Effective Date: August 2007 (last updated December, 23 2022)
This Policy describes Jimmy John's online and offline information collection and use practices. This includes for our websites and apps. It applies to information we collect from you when you interact with us. You can print a copy of this policy by clicking here.
Listed below are details about the categories of information we collect:
Contact information. We collect your name and phone number. We also collect your street address and email address.
Payment information. We collect payment information when you make a purchase. This might include credit card or debit number.
Demographic information. We collect your gender or age. We collect your zip code. If you complete a survey we may collect your ethnic background and the number and ages of children in your household. We may also collect your household income. We collect location information from website visitors and app users. This may include precise location information.
Biometric information. We do not collect biometric information.
Employment information. We collect name, age, phone number, and address from job applicants and employees. We also collect background check results and drug screening results. We may also collect bank account information.
Site usage information. We collect logs and session data when you visit our website or use our applications. We collect browser and operating system information. We collect what site you came from or what site you visit when you leave us. We collect your IP address. We also collect device identifiers.
We use the categories of information for the business and commercial purposes outlined here:
We use information to respond to your requests. We use contact information to respond to you. We also use contact information to communicate with you about our policies and terms. We use employment information to process your application.
We use information for transactional communications. We use contact and payment information to process payments. We use contact information for order delivery. If you sign up, we use contact information to send you our newsletter. We use contact and demographic information for our loyalty programs.
We use information for marketing purposes. We use contact information to notify you about new products and special offers or new features. This may be by email or text. It may also be on social media platforms. This includes information about Jimmy John's and other Inspire Brand companies. It also includes information we think you would find interesting. We use contact information to notify you if you win a promotion or sweepstakes.
We use information to improve our products and services. We use site usage information to make our website and products better. We use your contact, demographic, and site usage information to customize your experience with us. We use your demographic information for market research.
We use information to protect our company and constituents. We use contact, demographic, and site usage information to protect our company and customers. We use this same information to identify fraud and secure our systems. This includes measures to detect potential fraudulent credit card purchases. We use all categories of information for other purposes as permitted by law.
We collect categories of information in the following ways:
We collect information directly from you. We collect your contact, demographic, payment, and biometric information from you. This could be in person. It could also be on our website or one of our apps.
We collect information passively. We use tracking tools to collect site usage and demographic information. Tracking tools include browser cookies and web beacons. We do this on our websites and in emails that we send to you. We collect information about users over time when you use our websites or apps. We have third parties collect personal information this way.
We collect information about you from third parties. We collect contact, demographic, and site usage information from our business partners. Social media platforms give us information about you. We purchase demographic information from third parties. We may collect information about you from other Inspire Brands companies.
We combine information collected in-person with that we receive online. We may also combine information we get from a third party with information we already have. We also combine information we have with information we get from our related brands.
We share categories of information as described here:
We share information with related companies. We share information with our affiliates and subsidiaries. These entities include Sonic Drive-In, Arby's, Buffalo Wild Wings. It also includes our parent and other related entities. This includes new brands bought by our parent entity. We will share information with future related companies. Information we share includes contact and payment information. It also includes demographic, biometric, and site usage information.
We share information with vendors who perform services on our behalf. We share contact, demographic, payment, site usage and biometric information.
We share information if we think we have to in order to comply with the law or to protect ourselves. We share information we collect about you to respond to a court order or subpoena. We share information in response to a government agency or investigatory body request. We share information we collect when we investigate potential fraud.
We share information in connection with a business transfer or transaction. If all or part of our business is or was sold, we may share your information as part of that transaction. If there is a merger or acquisition, we may also share your information. If there is a financing or bankruptcy, we may share your information. Parties we share information with include lenders, auditors, and advisors.
We share information as permitted by law and for other reasons we may describe to you.
We provide you with options on how we use your information, as described here:
You can opt out of receiving our marketing emails. To stop receiving our promotional emails, follow the "unsubscribe" instructions in any promotional message you get from us. Even if you opt out of getting marketing messages, we will still send you transactional messages. These include responses to your questions or other necessary information about your account.
You can control cookies and tracking tools. To learn how to manage how we and our vendors use cookies and other tracking tools, and to read our Do Not Track Policy, click here.
