Privacy Policy
This Privacy Policy explains how Red Rooster ("we", "us", "our", or "the Company") collects, uses, discloses, stores, and protects your personal information when you visit our website at reds-rooster.com, use our mobile applications, place orders online or in-store, participate in our loyalty programs, or otherwise interact with our services. We are committed to protecting your privacy and handling your personal information in a transparent, responsible, and lawful manner.
By accessing or using our website, applications, or services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms described herein, please discontinue use of our services immediately.
This Privacy Policy is governed by and compliant with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act, and any other applicable Australian federal or state privacy legislation. We take our obligations under Australian privacy law seriously and strive to exceed minimum legal requirements in our data handling practices.
1. About Us
Red Rooster is an Australian food service company operating restaurants and online food ordering services across Australia. Our contact details for all privacy-related matters are as follows:
| Company Name | Red Rooster |
|---|---|
| Website | reds-rooster.com |
| [email protected] |
For all privacy enquiries, access requests, correction requests, or complaints, please contact us using the details above. We have designated a Privacy Officer responsible for ensuring compliance with Australian privacy law and for handling all privacy-related enquiries.
2. The Types of Personal Information We Collect
We collect personal information that is necessary for the provision of our food ordering services, loyalty programs, marketing activities, and the ongoing improvement of our digital platforms. The categories of information we collect include, but are not limited to, the following:
2.1 Identity and Contact Information
- Full name
- Date of birth (to verify age eligibility for certain promotions)
- Email address
- Phone number (mobile and/or landline)
- Residential or delivery address
- Gender (where voluntarily provided)
2.2 Account and Order Information
- Username and password (stored in encrypted form)
- Order history, including items ordered, order frequency, and preferred locations
- Loyalty program membership details, points balances, and reward redemption history
- Dietary preferences and food customisation choices
- Feedback, ratings, and reviews you submit about our food or service
2.3 Payment Information
- Payment card type and last four digits (we do not store full card numbers)
- Billing address associated with your payment method
- Transaction identifiers and payment confirmation records
All payment processing is handled by certified third-party payment processors who comply with the Payment Card Industry Data Security Standard (PCI DSS). We do not store full payment card numbers on our systems.
2.4 Usage and Behavioural Data
- Pages visited on our website and mobile application
- Time and duration of visits
- Clickstream data and navigation paths
- Search queries entered on our platforms
- Products viewed, added to cart, or purchased
- Interactions with promotional content, banners, and email campaigns
2.5 Device and Technical Information
- IP address
- Device type (smartphone, tablet, desktop computer)
- Operating system and version
- Browser type and version
- Unique device identifiers
- Mobile network information
- Crash reports and performance data from our applications
2.6 Location Information
- Approximate location derived from your IP address
- Precise geolocation data from your mobile device (only where you have granted explicit permission through your device settings)
- Delivery address and restaurant location preferences
2.7 Communications Data
- Contents of messages, complaints, and enquiries you send to us via email, contact forms, or customer service channels
- Records of telephone calls with our customer service team (where calls are recorded with notice)
- Survey responses and feedback you provide
2.8 Information from Third Parties
- Information from social media platforms if you choose to connect your social media account to our services or log in using social media single sign-on
- Information from third-party food delivery partners (such as your name, delivery address, and order details) to facilitate delivery services
- Publicly available information we may use to verify details you provide
3. How We Collect Personal Information
We collect personal information through the following means:
- Directly from you: When you create an account, place an order online or in-store, join our loyalty program, subscribe to our newsletter, enter a competition, complete a survey, or contact our customer service team.
- Automatically: When you browse our website or use our mobile application, we automatically collect technical and usage data through cookies, web beacons, pixel tags, and similar tracking technologies.
- From third parties: We may receive information from third-party delivery platforms, social media providers, payment processors, and analytics providers.
- From your device: With your permission, our mobile application may collect geolocation data from your device to assist with finding nearby restaurants and facilitating delivery services.
