Privacy Policy Highlights
TIM HORTONS® Privacy Policy describes the information we collect and
how it is used and shared. This policy applies to any information
collected about you by Tim Hortons when you do any of the following
(collectively, the “Services”): (i) visit a Tim Hortons store, or
(ii) use the website, mobile or tablet application, digital
in-restaurant kiosk, or other online service. By using this Site,
you agree to the collection and use of information in accordance
with this policy.
Information Collection and Use
When you make a purchase on one of our store or via our app or
website, we collect various types of information about our users in
connection with the Services, including:
- Information you provide to us;
- Information we collect about your use of our Services;
- Information about your use of the Services; and
- Information we obtain from third-party sources.
We also may collect information in ways that we describe to you at
the point of collection or otherwise with your consent.
When you purchase an item online via our website or our app or our
Services, the information we collect about you may be broadly
classified in following categories:
-
Personal Information: Your name, Age, Sex, date of birth,
full postal and/or separate billing address, mobile number,
e-mail address, ordered and returned/cancelled products,
delivery information, invoice information, locations or any
other personal information provided in responses to surveys or
questionnaires.
-
Financial information: payment instrument information,
transactions, transaction history, preferences, method, mode and
manner of payment, spending pattern or trends, and other similar
data. The payment instrument information is processed solely by
our payment service provider and by the providers of the payment
instruments subject to strict information security assurances.
-
Technical information: website, device and mobile app
usage, Internet Protocol (IP) address and similar information
collected via automated means, such as cookies, pixels and
similar technologies.
-
General Information: reviews, feedback and opinions about
our products, programmes and services. We collect data on your
usage vouchers and/or gift cards.
When online ordering is activated via Tim Hortons India Application,
you will have to create a personal account on the said Application.
We will ask you to consent to receiving newsletters marketing or
offer related communication and other (electronic) communications
via post, e-mail and/or SMS/WhatsApp and other media.
When you visit our website or use our app:
When you visit one of our websites or use our app we will drop
cookies, pixels and other digital tools with similar functionality
on your device that enable us to monitor your behaviour. These
cookies channel back data to our data analytics tools. Cookies are
small files placed on your device by our website or mobile
application when you either visit or use certain features of our
website or mobile application. A cookie generally allows a website
to remember your actions or preference for a certain period of time.
Depending on whether you are visiting our website or use the app, we
can trace from which marketing channel you originated (e.g. Google
AdWords, e-mail newsletter), what pages you viewed, which products
you have added to your cart and which ones you bought. We also
receive information on how you use and interact with the site as
well as on the amount of time that you spend on it. The server of
our website also collects basic information that relates to the
request that is made from your browser when you visit the site. This
data may include information on your last visit date and time,
timestamp of the browser request, your IP address, basic HTTP header
information (like referral URL and user agent) and previous URL that
was requested by your browser.
When you opt-in to receive our newsletter or promotional
communications or click on a link in an e-mail:
We will collect your e-mail address and/or mobile number. In
addition, we will retain a history of the e-mail and SMS messages
that we sent to you and we will record what you do with these
messages.
When you actively communicate with us or our brands on social media:
If you actively communicate with us or our brands on social media,
we collect a copy of your communication. In order to do so, we might
contract a third party for providing social listening services.
Your personal data will be processed for the following purposes:
-
To fulfil your orders, this includes answering your queries on
the phone, via post, via e-mail or online via chat;
-
To validate whether your personal data is not associated with
fraudulent credit card usage or excessive credit card charge
backs;
-
If you have opted-in and thus agreed to receive these; send
direct marketing messages to you and monitor your interaction
with these messages;
- To provide better service and account maintenance;
-
To perform social listening. Social listening is performed to
enable us to have a general view of the opinion of people about
us and our brands and to get an idea of relevant online
influencers;
- To administer the membership of our loyalty program;
-
To compose future item collections that meet your requirements
and those of other customers;
-
To improve your user experience i.e. provide clear information,
guidance to complete purchase etc;
-
To service personalized content (e.g. product, size
recommendations) across Tim Hortons platforms;
-
To provide high level of service, so when you contact us we can
support you with reference to your interactions with the store;
-
To enable the technical and functional management of our website
and our app (including maintaining information security), for
example by identifying parts of the websites that have a low
latency;
What processing grounds do we utilize?
