+1 604-423-4840 [email protected]
3593 Main St, Vancouver, BC V5V 3N4, Canada

Privacy Policy

Your privacy is important to us. Learn how we protect and handle your personal information at Bubbakoo's Burritos.

Last Updated: January 15, 2025

1. Introduction

At Bubbakoo's Burritos, we are committed to protecting your privacy and ensuring the security of your personal information. This comprehensive Privacy Policy explains how we collect, use, process, store, and protect your personal data when you use our services, visit our website, order food, or interact with us in any way.

This policy applies to all services provided by Bubbakoo's Burritos, including our website at bubbakoos-burritos.rest, mobile applications, online ordering system, delivery services, catering services, loyalty programs, and any other digital or offline interactions with our company.

By using our services, creating an account, placing an order, or providing us with your personal information, you agree to the collection and use of information in accordance with this Privacy Policy. We want to be clear: we never sell your personal data to third parties for monetary compensation.

If you do not agree with our privacy practices as described in this policy, please do not use our services or provide us with your personal information.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide to us when you:

  • Personal Identification Information: Name, email address, phone number, postal address, date of birth
  • Account Information: Username, password, purchase history, order preferences, payment methods
  • Order Information: Food selections, customizations, delivery instructions, special requests
  • Dietary Information: Allergen preferences, dietary restrictions (vegan, vegetarian, halal, kosher, gluten-free), food intolerances
  • Payment Information: Credit/debit card details, billing address (processed securely and not stored on our servers)
  • Communication Data: Contact form submissions, customer service interactions, reviews, feedback, survey responses
  • Marketing Preferences: Communication preferences, subscription settings, promotional interests
  • Reservation Information: Table booking details, party size, special occasion notes
  • Catering Details: Event information, guest count, menu preferences, delivery locations
  • Loyalty Program Data: Rewards points, redemption history, tier status, favorite locations

2.2 Information We Collect Automatically

When you use our services, we automatically collect certain information:

  • Device Information: IP address, browser type, operating system, device identifiers, mobile carrier
  • Usage Data: Pages visited, time spent on pages, click-through rates, search queries, referral sources
  • Location Data: Approximate location based on IP address, GPS location (with permission) for delivery services
  • Cookie Data: Session IDs, user preferences, site functionality settings, analytics data
  • Transaction History: Order details, payment methods used, delivery addresses, timing of orders
  • Website Analytics: Page views, bounce rates, session duration, conversion tracking

2.3 Information from Third Parties

We may receive information about you from third-party sources:

  • Social Media Platforms: Profile information when you connect your social media accounts
  • Payment Processors: Transaction confirmations and fraud prevention data
  • Delivery Partners: Delivery confirmations and customer feedback
  • Marketing Partners: Campaign performance data and audience insights
  • Review Platforms: Public reviews and ratings you post about our services

3. How We Use Your Information

3.1 Service Provision

  • Order Processing: Fulfilling your food orders, processing payments, coordinating delivery or pickup
  • Account Management: Creating and maintaining your account, authentication, password resets
  • Customer Support: Responding to inquiries, resolving issues, providing assistance
  • Service Improvement: Analyzing usage patterns to enhance our services, menu offerings, and customer experience
  • Food Safety: Maintaining records for allergen management and dietary requirement fulfillment

3.2 Communication

  • Transactional Messages: Order confirmations, delivery updates, receipt notifications
  • Customer Service: Responding to your questions, complaints, or feedback
  • Important Notices: Service updates, policy changes, security alerts
  • Marketing Communications: Promotional emails, special offers, new menu items (only with your consent)

3.3 Marketing and Analytics

  • Personalization: Customizing menu recommendations based on your preferences and order history
  • Targeted Advertising: Showing relevant ads on our website and third-party platforms
  • Analytics: Understanding customer behavior, measuring website performance, optimizing user experience
  • Market Research: Developing new products and services based on customer insights

3.4 Legal Compliance and Safety

  • Legal Requirements: Complying with applicable laws, regulations, and government requests
  • Fraud Prevention: Detecting and preventing fraudulent transactions and activities
  • Safety Protection: Protecting the rights, property, and safety of our customers, employees, and business
  • Dispute Resolution: Resolving conflicts and enforcing our terms of service

4. Information Sharing and Disclosure

4.1 Service Providers and Business Partners

We share your information with trusted third-party service providers who help us operate our business:

  • Payment Processors: Secure processing of credit card transactions (Stripe, PayPal, Square)
  • Delivery Services: Third-party delivery companies to fulfill your orders
  • Cloud Storage Providers: Secure data storage and backup services (AWS, Google Cloud)
  • Email Services: Marketing automation and transactional email platforms
  • Analytics Tools: Website and app performance monitoring services
  • Customer Support: Help desk and live chat service providers

4.2 Legal Requirements and Public Safety

We may disclose your information when required by law or to protect public safety:

  • Legal Process: Court orders, subpoenas, warrants, and other legal demands
  • Government Agencies: Regulatory compliance and law enforcement cooperation
  • Emergency Situations: Protecting life, health, and safety in urgent circumstances
  • Rights Protection: Defending our legal rights and enforcing our terms of service

