Qianwei Privacy Policy

QIANWEI RESTAURANT CHAIN PRIVACY POLICY

Qianwei(千味) Chinese Restaurant Chain (the "Company," "we," "us," or "our") operates a food ordering and delivery mobile application (the "App") and related services that connect customers with our restaurant locations. We are committed to protecting your privacy and ensuring transparency about how we collect, use, store, and share your personal information. This Privacy Policy applies to our mobile application, website, ordering services, delivery services, and all related restaurant chain operations (collectively, the "Services").

Important Notice: This Privacy Policy details our practices regarding your personal information. We encourage you to read it carefully to understand your rights and how we handle your data.

By using our App, ordering food, creating an account, or interacting with our Services in any way, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

I. SCOPE AND APPLICATION

This Privacy Policy applies to all personal information collected through or in connection with:

Our Mobile Application: The Qianwei food ordering app available on iOS and Android platforms.
Our Website Services: Our online ordering platform and official restaurant information websites.
Restaurant Operations: In-store dining, takeout, and delivery services across all Qianwei locations.
Customer Service: Interactions via phone, chat, and in-app support channels.
Marketing Communications: Newsletters, promotional offers, and targeted advertising (where you have consented).
Third-Party Integrations: Social media logins (e.g., Facebook, Google), payment processors, and delivery partners, where personal information is shared with us or by us as described in this policy.
Loyalty Programs: Our rewards, points, and membership benefits systems.

II. INFORMATION WE COLLECT

As a restaurant chain operating a food ordering platform, we collect various types of information to provide and improve our Services effectively:

Personal Identification Information

We collect personal information that directly identifies you or can be used to identify you, including:

Account Information: Full name, phone number, date of birth.
Authentication Data: Username, encrypted password, security questions and answers (if applicable).
Contact Details: Mailing address, billing address, emergency contact information (if provided).
Profile Information: Profile photo (optional), preferred name, language preferences.
Identification Documents: In limited circumstances, such as for age verification for alcohol orders where legally required, we may request government-issued ID.

Food Ordering and Delivery Information

Specific to our restaurant operations, we collect:

Order History: Complete records of all food orders, including items, quantities, prices, modifications, and timestamps.
Delivery Addresses: Current and saved delivery locations, including residential and business addresses, and associated delivery instructions.
Dietary Preferences & Allergies: Information you provide about food allergies, dietary restrictions, spice preferences, and other special requests.
Restaurant Preferences: Favorite locations, preferred pickup times, seating preferences (if applicable).
Order Instructions: Special delivery notes, cooking preferences, portion requests.
Feedback and Reviews: Restaurant ratings, food reviews, service feedback, and complaints submitted through our Services.

Payment and Financial Information

For processing payments and financial transactions securely:

Payment Methods: Tokenized payment card information (we do not store full card numbers), digital wallet details when used for payment. Transactions are processed by secure third-party payment gateways.
Billing Information: Billing addresses, payment history, transaction records.
Financial Data: Bank account information may be collected for processing refunds.
Promotional Usage: Records of coupon usage, discount applications, loyalty point transactions.
Receipt Information: Digital receipts, tax information (if applicable), itemized billing.

Location and Geographic Data

To provide location-based services, such as finding nearby restaurants or facilitating deliveries (with your explicit permission where required by your device OS):

GPS Location: Real-time location data when using the App, if location services are enabled.
Address Information: Home, work, and frequently visited addresses you save in the App.
Delivery Zones: Service area information and delivery availability based on location.
Restaurant Proximity: Calculations to determine distance to nearby Qianwei locations.

Device and Technical Information

Technical data from your devices and App usage to ensure functionality and for analytics:

Device Identifiers: Device ID, advertising ID (resettable by you).
App Usage Data: Features used, screens visited, time spent in App, navigation patterns, interactions with App elements.
System Information: Operating system and version, device model, App version, screen resolution.
Network Data: IP address, internet service provider, connection type (Wi-Fi, cellular).
Performance Data: App crash reports, error logs, loading times.
Push Notification Data: Notification preferences, delivery status, engagement with notifications (if enabled).

