McDonald’s Global Customer Privacy Statement Overview

Icon of a notbook with checkboxes

Information We Collect & Process

The McDonald’s entity in your jurisdiction (“We”) collects information that you provide to us; Information that is created automatically when you use our technology solutions; information that we receive from third parties including other McDonald’s entities; and information that is publicly available-for example, through your social media interactions.

Read More
Icon of a lightbulb

How We Use Information We Collect

We use your personal information to personalize and improve your customer experience and to provide our products and services to you in new innovative ways. We will also use your information to inform you about our and our partner’s products and services.

Read More
Icon of a two figures sharing inormation

How We Share Information

We may share your information within the McDonald’s Family, which includes McDonald’s Corporation, its subsidiaries and McDonald’s franchisees, and our vendors.

Read More
Icon of a two parents and a child

Children’s Privacy Statement

We are especially committed to protecting the privacy of children and urge parents to regularly supervise their children’s online activities.

Read More
Icon of a cog and spanner, indicating settings

Your Choices and Rights

Where appropriate, we provide you with choices as to how we use your personal information. Most of our online services contain a profile section that allows you to change your privacy preferences, including for marketing communications. You may also have certain rights under applicable data protection laws.

Read More
Icon of a phone and laptop

Use Of Cookies And Other Technology

We use cookies, web beacons and similar technologies to personalize and improve your customer experience.

Read More
Icon of a lapto with a cursor clicking on it

Links To Other Websites And Social Media

Our online services may offer links to websites run by third parties. We may also integrate the services of third party social media providers in our online services. Any information you provide to such third parties is subject to their privacy policies and outside of our control.

Read More
Icon of a lock

Security

We are committed to taking appropriate measures designed to keep your personal information secure. Please keep in mind that no information technology (IT) system and no transmission over the public internet can be guaranteed to be 100% secure.

Read More
Icon of a calendar and a clock

Retention

We will retain your information only for as long as necessary for the identified use. Generally, we will retain your information only for as long as necessary to manage your relationship with us and to comply with legal obligations.

Read More
Icon of a globe

International data transfers

The McDonald’s Family is global in nature. We may therefore transfer your information to other countries but will only do so in compliance with applicable requirements and only where an adequate level of data protection is ensured.

Read More
Icon of a two speech bubbles

How to Contact Us

If you have any questions or complaints, please contact our Global Data Protection Office or us directly using the contact details set out in the country-specific addendum.

Read More
Icon of a notepad and a pencil

Changes To Our Privacy Statement

We may change this Privacy Statement from time to time and will inform you by posting the revised version here and/or contacting you directly.

Read More

McDonald’s Global Privacy Statement

Last updated: July 1st, 2025

I. Introduction

Your privacy is very important to us. This Privacy Statement (“the Statement”) describes how McDonald’s Corporation, McDonald’s USA, LLC, and their subsidiaries in the countries listed below – collect, use, protect, store, share, and otherwise process the personal information of our customers. Customers include those who visit our restaurants, use our websites and mobile apps, and otherwise interact with us.

Some of the countries in which we operate have laws that require us to share specific privacy information with our customers in those countries. As such, this Privacy Statement is comprised of two sections – a globally applicable notice and country-specific addenda for the following countries:

 

Austria

Belgium

Czech Republic

France

Germany

Hungary

Ireland

Italy

Netherlands

Poland

Portugal

Slovakia

Spain

Switzerland

United Kingdom

United States

 

II. Your Privacy Globally

The data controller of your personal information is the McDonald’s entity in the jurisdiction where your personal information is collected (“McDonald’s”,“we”, “us”, “our”, or “ours”). Please refer to the applicable country specific addendum for more information.

If you are a customer in a country not listed above, please visit the country’s McDonald’s website for the applicable Privacy Statement.

Many of our restaurants are owned and operated by franchisees, who are independent business owners. This Privacy Statement does not apply to our franchisees or to websites or mobile apps that they operate. Please reference our franchisees’ privacy practices for information on how they collect and use customer information.

