Privacy Policy
Effective October 1, 2022
Last updated: July 08, 2024
California Restaurant Association (“CRA,” “we,” “us,” and/or “our”) has created this website to provide our site visitors and customers’ own site visitors (“you,” “your”) with information about our company and our tools. This Privacy Policy (this “Policy”) sets forth CRA ’s policy with respect to information, including personal information and personally identifiable data (“Personal Information”), that is collected from you through the site or other service offerings, and the information collected via embedded widgets on those websites (“Tools”) is directed to CRA and governed by this policy.
If you have any questions or concerns about our use of your Personal Information, please contact us using the contact details provided at the end of Section 10.
Changes in Our Privacy Policy: From time to time, this Privacy Policy may be updated/changed. If we decide to change our privacy policy, we will post those changes to this Privacy Policy and update the “Last updated” date at the top of this Privacy Policy. When we make material changes to this Privacy Policy we will notify you of the revised Privacy Policy on the homepage of our website. Your continued use of our services, including this website, confirms your acceptance of our Privacy Policy, as amended. If you do not agree to our Privacy Policy, as amended, you must stop using or accessing this website. or other places we deem appropriate so that you are aware of what information we collect, how we use it, and under what circumstances, if any we disclose it.
1. What We Do
The California Restaurant Association is a business association that advocates for the restaurant industry of the state of California and provides valuable resources to restaurateurs to navigate the increasingly complicated regulations of the hospitality industry.
2. Information Collected
When you interact with us through the website or other services, we may collect Personal Information and additional information from you, as further described below:
a. Personal Information You Provide: We collect Personal Information from you when you voluntarily provide such information, such as when you contact us with inquiries, subscribe to our digital content, register for access to the services, log in or complete an online transaction on the website. The information requested and collected from you may vary.
By voluntarily providing us with Personal Information, you are consenting to our use of it in accordance with this policy. If you provide Personal Information to the website or through other services, you acknowledge and agree that such Personal Information may be transferred from your current location to the offices and servers of CRA and other authorized third parties provided in this policy for operational or legal purposes.
b. Non-Identifiable Data: When you interact with CRA through our website or services, we receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to identify you unless it is combined with Personal Information specifically. CRA may store such information itself or such information may be included in databases owned and maintained by CRA and service providers.
c. Aggregated Personal Information: In an ongoing effort to better understand and serve the users of the services, CRA may conduct research on its customer/membership demographics, interests and behavior based on the Personal Information and other information provided to us. This research may be compiled and analyzed on an aggregated basis, and CRA may share this aggregated data with its affiliates, agents and business partners. CRA may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and other third parties for other lawful purposes.
d. Credit Card Data (Processing): CRA recognizes your concerns about Web commerce and transactions using bank and credit card information. Therefore, CRA is committed to keeping Personal Information secure during commerce transactions by using a secured SSL encryption with all direct transactions that involve using credit card or banking information. This process allows CRA to send your credit card number and personal data over the Internet securely. These encrypted data files are securely stored on CRA-owned servers. Once encrypted, only the credit card’s authorization company has the ability to decrypt it. CRA never displays your credit card number online. Additionally, we store any Personal Information you have submitted on forms (i.e., your address, email and billing information) on our secure server. Our server is tightly monitored and controlled. Only those with proper authorization have access to this information.
e. Data We Collect Directly From Members: During your CRA Membership Application we collect various types of information for your account creation and services provided by the CRA. Information includes, but is not limited to: Restaurant Name, Company Name, Full Address, Full Mailing Address, Phone Number, Fax, Website, Social Media Accounts, Industry Segments, Cuisine Type, License Type, Company Type, Tax Status, Tax ID, Additional Location Information, Number of Employees, Number of Managers, Prefix, First Name, Last Name, Job Title, Cell Number, Email and Payment Information to process the application.
f. Member Data We Share: As part of your CRA Membership, we share specific Personal Information with our CRA Partners to provide you with valuable discounts, programs and services. A list of our current partners can be found at Our Partners page. Information shared with Our Partners can include: Membership Status, Profile Status, Profile ID, Company Name, Prefix, First Name, Last Name, Work Phone, Address, City, State and Zip Code.
3. Our Tools:
CRA uses multiple tools to provide our members/customers with a unique experience and website functionality. Our website may contain links to third-party websites, such as LinkedIn, Facebook, Twitter and ECWID. These links to third-party websites are not part of our website, and we do not control the content on these websites or any third party’s privacy policy. We encourage you to read the privacy policy for all third-party websites before you use their website or share any Personal Information. Below is a list of the tools we use; we provide links to the third-party privacy policies for ease of reference only.
