Privacy Policy
Old Homestead Steakhouse (“we,” “our,” or “us”) is committed to protecting the privacy, confidentiality, and security of personal data entrusted to us by our users, in accordance with applicable data protection laws and our core values of transparency and user trust. We respect the privacy rights of our visitors and customers and are dedicated to safeguarding personal information collected through our website, oldhomesteadsteakhouse.com (“Site”), and associated services.
This Privacy Policy describes how we collect, process, use, and share your personal data and outlines your rights in relation to that information under applicable laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data collected through oldhomesteadsteakhouse.com and any related digital platforms or communications referencing this policy. Old Homestead Steakhouse is the “data controller” for purposes of the GDPR, and the “business” under CCPA definitions, meaning we determine the purpose and means of processing your personal data.
2. Categories of Data Processed
We only collect and process the minimum necessary personal data to provide our services, maintain our online presence, and improve customer experience. This includes the following categories:
a. Usage Data:
This includes data about how you interact with the Site, such as IP address, browser type and version, pages visited, referring sources, session time stamps, and navigation patterns.
b. Account Data:
When you register, make a reservation, or create an account, we may collect your name, mailing address, email address, and phone number.
c. Profile Data:
This includes information tied to your preferences, historical purchases, loyalty or rewards information, browsing behavior on our Site, and menu or service choices you’ve indicated.
d. Communication Data:
We maintain a record of communications sent to or received from you, including support inquiries, contact form submissions, customer service interactions, and messages sent to [email protected].
e. Technical Data:
Collected through automated means, this includes device identifiers, operating system details, screen resolution, language settings, time zones, and browser plug-in versions.
f. Transaction Data:
If you make purchases or reservations via our Site, we collect information related to payments (processed securely via third-party providers), delivery arrangements, billing details, and confirmations.
g. Preference Data:
This includes your communication preferences, marketing consents, and product or service interests indicated through your interactions with the Site or direct communications.
3. Legal Bases for Processing
We rely on the following lawful bases to process your personal data, depending on the nature of your interaction with the Site and services:
– Consent: When you affirmatively grant permission (e.g., for electronic marketing).
– Contractual necessity: To fulfill orders or reservations or provide requested services.
– Legal obligation: To comply with applicable statutes and regulations.
– Legitimate interests: For operational activities such as data analytics, site optimization, fraud detection, service improvement, and ensuring network and information security, provided such interests are not overridden by your rights.
4. Your Rights
Depending on your location, particularly if you are a resident of the European Economic Area or California, you are granted specific privacy rights, subject to legal conditions. These include:
– Right of Access: Obtain confirmation over whether we process your data and request a copy of your personal information.
– Right to Rectification: Correct any inaccurate or incomplete personal data.
– Right to Erasure: Request the deletion of your data, subject to legal or contractual retention obligations.
– Right to Restriction: Request a limitation on the processing of your data in certain scenarios.
– Right to Data Portability: Receive your data in a structured, machine-readable format and request its transmission to another controller.
California residents additionally have the right to:
– Know what personal information is collected, shared, or sold.
– Opt-out of the sale of their personal information.
– Not be discriminated against for exercising any data rights.
To exercise any of your rights, please contact us at [email protected]. We may require verification to process your request.
5. Security Measures
We employ appropriate technical and organizational controls to protect your personal data against accidental or unlawful access, alteration, disclosure, or destruction. These include:
– End-to-end encryption of sensitive data.
– Role-based access controls and authentication mechanisms.
– Regular security audits and monitoring.
– Secure backup procedures.
– Staff training in data protection protocols and awareness.
6. International Transfers
Your personal data may be transferred to, stored, and processed in countries outside of your residence, including the United States. Whenever such transfers occur, we ensure a comparable level of data protection by implementing:
– Standard Contractual Clauses approved by the European Commission.
– Additional safeguards such as encryption and strict access limits.
– Verification of adequate protection frameworks for receiving jurisdictions.
7. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, subject to applicable laws and legitimate operational needs:
– Account and Profile Data: Retained for the duration of the customer relationship, and up to 7 years thereafter for auditing and legal compliance.
– Transaction and Communication Data: Stored for at least 7 years for legal and financial auditing.
– Technical and Usage Data: Retained for up to 24 months to support usage analytics, system optimization, and diagnostics.
– Marketing Preferences: Retained until a valid opt-out is exercised.
8. Cookies and Tracking Technologies
We use cookies and related technologies to deliver essential website functionality and enhance the user experience. These are categorized as follows:
– Essential Cookies: Required for core functionality such as navigation, authentication, and secure access to forms or bookings.
– Functional Cookies: Improve functionality by remembering preferences and enhancing personalization.
– Analytics Cookies: Help us understand how visitors interact with our Site (e.g., Google Analytics), providing insights for improvement.
– Performance Cookies: Monitor response times and usage patterns to optimize performance.
These technologies may collect unique identifiers, IP addresses, browser specifications, and interaction timestamps.
9. Cookie Management and Compliance
Upon visiting our Site, you will be presented with a cookie banner to manage your preferences. You may accept all, decline non-essential cookies, or adjust settings through your browser or our cookie preference center.
Under GDPR and CCPA, you have the right to:
– Know which cookies are used and for what purpose.
– Provide informed consent where required.
– Revoke cookie consent at any time.
To update your cookie preferences, access our cookie settings interface available on oldhomesteadsteakhouse.com.
10. Children’s Privacy
We do not knowingly collect or process the personal data of children under the age of 13. If you believe a minor has submitted personal data, please contact us immediately at [email protected], and we will promptly take appropriate action to delete the data.
11. Policy Updates
We reserve the right to update this Privacy Policy periodically as our practices evolve or legal requirements change. Material updates will be communicated through the Site or via direct notice where applicable. Continued use of our services after revisions constitutes acknowledgment of the updated terms.
12. Contact Us
If you have any questions about this Privacy Policy, your rights, or how we process your personal data, please contact our privacy team at:
Email: [email protected]
Mailing Address:
Old Homestead Steakhouse
[Insert Full Mailing Address, if needed for regulatory purposes]
We are committed to maintaining transparency, accountability, and compliance across all aspects of our data protection practices. You may reach out to us at any time with questions or concerns regarding your privacy.