4. How We Use Your Personal Information
We use your personal information for the following purposes, all of which are consistent with the Australian Privacy Principles and our legitimate business interests:
4.1 Providing and Managing Our Services
- Processing your food orders and arranging delivery or collection
- Managing your online account and loyalty program membership
- Sending order confirmations, receipts, and delivery updates
- Processing payments and managing refunds or disputes
- Providing customer support and resolving complaints
4.2 Improving Our Products and Services
- Analysing order trends and customer preferences to improve our menu offerings
- Conducting internal research and development to enhance our digital platforms
- Performing analytics to understand how users interact with our website and applications
- Testing new features and functionality before broader release
4.3 Marketing and Communications
- Sending you promotional offers, newsletters, and updates about new menu items (where you have opted in or where we are otherwise permitted by law)
- Delivering personalised marketing content based on your order history and preferences
- Running targeted advertising campaigns on social media platforms and digital advertising networks
- Notifying you about loyalty rewards, points expiry, and exclusive member offers
You may opt out of receiving direct marketing communications at any time by clicking the "unsubscribe" link in any marketing email, adjusting your communication preferences in your account settings, or by contacting us at [email protected]. We will action all opt-out requests promptly and in accordance with the Spam Act 2003 (Cth).
4.4 Legal and Compliance Purposes
- Complying with our obligations under applicable Australian law
- Responding to legal processes, regulatory enquiries, or court orders
- Protecting our legal rights and interests
- Preventing and detecting fraud, unauthorised access, and other illegal activities
- Maintaining records required by Australian taxation and food safety regulations
4.5 Safety and Security
- Monitoring and protecting the security of our digital platforms
- Verifying your identity when you contact us or access your account
- Investigating and responding to potential security incidents
5. Disclosure of Personal Information to Third Parties
We may share your personal information with third parties in the following circumstances. We take care to ensure that any third party with whom we share your information is bound by appropriate confidentiality and data protection obligations.
5.1 Service Providers
We engage trusted third-party service providers to perform functions on our behalf, including:
- Payment processors: To securely process transactions made through our platforms
- Delivery partners: To facilitate the delivery of food orders to your nominated address
- Cloud hosting and IT providers: To host and maintain our website, applications, and databases
- Marketing and advertising platforms: To deliver email campaigns, push notifications, and digital advertising
- Analytics providers: To collect and analyse usage data about our platforms
- Customer service platforms: To manage and respond to customer enquiries and complaints
- SMS and push notification providers: To deliver transactional and promotional messages to your device
All service providers are required to use your personal information only for the purposes for which it was disclosed and in accordance with our instructions. They are not permitted to use your personal information for their own purposes.
5.2 Business Transfers
In the event of a merger, acquisition, restructuring, sale of assets, or similar business transaction, your personal information may be transferred to the relevant third party as part of that transaction. We will notify you of any such change in accordance with our obligations under the Privacy Act 1988 (Cth).
5.3 Legal Requirements and Law Enforcement
We may disclose your personal information where we are required or permitted to do so by law, including:
- In response to a valid court order, subpoena, or government directive
- To comply with a requirement of the Australian Tax Office, Australian Competition and Consumer Commission (ACCC), or other regulatory body
- To prevent, detect, or investigate suspected fraud, criminal activity, or breaches of our terms
- To protect the rights, property, or safety of Red Rooster, our employees, customers, or the general public
5.4 Franchise Partners
Red Rooster operates through a network of franchise restaurants across Australia. We may share relevant customer information with our franchise partners for the purpose of fulfilling your orders, managing loyalty programs, and ensuring consistent service quality. All franchise partners are bound by privacy obligations consistent with this policy.
5.5 With Your Consent
We may share your information with other third parties where you have given us your express consent to do so.
6. Cookies and Tracking Technologies
Our website and mobile application use cookies, web beacons, pixel tags, and similar tracking technologies to enhance your browsing experience, analyse website traffic, and deliver personalised content and advertising.
6.1 Types of Cookies We Use
- Strictly Necessary Cookies: Essential for the operation of our website, including maintaining your session when you log in and add items to your cart.
- Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage statistics.
- Functional Cookies: Allow our website to remember your preferences, such as your saved addresses and dietary preferences.
- Targeting and Advertising Cookies: Used to deliver advertising relevant to your interests and to track the effectiveness of our marketing campaigns.
You can manage your cookie preferences through your browser settings or through the cookie consent banner displayed when you first visit our website. Please note that disabling certain cookies may affect the functionality of our website.
For full details about the cookies we use and how to control them, please refer to our Cookie Policy.
7. Data Security
We take the security of your personal information seriously and implement a comprehensive range of technical and organisational measures to protect it from unauthorised access, disclosure, alteration, or destruction.