CRA tools include, but are not limited to:
- Digital Deployment (DD.): We utilize DD for our website platform. DD is the front-facing website where a member can log in, access account information, and view content created by the CRA. Learn more about Digital Deployment.
- MailChimp: We utilize MailChimp for our marketing purposes. These marketing efforts include, but are not limited to: email sends, digital ads, landing pages and subscription management. If at any time you wish to update your subscription preferences, you may click the “update subscription preferences” link or “unsubscribe from this list” link at the bottom of the last email you received. We also abide by the Anti-SPAM Policy (CAN-SPAM Act), and we take every effort to adhere to the Acceptable Use Policy when utilizing the MailChimp system. Learn more about MailChimp’s Privacy Policy.
- Atlas by MemberClicks: We utilize Atlas by MemberClicks to manage our member data. This member database connects with our website to provide our users with unique, tailored experiences. Learn more about Atlas by MemberClicks’ Privacy Policy.
- Oasis by MemberClicks: We utilize Oasis by MemberClicks to manage restaurant employee data. This database connects with our Oasis website to provide our users with unique, tailored experiences. Learn more about Oasis by MemberClicks’ Privacy Policy.
- HubSpot: We utilize HubSpot as our customer relationship management (CRM) platform. This platform assists us with customer service, sales and marketing efforts. Learn more about HubSpot’s Privacy Policy.
- PropFuel: We utilize PropFuel as our conversational engagement platform to provide personalized engagement. This personalized engagement includes, but not limited to email message and text messaging. If at any time you wish to unsubscribe/opt-out, you can easily do so by clicking the unsubscribe link or by responding “STOP” to the text message you received. Learn more about PropFuel’s Privacy Policy.
- SocialPoint: We utilize SocialPoint for our audience engagement platform. This includes fun games/activities that an individual can opt into playing at one of our events. Contact information is requested before a user can play the game/activity. Learn more about SocialPoint’s Privacy Policy.
- MobileUp: We utilize MobileUp for the CRA Legal App. The Legal App uses the foundation of Digital Deployment’s system. If you download the app and enable services through your mobile devices, you are able to receive various types of push notifications to stay up to date on current legal trends in the restaurant industry. Learn more about MobileUp’s Privacy Policy.
- Feathr: We utilize Feathr for our digital ad retargeting. Feathr utilizes a cookie, which pings when individual pages are visited on the website. Feathr does not track or include personally identifiable data. Learn more about Feathr’s Privacy Policy.
- Google Analytics: We use Google Analytics and other related services. Google Analytics uses cookies to help analyze how users use our sites. The information generated by the cookies about your use of the website (including your IP address) will be transmitted to and stored by Google, Inc. (“Google”). Google may use this information to evaluate your use of the site, compiling reports on website activity for website operators, and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Learn more about Google Analytics’ Privacy Policy.
- NextRoll: NextRoll is utilized by California Restaurant Association for some online marketing activities, if you would like to learn more about NextRoll and the California Consumer Privacy Act, please click here. You can opt-out of cookie remarketing at any time by the following link: Network Advertising Initiative opt-out page.
- CRA Store (ECWID): We utilize ECWID for our online store. Learn more about ECWID’s Privacy Policy.
- Calculoid: We utilize Calculoid for our savings calculators. Learn more about Calculoid.
- Alchemer Formerly Survey Gizmo: We utilize Alchemer to organize and collect feedback data from our members through surveys. Members may voluntarily provide information, including Personal Information by responding to a survey. Learn more about Alchemer’s Privacy Policy.
- Train321: We utilize Train321 for our online training platform for specific courses. Learn more about Train321’s Privacy Policy.
- EVERFI: We utilize EVERFI for our online training platform for specific courses. Learn more about EVERFI’s Privacy Policy.
- ServSafe: We utilize ServSafe for our training platform for specific ServSafe courses and trainings. Learn more about ServSafe’s Privacy Policy.
- Gravity Forms: We utilize Gravity Forms to build our custom forms on Keep LA Al Fresco. Data submitted through forms are collected and stored. Learn more about Gravity Forms’ Privacy Policy.
- BentoBox: We utilize BentoBox software to design, develop, and house the Crave Sacramento website. Learn more about BentoBox’s Privacy Policy.
- WordPress: We utilize WordPress to software to design and develop our CRA entity websites. Learn more about WordPress’ Privacy Policy.