 

  1. Information We Collect & Process
  2. How We Use the Information We Collect
  3. How We Share your Information
  4. Children's Privacy Statement
  5. Your Choices & Rights
  6. Use of Cookies and Other Technology
  7. Links to Other Websites and Social Media
  8. Security
  9. Retention
  10. International Data Transfers
  11. How to Contact Us
  12. Changes To Our Privacy Statement

 

1.  Information We Collect  & Process

We may collect personal information about you when you visit our restaurants, use our websites or mobile apps (“online services”), and otherwise interact with us (collectively, “services”). The information we collect falls into three categories: (a) information you provide to us; (b) information we collect through automated methods when you use our services; and (c) information we collect from other sources (see below).

Generally, you are under no obligation to provide your personal information to us. However, in certain cases, we may be unable to provide you with our services unless you provide your personal information.

We may combine the information you provide to us with information that we collect through automated methods, and with information we receive from other sources. For example, when you add a method of payment to your profile in our mobile app, we may combine your profile with information we receive from our payment processors or other providers regarding transactions made with the same payment credentials in our restaurants.

We collect information you provide us

You may provide the following information to us, depending on how you interact with us:

  • personal details, such as your name, postal and email addresses, phone number, birthday information and other contact information, when you register with our online services, log-in to Wi-Fi, enter one of our promotions or competitions, or contact us by phone or through our online services;
  • demographic information such as age or gender;
  • transaction information, including information about the products you buy, prices, method of payment and payment details;
  • account information, such as your username or password (or anything else that identifies you) used to access our online services or to buy or use our products and services;
  • profile information, including products and services you like, or times you prefer to visit us; and
  • other personal information you choose to provide us when you interact with us (including through social media and call centers).

We collect information through automated methods

We may use automated technology to collect information from your computer system or mobile device when you visit our restaurants, use our online services, or in-restaurant technology. Automated technology may include cookies, local shared objects, and web beacons. There is more information below about cookies and other technologies in Section 6.

We may collect information about your:

  • internet protocol (IP) address;
  • computer or mobile-device operating system and browser type;
  • type of mobile device and its settings;
  • unique device identifier (UDID) or mobile equipment identifier (MEID) of your mobile device;
  • device and component serial numbers;
  • advertising identifiers (for example, an Identifier for Advertising (IDFA) on Apple devices) or similar identifiers;
  • referring webpage (a page that has led you to ours) or application;
  • online activity on other websites, applications or social media;
  • visits to our restaurants, where recorded using digital technology (e.g. video recordings); and
  • activity related to how you use our online services or in-restaurant technology, such as the pages you visit on our online services.

Our online services and in-restaurant technology may collect information about the location of your mobile device or computer using geolocation and technology such as GPS, Wi-Fi, Bluetooth, or cell tower proximity.  For most mobile devices and computer systems, you can disable the collection of this information by using the device or web-browser settings.  If you have any questions about how to prevent us from collecting information about your location at a device level, we recommend you contact your mobile-device service provider, the device manufacturer, or your web-browser provider.  Some online services and in-restaurant technology may not work properly without information about your location. 

We collect information from other sources

We may collect information about you from the McDonald’s Family. The McDonald’s Family consists of McDonald’s Corporation and McDonald’s Global Markets LLC, and their affiliates, and subsidiaries (“McDonald’s Entities”), and franchisees of McDonald’s Entities, business partners and vendors (e.g., food delivery platforms, data providers, or payment processors) or from public sources (e.g., your public social media posts).

Back to Top

2.  How We Use The Information We Collect

We use each category of the information we collect for the following purposes:

  • to provide our products and services and contract with you, including payment processing and customer support;
  • to manage our relationship with you, including feedback management and for customer surveys;
  • to train algorithms and AI models that we use in the context of providing you with products and services;
  • to personalize and improve our products and services and your overall customer experience, in particular by improving our existing technologies and developing new products and services and employing profiling technology (unless we notify you separately thereof, this will not include automated individual decisions that have legal effects for you or similarly significantly affect you);
  • to provide you with general and personalized electronic and non-electronic direct marketing information and support our targeted advertising initiatives concerning our products and services as well as our business partners’ products and services (including promotions, contests, prize draws, competitions and sweepstakes);
  • business analytics, including consumer and operations research, to assess the effectiveness of our sales, online service, marketing, and advertising, and to analyze market trends and (future) customer demand;
  • to ensure the security of our online services and in-restaurant technology including the detection, prevention, and investigation of attacks;
  • to protect against, identify and prevent fraud and other crime, claims and other liabilities;
  • to protect the rights, safety, health, and security of our customers, our employees, our franchisees, and the general public, and to protect our property;
  • to anonymize your information for further internal and external use in a manner that does not identify you;
  • to comply with legal obligations, our policies, or our Standards of Business Conduct; and
  • to establish, exercise or defend a legal claim.
  • We may use the information we collect about you in other ways, which we will tell you about at the time we collect it or before we begin using it for those other purposes.
  • If we are established in the EU or the European Economic Area (“EEA”) or are otherwise subject to the General Data Protection Regulation (“GDPR”), we process your personal information on the basis of
  • the necessity to perform a contract we have concluded with you or the necessity to take steps at your request prior to entering into such a contract (Article 6(1)(b) GDPR);
  • our prevailing legitimate interest to personalize and improve your overall customer experience and achieve the purposes set out above (Article 6(1)(f) GDPR);
  • the necessity to comply with legal obligations to which we are subject (Article 6(1)(c) GDPR); or in some cases,
  • your consent for which we may ask you in a separate process (Article 6(1)(a) GDPR).

Back to Top

3. How We Share Your Information

We may share all or substantially all categories of your personal information with

  • members of The McDonald's Family;
  • vendors who help us operate our business (including information technology service providers and marketing agencies that we use as well as those who use the information to detect or prevent fraud for us, and who may use the information to provide fraud detection and prevention services to others);
  • public authorities and courts;
  • buyers or other parties involved in a corporate transaction if we decide to sell or transfer all or part of our business;
  • our professional advisers such as our legal representatives, auditors and insurance brokers; and
  • business partners if they are involved in your customer experience, including product or service delivery (e.g., food delivery platforms).

We do not sell your personal information for monetary consideration and only share your information as described in this Privacy Statement or as otherwise communicated to you at the time we collect your information. Please note that some US state statutes may define a “sale” to include sharing of personal information with third parties for valuable consideration.  Many companies have common arrangements with online advertising networks and analytics companies that may be considered sales under these definitions.  Please reference our US Country Specific Addendum (below) for more information.

Back to Top

4.  Children's Privacy Statement

We understand how important it is to protect your privacy when you use our online services. We are especially committed to protecting the privacy of children who visit or use our online services. For more information on how a specific country protects children’s privacy, please review the country specific addendum.

We urge parents to regularly monitor and supervise their children's online activities. If you have any questions about our children’s privacy practices, please contact us at our Global or Local Data Protection Office using the contact information provided below. If you are contacting a Local Data Protection Office, please choose the office in the country in which you are a customer.

Back to Top

5.  Your Choices & Rights

Marketing Communications

If you are subscribed to our marketing communications, you can later opt out by following the opt-out instructions in the marketing communications we send you. You can also generally find your communication preferences with instructions on how to opt out in the profile section of the online services that you use. You may also have the ability to change your communication preferences using your device settings. You can also opt out by contacting us at our Global or Local Data Protection Office using the contact information provided below. If you are contacting a Local Data Protection Office, please choose the office in the country in which you are a customer.

If you do opt out of receiving marketing communications from us, we may still send communications to you about your transactions, any accounts you have with us, and any contests, competitions, prize draws or sweepstakes you have entered. Opting out of one form of communication does not mean you have opted out of other forms as well. For example, if you opt out of receiving marketing emails, you may still receive marketing text messages if you have opted in to receiving them. Please note that if you are receiving communications from a McDonald’s franchisee, then you will need to opt out from them directly.

We do not share personal information with third parties for their own direct marketing purposes, unless you give us permission to do so. When we give you notice, and you consent, we will share your personal information as you direct us to.