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Customer information may be transferred to the new business entity
  • We will notify you before your information is transferred
  • The new entity will be required to honor this privacy policy
  • You will have the option to request deletion of your data before transfer

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

  • Participating in joint marketing campaigns with partner restaurants
  • Sharing testimonials or reviews (with your permission)
  • Third-party integrations you specifically authorize

5. Data Security

5.1 Technical Security Measures

We implement comprehensive technical safeguards to protect your personal information:

  • Encryption: SSL/TLS encryption for all data transmission and AES-256 encryption for stored data
  • Firewalls: Advanced firewall systems to prevent unauthorized network access
  • Access Controls: Role-based access restrictions ensuring only authorized personnel can access personal data
  • Monitoring: 24/7 security monitoring and intrusion detection systems
  • Backups: Regular encrypted backups stored in secure, geographically distributed locations
  • Updates: Regular security patches and system updates to maintain protection

5.2 Organizational Security Measures

  • Employee Training: Regular privacy and security training for all staff members
  • Confidentiality Agreements: All employees and contractors sign strict confidentiality agreements
  • Data Handling Procedures: Documented procedures for secure personal data processing
  • Incident Response Plan: Established protocols for responding to potential security breaches
  • Third-Party Audits: Regular security assessments by independent security firms
  • Vendor Management: Due diligence and security requirements for all service providers

5.3 Your Security Responsibilities

You also play an important role in keeping your information secure:

  • Strong Passwords: Use unique, complex passwords for your account
  • Account Security: Never share your login credentials with others
  • Public Computers: Always log out when using shared or public devices
  • Phishing Awareness: Be cautious of suspicious emails or links claiming to be from us
  • Report Issues: Contact us immediately if you suspect unauthorized access to your account

5.4 Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

  • Notify you within 72 hours of discovering the breach
  • Inform relevant regulatory authorities as required by law
  • Provide clear information about what data was affected
  • Explain the steps we're taking to address the breach
  • Offer guidance on how you can protect yourself

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience and analyze our services:

Cookie Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart, security Session (until browser closes)
Functional Cookies User preferences, language settings, location preferences Up to 1 year
Analytics Cookies Usage analysis, performance monitoring, site improvement Up to 2 years
Marketing Cookies Personalized advertising, campaign measurement, retargeting Up to 1 year

Other Tracking Technologies We Use:

  • Google Analytics: Website traffic analysis and user behavior tracking
  • Facebook Pixel: Ad performance measurement and custom audience creation
  • Email Tracking: Web beacons to monitor email open rates and engagement
  • Local Storage: Browser storage for user preferences and application data
  • Server Logs: Technical logs for security and performance monitoring

Managing Your Cookie Preferences

You can control cookies through:

  • Browser Settings: Most browsers allow you to accept, reject, or delete cookies
  • Our Cookie Consent Tool: Customize your preferences through our cookie banner
  • Opt-Out Tools: Use industry opt-out tools for advertising cookies
  • Account Settings: Adjust marketing preferences in your account dashboard

Note: Disabling certain cookies may affect website functionality and your user experience.

7. Your Privacy Rights

You have several rights regarding your personal information, including:

7.1 Right of Access

You have the right to know what personal information we collect and how we use it. You can request a copy of all personal data we hold about you.

7.2 Right to Rectification

You can request correction of any inaccurate or incomplete personal information we have about you.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information, subject to certain legal limitations and business requirements.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information in certain circumstances.

7.5 Right to Data Portability

You can request to receive your personal information in a structured, commonly used, and machine-readable format.

7.6 Right to Object

You can object to our processing of your personal information, particularly for direct marketing purposes.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affect you.

How to Exercise Your Rights

To exercise any of these rights:

  • Email us at [email protected]
  • Call us at +1 604-423-4840
  • Use the contact form on our website
  • Mail us at 3593 Main St, Vancouver, BC V5V 3N4, Canada

We will respond to your request within 30 days and may require identity verification for security purposes.

8. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 without parental consent.

If we discover that we have inadvertently collected personal information from a child under 16, we will:

  • Delete the information as quickly as possible
  • Not use the information for any purpose
  • Not disclose the information to third parties
  • Take steps to prevent future unauthorized collection

If you are a parent or guardian and believe your child under 16 has provided us with personal information, please contact us immediately at [email protected] so we can take appropriate action.

Parents and guardians have the right to review, delete, or refuse further collection of their child's personal information.

9. International Data Transfers

9.1 Protection Measures for International Transfers

When we transfer your personal information internationally, we ensure adequate protection through:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws (EU-Japan adequacy decisions)
  • Standard Contractual Clauses: EU-approved contractual protections for data transfers
  • Data Processing Agreements: Comprehensive agreements with international service providers
  • Security Measures: Technical and organizational safeguards during transfer and storage
  • Regular Audits: Ongoing compliance monitoring and assessment

9.2 Transfer Destinations

Your personal information may be transferred to and processed in:

  • United States: Cloud storage and data analytics services
  • European Union: Customer support and marketing automation
  • Other Countries: As needed for business operations, always with appropriate safeguards

We regularly review and update our international transfer mechanisms to ensure continued compliance with applicable data protection laws.