Social Media Integration Data

If you choose to connect your social media account (e.g., Facebook, Google) to our App for login or sharing purposes, we may collect, with your permission:

Profile Information: Public profile data as permitted by the social media platform and your privacy settings thereon (e.g., name, profile picture).
Authentication Tokens: To securely connect your account.

Important: You can manage or disconnect your social media account connections at any time through your App settings or the settings of the respective social media platform. Data collected via social media integration will be handled in accordance with this Privacy Policy, and you can request its deletion as outlined in Section VIII.

Communication and Customer Service Data

Information from your interactions with our customer service and communications from us:

Support Tickets & Inquiries: Details of customer service inquiries, complaints, and their resolution.
Chat Logs & Call Recordings: In-app chat conversations and recordings of customer service phone calls (where permitted by law and with appropriate notice/consent).
Survey Responses: Feedback from customer satisfaction surveys and other research initiatives.

III. HOW WE COLLECT INFORMATION

We collect information through various methods and sources:

Direct Collection (Information You Provide)

Account Registration: When you create an account or profile within our App or on our website.
Order Placement: During the food ordering and checkout process.
App Usage: As you navigate, interact with, and input information into our App.
Customer Service Interactions: When you contact us for support, provide feedback, or make inquiries.
In-Store Interactions: Information you provide during in-store visits if linked to your digital account (e.g., loyalty program usage).
Surveys and Promotions: When you voluntarily participate in customer research, surveys, or promotional offers.

Automatic Collection (Information Collected Passively)

Cookies and Similar Technologies: Use of web cookies, pixel tags, mobile SDKs, and similar technologies on our website and App for functionality, analytics, and personalization (see Section IX for details).
Mobile Analytics: Collection of App usage analytics and performance monitoring data.
Location Services: GPS and other location-based service data (with your permission).
Device and Network Information: Automatically collected technical data from your device and network.

Third-Party Sources

Social Media Platforms: When you use social login features, subject to your permissions on those platforms.
Payment Processors: Confirmation of payment status and transaction details from our secure payment gateways.
Delivery Partners: Information from third-party delivery service providers related to order fulfillment.
Marketing and Analytics Partners: Aggregated or anonymized data from advertising networks and analytics platforms to help us understand user trends and measure ad effectiveness.
Publicly Available Sources: In limited cases, information from publicly available business directories or similar sources.

IV. HOW WE USE YOUR INFORMATION

We use your personal information for the following specific purposes, grounded in legitimate business needs and, where applicable, your consent:

Providing and Managing Core Restaurant and Ordering Services

Order Processing & Fulfillment: To accept, process, manage, and deliver your food orders accurately and efficiently.
Payment Processing: To securely handle payments, process refunds, and manage financial transactions.
Delivery Coordination: To coordinate delivery logistics, track order status, and communicate with delivery personnel.
Restaurant Operations Support: To assist in managing kitchen operations, inventory, and staffing based on demand.
Quality Control & Service Standards: To monitor and ensure food quality and service consistency.

Account Administration and Customer Relationship Management

Account Creation & Maintenance: To create, maintain, secure, and manage user accounts.
Customer Support & Communication: To provide timely assistance, resolve issues, respond to inquiries, and manage communications.
Order History Access: To provide you with access to your past orders for easy reordering and reference.
Preference Management: To store and apply your saved dietary preferences, delivery addresses, and ordering habits.
Loyalty Program Administration: To manage rewards points, issue discounts, and administer membership benefits.

Personalization and Service Improvement

Personalized Experiences: To show relevant menu items, offers, and content based on your preferences and order history (where you have agreed to such personalization).
Order Suggestions & Recommendations: To recommend items or restaurants based on your past behavior and popular trends.
Service Enhancement: To analyze App usage patterns, user feedback, and technical data to improve our Services, develop new features, and enhance user experience.
Content Customization: To personalize certain aspects of the App interface and content.

