functionality metrics

2.3 Information from Third Parties

We may receive information about you from third-party sources:

  • Social Media Platforms: Profile information when you connect your social media accounts
  • Payment Processors: Transaction verification and fraud prevention data
  • Delivery Partners: Delivery status updates and logistics information
  • Marketing Partners: Aggregated demographic and interest data for advertising purposes
  • Public Sources: Information that is publicly available and relevant to our services

3. How We Use Your Information

3.1 Service Provision

We use your information to provide our core food delivery services:

  • Order Processing: Processing food orders, payment verification, order confirmation
  • Delivery Services: Coordinating delivery logistics, tracking orders, communicating with delivery personnel
  • Customer Support: Responding to inquiries, resolving issues, providing assistance
  • Account Management: Creating and maintaining user accounts, authentication, security
  • Quality Improvement: Analyzing service performance, optimizing delivery routes, improving food quality
  • Personalization: Customizing menu recommendations based on dietary preferences and order history

3.2 Communication

We communicate with you for various service-related purposes:

  • Order Communications: Order confirmations, preparation updates, delivery notifications, receipt confirmations
  • Customer Support: Responses to customer service requests, follow-up communications
  • Important Notices: Policy changes, service updates, security alerts, account notifications
  • Marketing Communications: Promotional emails, special offers, new menu announcements (only with your explicit consent)

3.3 Marketing and Analytics

With your consent, we use information for marketing and analytical purposes:

  • Personalized Advertising: Customized promotions, targeted marketing campaigns
  • Website Analytics: Understanding user behavior, optimizing website performance
  • Campaign Effectiveness: Measuring the success of marketing initiatives
  • Market Research: Developing new menu items, improving service offerings

3.4 Legal Compliance

We may use your information to comply with legal obligations:

  • Legal Requests: Responding to court orders, subpoenas, and other legal proceedings
  • Fraud Prevention: Detecting and preventing fraudulent activities, protecting against security threats
  • Rights Protection: Protecting our rights, property, and safety, as well as those of our customers and partners
  • Dispute Resolution: Resolving conflicts and addressing complaints

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who help us deliver our services:

  • Payment Processors: Secure processing of credit card transactions and payment verification
  • Delivery Companies: Coordination of food delivery services and tracking
  • Cloud Storage Providers: Secure storage and backup of customer data
  • Email Service Providers: Sending order confirmations, notifications, and marketing communications
  • Analytics Tools: Understanding website usage patterns and service performance
  • Customer Support Platforms: Managing customer inquiries and support tickets

4.2 Legal Requirements

We may disclose your information when required by law or to protect legitimate interests:

  • Legal Compliance: Court orders, subpoenas, regulatory requests
  • Law Enforcement: Cooperation with police investigations, criminal proceedings
  • Public Safety: Preventing harm to individuals or public safety
  • Emergency Situations: Medical emergencies, immediate threats to safety

4.3 Business Transfers

In the event of business changes, your information may be transferred:

  • Mergers and Acquisitions: Transfer of customer data as part of business assets
  • Asset Sales: Sale of business units or service divisions
  • Customer Notification: Advance notice of any ownership changes
  • Policy Compliance: Ensuring new owners comply with privacy commitments

4.4 With Your Consent

We will share your information with third parties when you provide explicit consent for specific purposes not covered in this policy.

