PRIVACY POLICY

Privacy Policy Highlights

TIM HORTONS® Privacy Policy describes the information we collect and how it is used and shared. This policy applies to any information collected about you by Tim Hortons when you do any of the following (collectively, the “Services”): (i) visit a Tim Hortons store, or (ii) use the website, mobile or tablet application, digital in-restaurant kiosk, or other online service. By using this Site, you agree to the collection and use of information in accordance with this policy.

Information Collection and Use

When you make a purchase on one of our store or via our app or website, we collect various types of information about our users in connection with the Services, including:
  1. Information you provide to us;
  2. Information we collect about your use of our Services;
  3. Information about your use of the Services; and
  4. Information we obtain from third-party sources.
We also may collect information in ways that we describe to you at the point of collection or otherwise with your consent.
When you purchase an item online via our website or our app or our Services, the information we collect about you may be broadly classified in following categories:
  1. Personal Information: Your name, Age, Sex, date of birth, full postal and/or separate billing address, mobile number, e-mail address, ordered and returned/cancelled products, delivery information, invoice information, locations or any other personal information provided in responses to surveys or questionnaires.
  2. Financial information: payment instrument information, transactions, transaction history, preferences, method, mode and manner of payment, spending pattern or trends, and other similar data. The payment instrument information is processed solely by our payment service provider and by the providers of the payment instruments subject to strict information security assurances.
  3. Technical information: website, device and mobile app usage, Internet Protocol (IP) address and similar information collected via automated means, such as cookies, pixels and similar technologies.
  4. General Information: reviews, feedback and opinions about our products, programmes and services. We collect data on your usage vouchers and/or gift cards.
When online ordering is activated via Tim Hortons India Application, you will have to create a personal account on the said Application. We will ask you to consent to receiving newsletters marketing or offer related communication and other (electronic) communications via post, e-mail and/or SMS/WhatsApp and other media.

When you visit our website or use our app:

When you visit one of our websites or use our app we will drop cookies, pixels and other digital tools with similar functionality on your device that enable us to monitor your behaviour. These cookies channel back data to our data analytics tools. Cookies are small files placed on your device by our website or mobile application when you either visit or use certain features of our website or mobile application. A cookie generally allows a website to remember your actions or preference for a certain period of time. Depending on whether you are visiting our website or use the app, we can trace from which marketing channel you originated (e.g. Google AdWords, e-mail newsletter), what pages you viewed, which products you have added to your cart and which ones you bought. We also receive information on how you use and interact with the site as well as on the amount of time that you spend on it. The server of our website also collects basic information that relates to the request that is made from your browser when you visit the site. This data may include information on your last visit date and time, timestamp of the browser request, your IP address, basic HTTP header information (like referral URL and user agent) and previous URL that was requested by your browser.

When you opt-in to receive our newsletter or promotional communications or click on a link in an e-mail:

We will collect your e-mail address and/or mobile number. In addition, we will retain a history of the e-mail and SMS messages that we sent to you and we will record what you do with these messages.

When you actively communicate with us or our brands on social media:

If you actively communicate with us or our brands on social media, we collect a copy of your communication. In order to do so, we might contract a third party for providing social listening services.

Your personal data will be processed for the following purposes:

  1. To fulfil your orders, this includes answering your queries on the phone, via post, via e-mail or online via chat;
  2. To validate whether your personal data is not associated with fraudulent credit card usage or excessive credit card charge backs;
  3. If you have opted-in and thus agreed to receive these; send direct marketing messages to you and monitor your interaction with these messages;
  4. To provide better service and account maintenance;
  5. To perform social listening. Social listening is performed to enable us to have a general view of the opinion of people about us and our brands and to get an idea of relevant online influencers;
  6. To administer the membership of our loyalty program;
  7. To compose future item collections that meet your requirements and those of other customers;
  8. To improve your user experience i.e. provide clear information, guidance to complete purchase etc;
  9. To service personalized content (e.g. product, size recommendations) across Tim Hortons platforms;
  10. To provide high level of service, so when you contact us we can support you with reference to your interactions with the store;
  11. To enable the technical and functional management of our website and our app (including maintaining information security), for example by identifying parts of the websites that have a low latency;

What processing grounds do we utilize?

We process data based on four processing grounds: (i) the performance of the purchase agreement between you and us for one or more items, (ii) to perform one or more of our legal obligations, (iii) your consent and (iv) our legitimate interest. These processing grounds may be combined whenever appropriate. When we request your consent, you may withdraw it at any time. The legitimate interests that we pursue is our interest to sell more items to you and make sure that these items are to your liking. For instance, when we validate whether your personal data is not associated with fraudulent credit card use or excessive credit card charge backs, this is because we want to avoid delivering an item to you without receiving the purchase price in return. Also social listening is performed to enable us to have a general view of the opinion of people about us and our brands and to get an idea of relevant online influencers.
If you fail to provide the obligatory data we request from you in the context of a purchase, the consequence of such failure is that the purchase cannot be completed.

Who has access to your personal data?

Your personal data can be accessed by our employees to the extent that this access is required to enable them to perform their work for us. In addition, your personal data can be accessed by our external service providers, including our parent company Tim Hortons or AG Café International Management Ltd or Parties which provide us with IT services, hosting services, digital advertising services and other services we need to be able to run our business. All third parties that we work with, that have access to your personal date, are subject to data processing agreement(s) that guarantee(s) that this data is exclusively processed for the purposes listed above.
If specifically required, by applicable law we may provide your personal data to regulatory authorities, police, justice department, fiscal authorities and other authorities assigned with investigative powers pursuant to applicable law.

How long do we retain your personal data?

We retain your personal data for the period that you actively interact with us. You are no longer considered to be actively interacting with us if, for a consecutive period of two (2) years, you have not purchased an item from us or have not visited one of our website(s) or used our app. After this two (2) year period we will only retain specific data that needs to be retained pursuant to a legal obligation of ours, resolving disputes, enforcing our agreements and as long as processing and retaining your Data is necessary for our legitimate interests. Because these needs can vary for different data types and purposes, actual retention periods can vary significantly. Even if we delete your Data, including on account of exercise of your rights below, it may persist on backup or archival media for audit, legal, tax or regulatory purposes.
In case you’ve opted-in to receive direct marketing communications from us, the data that we need to send you these communications will continued to be used (processed) by us until you opt-out from receiving them.
If you have an account, you can always request that we delete the account and its contents. You can do so by sending an e-mail to the e-mail address listed below.

Your rights

You have the right to access your personal data that we collect and process and may request from us that we rectify or erase personal data or restrict the processing of your personal data or object to the processing. If you wish to opt-out from receiving direct marketing communications you can click the opt-out link in the respective message or indicate your opt-out in your account settings.

Security

We implement a variety of security measures to maintain the safety of your personal information. The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage, is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security. If you suspect any misuse or loss or unauthorised access to your Data, please let us know immediately by contacting us by e-mail listed below.

Changes To This Privacy Policy

By using our site, you consent to our privacy policy. We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page. We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information.

Severability

If any court or competent authority finds that any provision of this Privacy Policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Policy will not be affected.

Contact Us

If you have any questions or concerns about the privacy-policy or its implementation please contact us via e-mail or at the following address:
Address: 907, B Wing, 9th Floor, Mittal Commercial, Off. Andheri-Kurla Road, Andheri (East), Mumbai – 400 059
e-mail id: telltims@timhortonsindia.com

For any queries or feedback,
Please send us an email on

telltims@timhortonsindia.com