Privacy Policy
Last updated: September 14, 2025
This Privacy Policy explains how QSR Explorers LLC (doing business as Drinkit) and our affiliates (collectively, “Drinkit,” “we,” “us,” or “our”) collect, use, disclose, and protect personal information when you use our websites, mobile apps, and in-store services (together, the “Services”), and the choices you have.
If you do not agree with this Policy, do not use the Services. Capitalized terms not defined here have the meanings given in our Terms of Use.
1. Who We Are & Scope
Controller: QSR Explorers LLC (CA LLC; Entity No. 202461616484), Address: 2108 N ST #10181, Sacramento, CA 95816, USA – Email: info@qsrexplorers.com
This Policy applies to the Services we control. For payments, we use third-party processors. Those companies may process your data as our service providers (a/k/a processors) and, in some cases, as their own controllers under their privacy policies.
Our website does not collect personal information or use cookies, other than basic server logs (e.g., IP address and user-agent) necessary to deliver the site.
2. Personal Information We Collect
We collect the categories of personal information listed below. Specific data elements depend on how you interact with us.
3. How We Use Personal Information (Purposes)
We use personal information to:
4. Disclosures of Personal Information
We disclose personal information to:
5. “Sale,” “Sharing,” and Targeted Advertising
Some U.S. state laws define a “sale” or “sharing” of personal information to include certain data disclosures to advertising/analytics partners via cookies/SDKs. Depending on your state, our use of these tools may be considered a sale or sharing or targeted advertising.
Your Choices:
6. Your Privacy Rights
Depending on your state (e.g., CA, CO, CT, TX, VA, UT, OR, DE, IA, IN, MT, TN), you may have some or all of the following rights:
Appeals. If we deny your request, you may appeal by replying to our decision email or emailing info@qsrexplorers.com with subject “Appeal.” If your appeal is denied, you may contact your state Attorney General. California residents may also contact the California Privacy Protection Agency (CPPA).
7. Online Advertising, Analytics, Cookies & GPC
Our website does not use cookies or analytics; the controls below apply to our mobile app and any interactive web properties we may launch in the future.
We and our partners use cookies, SDKs, pixels, and device identifiers for analytics and advertising. You may control cookies/SDK permissions in your browser, device, and in-app settings. Where required by law, we honor GPC and other recognized universal opt-out signals. Opt-outs are browser/app specific and may not persist if you clear cookies or change devices. Opt-outs do not block non-personalized ads.
8. SMS/Email/Push Communications
Transactional messages (e.g., order confirmations) are part of the Services.
Promotional email/push/SMS are sent with your consent where required. You can unsubscribe in the message, in-app settings, or by emailing info@qsrexplorers.com. For SMS: reply STOP to opt out, HELP for help. Message/data rates may apply.
9. Retention
We retain personal information for as long as needed to provide the Services and for legitimate business or legal purposes. Typical retention periods:
10. Children’s Privacy
Our Services are intended for a general audience and are not directed to children under 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If we learn that we collected such information, we will delete it. Users ages 13–17 may use the Services; any paid orders should be placed with parent/guardian permission and a permitted payment method.
11. Security
We implement reasonable and appropriate technical and organizational safeguards designed to protect personal information (e.g., encryption in transit, access controls, logging). However, no method of transmission or storage is 100% secure.
12. International Users
We are based in the United States and process information in the U.S. By using the Services, you understand your information may be transferred to, stored, or processed in the U.S. or other countries with different data protection laws than your own.
13. Third-Party Services
The Services may link to third-party sites, apps, or services. Their privacy policies — not this Policy — govern those practices (e.g., Nuvei payment processing). We encourage you to review their policies.
14. Changes to This Policy
We may update this Policy. If changes are material, we will provide prominent notice (e.g., in-app notice or email) and indicate the “Last updated” date. Your continued use of the Services means you accept the revised Policy.
15. Contact Us
Questions or requests?
Email: info@qsrexplorers.com
Phone: 1-800-915-7717
Postal: QSR Explorers LLC, Attn: Privacy, 2108 N ST #10181, Sacramento, CA 95816, USA
16. U.S. State-Specific Notices
California (CA) Notice at Collection & CPRA Disclosure
17. Key Partners & Service Providers (Examples)
18. Data Protection Impact & Governance (Summary)
Where required, we assess processing activities and apply data minimization, purpose limitation, and role-based access controls. We also maintain processes to detect, investigate, and notify of certain security incidents as required by law.
Last updated: September 14, 2025
This Privacy Policy explains how QSR Explorers LLC (doing business as Drinkit) and our affiliates (collectively, “Drinkit,” “we,” “us,” or “our”) collect, use, disclose, and protect personal information when you use our websites, mobile apps, and in-store services (together, the “Services”), and the choices you have.