These additional disclosures apply only to individuals who reside in California, and are provided pursuant to the California Consumer Privacy Act, as modified by the California Privacy Rights Act of 2020 (the 'CCPA'). If you work for Jimmy John's, please see our California Employee Privacy Notice for additional disclosures. California job applicants can find additional disclosures here.
In the past 12 months, we have collected the following categories of personal information listed in the CCPA:
| Category of Personal Information | Categories of Sources from which Information was Collected | Purposes for Collection |
|---|---|---|
| Identifiers, including real name, postal address, unique personal identifier, online identifier, IP address, email address, account name, or other similar identifiers |
Directly from you or someone you know Automatically when you use our websites and apps Advertising networks Data analytics providers Social networks Vendors that help us to fulfill and deliver orders, process payments, support our promotions, contests, gift cards, loyalty programs, and sweepstakes, and provide communications, marketing, or other services on our behalf Affiliates Jimmy John's franchisees |
Customer service Marketing and advertising To better understand how users access and use the websites and apps, to improve the Websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis To help maintain the safety, security, and integrity of our websites and apps, databases and other technology assets, as well as your account, orders, and deliveries Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity Tailoring our content or otherwise personalizing the websites and apps As part of our application process for potential franchisees, and relationship with current franchisees |
|
Personal records, including name, signature, social security number, address, telephone number, passport number, driver's license or state identification card number, education, employment, employment history, bank account number, credit card number, debit card number, or other financial information. This category includes the information described in Cal. Civ. Code § 1798.80(e). |
Directly from you Vendors that help us to fulfill and deliver orders, process payments, support our promotions, contests, gift cards, loyalty programs, and sweepstakes, and provide communications, marketing, or other services on our behalf Affiliates Jimmy John's franchisees |
Processing your purchases of or requests for products or services Maintaining your account with us Communicating with you, and facilitating communications through our websites and apps. To support our contests, promotions, loyalty programs, coupons, and sweepstakes Customer service Marketing and advertising To better understand how users access and use the websites and apps, to improve the websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis To help maintain the safety, security, and integrity of our websites and apps, databases and other technology assets, as well as your account, orders, and deliveries Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity Tailoring our content or otherwise personalizing the websites and apps As part of our application process for potential franchisees, and relationship with current franchisees |
|
Characteristics of protected classifications under California or federal law, including birthday, and gender |
Directly from you Affiliates |
Customer service To support our contests, promotions, loyalty programs, coupons, and sweepstakes Marketing and advertising To better understand how users access and use the websites and apps, to improve the websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis To help maintain the safety, security, and integrity of our websites and apps, databases and other technology assets, as well as your account, orders, and deliveries Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity Tailoring our content or otherwise personalizing the websites and apps |
|
Commercial information, including products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies |
Directly from you Automatically when you use our websites and apps Vendors that help us to fulfill and deliver orders, process payments, support our promotions, contests, gift cards, loyalty programs, and sweepstakes, and provide communications, marketing, or other services on our behalf Affiliates Jimmy John's franchisees |
Processing your purchases of or requests for products or services Communicating with you, and facilitating communications through our websites and apps To support our contests, promotions, loyalty programs, coupons, and sweepstakes Customer service Marketing and advertising Tailoring our content or otherwise personalizing the websites and apps To better understand how users access and use the websites and apps, to improve the websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
|
Internet or other electronic network activity information, including search history, and information regarding interactions with our websites, applications, or advertisements |
Automatically when you use our websites and apps Internet service providers Data analytics providers Vendors that help us to fulfill and deliver orders, and provide communications, marketing, or other services on our behalf |
To better understand how users access and use the websites and apps, to improve the websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis Marketing and advertising To help maintain the safety, security, and integrity of our websites and apps, databases and other technology assets, as well as your account, orders, and deliveries Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity Tailoring our content or otherwise personalizing the websites and apps Customer service |
|
Geolocation data |
Automatically when you use our websites and apps |
Processing your purchases of or requests for products or services Customer service Marketing and advertising To better understand how users access and use the websites and apps, to improve the websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis To help maintain the safety, security, and integrity of our websites and apps, databases and other technology assets, as well as your account, orders, and deliveries Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity Tailoring our content or otherwise personalizing the websites and apps |