Communication and Marketing (with your consent where required)

Order Status Updates: To send notifications about order confirmation, preparation, dispatch, and delivery.
Promotional Communications: To send marketing message, push notifications, or SMS messages about new products, special offers, and events, subject to your opt-in preferences.
Customer Feedback & Surveys: To request reviews, ratings, and participation in customer satisfaction surveys.
Service Announcements: To notify you about important changes to our Services, menu updates, new restaurant locations, or operational hours.
Emergency Communications: In rare cases, to send important safety or security notifications.

Business Operations, Analytics, and Legal Compliance

Performance Analysis & Reporting: To analyze App performance, user behavior, sales trends, and operational efficiency.
Business Intelligence & Strategy: To understand market trends, customer preferences, and inform business decisions.
Financial Reporting & Compliance: To manage accounting, taxation, and other financial and legal obligations.
Inventory & Resource Management: To track popular items, manage stock levels, and optimize resource allocation.
Fraud Prevention & Security: To detect and prevent fraudulent activities, unauthorized access, and ensure the security of our Services and user data.
Legal Obligations: To comply with applicable laws, regulations, legal processes, and governmental requests.

V. INFORMATION SHARING AND DISCLOSURE

We are committed to protecting your personal information and limit its sharing. We may share your personal information in the following well-defined circumstances and with appropriate safeguards:

With Service Providers and Business Partners

We share information with trusted third-party vendors, consultants, and other service providers who perform services on our behalf and require access to such information to do that work. These include:

Payment Processors: To securely process your payments (e.g., Stripe, PayPal, Adyen). These processors have their own strict security and privacy standards.
Delivery Services: With our delivery drivers (whether employees or contractors) or third-party delivery logistics companies to fulfill your orders. Only necessary information (e.g., name, address, phone number, order details) is shared.
Technology Providers: For cloud hosting (e.g., AWS, Azure, Google Cloud), data analytics, IT support, communication platforms, and other essential technological services.
Marketing and Advertising Partners: With partners who assist with SMS delivery, push notifications, and digital advertising campaigns (only with your consent and subject to your opt-out rights).
Customer Service Platforms: With providers of call center software, live chat tools, and customer support management systems.

We have contractual agreements with these service providers requiring them to protect your personal information and prohibiting them from using it for any purpose other than providing services to us.

For Legal Reasons and Compliance

Law Enforcement & Legal Process: If required by law, such as to comply with a subpoena, court order, or other legal process, or in response to a valid request from a governmental authority.
Regulatory Compliance: To meet obligations related to food safety, public health, tax, labor, and other applicable regulations.
Protecting Rights, Property, and Safety: To protect the rights, property, or safety of our Company, our users, our employees, or the public, as required or permitted by law. This includes exchanging information with other companies and organizations for fraud protection and credit risk reduction.
Enforcing Terms and Policies: To enforce our Terms of Service and other agreements or policies.

In Connection with Business Transactions

Mergers, Acquisitions, or Asset Sales: If our Company is involved in a merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your personal information may be sold or transferred as part of such a transaction as permitted by law and/or contract. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.

With Your Consent

We may share your personal information for other purposes if you have given us your explicit consent to do so.

We do not sell your personal information to third parties for their own marketing purposes without your explicit consent.

VI. DATA SECURITY AND PROTECTION

We implement comprehensive technical, administrative, and physical security measures designed to protect your personal information from unauthorized access, use, alteration, and disclosure. These measures include:

Technical Safeguards

Encryption: Use of encryption (e.g., TLS/SSL) for data in transit and encryption for sensitive data at rest (e.g., passwords, payment tokens).
Secure Servers & Infrastructure: Storing data on secure servers, often managed by reputable cloud service providers with robust security certifications.
Firewalls & Network Security: Implementation of firewalls, intrusion detection/prevention systems, and other network security measures.
Regular Security Updates & Patching: Keeping all systems, software, and applications updated with the latest security patches.
Vulnerability Management & Penetration Testing: Regular security assessments and testing to identify and address potential vulnerabilities.