We process data based on four processing grounds: (i) the
performance of the purchase agreement between you and us for one or
more items, (ii) to perform one or more of our legal obligations,
(iii) your consent and (iv) our legitimate interest. These
processing grounds may be combined whenever appropriate. When we
request your consent, you may withdraw it at any time. The
legitimate interests that we pursue is our interest to sell more
items to you and make sure that these items are to your liking. For
instance, when we validate whether your personal data is not
associated with fraudulent credit card use or excessive credit card
charge backs, this is because we want to avoid delivering an item to
you without receiving the purchase price in return. Also social
listening is performed to enable us to have a general view of the
opinion of people about us and our brands and to get an idea of
relevant online influencers.
If you fail to provide the obligatory data we request from you in
the context of a purchase, the consequence of such failure is that
the purchase cannot be completed.
Who has access to your personal data?
Your personal data can be accessed by our employees to the extent
that this access is required to enable them to perform their work
for us. In addition, your personal data can be accessed by our
external service providers, including our parent company Tim Hortons
or AG Café International Management Ltd or Parties which provide us
with IT services, hosting services, digital advertising services and
other services we need to be able to run our business. All third
parties that we work with, that have access to your personal date,
are subject to data processing agreement(s) that guarantee(s) that
this data is exclusively processed for the purposes listed above.
If specifically required, by applicable law we may provide your
personal data to regulatory authorities, police, justice department,
fiscal authorities and other authorities assigned with investigative
powers pursuant to applicable law.
How long do we retain your personal data?
We retain your personal data for the period that you actively
interact with us. You are no longer considered to be actively
interacting with us if, for a consecutive period of two (2) years,
you have not purchased an item from us or have not visited one of
our website(s) or used our app. After this two (2) year period we
will only retain specific data that needs to be retained pursuant to
a legal obligation of ours, resolving disputes, enforcing our
agreements and as long as processing and retaining your Data is
necessary for our legitimate interests. Because these needs can vary
for different data types and purposes, actual retention periods can
vary significantly. Even if we delete your Data, including on
account of exercise of your rights below, it may persist on backup
or archival media for audit, legal, tax or regulatory purposes.
In case you’ve opted-in to receive direct marketing communications
from us, the data that we need to send you these communications will
continued to be used (processed) by us until you opt-out from
receiving them.
If you have an account, you can always request that we delete the
account and its contents. You can do so by sending an e-mail to the
e-mail address listed below.
Your rights
You have the right to access your personal data that we collect and
process and may request from us that we rectify or erase personal
data or restrict the processing of your personal data or object to
the processing. If you wish to opt-out from receiving direct
marketing communications you can click the opt-out link in the
respective message or indicate your opt-out in your account
settings.
Security
We implement a variety of security measures to maintain the safety
of your personal information. The security of your Personal
Information is important to us, but remember that no method of
transmission over the Internet, or method of electronic storage, is
100% secure. While we strive to use commercially acceptable means to
protect your Personal Information, we cannot guarantee its absolute
security. If you suspect any misuse or loss or unauthorised access
to your Data, please let us know immediately by contacting us by
e-mail listed below.
Changes To This Privacy Policy
By using our site, you consent to our privacy policy. We may update
our Privacy Policy from time to time. We will notify you of any
changes by posting the new Privacy Policy on this page. You are
advised to review this Privacy Policy periodically for any changes.
Changes to this Privacy Policy are effective when they are posted on
this page. We encourage you to review this Privacy Policy frequently
to be informed of how we are protecting your information.
Severability
If any court or competent authority finds that any provision of this
Privacy Policy (or part of any provision) is invalid, illegal or
unenforceable, that provision or part-provision will, to the extent
required, be deemed to be deleted, and the validity and
enforceability of the other provisions of this Privacy Policy will
not be affected.
Contact Us
If you have any questions or concerns about the privacy-policy or
its implementation please contact us via e-mail or at the following
address:
Tim Hortons, 10th Floor, B-Wing, 215 Atrium, Andheri - Kurla Rd,
Hanuman Nagar, Andheri East, Mumbai, Maharashtra 400059
Email id: telltims@timhortonsindia.com