- Our entity websites include:
- CRA OC Golf
- Restaurant Sync (formerly known as Chamber Alliance Benefits)
- Keep La Al Fresco
- Dine Out Fresno County
- WooCommerce Extension
- Dine Out CA
- Daily Prep List
- CRA Specialty Insurance Solutions
- California Restaurant Foundation
- Restaurants Care
- The Grateful Table Dine Out
- Our entity websites include:
- VoterVoice: We utilize VoterVoice for the CRA advocacy efforts. Learn more about VoterVoice’s Privacy Policy.
- Zoom: We utilize Zoom for the CRA webinar platform. When you register for a webinar, you acknowledge the information you are providing will be transferred to the Zoom platform and the CRA. The CRA will use the information you provide during the registration process to send you updates and marketing. Learn more about Zoom’s Privacy Policy.
- Social Media: We utilize social media to stay up to date and current with our members and other users. If you have any questions about the Privacy Policies for the various social media platforms which we use, you can find them here:
California Restaurant Foundation (CRF) tools include, but are not limited to:
- MobileCause: We utilize MobileCause as the CRF nonprofit fundraising software. Learn more about MobileCause’s Privacy Policy.
- CommunityForce: We utilize CommunityForce as the CRF Scholarship and Grant Application site. Learn more about CommunityForce’s Privacy Policy.
- Bloomerang: We utilize Bloomerang as our donor management software. Learn more about Bloomerang’s Privacy Policy.
- CRF also uses similar tools that the CRA uses. These tools include: MailChimp, Atlas, Feathr, Google Analytics, Alchemer Formerly Survey Gizmo, Social Media and Zoom.
4. Cookie Policy
Each of the CRA entities uses cookies to better understand how visitors use our site, for advertising, and to offer you a more personalized experience. We use a number of suppliers that may also set cookies on your device on our behalf when you visit California Restaurant Association websites to allow them to deliver the services they are providing. When you visit California Restaurant Association websites you may receive cookies from third-party websites or domains. If you are curious about one of the CRA entities Cookie Policy, please select the URL below to view the policy:
- California Restaurant Association: https://www.calrest.org/footer-link/cookie-policy
- Keep LA Al Fresco: https://keeplaalfresco.com/cookie-policy/
- Dine Out Fresno County: https://dineoutfresnocounty.com/
- Dine Out CA: https://dineoutca.com/cookie-policy/
- Daily Prep List: https://dailypreplist.com/cookie-policy/
- CRA Specialty Insurance Solutions: https://www.crainsuranceservices.com/cookie-policy/
- CRA OC Golf: https://craocgolf.com/cookie-policy/
- Chamber Alliance Benefits: https://chamberaffiliatebenefits.com/cookie-policy/
- California Restaurant Foundation: https://calrestfoundation.org/cookie-policy/
- Restaurants Care: https://restaurantscare.org/cookie-policy/
- The Grateful Table Dine Out: https://thegratefultabledineout.org/cookie-policy/
You are able to update your cookie preferences (consent) by following the instructions on the individual pages.
5. Security:
CRA takes reasonable steps to protect the Personal Information provided to use our website, services and products. Our goal is to keep your information secure and safe from misuse.
6. Third-Party Sites and Content:
This policy applies only to CRA’s website and services. The website and services, including the tools, may contain links to other websites not operated or controlled by CRA.
a. Editorial Guidance: The goal for editorial content on CRA is to be accurate, fair, complete, and ethical. We are committed to a policy of editorial neutrality. Although content on CRA contains information about legal issues, the content is not intended to and does not serve as legal advice. Users who have specific questions about legal issues should consult with their legal counsel.
b. Content from External Sources and Links to External Sites: Content from external sources will be labeled to indicate the source of the information when the website’s editorial staff did not generate the information. Content on the website may contain links to non-CRA content. These links do not constitute an endorsement of the linked content, and CRA does not guarantee the accuracy of the linked content.
c. Correction and Clarifications: We are committed to quickly correcting any factual errors or errors in interpretation. Editorial staff members will address any errors brought to their attention and make an appropriate correction as soon as possible. This includes misspellings as well as factual or informational errors identified in archival articles after they have been published. The goal is to correct all content so that no errors remain in our permanent archive. We also will provide clarifications in cases where, in our judgment, the wording or the headline on an article may lead to misinterpretation.
d. E-Commerce Website and Partner Websites: Information requested by the CRA and its websites is provided and approved by you. Information requested by other firms, organizations, linked websites and partner sites reached through any CRA website but not controlled by the CRA for purchases is provided on a voluntary basis by you. Affiliate online merchants have privacy and data collection practices of their own. Please consult the partner’s home page for the company profile, which will detail their practices. The CRA (as well as any CRA websites) DO NOT HAVE ANY RESPONSIBILITY FOR THE PRACTICES OF FIRMS, WEBSITES AND/OR PARTNER SITES NOT OWNED OR CONTROLLED BY THE CRA.