Administrative and Physical Safeguards

Access Controls: Strict access controls based on the principle of least privilege, limiting employee access to personal information to only what is necessary for their job functions.
Authentication Mechanisms: Use of strong passwords, multi-factor authentication (MFA) for system access where appropriate.
Employee Training & Awareness: Regular data privacy and security training for all employees who handle personal information.
Data Minimization: Collecting and retaining only the personal information that is necessary for the purposes outlined in this policy.
Secure Development Practices: Integrating security into our software development lifecycle.
Incident Response Plan: A plan to promptly address and mitigate the impact of any data security incidents.
Physical Security: Measures to secure physical locations where data may be stored or processed.

Data Backup and Recovery

Regular Backups: Automated and regular backups of critical data to prevent data loss.
Disaster Recovery & Business Continuity Plans: Procedures for data recovery and service continuity in case of system failures or disasters.

While we take reasonable precautions to protect your personal information, please be aware that no security system is impenetrable. We cannot guarantee the absolute security of your information. You also play a role in protecting your data by using strong, unique passwords and safeguarding your account credentials.

VII. YOUR PRIVACY RIGHTS AND CHOICES

You have significant rights regarding your personal information. We are committed to honoring these rights and making them easy for you to exercise. Depending on your jurisdiction, these rights may include:

Right to Access Your Information

Access to Data: You can request a copy of the personal information we hold about you.
Data Portability: You may have the right to receive your data in a structured, commonly used, and machine-readable format, and to transmit it to another controller where technically feasible.
Information on Usage: You can request information about how your data has been used and with whom it has been shared.
Confirmation of Processing: You can ask us to confirm whether we are processing your personal information.

Right to Control and Correct Your Information

Correction/Rectification: You can update or correct any inaccurate or incomplete personal information through your account settings or by contacting us.
Restriction of Processing: You may have the right to request that we limit how we process your personal information in certain circumstances (e.g., if you contest its accuracy).
Objection to Processing: You may have the right to object to certain types of data processing, such as processing for direct marketing purposes, or processing based on our legitimate interests.
Withdrawal of Consent: Where we process your data based on your consent, you have the right to withdraw that consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

Right to Deletion (Right to be Forgotten)

Data Deletion: You have the right to request the deletion of your personal information, subject to certain exceptions (see Section VIII for details).

Communication Preferences

Location Services: You can control or disable location services through your device settings or App permissions.
Cookie Management: You can manage cookies and tracking technologies as described in Section IX.

To exercise any of these rights, please refer to the contact methods and procedures outlined in Sections VIII (for deletion) and XV (for other requests).

VIII. COMPREHENSIVE DATA DELETION RIGHTS AND PROCEDURES

We fully respect your right to have your personal information deleted from our systems. This section provides comprehensive, step-by-step instructions for requesting complete data deletion.

Complete Scope of Data Deletion

When you request data deletion, and subject to legal and regulatory exceptions outlined below, we will permanently remove or anonymize the following types of information associated with your account:

Account Information: Your name, phone number, encrypted passwords, profile photos, and other account-specific details.
Order History: Complete record of all your food orders, including items, preferences, modifications, and order details.
Payment Information: Tokenized payment methods, billing addresses, and transaction history linked to your account (excluding records we are legally required to retain).
Location Data: Saved delivery addresses, GPS location history (if collected), and delivery preferences.
Communication Records: Customer service interactions and chat logs correspondence associated with your account.
Device Information: Device identifiers and technical information directly linked to your user profile.
Social Media Connections: Data obtained through social media logins (e.g., Facebook, Google) and any associated profile information stored by us.
Loyalty Program Data: Your points balance, rewards history, and membership information.
Feedback and Reviews: Any restaurant reviews, ratings, or survey responses you submitted that are linked to your account.
Analytics Data: Usage patterns, behavioral data, and preference analytics that can be directly attributed to your identifiable account.

How to Request Data Deletion

We provide the following clear and direct methods for you to request the deletion of your personal data. We are committed to making this process straightforward for our users:

Method 1: In-App Data Deletion (Recommended and Fastest Method)

Our mobile App provides a direct, secure, and typically the fastest way to request the deletion of your account and associated data. The process is designed to be completed entirely within the App.