If you do not agree with this Policy, do not use the Services. Capitalized terms not defined here have the meanings given in our Terms of Use.
1. Who We Are & Scope
Controller: QSR Explorers LLC (CA LLC; Entity No. 202461616484), Address: 2108 N ST #10181, Sacramento, CA 95816, USA – Email: info@qsrexplorers.com
This Policy applies to the Services we control. For payments, we use third-party processors. Those companies may process your data as our service providers (a/k/a processors) and, in some cases, as their own controllers under their privacy policies.
Our website does not collect personal information or use cookies, other than basic server logs (e.g., IP address and user-agent) necessary to deliver the site.
2. Personal Information We Collect
We collect the categories of personal information listed below. Specific data elements depend on how you interact with us.
- Identifiers (e.g., name, username, email, phone number, device IDs, cookie IDs).
- Customer Records (e.g., delivery address, order history, saved payment token IDs — not full card numbers).
- Commercial Information (e.g., items browsed or purchased, promo usage, loyalty status).
- Geolocation Data (approximate location from IP; optional precise location if you enable it for store finder or delivery).
- Internet / App Activity (e.g., pages viewed, app screens, clicks, referrers, time stamps, crash logs).
- Inferences (e.g., preferences derived from activity).
- Audio/Visual (e.g., customer support call recordings if applicable; CCTV in stores for security and fraud prevention).
- Sensitive Personal Information (only if you intentionally provide/enable it): precise geolocation; account login combined with password; payment card token and last 4 digits. We do not collect government IDs, racial/ethnic data, or health data for typical use of the Services.
3. How We Use Personal Information (Purposes)
We use personal information to:
- Provide the Services (create/manage accounts; take and fulfill orders; process payments; deliver or enable pickup; provide customer support).
- Personalize your experience (remember items, preferences, and store settings).
- Market and advertise (including interest-based ads), send transactional and promotional communications (email, push, SMS if you opt in).
- Improve and secure the Services (analytics, debugging, auditing, short-term transient use, fraud and abuse prevention, safety and security — including CCTV in stores).
- Comply with law, enforce Terms, and protect our, your, and others’ rights.
- We use sensitive personal information only for permitted, limited purposes (e.g., to process payments or secure accounts) and not to infer characteristics.
4. Disclosures of Personal Information
We disclose personal information to:
- Service Providers / Processors who perform services on our behalf (e.g., hosting, payment processing (Nuvei), analytics, messaging/SMS, delivery and logistics, customer support, security, and auditors). They are prohibited from using your data except as instructed by us.
- Advertising & Analytics Partners for interest-based advertising and measurement (where permitted). See Section 7 for opt-out.
- Business Transfers (e.g., merger, acquisition, financing, or sale of assets).
- Legal / Safety (e.g., to comply with law, lawful requests, or to protect rights, safety, and security).
5. “Sale,” “Sharing,” and Targeted Advertising
Some U.S. state laws define a “sale” or “sharing” of personal information to include certain data disclosures to advertising/analytics partners via cookies/SDKs. Depending on your state, our use of these tools may be considered a sale or sharing or targeted advertising.
Your Choices:
- Do Not Sell or Share My Personal Information / Opt-Out of Targeted Advertising. You can opt out via the in-app or website privacy controls (see the "Do Not Sell or Share / Opt-Out" option). As required by law, we also honor browser/app Global Privacy Control (GPC) and other recognized universal opt-out signals.
- Cookie Controls. Manage preferences in the app or browser and via your device OS settings.
6. Your Privacy Rights
Depending on your state (e.g., CA, CO, CT, TX, VA, UT, OR, DE, IA, IN, MT, TN), you may have some or all of the following rights:
- Access / Know the categories and specific pieces of personal information we have about you.
- Correct inaccurate personal information.
- Delete personal information we collected from you.
- Opt-out of sale/sharing/targeted advertising.
- Opt-out of certain types of automated decision-making or profiling (where applicable).
- Limit the use/disclosure of sensitive personal information (where applicable).
- Data Portability (receive your data in a portable format).
- Appeal our decision if we decline your request (where required by law).
Appeals. If we deny your request, you may appeal by replying to our decision email or emailing info@qsrexplorers.com with subject “Appeal.” If your appeal is denied, you may contact your state Attorney General. California residents may also contact the California Privacy Protection Agency (CPPA).
7. Online Advertising, Analytics, Cookies & GPC
Our website does not use cookies or analytics; the controls below apply to our mobile app and any interactive web properties we may launch in the future.
