Privacy Policy

Effective date: 07/12/18 (see most recent version here) — Click here for key changes

Our approach to your privacy boils down to not being a jerk and doing the right thing. You should never feel surprised about the information we know about you or when we contact you. Every interaction should be valuable to both you and us.

If you ever feel like the information we know about you is surprising, or you're annoyed when we contact you, please let us know. We don't want to be jerky jerks.

When it comes to being stewards of your information, we'll do the right thing. We won't be jerks and use it without your permission, and will give you the upmost control over your information.

Also, we strive to collect the least amount information as possible about you. Information takes up space, and we like space 😊.

Why should you trust us?

Because you support us with your financial support, and our relationship with you helps us achieve our company vision. It's not good to anger people you're in a relationship with. That's bad for taco business, our personal happiness, and helping spread kindness throughout the world.

If for any reason you don't agree with this privacy policy, please do not use any of our Services for any reason. Our Services are defined as anything HeyTaco, LLC creates and owns.

Here's a list of sections to learn more about your privacy:

First, a note about who you are

If you use HeyTaco's Services you are either a Member or an Administrator. Your HeyTaco Community is made up of Members and Administrators. Administrators have access to all Member data and have control of your Community's settings and data.

If you are not an Administrator and have data questions, request, or concerns please contact your Administrator so they can fulfill your needs. If you cannot contact your Administrator or have a dispute, please contact us at [email protected].

What we collect and why

When an Administrator adds HeyTaco to your chat platform (ie. Slack, Discord, Microsoft Teams, etc.), we collect information necessary for our Services to function. We also collect information if you give it to us.

Any of the information we collect from you may be used in one of the following ways: (a) Personalize your experience. (b) Better respond to your individual needs. (c) Operate and improve our Services (d) Improve customer service. (e) contact you.

Here is what we collect and why:

If you have any questions about the information we collect please contact us at [email protected].

Where your information is stored and protections

Security and storage

We use Heroku and Amazon Web Services as hosting providers in the United States to store and protect your information. They are up to date and setup with the latest security standards and undergo recurring security assessments to protect your information.

When you submit information via our service, your information is protected and encrypted both at rest and in transit though secure connections. We implement a variety of security measures to maintain the safety of your personal information. If your personal data is exposed to an unknown 3rd party we will notify you within 72 hours of the incident being reported.

HeyTaco may transfer your data to countries you don't live in. We offer European Union Model Clauses, known as Standard Contractual Clauses, to meet General Data Protection Regulation requirements for Administrators and Members who are citizens of the European Union. A copy of our data processing addendum, including Model Clauses, is available by contacting us.

If you have any questions about data security and storage please contact us at [email protected]

How long do we retain data about you?

We use historical data about people who use our Services to generate internal research reports and for you to view historical information about your own usage.

If you stop using the service, your data is also available to Administrators for your HeyTaco account. Your old data can be used by Administrators to see historical taco giving, messages you gave and received, and any other data collected about you.

We remove your personal data after an Administrator removes and/or stops using our Services and sufficient time has passed to warrant data removal.

The Administrators for your account are responsible for your data. In most circumstances, they must approve of any data removal or modifications. If you are a Member from the European Union and your Administrator will not request to remove your data please contact us [email protected].

Cookies and how we use them (hint: we don't eat them)

Cookies are small files a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information.

We use cookies to aggregate data about site traffic and site interaction so that we can offer better Services now and in the future. We may contract with third-party service providers to assist us in better understanding our site visitors and operate HeyTaco. These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our Services.

Here's a few examples of how we use cookies:

You have the right to accept or reject our cookies. You can exercise that right by not using our Services and/or using your web browser to accept or refuse cookies. You can visit your web browser's help menu to learn more about how to accept and reject cookies.

If you ever have questions or feedback about cookies we use, please let us know at [email protected].

Who has access to your information

Your information will not be sold, exchanged, transferred, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the Services requested. We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information.

We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. An example is our payment processor. They use your email address and name to send you receipts for your payments.

We may also release your information when we believe releasing it is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable information may be provided to other parties for marketing, advertising, or other uses. An example of this would be creating an advertisement about how people who use HeyTaco on Slack recognize each other X times per month on average. This is where you aggregate data to make it so the people behind it cannot be identified.

How you can control your data

Depending on if you are an Administrator or Member, you will have different rights regarding your data. If you are an Administrator, you can request for us to send, remove or modify any information about your account. You can export data on Administrator page of your HeyTaco site or by emailing us. To permanently remove your data, you must email us at [email protected], and we will remove your data within 30 days of notice.

If you are a Member, you can export some of your personal data on your Profile page. If you would like to view, modify, or remove all or some of your data please contact your Administrator and have them email us to do so. If you don't know your Administrator or have questions please email us at. [email protected].


If you do not consent to the collection, use or disclosure of your personal information as outlined in this policy, please do not provide any personal information to our Service or agree to our Terms of Service and Privacy Policy. If you have provided personal information and no longer consent to its use or disclosure as outlined herein, please notify us at [email protected].

Data Protection Authority

Subject to applicable law, you have the right to (i) restrict HeyTaco’s use of your Personal Data and (ii) lodge a complaint with your local data protection authority. If you are a resident of the European Economic Area and would like to lodge a complaint please contact your Data Protection Authority. You can find a list of Data Protection Authorities by clicking here. (

Please contact us before lodging a complaint. We will do our best to meet your needs, adhere to applicable laws, our Terms of Service, and this Privacy Policy.

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page.
Last Updated on July 12th, 2018

Key changes

Contacting Us

If there are any questions regarding this privacy policy you may contact us here: [email protected]