Follow these specific steps within the Qianwei mobile application:

Open the Qianwei mobile application on your device.
Navigate to your main Profile page, Account Settings, or a similarly named section (often represented by a gear icon, user avatar, or a "Me" tab).
Within your account settings, look for an option clearly labeled such as "Privacy Controls," "Data & Privacy," "Account Management," or similar.
Under this section, select the option explicitly named "Delete My Account," "Request Account Deletion," or "Permanently Delete Data and Account." The wording is designed to be unambiguous.
The App will then display important information detailing the consequences of account deletion (e.g., what data will be removed, loss of order history, etc.). Please read this information carefully to understand the full impact of your request.
You will be required to confirm your identity to proceed. This is a security measure and typically involves re-entering your account password or verifying via a one-time code sent to your registered phone number.
After successful identity verification, you must explicitly acknowledge that you understand data deletion is permanent and irreversible, usually by checking a box or tapping a confirmation button.
Finally, submit your deletion request by tapping the final confirmation button, such as "Delete Account Permanently" or "Confirm Deletion."
Upon successful submission, you will receive an immediate in-app confirmation message stating that your request has been received and is being processed.

For users who would like additional visual guidance or a step-by-step walkthrough with screenshots of the in-app process, a supplementary instructional guide is available at: Qianwei Account and Data Deletion Instructions. However, all necessary steps for initiating deletion can be completed directly within the App as described above.

Processing time via this method is typically initiated promptly, with full deletion completed according to the timeline detailed below.

Method 2: Contacting Customer Service for Assistance

If you are unable to use the in-app deletion feature, or if you have specific questions or require assistance, you can request data deletion by contacting our customer service team.

How to contact:

Utilize the "Contact Us" or "Support" feature within the Qianwei App.
Refer to contact information provided on our official website.

When contacting customer service, please provide the following information to help us locate and verify your account:

Clearly state: "I wish to request the deletion of all my personal data and my account."
Your full name as registered with Qianwei.
The phone number associated with your Qianwei account (if applicable).
Any other information that may help us identify your account, such as a recent order number or delivery address.

Our customer service team will guide you through the necessary verification steps and initiate the deletion process on your behalf.

Response and processing: We aim to acknowledge all deletion requests made via customer service within a specified timeframe (e.g., 48-72 business hours) and will process them according to the timeline detailed below.

Identity Verification for Security

Security Notice: To protect your privacy and prevent unauthorized deletion requests, we implement a robust identity verification process before any data is deleted. This may include, but is not limited to:

Phone Verification: Sending an SMS verification code to your registered phone number (if provided).
Password Confirmation: Requiring you to re-enter your account password.
Security Questions: Asking you to answer security questions you may have set up for your account.
Order Verification: Requesting details about recent orders or account activity to confirm account ownership, if other methods are insufficient.
Additional Identification: In rare cases, for accounts with high transaction volumes or suspected fraudulent activity, we may request additional forms of identification to ensure the legitimacy of the request, in compliance with applicable laws.

Failure to complete the verification process may delay or prevent the deletion of your data.

Detailed Processing Timeline

Our standard data deletion timeline, once a verified request is received:

Immediate - 24 hours: Deletion request acknowledged (if not immediate via app), and initial account deactivation procedures begin (e.g., preventing new orders, logging out active sessions).
24 - 72 hours: Primary processing of deletion from active databases and operational systems. Your account may become inaccessible during this period.
Up to 30 days: Completion of deletion from backup systems, aggregated datasets (where personal identifiers are removed), and ensuring data removal requests are propagated to relevant third-party service providers (where applicable and technically feasible).
Confirmation: Once the deletion process is fully complete, we will send you a final confirmation (typically via SMS or an in-app notification).

Maximum timeline: While we strive to complete deletions much faster, please allow up to 30 calendar days for the entire process to be finalized, particularly to account for backup cycles and complex system interactions. In some jurisdictions, we may be legally required to complete deletion within a specific timeframe, which we will adhere to.