7.1 Technical Security Measures
- Encryption of data in transit using Transport Layer Security (TLS) protocols
- Encryption of sensitive data at rest using industry-standard encryption algorithms
- Secure password hashing using strong one-way cryptographic functions
- Firewalls and intrusion detection systems protecting our network infrastructure
- Regular security vulnerability assessments and penetration testing
- Multi-factor authentication for access to sensitive internal systems
- PCI DSS-compliant payment processing through certified third-party providers
7.2 Organisational Security Measures
- Strict access controls limiting employee access to personal information on a need-to-know basis
- Regular staff training on privacy obligations and data security best practices
- Comprehensive data breach response plan aligned with the Notifiable Data Breaches (NDB) Scheme under Part IIIC of the Privacy Act 1988 (Cth)
- Contractual obligations imposed on all third-party service providers requiring appropriate security measures
- Regular review and update of security policies and procedures
7.3 Data Breach Notification
In the event of an eligible data breach as defined under the Notifiable Data Breaches Scheme, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable, in accordance with our legal obligations. We will take immediate steps to contain any breach and mitigate harm to affected individuals.
8. Your Privacy Rights Under Australian Law
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have a number of important rights in relation to your personal information. We are committed to facilitating the exercise of these rights promptly and without undue cost to you.
8.1 Right to Access
You have the right to request access to the personal information we hold about you. Upon a valid access request, we will provide you with a copy of the information we hold within 30 days, or notify you if we are unable to comply and explain our reasons. We may charge a reasonable fee to cover the administrative cost of providing access in certain circumstances.
8.2 Right to Correction
If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you have the right to request that we correct it. We will take reasonable steps to correct the information or, if we decline to correct it, will provide you with our reasons and information about how to make a complaint.
8.3 Right to Deletion
In certain circumstances, you may request that we delete or de-identify personal information we hold about you. We will consider all such requests carefully, however please note that we may be required by law or legitimate business necessity to retain certain information even after your request.
8.4 Right to Opt Out of Direct Marketing
You have the right to request that we stop using your personal information for direct marketing purposes. You can exercise this right at any time by contacting us using the details below or by using the unsubscribe mechanism in any marketing communication.
8.5 Right to Complain
You have the right to lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC) if you believe we have handled your personal information in a manner that is inconsistent with the Australian Privacy Principles. Please refer to Section 13 of this policy for details on how to make a complaint.
8.6 How to Exercise Your Rights
To exercise any of your privacy rights, please contact our Privacy Officer at:
- Email: [email protected]
- Website: reds-rooster.com
We may need to verify your identity before processing your request to ensure that we protect your personal information from unauthorised disclosure. We will respond to all privacy rights requests within 30 days of receipt.
9. Data Retention
We retain personal information only for as long as is necessary to fulfil the purposes for which it was collected, or as required by applicable Australian law or regulation. Our general data retention practices are as follows:
| Type of Data | Retention Period | Reason for Retention |
|---|---|---|
| Account and registration data | Duration of account plus 3 years after closure | Service provision, legal compliance, dispute resolution |
| Order history and transaction records | 7 years from the date of transaction | Australian taxation law requirements, dispute resolution |
| Marketing preferences and opt-out records | 7 years from the date of opt-out | Compliance with the Spam Act 2003 (Cth) |
| Customer service communications | 3 years from the date of last contact | Quality assurance, legal compliance |
| Website usage and analytics data | 26 months from the date of collection | Analytics and platform improvement |
| Payment records (partial card data) | 7 years from the date of transaction | Taxation, fraud prevention, dispute resolution |
| Location data | 12 months from the date of collection | Service personalisation and analytics |
| Loyalty program data | Duration of membership plus 3 years | Rewards management, fraud prevention |
When personal information is no longer required, we will take reasonable steps to destroy or de-identify it in a secure manner, in accordance with Australian Privacy Principle 11.
10. International Data Transfers
Red Rooster primarily stores and processes your personal information within Australia. However, some of our third-party service providers, including cloud hosting providers, analytics platforms, and marketing technology providers, may store or process data outside of Australia.
Where we transfer personal information to overseas recipients, we take steps to ensure that your information receives a comparable level of protection to that afforded under the Privacy Act 1988 (Cth). Specifically:
- We assess the privacy laws of the recipient country to determine whether they provide adequate protection;
- We enter into data processing agreements with overseas service providers that impose obligations consistent with the Australian Privacy Principles;
- We obtain your consent to any international transfer where required by law or where we are unable to satisfy ourselves that adequate protections are in place.
Countries to which your information may be transferred include, but may not be limited to, the United States of America, Singapore, and the United Kingdom. Please note that by using our services, you acknowledge that your personal information may be transferred outside Australia in the circumstances described above.
