Thanks for visiting our website.
Jack in the Box ABN 86 917 931 022 is committed to protecting your privacy as an online visitor to our website.
As an online business, we aim to comply with the Australian Privacy Principles contained in The Privacy Act 1988 (Cth) and General Data Protection Regulations (GDPR) to ensure that your information is protected.
We use the information we collect about you to maximise the services and products we provide to you via our website and through our business.
By providing us with your data, you warrant that you are over the age of 18 years.
1. Contact Details
Our full contact details are:
Jack in the Box
ABN: 86 917 931 022
Postal address: PO Box 752 Morningside Q 4170
Please visit our Contact Us page for more information.
1.1. It is essential that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes at our Contact Us page.
2. Personal Information – Type, purpose, and legal grounds
2.1. Personal information/data means any information capable of identifying an individual. It does not include data that is anonymous in its source.
2.2. We may process the following categories of personal data about you:
2.2.1. Communication Information
184.108.40.206. Communication information includes any communication that you send to us. This information can be sent to us through:
a. The Contact Us form on our website;
c. Social media posting; or
d. Through any other communication that you send to us.
220.127.116.11. We process this data for:
a. Communicating with you;
2.2.2. Customer Information
18.104.22.168. Customer information or data includes any information you provide relating to any purchases of goods and/or services, such as your name, title, billing address, delivery email address, phone number, contact details, purchase details, and card details.
22.214.171.124. We process this information to:
a. Supply the goods and/or services you have purchased, and;
b. To keep records of such transactions.
126.96.36.199. Our legal ground for this processing is the performance of a contract between you and us and/or taking steps at your request to enter into such a contract.
2.2.3. User Information/Data
188.8.131.52. User information includes data about how you use our website and any online services together with any data that you may post for publication on our website or through other online services. We may collect, store and use:
a. information that you provide to us when using the services on our website or that is generated in the course of the use of those services (including the timing, frequency, and pattern of service use)
b. information contained in, or relating to, a personal or business account with our website (including name, email address, date and month of birth);
c. information that you provide when you provide feedback;
d. information that you provide when you change your personal details or email preferences;
e. information that you provide when you respond to a survey;
f. information that you provide when you communicate with our customer support;
g. any other personal information that you choose to send to us.
184.108.40.206. Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with this policy.
220.127.116.11. We process this data to
a. Operate our website and ensure relevant content is provided to you;
b. To ensure the security of our website;
c. To maintain backups of our website and/or databases and;
d. To enable publication and administration of our website, other online services, and business.
18.104.22.168. Our legal ground for this processing is our legitimate interests, which are to enable us to administer our website and our business properly.
22.214.171.124. We will not, without your express consent, supply your personal information to any third party for their or any other third party’s direct marketing.
2.2.4. Technical Data
126.96.36.199. Technical data is information about your use of our website and online services, such as information about your visits to and use of this website, including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths.
188.8.131.52. The source of this data is from our analytics tracking system.
184.108.40.206. We process this data to analyse your use of our website and other online services, administer and protect our business and website, deliver relevant website content and advertisements to you, and understand the effectiveness of our advertising.
220.127.116.11. Our legal ground for this processing is our legitimate interests, which are to enable us to administer our website and our business properly, grow our business, and decide our marketing strategy.
2.2.5. Sensitive Data
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and bio-metric data. We do not collect any information about criminal convictions and offences.
2.2.6. Contract Obligations
18.104.22.168. Where we are required to collect personal data by law or under the terms of the contract between us, and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you).
22.214.171.124. If you don’t provide us with the requested information, we may have to cancel a product or service you have ordered, but if we do, we will notify you at the time.
2.2.7. Use of Personal Information
126.96.36.199. We will only use your data for the purpose it was collected for or reasonably compatible purposes if necessary. If we need to use your details for an unrelated new purpose, we will let you know and explain the legal grounds for processing.
188.8.131.52. We may process your personal information without your knowledge or consent where this is required or permitted by law.