5. Data Security

5.1 Technical Measures

We implement comprehensive technical security measures to protect your data:

  • Encryption: SSL/TLS encryption for all data transmission between your device and our servers
  • Firewall Protection: Advanced firewall systems to prevent unauthorized access
  • Access Controls: Role-based access controls ensuring only authorized personnel can access personal data
  • 24/7 Monitoring: Continuous security monitoring and threat detection systems
  • Regular Backups: Automated data backups stored securely in multiple locations
  • Vulnerability Testing: Regular penetration testing and security assessments

5.2 Organizational Measures

Our organizational security practices include:

  • Employee Training: Regular security awareness training for all staff members
  • Data Handling Procedures: Strict protocols for accessing, processing, and storing personal data
  • Confidentiality Agreements: All employees and third-party partners sign confidentiality agreements
  • Incident Response Plan: Comprehensive procedures for responding to security incidents
  • Security Audits: Regular internal and external security audits and assessments

5.3 Your Security Responsibilities

You can help protect your personal information by following these best practices:

  • Strong Passwords: Use complex passwords and change them regularly
  • Account Security: Never share your login credentials with others
  • Public Computers: Always log out when using shared or public computers
  • Phishing Awareness: Be cautious of suspicious emails or links claiming to be from Swiss Chalet
  • Immediate Reporting: Contact us immediately if you suspect unauthorized access to your account

Security Breach Notification: In the unlikely event of a data breach that affects your personal information, we will promptly notify you and relevant authorities within 72 hours of discovery, as required by law.

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience on our website and services. The following table outlines the types of cookies we use:

Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart contents Session
Functional Cookies User preferences, language settings, delivery area selection Up to 1 year
Analytics Cookies Website usage analysis, performance monitoring, improvement insights Up to 2 years
Marketing Cookies Personalized advertising, campaign tracking, retargeting Up to 1 year

Tracking Technologies We Use

  • Google Analytics: Website traffic analysis and user behavior tracking
  • Facebook Pixel: Advertising effectiveness measurement and retargeting
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Browser-based data storage for enhanced functionality
  • Session Storage: Temporary data storage during your browsing session

Cookie Management

You can control cookies through your browser settings. Most browsers allow you to accept, reject, or delete cookies. Please note that disabling certain cookies may affect the functionality of our website and your user experience. Essential cookies cannot be disabled as they are required for basic website operation.

7. Your Rights (GDPR/CCPA Compliance)

We respect your privacy rights and provide you with comprehensive control over your personal information. Depending on your location, you may have the following rights:

7.1 Right of Access

You have the right to request access to the personal information we hold about you. We will provide you with a copy of your data in a commonly used format.

7.2 Right to Rectification

You can request correction of any inaccurate or incomplete personal information we have about you. We will promptly update your records upon verification.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes it was collected.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information under specific circumstances, such as when you contest the accuracy of the data.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format and transmit it to another service provider.

7.6 Right to Object

You can object to our processing of your personal information, particularly for direct marketing purposes or when processing is based on legitimate interests.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or significantly affect you.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in the Contact section. We will respond to your request within 30 days and may require identity verification to protect your privacy.

8. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect, use, or share personal information from children under 16 without verifiable parental consent.

If we become aware that we have collected personal information from a child under 16 without proper consent, we will take immediate steps to delete that information from our systems.

Parents and guardians who believe their child has provided personal information to us should contact us immediately using the contact information provided below. We will promptly investigate and, if necessary, delete any inappropriate data collection.

9. International Data Transfers

9.1 Protection Measures

When we transfer your personal data internationally, we ensure appropriate protection through:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws as recognized by relevant authorities
  • Standard Contractual Clauses (SCCs): EU-approved contractual terms for international data transfers
  • Data Processing Agreements: Comprehensive agreements with international service providers
  • Security Measures: Enhanced security protocols for cross-border data transmission
  • Regular Compliance Audits: Ongoing monitoring of international partners' data protection practices

9.2 Transfer Destinations

Your data may be transferred to and processed in the following regions:

  • United States: Cloud storage services and payment processing
  • European Union: Data analytics and customer support services
  • Other Countries: As necessary for service provision, always with appropriate safeguards

10. Data Retention Periods

We retain your personal information only as long as necessary to fulfill the purposes outlined in this policy or as required by law. The following table outlines our retention periods:

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Purchase History and Order Data 7 years Tax and accounting requirements
Marketing Consent Records 3 months after consent withdrawal Consent record keeping requirements
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement, dispute resolution
Payment Transaction Data 7 years Financial regulations, fraud prevention
Loyalty Program Data 2 years after program termination Program benefits, audit requirements

Safe Data Disposal

When personal data reaches the end of its retention period, we ensure safe disposal through:

  • Electronic Deletion: Complete and unrecoverable deletion of digital data
  • Physical Destruction: Secure shredding of physical documents
  • Backup Removal: Deletion from all backup systems and archives
  • Disposal Documentation: Maintaining records of data disposal activities

11. Third-Party Links

Our website may contain links to external websites operated by third parties, such as social media platforms, payment providers, or partner restaurants. Please note that:

  • We are not responsible for the privacy practices of third-party websites
  • These external sites have their own privacy policies and terms of service
  • We encourage you to review the privacy policies of any third-party sites before providing personal information
  • Your interactions with third-party sites are at your own risk and discretion
  • We do not control the content or practices of external websites

When you click on third-party links, you leave our website and our privacy policy no longer applies. We recommend exercising caution when sharing personal information on external platforms.

12. Policy Changes

12.1 Change Notification

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes, we will notify you through:

  • Website Notice: Prominent notification on our homepage
  • Email Notification: Direct email to registered users for significant changes
  • Account Dashboard: Pop-up notification when you log in
  • Explicit Consent: Request for renewed consent for material changes

12.2 Staying Informed

To stay informed about policy changes:

  • Check the "Last Updated" date at the top of this policy
  • Review our website regularly for policy updates
  • Ensure your contact information is current to receive notifications
  • Continued use of our services after changes indicates acceptance
  • Contact us if you disagree with changes - you can discontinue using our services

13. Contact Information

Contact Us About Privacy

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Swiss Chalet

1 Benvenuto Pl, Toronto, ON M4V 2L1, Canada

+1 416-961-6240

[email protected]

Business Hours: Monday - Friday, 9:00 AM - 6:00 PM EST

Response Commitment: We will respond to all privacy-related inquiries within 3 business days.

13.1 Privacy Complaints

If you are not satisfied with our response to your privacy concern, you may file a complaint with the appropriate supervisory authority in your jurisdiction:

  • Canada: Office of the Privacy Commissioner of Canada
  • European Union: Your local Data Protection Authority
  • California, USA: California Attorney General's Office

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

  • Unsubscribe Links: Click the unsubscribe link in any marketing email
  • Account Settings: Update your communication preferences in your account dashboard
  • Customer Support: Contact our support team for assistance
  • Phone: Call us at +1 416-961-6240 to opt out

14.2 Account Deletion Process

To delete your account and associated data:

  1. Log in to your account and go to Account Settings
  2. Select "Delete Account" and confirm your identity
  3. Review what data will be deleted and what may be retained for legal compliance
  4. Confirm deletion - this action cannot be undone
  5. Receive confirmation email within 24 hours

Note: Some information may be retained as required by law for tax, accounting, or fraud prevention purposes, even after account deletion.

15. Conclusion

At Swiss Chalet, protecting your privacy is not just a legal obligation—it's fundamental to maintaining the trust you place in us when choosing our food delivery services. We are committed to transparency in our data practices and to providing you with meaningful control over your personal information.

The trust relationship between Swiss Chalet and our customers is built on respect for privacy, security of personal data, and commitment to service excellence. We continuously review and improve our privacy practices to ensure they meet the highest standards and reflect the latest privacy regulations and best practices.

We invite you to contact us with any questions, suggestions, or concerns about your privacy or this policy. Your feedback helps us improve our services and privacy practices.

Thank you for choosing Swiss Chalet for your food delivery needs and for trusting us with your personal information. We look forward to serving you delicious meals while keeping your data secure.

Remember: This Privacy Policy was last updated on January 15, 2026. Please check this page regularly for any updates or changes.