We and our partners use cookies, SDKs, pixels, and device identifiers for analytics and advertising. You may control cookies/SDK permissions in your browser, device, and in-app settings. Where required by law, we honor GPC and other recognized universal opt-out signals. Opt-outs are browser/app specific and may not persist if you clear cookies or change devices. Opt-outs do not block non-personalized ads.
8. SMS/Email/Push Communications
Transactional messages (e.g., order confirmations) are part of the Services.
Promotional email/push/SMS are sent with your consent where required. You can unsubscribe in the message, in-app settings, or by emailing info@qsrexplorers.com. For SMS: reply STOP to opt out, HELP for help. Message/data rates may apply.
9. Retention
We retain personal information for as long as needed to provide the Services and for legitimate business or legal purposes. Typical retention periods:
- Account information: while your account is active and up to 3 years after inactivity.
- Orders, transactions, and receipts: 7 years (for tax/audit purposes).
- Marketing preferences: until you opt out or for 3 years after last interaction.
- CCTV security footage: typically 30–90 days, unless needed longer for incidents.
- Cookies/SDK identifiers: per their lifetimes (see in-app cookie settings).
10. Children’s Privacy
Our Services are intended for a general audience and are not directed to children under 13. We do not knowingly collect personal information from children under 13 without verifiable parental consent. If we learn that we collected such information, we will delete it. Users ages 13–17 may use the Services; any paid orders should be placed with parent/guardian permission and a permitted payment method.
11. Security
We implement reasonable and appropriate technical and organizational safeguards designed to protect personal information (e.g., encryption in transit, access controls, logging). However, no method of transmission or storage is 100% secure.
12. International Users
We are based in the United States and process information in the U.S. By using the Services, you understand your information may be transferred to, stored, or processed in the U.S. or other countries with different data protection laws than your own.
13. Third-Party Services
The Services may link to third-party sites, apps, or services. Their privacy policies — not this Policy — govern those practices (e.g., Nuvei payment processing). We encourage you to review their policies.
14. Changes to This Policy
We may update this Policy. If changes are material, we will provide prominent notice (e.g., in-app notice or email) and indicate the “Last updated” date. Your continued use of the Services means you accept the revised Policy.
15. Contact Us
Questions or requests?
Email: info@qsrexplorers.com
Phone: 1-800-915-7717
Postal: QSR Explorers LLC, Attn: Privacy, 2108 N ST #10181, Sacramento, CA 95816, USA
16. U.S. State-Specific Notices
California (CA) Notice at Collection & CPRA Disclosure
- Categories Collected: Identifiers; Customer Records; Commercial Information; Internet/App Activity; Geolocation; Inferences; Audio/Visual (support calls, CCTV); Sensitive PI (account login with password; payment token/last 4; precise location if enabled).
- Purposes: Provide Services; personalization; marketing/advertising; analytics; security/fraud prevention; legal compliance.
- Retention: See Section 9.
- Disclosure for Business Purposes: We disclose personal information to service providers for the above purposes (see Section 4). In the past 12 months, we have disclosed all of the above categories of personal information for these business purposes.
- Sale/Sharing: We may “sell” or “share” personal information for cross-context behavioral advertising (e.g., via advertising cookies/SDKs). In the past 12 months, we have sold or shared Identifiers and Internet/App Activity with our advertising and analytics partners for such purposes. You can opt out via Do Not Sell or Share, and we honor GPC signals. We do not knowingly sell or share the personal information of users under 16.
- Sensitive PI: Used only for limited permitted purposes (payments, authentication, security) and not to infer characteristics. California residents may request to limit use/disclosure of Sensitive PI where applicable.
- Right to Know/Access, Delete, Correct, Opt-out, Limit, and Portability: See Section 6 for how to exercise rights. Authorized agents may submit requests; we will verify requests and your authorization.
- Financial Incentives: We do not offer programs that provide a price or service difference in exchange for personal information. If we introduce such a program, we will provide required notices and obtain opt-in consent.
- Metrics: If required by law in the future, we will publish request metrics.
- California Shine the Light: We do not disclose personal information to third parties for their direct marketing purposes without your consent.
17. Key Partners & Service Providers (Examples)
- Payments: Nuvei (tokenization; fraud prevention). We transmit payment details to the processor; we do not store full card numbers. (See Nuvei’s privacy disclosures.)
- Analytics/Ads: tools that help measure usage and deliver interest-based ads.
- Messaging: email/SMS/push providers.
- Logistics/Delivery: where applicable.
- A current list of service provider categories is available upon request.
18. Data Protection Impact & Governance (Summary)
Where required, we assess processing activities and apply data minimization, purpose limitation, and role-based access controls. We also maintain processes to detect, investigate, and notify of certain security incidents as required by law.