Privacy

Privacy Settings

Shake Shack takes your privacy very seriously and only provides personal information as required for the products and services you request. We have provided the following controls to Approve and Withdraw consent to process future requests. You can update these settings and view our Privacy Policy at any time from the Shake Shack Privacy page.

  • Cookies Shake Shack uses cookies in order to manage your privacy controls. Our 3rd Party Services use cookies in order to deliver their services to provide the best user experience including the following types of cookies and browser-based data:
  • Marketing Shake Shack sends your browser-based data and other personal information provided by you on our website to Mailchimp in order to personalize the marketing communications and promotions we send you. Additionally, we send anonymized data to Google and Facebook in order to help us fix technical issues, errors and highlight areas such as navigation where we can improve our Website and other digital properties.
  • Guest Support Shake Shack sends your browser-based data and other personal information provided by you on our website to Salesforce to aid our Guest Services team in responding to guest inquires and requests.
  • Social Media Shake Shack embeds social media widgets, videos, and playlists into our website to allow guest to interact with our brand through 3rd party services.

Shake Shack uses the following 3rd Party Services in order to provide the best user experience to its guests: Google, Facebook, Instagram, Twitter, Youtube, Mailchimp, Salesforce, AWS, Cloudflare, Career Arc, Spotify, Paytronix, TeamWorld, Olo, and Session M.

Privacy Policy

Shake Shack has adopted this privacy policy (this “Policy”) in order to inform you of its policies with respect to information collected from the online website located at www.shakeshack.com (the “Website”) and the mobile application (the “Mobile App”).

This Policy applies to the Website, the Mobile App, and any other websites owned and operated by Shake Shack that direct the viewer or user to this Policy.  In this Policy, the terms “Shake Shack,” “we,” and “us” refers to Shake Shack Enterprises, LLC and its affiliates.

Your use of the Website or Mobile App constitutes your acceptance of this Policy and your consent to the practices it describes.

The Information Shake Shack Collects

Shake Shack only obtains personally identifiable information such as your name, email address and payment card or other information when you provide it voluntarily. We may collect information you share, post or provide on the Website or the Mobile App.  Additionally we may collect information about your order, including the items purchased, the payment method and your billing information.

In addition to personally identifiable information about you, Shake Shack may collect aggregated data or anonymized data that does not directly identify you. For example, we may automatically collect Website use information, such as information about your Internet service provider, your operating system, browser type, domain name, Internet protocol (IP) address, your access times, the Website that referred you to us, the web pages you request, and the date and time of those requests.

Children’s Privacy

The Website and Mobile App are directed toward and designed for use by persons aged 13 or older. Shake Shack will not approve applications of, or establish or maintain registrations for any child whom Shake Shack knows to be under the age of 13. Shake Shack does not solicit or knowingly collect personally identifiable information from children under the age of 13. If Shake Shack nevertheless discovers that it has received personally identifiable information from an individual who indicates that he or she is, or whom Shake Shack otherwise has reason to believe is, under the age of 13, Shake Shack will delete such information from its systems. Additionally, a child’s parent or legal guardian may request that the child’s information be corrected or deleted from our files by requesting this via our Contact Us page.

“Cookies” and Advertisers

The Website and the Mobile App server, or the servers of companies that are used to operate the Website and the Mobile App, may place a “cookie” on your computer, store data in your computer browser or access pre-existing removable tracking features on your mobile device in order to allow you to use the Website and the Mobile App and to personalize your experience. A “cookie” is a small piece of data that can be sent by a web server to your computer, which then may be stored by your browser on your computer’s hard drive. Cookies and browser storage allow us to recognize your computer while you are on our Website and the Mobile App and help customize your online experience and make it more convenient for you. Cookies and browser storage are also useful in allowing more efficient log-in for users, tracking transaction histories and preserving information between sessions. The information collected from cookies and browser storage may also be used to improve the functionality of the websites and applications.

Most web browser applications (such as Microsoft Internet Explorer, Google Chrome, Firefox and Apple Safari) have features that can notify you when you receive a cookie or prevent cookies from being sent. If you disable cookies or other device tracking features, however, you may not be able to use certain personalized functions of the Website or the Mobile App.

Use of Information

Shake Shack may use information about you for various purposes including to process and fulfill your in-Shack and Mobile App orders, to communicate with you and send you information about our products, services, contests, and promotions, to administer and fulfill our contests and promotions, to prevent fraud and monitor against theft, conduct research and help us learn more about your preferences and enhance your experience, and perform other business activities as needed or described elsewhere in this Policy.

Shake Shack only shares information about our customers with affiliated companies, carefully selected vendors, business partners and other organizations to provide better service to you. These companies need information about you to perform their service function (such as to process and fulfill your order, verify your credit card information, and to protect you from fraud). We also share your information with specially chosen companies that help us with marketing functions (such as manage our Internet business, maintain and manage our customer information, as well as market our products and services). We may engage vendors to serve advertisements on our behalf across the Internet and to provide analytics services. These entities may collect certain information from you (e.g. click stream information, browser type, time and date, hardware/software information, cookie ID, IP address, etc.) when you visit our Website or Mobile App and use that information to provide advertisements about goods and services that are deemed to be of greater interest to you.