7. Children’s Online Privacy Protection:
CRA’s website and services are not directed to children. CRA does not knowingly collect information, including Personal Information, from children under the age of 16. If we obtain actual knowledge that we have collected Personal Information from someone under the age of 16, we will immediately delete it. We do not and will not “sell” the Personal Information of consumers we know to be less than 16 years of age, unless we receive affirmative authorization (the “Right to Opt In”) from either the minor who is between 13 and 16 years of age, or the parent or guardian of a minor less than 13 years of age. Please contact us at privacy@calrest.org to inform us if you, or your minor child, are under the age of 16.
8. Details of Personal Information We Collect, How We Use It and Purpose of Use
To provide goods or services offered by CRA, we must process information about you, including Personal Information, whether or not you are registered or logged in. However, we do not use your data for automated decision making.
Here is a summary of categories of Personal Information we may have collected from you over the past 12 months, depending on how you use our services, as well as how we use it and with whom we may have shared it.
This Section 8 also applies to employment-related Personal Information collected from California-based job applicants, contractors, or similar individuals. We collect Personal Information from such individuals when they apply for a job and throughout the job application or interview process. We may also collect their Personal Information from other sources and combine it with the Personal Information they provide us.
Categories of Personal Information we collect may include: | Examples of how Personal Information is used include: | Parties with whom each category of Personal Information may be shared include: |
Identifiers. This information can be collected online, through electronic means, or at an in-person event based on the information you provide to us. Examples include:
|
|
|
Personal information under California Civil Code section 1798.80. This information can be collected online, through electronic means, or at an in-person event based on the information you provide to us. Examples include:
|
|
|
Sensitive Information.This information can be collected online, through electronic means, or at an in-person event based on the information you provide to us. Examples include:
|
|
|
Protected classifications. This information can be collected online, through electronic means, or at an in-person event based on the information you provide to us. Examples include:
|
|
|
Commercial Information. We collect this information from our customers, and generate it internally during transactions with our customers. Examples include:
|
|
|
Internet or Other Electronic Network Activity Information. We collect this information from our users and customers.
Examples include:
|
|
|
Geolocation. We collect this information from our users and customers. Prior to utilizing GPS-based functionality on your mobile device a notice will display requesting permission. The CRA Legal App request this permission. Examples include:
|
|
|
Audio, Electronic, Visual or Similar Information. This information can be collected if you choose to provide it to us.
|
|
|
Professional or Employment-Related Information. We collect this information from our job applicants, customers and business partners. If you are looking for position with the California Restaurant Association, we will request for you to fill out an online application. For example:
|
|
|
Education Information. We collect this information from our job applicants, and customers. If you are looking for position with the California Restaurant Association, we will request for you to fill out an online application. For example:
|
|
|
Inferences. We generate these internally. |
|
|
a. Information We Share With CRA Partners And/Or Third Parties:
Business Contact Information
In order to provide discounts and additional services through our CRA Partners we share some of your Personal Information. For example:
- Profile Status
- Profile ID
- First Name
- Last Name
- Prefix
- Company Name
- Work Phone
- Address Line 1
- Address Line 2
- City
- State
- Zip Code
- Member Status
- Email Address
- Title
- Job Position
Our Current CRA Partners
If you are interested in learning more about our current CRA Partners, please visit Our Partners page.
- Train321
- DoorDash
- Employers
- EmployeeMetrics
- UnitedHealthcare
- Cerity
- ServSafe
- Perks at Work
- Workstream
- Krost
- NRA Show
- California Restaurant Show (formerly known as Western Food Hospitality Expo)
- Transamerica, Cetera, Tag
- US Bank | Elavon
- Berliner Cohen LLP
- Fisher & Phillips LLP
- JacksonLewis
- Kronick Moskovitz Tiedemann & Girard
- Wilson Elser LLP
- Zaller Law Group
- Adesso
- Ascap
- BMI
- Easy Ice
- Paychex
- National Restaurant Association
- AAAtraq
CRA works with these service providers or business partners for purposes of CRA Discounts and Partnerships, account creation on training platforms, participate in specific trainings, market and advertise for third parties, and other operational purposes.