Your Personal Information Rights

Under applicable law, you may have certain rights (subject to the conditions and extent specified in the law):

  • Right to access: You may have the right to check whether we hold any personal information about you and request access to or copies of such data.
  • Right to correction or deletion: You may have the right to request the correction or deletion of inaccurate, incomplete, outdated, unnecessary, excessive, or other applicable personal information about you.
  • Right to restriction: You may have the right to request the restriction of the collection, processing or use of your personal information.
  • Right to object and withdraw consent: In specific situations, you may have the right to object to the processing of your personal information for legitimate reasons or withdraw previously granted consent without affecting the lawfulness of processing prior to the withdrawal.
  • Right to data portability: You may have the right to request your personal information in a portable format to facilitate a transfer of personal information to another service provider.
  • Right to file a complaint: You may have the right to lodge a complaint with the relevant authority. You can find information regarding the relevant authority in the country-specific addendum.

For more detailed information about these rights and their availability in specific countries, please refer to the country-specific addendum.

Back to Top

6.  Use of Our Cookies and Other Technology

We and our vendors may use cookies, web beacons and other similar technologies on our online services and in other areas related to our business, such as online advertising, to collect information and provide you with the services or products that you have requested.

Information on the use of cookies, pixels, and other tracking technologies

We use cookies, pixels, and other tracking technologies on our online services to operate our online services, provide functionality of our online services, remember your preferences and settings, personalize your online experience and our marketing and other communications to you, strengthen security and integrity of our online services, combat fraud, analyze and improve the performance of our online services, and to fulfill other purposes described in this Statement. 

A “cookie” is a small text file that is placed onto an Internet user’s web browser or device and is used to remember and/or obtain information about the user.  A cookie will typically contain the name of the domain from which the cookie has come, the “lifetime” of the cookie, and a randomly generated unique number or other value. You may adjust your web browser settings if you do not wish to receive a cookie or if you would like to be notified when you receive a cookie. If you decide to disable certain cookies, you may not be able to take advantage of all the features available through our online services.

Certain pages on our online services and social media pages, as well as some of our email communications, may contain “web beacons,” “pixels,” or other similar technologies. A “web beacon” is a small object or image that is embedded into a web page, application, or email and is used to track activity. They are also sometimes referred to as “pixels” and “tags.” Web beacons, pixels and tags may be used with cookies to understand how users interact with us and to help manage and improve those interactions. Please note the following:

  • You might be assigned a cookie when using our online services.
  • We offer certain features that are available only through the use of cookies and other similar technologies.
  • We may use both session (for the duration of your visit) and persistent (for the duration of a fixed period of time) cookies and other tracking technologies unless you delete them.
  • We may also adopt new technologies to perform functionality as described in this Statement.
  • Our online services and other areas related to our business may have web beacons.

Cookies served through our online services

We may use the following categories of cookies. These cookies may be set by us or by third-party providers whose services we have added to our online services.

Strictly Necessary Cookies: These cookies are necessary for our online services to function and cannot be switched off at your request. For example, these cookies are used for system administration, fraud detection, security measures, and other basic operation and functionality of our online services.  Depending on your browser functionality, you may be able to set your browser to block or alert you about these cookies, although some functionality of our online services may be lost. 

Performance Cookies: These cookies allow us to track visits and traffic sources so we can measure and improve the performance of our online services. For example, they help us to know which pages are the most and least popular and understand how visitors move around our online services. If you set your preferences to decline these cookies, we will not know when you have used our online services and how we can improve our online services based on your online experience. 

Functional Cookies: These cookies enable us to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you decline these cookies, some of our online services may not function properly.

Targeting Cookies: These cookies may be set through our online services by us or our advertising partners. They may be used to build a profile of your interests and show you relevant advertisements on other sites. These advertisements may also place cookies that can view, edit, or set other third-party cookies in your web browser. If you decline these cookies, you will experience advertising that may not be tailored to you.

Social Media Cookies: These cookies may be set by social media services that we have added to our online services to enable you to share our content with your friends and networks. These cookies can track your browser across other sites and building up a profile of your interests.

YouTube Cookies: YouTube cookies are used to load external content from YouTube that is embedded on our online services. If you decline these cookies, you may not be able to play YouTube videos as part of your browsing experience.