|
Audio, electronic, visual, thermal, olfactory, or similar information |
WE DO NOT COLLECT |
N/A |
|
Professional or employment-related information If you are a Jimmy John's employee, please see our California Employee Privacy Notice for additional disclosures. Job applicants can find additional disclosures in our California Applicant Privacy Notice. |
Directly from you. |
As part of our application process for potential franchisees, and relationship with current franchisees Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
|
Inferences used to create a profile reflecting the consumer's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes |
Drawn from the other categories of Personal information we collect |
To support our contests, promotions, loyalty programs, coupons, and sweepstakes Marketing and advertising To better understand how users access and use the websites and apps, to improve the websites and apps, to respond to user desires and preferences, auditing, and for other research and analysis Tailoring our content or otherwise personalizing the websites and apps As part of our application process for potential franchisees, and relationship with current franchisees |
Among the categories listed above are the following categories of sensitive personal information:
| Category of Sensitive Personal Information | Categories of Sources from which Information was Collected | Purposes for Collection |
|---|---|---|
|
Personal Information that reveals a Social Security, driver's license, state identification card, or passport number |
Directly from you. |
As part of our application process for potential franchisees, and relationship with current franchisees |
|
Personal Information that reveals an account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account |
Directly from you |
Maintaining your account with us |
Personal Information that reveals precise geolocation (location within a radius of 1,850 feet) |
Automatically when you use our websites and apps |
Processing your purchases of or requests for products or services Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity Tailoring our content or otherwise personalizing the websites and apps |
In addition to the purposes described above, we may use and disclose any category of personal information or sensitive personal information we collect to respond to law enforcement requests, or as otherwise required or authorized by applicable law, court order, or governmental regulations; to protect our rights and interests and those of others (including our franchisees); to resolve any disputes; to enforce our policies; and to evaluate or conduct a merger, sale, or other acquisition of some or all of our assets.
We keep the categories of personal information described above for as long as is necessary for the purposes described in this Privacy Policy or otherwise authorized by law. This generally means holding the information for as long as one of the following apply:
Where personal information is used for more than one purpose, we will retain it until the purpose with the latest period expires. For more information about our retention policies, please contact us using the contact details below.
We disclose personal information as shown below. The first chart shows the categories of personal information we disclose to our service providers and contractors for business or commercial purposes. Although we do not sell personal information in exchange for money, some of the ways in which we disclose personal information for advertising or to our affiliated brands and companies may be considered “sales†or “sharing†under California law. The second chart shows the categories of personal information we share for purposes of cross-context behavioral advertising or otherwise “sell,†as that term is defined under California law. We do not have actual knowledge that we sell or share the personal information of consumers under 16 years of age
| Category of Personal Information | Categories of Recipients | Purposes for Disclosure |
|---|---|---|
| Personal Information | ||
Identifiers |
Affiliates Service providers that we use to support our business and operations |
Processing your purchases of or requests for products or services Performing services on our behalf (e.g., fulfilling and delivering orders, processing payments, supporting our promotions, contests, gift cards or loyalty programs, and providing communications, technical, analytical, web hosting, cloud hosting and mobile application support, or other services on our behalf) Providing advertising and marketing services (except for cross-context behavioral advertising) Short-term, transient use, including, but not limited to, non-personalized advertising Auditing, related to ad impressions Ensuring security and integrity of personal information Debugging to identify and repair errors that impair existing intended functionality Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
Personal records |
Affiliates Service providers that we use to support our business and operations |
Processing your purchases of or requests for products or services Performing services on our behalf (e.g., fulfilling and delivering orders, processing payments, supporting our promotions, contests, gift cards or loyalty programs, and providing communications, technical, analytical, web hosting, cloud hosting and mobile application support, or other services on our behalf) Providing advertising and marketing services (except for cross-context behavioral advertising) Short-term, transient use, including, but not limited to, non-personalized advertising Auditing, related to ad impressions Ensuring security and integrity of personal information Debugging to identify and repair errors that impair existing intended functionality Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
Characteristics of protected classifications |
Affiliates Service providers that we use to support our business and operations |