What Happens During and After Deletion

Immediate effects (typically within 24-72 hours of verified request):

Your account will be permanently deactivated and will no longer be accessible.
You will be logged out from the App on all devices.
You will no longer be able to place orders or access services requiring an account.
Direct marketing communications from us to you will cease.

Complete removal (within the full processing timeline):

Your personal information will be permanently deleted or irreversibly anonymized from our active databases.
Order history, payment information (except legally required records), location data, communication records, and other personal data linked to your account will be removed.
Connections to social media accounts will be severed, and related data stored by us will be deleted.
Data in backup systems will be deleted in accordance with our backup rotation schedule (typically within 30 days).

Legal and Regulatory Exceptions to Deletion

Important Legal Notice: In certain limited circumstances, we may be legally required or have a legitimate interest to retain some of your information, even after a deletion request. This will be done in strict compliance with applicable laws. Such exceptions include:

Compliance with Legal Obligations: Information required to be kept for tax purposes (e.g., transaction records for a specific period, typically 7 years in many jurisdictions), financial auditing, or other legal and regulatory reporting requirements.
Establishment, Exercise, or Defense of Legal Claims: Information necessary to resolve disputes, enforce our agreements, or defend against legal claims.
Fraud Prevention and Security: Limited, anonymized, or pseudonymized data may be retained to prevent future fraudulent activity, ensure the security of our platform, or protect other users.
Public Health and Safety: Information related to food safety incidents or other public health matters, as required by relevant authorities.
Archiving Purposes in the Public Interest, Scientific or Historical Research, or Statistical Purposes: If applicable and where deletion would seriously impair such purposes, and subject to appropriate safeguards.

Any information retained under these exceptions will be strictly limited to the minimum necessary for the specific purpose, will be securely stored with restricted access, and will not be used for any other purpose. We will inform you if such exceptions apply to your deletion request, where legally permissible.

Re-creating an Account After Deletion

Once your data has been deleted:

New Account Required: If you wish to use our Services again, you will need to create a completely new account.
No Data Recovery: Your previous order history, saved preferences, loyalty points, and other account-specific data cannot be restored.
Fresh Start: All settings, preferences, and saved information must be re-entered as if you were a new user.
Promotional History: Previous promotional rates or special offers tied to your deleted account will generally not be applicable to a new account.

Deletion Confirmation and Documentation

Upon successful completion of the data deletion process, we will provide you with:

Confirmation Communication: An official notification (typically via SMS or an in-app message) confirming that your data deletion request has been processed and your information has been deleted, subject to any applicable legal exceptions.
Reference Number: A unique reference number for your deletion request for your records and for any follow-up inquiries.

Questions about data deletion? Please contact us through our customer services on the Qianwei APP or other channels mentioned in Section XV.

Response time guarantee for inquiries: We aim to respond to all deletion-related inquiries within a reasonable timeframe, typically within 48-72 business hours, acknowledging receipt and providing an estimated timeline if further investigation is needed.

IX. COOKIES AND TRACKING TECHNOLOGIES

We use cookies and similar tracking technologies (such as web beacons, pixels, SDKs in our App, and local storage) to provide and improve our Services, understand user activity, and for personalization and advertising purposes (where applicable and consented to). This section describes these technologies and your choices regarding them.

Types of Cookies and Technologies We Use

Essential/Strictly Necessary Cookies: These are required for the basic operation of our Services, such as enabling you to log in, add items to your cart, and make payments. Our Services cannot function properly without them.
Performance and Analytics Cookies: These collect information about how you use our Services, such as which pages you visit, how long you stay on them, and if you encounter any errors. This helps us improve the performance and usability of our Services (e.g., Google Analytics).
Functionality/Preference Cookies: These allow our Services to remember choices you make and provide enhanced, more personal features, such as remembering your username, language preferences, or region, and customized food preferences.
Targeting/Advertising Cookies: These cookies may be set through our site by our advertising partners (or by us) to build a profile of your interests and show you relevant advertisements on other sites. They do not store directly personal information but are based on uniquely identifying your browser and internet device. You can opt-out of these as described below.
Social Media Cookies: If you interact with social media features on our Services (e.g., login with Facebook, share buttons), these cookies are set by the respective social media platforms to enable those features and may track your activity.