3. How your personal information is collected.
3.1.1. We may automatically collect certain data from you as you use our website by using cookies and similar technologies.
3.2.1. We use this information to:
• Respond to your enquiries
• Provide you with relevant news and updates about our services
• Improved this website and the services we provide
4. Marketing Communications
4.1. Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests, namely to grow our business.
4.2. We may send you marketing communications if:
4.2.1. You made a purchase or asked for information from us about our goods or services; or
4.2.2. You agreed to receive marketing communication, and, in each case, you have not opted out of receiving such communications since.
4.2.3. You are a company; we may send you marketing emails without your consent. You may opt out of receiving marketing emails from us at any time.
4.3. Express consent
4.3.1. It is unlikely that Jack in the Box will share your personal data with any third party for their own marketing purposes; however, we will obtain your express consent in such circumstances.
Stopping marketing messages
4.3.2. You can ask third parties or us to stop sending you marketing messages at any time by:
184.108.40.206. Following the opt-out links on any marketing messages sent to you, or
220.127.116.11. Contact Us via our website at any time.
4.3.3. If you opt-out of receiving marketing communications, this opt-out does not apply to personal data provided as a result of other transactions, such as purchases, warranty registrations, returns, replacements etc.
5. Disclosures of Your Personal Data
5.1. We may have to share your personal data with the parties set out below:
5.1.1. Service providers who provide IT and system administration services.
5.1.2. Professional advisers, including lawyers, bankers, auditors, and insurers.
5.1.3. Government bodies that require us to report processing activities.
5.1.4. Market Researchers and Analysts.
5.1.5. Marketing agencies we may engage with from time to time.
5.1.6. Third parties to whom we sell, transfer, or merge parts of our business or our assets.
5.2. We require all third parties to whom we transfer your data to respect the security of your personal data and treat it according to the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
6. International Transfers (for example, to our preferred email marketing platform or CRM)
6.1. Whenever we transfer your personal data, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is in place:
6.1.1. If you are a resident of the European Union, we will only transfer your personal data to countries that the European Commission have approved as providing an adequate level of protection for personal data by; or
6.1.2. Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
6.1.3. If we use US-based providers part of EU-US Privacy Shield, we may transfer data to them, as they have equivalent safeguards in place.
6.2. If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
7. Data Security
7.1. We strive to ensure the security, integrity, and privacy of personal information submitted to our website, and we periodically update our security measures in light of current technologies.
7.2. We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
7.3. You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
7.4. We have procedures in place to deal with any suspected personal data breach. We will notify you and any applicable regulator of a breach if we are legally required to.
8. Data Retention
8.1. We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.
8.2. For tax purposes, the law requires us to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for five years after they stop being customers.
8.3. In some circumstances, we may delete identifying components of your data for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
9. Your Legal Rights
9.1. Under data protection laws, you have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, object to processing, portability of data, and (where the lawful ground of processing is consent) to withdraw consent.
9.2. If you wish to exercise any of the rights set out above, please email us via our Contact Us page.
9.3. To respond to any request, we will require the following information:
9.3.1. your name and address; and
9.3.2. your contact telephone numbers
9.4. There is no fee chargeable to access your personal data; however, we may charge a fee if your request is unfounded, repetitive or excessive, or refuse to comply with our request in these circumstances.
9.5. As a security measure to ensure your data is not disclosed to any person who has no right to receive it, we may request further information from you.
9.6. We try to respond to all legitimate requests within 30 days unless the request is complex or where there are multiple requests. If our response is likely to exceed 30 days, you will be notified.
9.7. If you are not happy with any aspect of how we collect and use your data, please contact us first to attempt to resolve your issue immediately. You also have the right to complain to the Office of the Australian Privacy Commissioner (https://www.oaic.gov.au), the Australian supervisory authority for data protection issues.
10.3. You may instruct us at any time not to process your personal information for marketing purposes.
10.4. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.