You may contact us at [email protected] to request information about the specific overseas countries to which your personal information may be transferred.
11. Children's Privacy
Our services are not directed at or intended for use by children under the age of 18 years. We do not knowingly collect personal information from individuals under 18 years of age without the consent of a parent or guardian.
Our online ordering platform, loyalty program, and account registration services are intended for use by adults aged 18 years and over. By creating an account or using our services, you represent and warrant that you are at least 18 years of age.
If you are a parent or guardian and believe that a person under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to investigate and, where appropriate, delete the relevant information from our records.
We do not knowingly use the personal information of children under 18 for marketing purposes, and we do not sell or share the personal information of minors with third parties for commercial purposes.
12. Third-Party Websites and Links
Our website and application may contain links to third-party websites, social media platforms, and services operated by parties other than Red Rooster. These include but are not limited to social media platforms such as Facebook, Instagram, and TikTok, as well as third-party delivery platforms.
This Privacy Policy applies only to our website, application, and services. We are not responsible for the privacy practices of third-party websites or services, and we encourage you to review the privacy policies of any third-party sites you visit. The inclusion of a link to a third-party website on our platform does not constitute an endorsement of that website's privacy practices.
13. Complaints and How to Contact the OAIC
If you have a concern about the way we have handled your personal information, or if you believe we have breached your privacy rights, we encourage you to contact us in the first instance so that we have the opportunity to investigate and resolve your complaint.
13.1 Contacting Us
Please submit your privacy complaint to our Privacy Officer using the following contact details:
Please provide as much detail as possible about the nature of your complaint, including the circumstances of the alleged privacy breach, the date(s) on which the events occurred, and any steps you have already taken to resolve the matter.
We will acknowledge receipt of your complaint within 5 business days and aim to provide a substantive response within 30 days. If your complaint is complex, we will keep you updated on our progress and advise you of any expected delay.
13.2 Escalating to the Office of the Australian Information Commissioner (OAIC)
If you are not satisfied with our response to your complaint, or if we fail to respond within a reasonable timeframe, you have the right to escalate your complaint to the Office of the Australian Information Commissioner (OAIC).
The OAIC is the independent national regulator for privacy in Australia and has the authority to investigate complaints about potential breaches of the Privacy Act 1988 (Cth). You can contact the OAIC as follows:
Office of the Australian Information Commissioner (OAIC)
Website: www.oaic.gov.au
Phone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001
Email: [email protected]
The OAIC also provides online complaint lodgement functionality through its website. There is no fee to lodge a privacy complaint with the OAIC.
14. Updates to This Privacy Policy
We may update or revise this Privacy Policy from time to time to reflect changes in our business practices, the services we offer, applicable law, or industry standards. When we make material changes to this Privacy Policy, we will notify you by:
- Posting the updated policy on our website at reds-rooster.com with a revised "Last Updated" date;
- Sending an email notification to registered account holders where the changes are significant;
- Displaying a prominent notice on our website or application.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. Your continued use of our services after the effective date of any changes constitutes your acknowledgement of the updated Privacy Policy.
15. Glossary of Key Terms
| Term | Definition |
|---|---|
| Personal Information | Information or an opinion about an identified individual, or an individual who is reasonably identifiable, as defined in the Privacy Act 1988 (Cth). |
| Sensitive Information | A subset of personal information that includes health information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, and criminal record information. We generally do not collect sensitive information unless specifically required and with your explicit consent. |
| Australian Privacy Principles (APPs) | The 13 principles contained in Schedule 1 of the Privacy Act 1988 (Cth) that govern the collection, use, disclosure, and storage of personal information by APP entities. |
| OAIC | Office of the Australian Information Commissioner — the independent national regulator for privacy and freedom of information in Australia. |
| NDB Scheme | Notifiable Data Breaches Scheme — requires organisations covered by the Privacy Act to notify the OAIC and affected individuals of eligible data breaches. |
| Cookies | Small text files placed on your device by a website to store information about your preferences and browsing activity. |
| De-identification | The process of removing or altering information that would identify an individual so that the individual can no longer be identified from that information. |
16. Contact Us
For any questions, concerns, or requests relating to this Privacy Policy or the handling of your personal information, please contact our Privacy Officer:
We are committed to responding to all privacy enquiries in a timely, courteous, and professional manner, consistent with our obligations under the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
This Privacy Policy was last reviewed and updated on June 25, 2026. © 2026 Red Rooster. All rights reserved.