Performing services on our behalf (e.g., fulfilling and delivering orders, processing payments, supporting our promotions, contests, gift cards or loyalty programs, and providing communications, technical, analytical, web hosting, cloud hosting and mobile application support, among other services) Providing advertising and marketing services (except for cross-context behavioral advertising) Short-term, transient use, including, but not limited to, non-personalized advertising Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
Commercial Information |
Affiliates Service providers that we use to support our business and operations |
Processing your purchases of or requests for products or services Performing services on our behalf (e.g., fulfilling and delivering orders, processing payments, supporting our promotions, contests, gift cards or loyalty programs, and providing communications, technical, analytical, web hosting, cloud hosting and mobile application support, among other services) Providing advertising and marketing services (except for cross-context behavioral advertising) Short-term, transient use, including, but not limited to, non-personalized advertising Auditing, related to ad impressionsEnsuring security and integrity of personal information Debugging to identify and repair errors that impair existing intended functionality Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
Internet or other electronic network activity information |
Service providers that we use to support our business and operations |
Processing your purchases of or requests for products or services Performing services on our behalf (e.g., fulfilling and delivering orders, processing payments, supporting our promotions, contests, gift cards or loyalty programs, and providing communications, technical, analytical, web hosting, cloud hosting and mobile application support, among other services) Providing advertising and marketing services (except for cross-context behavioral advertising) Short-term, transient use, including, but not limited to, non-personalized advertising Auditing, related to ad impressionsEnsuring security and integrity of personal information Debugging to identify and repair errors that impair existing intended functionality Detecting, investigating, or protecting against malicious, deceptive, fraudulent, or illegal activity |
Geolocation data |
Service providers that we use to support our business and operations |
Processing your purchases of or requests for products or services Performing services on our behalf (e.g., fulfilling and delivering orders) Short-term, transient use, including, but not limited to, non-personalized advertising |
Inferences |
Affiliates Service providers that we use to support our business and operations |
Performing services on our behalf (e.g., providing communications, technical, analytical, web hosting, cloud hosting and mobile application support, among other services) Providing advertising and marketing services (except for cross-context behavioral advertising) |
| Sensitive Personal Information | ||
Precise geolocation |
Service providers that we use to support our business and operations |
Processing your purchases of or requests for products or services Performing services on our behalf (e.g., fulfilling and delivering orders) |
| Category of Personal Information or Sensitive Personal Information | Categories of Recipients | Purposes for Selling / Sharing |
|---|---|---|
Identifiers |
Service Providers Affiliates |
To show you relevant ads Analytics, data strategy, consultation on, development or improvement of products and services, marketing, advertising, and related services |
Personal Records |
Service Providers Affiliates |
To show you relevant ads Analytics, data strategy, consultation on, development or improvement of products and services, marketing, advertising, and related services |
If you are a resident of California, you have the right to submit certain requests relating to your personal information as described below. To exercise any of these rights, please submit a request through our webform here or call us at 1-866-276-6302. Please note that, if you submit a request to know, request to delete, or request to correct, you will be asked to log into your account or to provide 2-3 pieces of personal information that we will match against our records to verify your identity. You may designate an authorized agent to make a request on your behalf; however, you will still need to verify your identity directly with us before your request can be processed. An authorized agent may submit a request on your behalf using the webform or toll-free number listed above.
Right to Delete Your Personal Information. You have the right to request that we delete personal information we collected from you, subject to certain exceptions. Where we use deidentification to satisfy a deletion request, we commit to maintaining and using the information in deidentified form and will not to attempt to reidentify the information.
Right to Correct Inaccurate Information. If you believe that personal information we maintain about you is inaccurate, you have the right to request that we correct that information.
Right to Opt Out of Sales and Sharing of Personal Information. You have the right to opt out of the sale of your personal information, and to request that we do not share your personal information for cross-context behavioral advertising. To opt-out, please click here. If you choose to use the Global Privacy Control (GPC) browser signal, you will be opted out of cookie-based sales or sharing of personal information, and will need to turn it on for each browser you use.
Right to Limit Use and Disclosure of Sensitive Personal Information. To limit our use of your Sensitive personal information, if applicable, please click here.
Rights Related to Automated Decision-Making. You have the right to opt out of automated decision-making, including profiling, that we use to evaluate certain personal aspects relating to your performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.
Right to Non-Discrimination for the Exercise of Your Privacy Rights. If you choose to exercise any of your privacy rights under the CCPA, you also have the right not to receive discriminatory treatment by us.