9. Your California Consumer Privacy Rights
Under the California Consumer Privacy Act (“CCPA”), if you are a California resident, you are entitled to additional efforts to protect their privacy, these rights include:
- Right to Access/Know where you may request any or all of the following information relating to your Personal Information we have collected and disclosed in the last 12 months, upon verification of your identity:
- The specific pieces of Personal Information we have collected about you;
- The categories of Personal Information we have collected about you;
- The categories of sources of the Personal Information;
- The categories of Personal Information that we have disclosed to third parties for a business purpose, and the categories of recipients to whom this information was disclosed;
- The categories of Personal Information we have sold about you (if any), and the categories of third parties to whom the information was sold; and
- The business or commercial purposes for collecting or, if applicable, selling the Personal Information.
- Right to Request Deletion of Personal Information that CRA has collected of you
- Right to “opt-out” of the sale or sharing of Personal Information
- Right to No Retaliation for the Exercise of a Consumer’s Privacy Rights – a consumer (including employees, job applicants, or independent contractors) has a right not to receive discriminatory or retaliatory treatment by CRA for the valid exercise of privacy rights conferred by the CCPA/CPRA.
- Right to request that you limit a California consumer’s use and disclosure of their sensitive Personal Information
- Right to correct any inaccurate Personal Information
We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to:
- Complete the transaction for which we collected the Personal Information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing relationship with you, or otherwise perform our contract with you.
- Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.
- Debug products to identify and repair errors that impair existing intended functionality.
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.
- Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 seq.).
- Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information’s deletion may likely render impossible or seriously impair the research’s achievement, if you previously provided informed consent.
- Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.
- Comply with a legal obligation.
- Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
To exercise any of the California consumer’s rights described above, please submit a request to us by either filling out this request form here or email privacy@calrest.org.
CRA provides a Do Not Sell link to comply with the CCPA and provide California residents with the ability to “opt-out” of the “sale” of their Personal Information. You can review or make a request under this section here.
10. Accountability:
CRA uses commercially reasonable physical, managerial, and technical safeguards to preserve the integrity and security of your Personal Information. We cannot, however, ensure or warrant the security of any information you transmit to the CRA and you do so at your own risk. Once we receive your transmission of information, the CRA makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
If the CRA learns of a security systems breach, then depending on where you live, you may have a legal right to receive notice of a security breach in writing. Depending on the type of data breach that has occurred, the CRA may need to comply with other state and data breach notification laws.
11. Retention of Your Personal Information
CRA will retain your Personal Information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.
CRA will also retain Usage Data (i.e., data collected automatically, either generated by the use of the service or from the service infrastructure itself, such as the duration of a page visit) for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our service, or we are legally obligated to retain this data for longer time periods.
12. California’s “Shine The Light” Law
In addition to the rights described above, California’s “Shine the Light” law (Civil Code Section §1798.83) permits California residents that have an established business relationship with us to request certain information regarding our disclosure of certain types of Personal Information to third parties for their direct marketing purposes during the immediately preceding calendar year. To make such a request, please send an email to privacy@calrest.org. This request may be made no more than once per calendar year. We reserve our right not to respond to requests submitted other than to the email address specified in this section.
13. California’s Do Not Track
Some web browsers (including Safari, Internet Explorer, Firefox and Chrome) have a “Do Not Track” (“DNT”) feature that tells a website that a user does not want to have his or her online activity tracked. If a website that responds to a DNT signal receives a DNT signal, the browser can block that website from collecting certain information about the browser’s user. Not all browsers offer a DNT option and DNT signals are not yet uniform. For this reason, CRA does not currently respond to DNT signals.
Third parties that have content embedded on CRA’s websites such as a social feature may set cookies on a user’s browser and/or obtain information about the fact that a web browser visited a specific CRA website from a certain IP address. Third parties cannot collect any other Personal Information from CRA’s websites unless you provide it to them directly.
14. Access to Information; Contacting CRA
To keep your Personal Information secure and accurate, we provide various ways you may update your Personal Information:
- Logging into your online account and updating information
- Filling out a contact form
- Updating your preferences through MailChimp
- Updating your preferences through the CRA website
- You may also “opt-out” or unsubscribe from an email list
If you have any questions, comments, or suggestions regarding our Privacy Policy or our treatment of the information you provide us, please use this request form, write to us by email at privacy@calrest.org, call us at 800.765.4842 x2743 or by mail to:
California Restaurant Association
Att: Helpline – Privacy
621 Capitol Mall, Suite 2000
Sacramento, CA 95814