10. Data Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy:

Information Type Retention Period Reason for Retention
Account Information 6 months after account deletion Legal obligations, dispute resolution
Purchase History 7 years Tax and accounting requirements
Marketing Consent 3 months after withdrawal Consent record keeping
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement
Payment Information Not stored (processed only) Security best practices
Dietary Preferences While account is active Food safety and service provision
Delivery Addresses Until removed by user Convenience and order fulfillment

Safe Data Disposal

When data retention periods expire, we securely dispose of personal information through:

  • Electronic Deletion: Complete and unrecoverable deletion from all systems
  • Physical Destruction: Secure shredding of any physical documents
  • Backup Removal: Deletion from all backup systems and archives
  • Documentation: Maintaining records of disposal for compliance purposes

11. Third-Party Links and Services

Our website and services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to these external sites or services.

Important: We are not responsible for the privacy practices or content of third-party websites or services. When you click on external links or use third-party services, you are subject to their privacy policies and terms of use.

We recommend that you:

  • Review the privacy policies of any third-party websites you visit
  • Understand what information they collect and how they use it
  • Make informed decisions about sharing your personal information
  • Be cautious when providing personal information to external sites

Third-party services we may link to include social media platforms, review sites, payment processors, and delivery tracking systems. Each of these services has its own privacy practices.

12. Changes to This Privacy Policy

12.1 How We Notify You of Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make changes, we will notify you through:

  • Website Notice: Prominent notification on our homepage and relevant pages
  • Email Notification: Direct email to all registered users about significant changes
  • Account Dashboard: In-app or account notifications about policy updates
  • Pop-up Notification: Browser notification when you next visit our website

12.2 Significant Changes

For material changes that significantly affect your privacy rights, we will:

  • Provide at least 30 days' advance notice
  • Clearly explain what has changed
  • Request your explicit consent where required by law
  • Offer options to opt-out if you disagree with changes

12.3 Staying Informed

To stay informed about privacy policy changes:

  • Check the "Last Updated" date at the top of this policy
  • Review this policy periodically
  • Enable notifications in your account settings
  • Contact us if you have questions about changes

Continued Use: Your continued use of our services after policy changes indicates acceptance of the updated terms. If you do not agree with changes, you have the right to stop using our services and request deletion of your personal information.

13. Contact Information

Get in Touch

If you have any questions about this Privacy Policy, our data practices, or want to exercise your privacy rights, please contact us:

Company: Bubbakoo's Burritos

Address: 3593 Main St, Vancouver, BC V5V 3N4, Canada

Phone: +1 604-423-4840

Email: [email protected]

Business Hours:

  • Monday - Friday: 9:00 AM - 6:00 PM PST
  • Saturday: 10:00 AM - 4:00 PM PST
  • Sunday: Closed

Response Time: We are committed to responding to all privacy inquiries within 3 business days.

13.1 Filing Complaints

We take privacy concerns seriously and encourage you to contact us first if you have any issues. However, if you are not satisfied with our response, you may contact the appropriate supervisory authority:

  • Canada: Office of the Privacy Commissioner of Canada (priv.gc.ca)
  • EU Residents: Your local Data Protection Authority
  • US Residents: Federal Trade Commission (ftc.gov)

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

  • Unsubscribe Links: Click the unsubscribe link in any marketing email
  • Account Settings: Update your communication preferences in your account dashboard
  • Customer Support: Contact our support team to opt-out
  • Phone: Call us at +1 604-423-4840 to update preferences

Note: Withdrawing marketing consent will not affect transactional communications necessary for service provision (order confirmations, delivery updates, etc.).

14.2 Account Deletion Process

To delete your account and associated personal information:

  • Log in to your account and go to "Account Settings"
  • Select "Delete Account" and follow the confirmation process
  • Or contact customer support for assistance with account deletion
  • We will confirm deletion within 5 business days

Important: Some information may be retained for legal compliance, dispute resolution, or fraud prevention as outlined in our retention policy.

15. Conclusion

At Bubbakoo's Burritos, protecting your privacy is not just a legal obligation—it's fundamental to the trust relationship we build with every customer. We are committed to being transparent about our data practices and continuously improving our privacy protections.

This Privacy Policy reflects our ongoing commitment to:

  • Respecting your privacy rights and preferences
  • Using your information responsibly and only for stated purposes
  • Implementing strong security measures to protect your data
  • Being transparent about our data collection and use practices
  • Complying with applicable privacy laws and regulations

We understand that trust must be earned and maintained through consistent actions. If you ever have concerns about your privacy or how we handle your personal information, we encourage you to reach out to us directly.

Thank you for choosing Bubbakoo's Burritos and for trusting us with your personal information. We're committed to serving you delicious food while keeping your data safe and secure.

Remember to check the "Last Updated" date at the top of this policy periodically to stay informed of any changes.