Managing Your Cookie Preferences

You have several options to control or limit how we and our partners use cookies and similar technologies:

Browser Settings: Most web browsers allow you to control cookies through their settings preferences. You can set your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, some parts of our Services may not function properly.
Mobile Device Settings: Your mobile device operating system provides options to control tracking for advertising purposes (e.g., "Limit Ad Tracking" on iOS or "Opt-out of Ads Personalization" on Android).
In-App Settings: Our App may provide settings to control certain tracking preferences or data collection.
Third-Party Opt-Out Tools: You can opt out of interest-based advertising from many third-party ad networks through industry opt-out programs like the Network Advertising Initiative (NAI), the Digital Advertising Alliance (DAA), or the European Interactive Digital Advertising Alliance (EDAA) if you are in Europe.
Specific Partner Opt-Outs: Some of our analytics and advertising partners (e.g., Google Analytics) offer their own opt-out mechanisms.

Please note that opting out of advertising cookies does not mean you will no longer see ads, but rather that the ads you see may be less relevant to your interests.

X. CHILDREN'S PRIVACY PROTECTION

Our Services are not directed to, and we do not knowingly collect personal information from, children under the age of 13 (or a higher age if stipulated by applicable law in your jurisdiction, e.g., 16 in some EU countries). We are committed to protecting children's privacy.

Age Requirement: Users must meet the minimum age requirement to create an account and use our Services. If local law requires a higher age for consent to process personal data without parental approval, that age applies.
No Knowing Collection: If we become aware that we have inadvertently collected personal information from a child under the applicable minimum age without verifiable parental consent, we will take steps to delete that information as soon as possible.
Parental Rights: If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us using the details in Section XV. We will work with you to address the issue, including deleting your child's information from our systems.
Age Verification: In some limited circumstances (e.g., alcohol sales), we may need to verify age, but this is done with a focus on confirming legal age requirements, not on collecting data from children.

XI. INTERNATIONAL DATA TRANSFERS

Your personal information may be processed in and transferred to countries other than your country of residence, including countries that may have different data protection laws than those in your jurisdiction. We take appropriate steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy and applicable data protection laws when it is transferred internationally.

These safeguards may include:

Adequacy Decisions: Transferring data to countries that the relevant regulatory authorities (e.g., the European Commission) have deemed to provide an adequate level of data protection.
Standard Contractual Clauses (SCCs): Implementing SCCs approved by relevant authorities for transfers to countries without an adequacy decision.
Binding Corporate Rules (BCRs): For intra-group transfers where applicable.
User Consent: Relying on your explicit consent for specific transfers, where appropriate and legally permissible, after informing you of the potential risks.
Other Legal Bases: Relying on other permitted legal bases for international transfers under applicable law.

By using our Services and providing us with your information, you acknowledge that your personal information may be transferred to and processed in countries outside of your country of residence.

XII. DATA RETENTION POLICIES

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria used to determine our retention periods include:

Retention Periods by Data Type and Purpose

Account Information: Retained as long as your account is active, or as needed to provide you with Services. If an account is inactive for an extended period (e.g., 3-5 years), we may take steps to delete or anonymize it, subject to prior notification.
Order History: Typically retained for a period necessary for customer service, dispute resolution, and operational analysis (e.g., 2-3 years after the order), unless a longer period is legally required.
Payment Data: Transactional data is retained for periods required by tax laws and financial regulations (often 7 years or more). Full payment card details are not stored by us.
Location Data: Retained for the duration necessary to provide location-based services or as long as your account is active, and then anonymized or deleted. Specific GPS history may be kept for shorter periods.
Marketing Data & Preferences: Retained until you opt-out of marketing communications or delete your account.
Customer Service Records: Retained for a period necessary for quality assurance, training, and handling ongoing inquiries or disputes (e.g., 3-5 years).
Legal & Compliance Data: Information retained to comply with specific legal obligations (e.g., food safety records, litigation holds) will be kept for the period mandated by law or relevant to the legal matter.
Anonymized/Aggregated Data: We may retain data that has been anonymized or aggregated (so it no longer identifies you) for analytics, research, and service improvement indefinitely.