We may offer loyalty programs (including Freaky Fast Rewards) that provides benefits such as rewards points and discounts to those who choose to participate. From time to time, we also offer coupons, discount codes, or offers for free products that required a sign-up. Participation equires you to provide some personal information, such as Identifiers, Personal Records, Internet or other electronic network activity information, and Commercial Information. The incentives associated with our loyalty programs are designed to reward loyal customers for continuing to purchase our products. For the terms and conditions applicable to Freaky Fast Rewards, please click here.
We have made a good faith estimate that the value of consumers' personal information provided in connection with our loyalty programs is roughly equivalent to the relevant expenses related to the collection and retention of that personal information. Any difference in price or benefits provided to customers who participate in our loyalty programs is reasonably related to the value of the personal information provided. By joining our loyalty program, you consent to any financial incentive associated with the program. You have the right to withdraw from the financial incentive at any time by cancelling your participation in the loyalty program.
This Section supplements the other parts of our Privacy Policy, and provides additional information for Virginia consumers, including how to exercise their rights under the Virginia Consumer Data Protection Act ('VCDPA').
Targeted Advertising. We may process your personal information for targeted advertising (as the term is defined in the VCDPA). To opt out, please click here.
Sales of Personal Information. We do not sell personal information as defined under the VCDPA.
If you are a resident of Virginia, you have the right to submit certain requests relating to your personal information as described below. To exercise any of these rights, please submit a request through our webform here. Please note that we will need to authenticate your identity before your request can be processed. For authentication, you will be asked to log into your account or to provide 2-3 pieces of personal information that we will match against our records.
Right to Access and Data Portability. You have the right to confirm whether we are processing your personal information, to access your personal information, and to obtain a copy of personal information you provided to us in a portable format.
Right to Correct. You have the right to request that we correct inaccuracies in your personal information, taking into account the nature of the personal information and our purposes for processing it.
Right to Delete. You have the right to request that we delete your personal information.
Right to Opt Out. Under the VCDPA, you have the right to opt out of the following uses of your personal information:
We do not use your personal information in ways that qualify as sales or profiling under the VCDPA. To opt out of targeted advertising, please submit a request as outlined above.
Right to Appeal. Sometimes we are unable to process requests relating to your personal information, in which case, your request will be denied. If you are a resident of Virginia whose privacy rights request has previously been denied by us and you believe we denied it in error, you may appeal for reconsideration of your request. The link to appeal is found in the email communication we send once your original request is completed.
Please note that if you make a privacy rights request, we will retain a record of your request for recordkeeping purposes.
Nevada residents' rights. We also have disclosure obligations in Nevada. We do not exchange Nevada residents' personal information for money with anyone so they may license or sell the personal information to additional parties. Nevada residents may opt out of the future sale of their information to a third party so that they may license or sell information by emailing us at [email protected]. You may contact us with questions or requests regarding the sale of your information as described below.
The Internet is not 100% secure. We cannot promise that your use of our sites or apps will be completely safe. We encourage you to use caution when using the Internet. This includes not sharing your passwords.
If you live outside of the United States, you understand and agree that we may transfer your information to the United States. This site is subject to U.S. laws, which may not afford the same level of protection as those in your country.
If you click on a link to a third-party site, you will be taken to websites we do not control. This includes our pages on social media sites. This policy does not apply to the privacy practices of these websites. Read the privacy policy of other websites carefully. We are not responsible for these third-party practices.
Our sites and apps are meant for adults. We do not knowingly collect personally identifiable information from children under 13 without permission from a parent or guardian. If you are a parent or legal guardian and think your child under 13 has given us information, you can email us. You can also write to us at the address listed at the end of this policy. Please mark your inquiries "COPPA Information Request." Parents, you can learn more about how to protect children's privacy on-line here.
If you have questions about this Policy, you can write to us at:
Jimmy John's Attn: Legal Department, Privacy Counsel,
3 Glenlake Parkway NE, Atlanta, GA 30328.
You can email us at [email protected].
You can call us at 1-866-276-6302.
We may make changes or updates to this Policy. We will notify you of any material changes to this Policy as required by law. All changes will also be posted on our website. Please check our site periodically for updates.