This Policy incorporates by reference the terms set forth in the “Privacy Policy” and “Terms and Conditions” provided by Mobo Systems, Inc. d/b/a Olo with respect to the hosting of the Shake Shack online ordering engine for the Mobile App (http://www.olo.com/privacy/ and http://www.olo.com/terms/), the “Privacy Policy” provided by Paytronix Systems, Inc. with respect to Shake Shack’s customer relationship management (https://pxs.myguestaccount.com/login/privacy-policy.jsp), the “Privacy Policy” provided by Session M Inc. with respect to Shake Shack’s customer relationship management ( https://www.sessionm.com/privacy-policy/ ), the “Privacy Policy” provided by Teamworld Inc. with respect to Shake Shack’s online shop (http://www.teamworld.com/twc/privacy.php), the “Privacy Policy” provided by CareerArc with respect to Shake Shack’s hiring portal (https://www.careerarc.com/privacy), the “Privacy Statement” provided by Salesforce.com, inc with respect to Shake Shack’s customer relationship management (https://www.salesforce.com/company/privacy/full_privacy/), the “Privacy Policy” provided by The Rocket Science Group LLC d/b/a MailChimp with respect to Shake Shacks customer communications management (https://mailchimp.com/legal/privacy/), the “Privacy Policy” provided by Cloudflare, Inc. with respect to Shake Shack’s website architecture (https://www.cloudflare.com/privacypolicy/) and the “AWS Privacy” provided by Amazon Web Services, Inc. with respect to Shake Shack’s website architecture (https://aws.amazon.com/privacy/).

Shake Shack does reserve the right to use or disclose any information as needed to satisfy any law, regulation or legal request, to fulfill your requests, or to cooperate in any law enforcement or similar investigation.

How We Protect Your Information

Shake Shack protects your information using technical, physical, and administrative security measures to reduce the risk of loss, misuse, unauthorized access, disclosure or modification of your information. Some of our safeguards include firewalls, data encryption, physical access controls, and administrative informational controls. When you transmit highly sensitive information (such as a credit card number) through the Website or in the Mobile App, we encrypt the transmission of that information using the Secure Sockets Layer (SSL) protocol. While we have employed security technologies and procedures to assist safeguarding your personal information, no system or network can be guaranteed to be 100% secure.

California Residents

If you are a California resident, you can request a notice disclosing the categories of personal information we have shared with third parties for the third parties’ direct marketing purposes. To request a notice, please submit your request by postal mail to: Shake Shack Enterprises, LLC, 225 Varick Street, New York, NY 10014.

Links to Other Sites

In some areas of the Website or the Mobile App, we may provide a link to another website. Other websites, including social media sites, have their own policies regarding privacy and security, and these may vary from ours.

Data Transfer to Third Parties

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Your Rights

Right of Revocation

You are entitled to revoke a given consent to the collection and use of your personal data at any time with effect for the future.

Right to Information

You are entitled to request information regarding the data stored in relation to your person or to your pseudonym. Upon your request the information can be provided electronically.

Right to Correction, Blocking or Deletion

You are entitled to request the correction, blocking or deletion regarding the data stored in relation to your person. Insofar as legal obligations prevent us from deleting your personal data, your data will be blocked and only made accessible for the purposes of compulsory legal regulations.

To exercise the above mentioned rights to revocation, information correction, blocking or deletion, please contact our data protection officer via the contact details provided below. The exercising of your rights is free of charge.

Data Protection Officer

If you have any questions regarding the processing of your personal data, please do not hesitate to contact our data protection officer directly. He will also assist you in case you have information requests or other requests or complaints:

Ron Palmese

Senior Vice President and General Counsel

225 Varick Street, New York, NY 10014

Phone: 646.727.7200

Email: privacy@shakeshack.com

Privacy Shield

To bring you our services, we operate globally. Where the laws of your country allow you to do so, you authorize us to transfer, store, and use your data in the United States and any other country where we operate. In some of the countries to which we transfer personal data, the privacy and data protection laws and rules regarding when government authorities may access data may vary from those of your country.

When we transfer personal data outside of the European Union, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws, contractual obligations placed on the recipient of the data (model clauses may be requested by inquiry as described below), or EU-US Privacy Shield principles.

Shake Shack complies with the EU-US Privacy Shield principles (the “Principles”) regarding the collection, use, sharing, and retention of personal data from the European Union, as described in our EU-US Privacy Shield certification.

If you have a Privacy Shield-related complaint, please contact our Data Protection Officer above. As part of our participation in Privacy Shield, if you have a dispute with us about our adherence to the Principles, we will seek to resolve it through our internal complaint resolution process, alternatively through the independent dispute resolution body JAMS, and under certain conditions, through the potentially binding Privacy Shield arbitration process.

Privacy Shield participants are subject to the investigatory and enforcement powers of the US Federal Trade Commission and other authorized statutory bodies. Under certain circumstances, participants may be liable for the transfer of personal data from the EU to third parties outside the EU. Learn more about the EU-US Privacy Shield.

Changes to This Privacy Policy

This Policy went into effect on the date noted at the top of this webpage. We may update this Policy from time to time. If we make material changes, we will post the updated Policy on this page and change the date at the top of this webpage. We encourage you to look for updates and changes to this Policy by checking this date at the top of this webpage. We will notify you of any modifications to this Policy that might materially affect the way we use or disclose your personal information prior to the change becoming effective by means of a message on this Website.

Contact Us

We welcome your questions, comments and concerns about privacy. You can contact Shake Shack Customer Service online at https://www.shakeshack.com/contact/ or by phone at 646.747.7200, or by postal mail at: Shake Shack Enterprises, LLC,

225 Varick Street, New York, NY 10014