Once the retention period expires, personal information is securely deleted or anonymized in accordance with our data disposal procedures.

XIII. PRIVACY POLICY UPDATES AND NOTIFICATIONS

We may update this Privacy Policy from time to time to reflect changes in our data practices, services, legal requirements, or for other reasons. We will post any changes to this Privacy Policy on this page and, if the changes are significant, we will provide a more prominent notice.

How We Notify You of Changes

Date of Last Update: The "Last Updated" date at the top or bottom of this Privacy Policy will indicate when it was last revised.
In-App Notification: We may provide a notice through our App, such as a pop-up or banner, alerting you to significant updates.
Website Notice: A prominent notice may be posted on our website.
Version History: We may maintain a version history of our Privacy Policy for transparency.

Your Review of Changes

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this Privacy Policy become effective will constitute your acceptance of such changes. If you do not agree with the revised Privacy Policy, you should discontinue using our Services and may request deletion of your account as described in Section VIII.

XIV. BUSINESS TRANSFERS AND CONTINUITY

In the event that Qianwei or a significant portion of its assets is acquired by or merged with another company, or in the unlikely event of bankruptcy or cessation of operations, your personal information may be one of the assets that is transferred or acquired by a third party. We will endeavor to provide you with notice of such an event as outlined in Section XIII, and any acquirer of our business may continue to use your personal information as set forth in this policy or a successor policy.

We will take steps to ensure that your privacy rights continue to be protected during any such business transition. This may include requiring the acquiring entity to honor the commitments made in this Privacy Policy or providing you with an opportunity to opt-out or delete your data if the terms of data handling change significantly.

XV. CONTACT INFORMATION AND SUPPORT

For all privacy-related questions, concerns, requests to exercise your rights (other than data deletion requests handled per Section VIII), or complaints, please contact us through one of the following channels:

Primary Contact Method

Availability: Our customer service is typically available 24/7 through the mobile application for general inquiries and can route privacy-specific questions appropriately.
Response Time: We aim to acknowledge privacy-related inquiries submitted via customer service within 48-72 business hours and provide a substantive response as promptly as possible.
Languages: Support is generally available in Khmer, Vietnamese, Thai, Indonesian, English and Chinese.

Ways to reach us:

⛳️ Shanghai Mall A12-14
📞 +855 718 836 086
✅ Wechat (+855 718 836 086)
💁‍♀️ Telegram @qianwei_hotline
🤖 Telegram bot @qianweichainbot

Through Our Physical Restaurants

You may also visit any of our Qianwei physical restaurant locations to make inquiries regarding this Privacy Policy or the handling of your personal information. Our in-store staff will do their best to assist you or guide you to the appropriate customer service channels to handle your specific request.

Dedicated Privacy Inquiries

For more specific or complex privacy matters, or if you wish to contact our Data Protection Officer (DPO) or privacy team directly (if designated), instructions for doing so will be provided via our customer service channels or on our official website's privacy information page.

How to Submit a Request to Exercise Your Rights

When contacting us to exercise your rights (e.g., access, correction), please provide sufficient detail to enable us to identify you and respond to your request, including:

Your full name and contact information.
The phone number associated with your Qianwei account.
A clear description of your request and the right(s) you wish to exercise.

We will process your request in accordance with applicable data protection laws and will inform you if we require further information or if there are any reasons why we cannot fulfill your request (e.g., legal exemptions).

Emergency Privacy Concerns

If you have an urgent privacy concern, such as a suspected data breach or unauthorized access to your account, please report it immediately through our customer service channels, marking your inquiry as "URGENT PRIVACY ISSUE." Such reports will be prioritized.

XVI. EFFECTIVE DATE AND VERSION

Policy Information:

Effective Date: December 23, 2024
Last Updated: May 28, 2025
Version: 4.1
Next Scheduled Review Date: November 27, 2025 (or sooner if significant changes occur)

This Privacy Policy supersedes all previous versions. We encourage you to review it regularly.