We and selected third parties (such as our advertising networks) may use these technologies to collect information about your online activities, over time and across third-party websites and devices, and when using our online services to further personalize your experience with us.

How to control and delete cookies

You have options to control and/or delete cookies as described below.  Please be aware that restricting cookies may have an impact on online services’ functionality. Disabling these cookies may limit your experience, including your ability to find pricing and availability of products and services in your area. 

McDonald’s Cookie Settings Tool:  You may accept or reject cookies, except strictly necessary cookies, by using the cookie preference section of the online service. 

Browser Controls: Use the options in your web browser if you do not wish to receive a cookie or if you wish to set your browser to notify you when you receive a cookie. Select the “Help” section of your browser to learn how to change your cookie preferences. If you disable all cookies, you may not be able to take advantage of all the features available on a website.

Some newer web browsers may have a "Do Not Track" preference that transmits a "Do Not Track" header to the websites you visit with information indicating that you do not want your activity to be tracked. McDonald’s does not currently take actions to respond to Do Not Track signals because a uniform technological standard has not yet been developed. We continue to review new technologies and may adopt a standard once one is created.

In our mobile applications (e.g., Global Mobile Application), we use “software development kits” (SDKs). Like cookies, SDKs enable information to be stored on your end device or access to such information.  More information regarding how cookies and related technologies are used in a country in which you are a customer may be available in the country-specific addendum or a cookie preferences section of the online service.

Targeted advertising

When you use our online services, we (and our vendors) may collect information about your activities so that we can provide you with advertising tailored to your interests.

Ad Networks’ Controls: We work with ad networks that may be members of the Digital Advertising Alliance or the Network Advertising Initiative.  Because we utilize advertising (“ad”) networks, you may notice certain ads on other websites. Ad networks allow us to target the information we send you based on your interests, other information related to you, and contextual means. These ad networks track your online activities over time by collecting information through use of cookies, web beacons, and other technologies. The ad networks use this information to show you advertisements that may be of particular interest to you. The ad networks we utilize may collect information about your visits to websites that also take part in the relevant ad network, such as the pages or advertisements you were displayed and how you use the websites. We use this information, both on our online services and on third-party websites that take part in the ad networks, to provide you with advertising tailored to you, and to help us assess how effective our marketing is.

You can learn more about targeted advertising and opt out of targeted advertising supported by these ad networks by visiting the Digital Advertising Alliance website or the Network Advertising Initiative website . If you choose to opt out, you will continue to receive advertisements, but they may not be tailored to your interests. Please refer to the country-specific addendum or a cookie preferences section of the online service for further information on your choices concerning targeted advertising. Moreover, depending on the type and version of the operating system of your mobile device, you may also be asked whether to enable targeted advertising.

Mobile Advertising:  You can opt-out of having your mobile advertising identifiers used for certain types of targeted or personalized advertising by accessing the settings in your mobile device.

Global Privacy Opt-Out Preference Signal: We process opt-out requests submitted using an opt-out preference signal as required by applicable law.  For example, when we detect the Global Privacy Control (“GPC”) signal from a browser, we treat the signal as a request to opt out of sale and sharing of personal information associated with that browser.  If we receive the GPC signal from a user who we identify as a specific individual with a McDonald’s account, we treat the signal as a request to opt out of sale and sharing applicable to that account.

Back to Top

7.  Links to Other Websites and Social Media

Our online services may offer links to websites that are not operated by us but by third parties. If you visit one of these linked websites, you should read the linked website’s privacy policy, terms and conditions, and other applicable policies. We are not responsible for the policies and practices of third parties. Any information you give to those organizations is dealt with under their privacy policy, terms and conditions, and other policies.

We may also make our business partners’ apps, tools, widgets and plug-ins available to you on our online services, such as Facebook “Like” buttons, which may also use automated methods to collect information about how you use these features. These organizations may use your information in line with their own policies. 

Back to Top

8.  Security

We use technical, physical, and organizational security measures designed to protect against unauthorized access, disclosure, damage, or loss of personal information and adopt applicable commercially reasonable security safeguards internally and with our third-party service providers to protect personal information.  However, the collection, transmission and storage of information can never be guaranteed to be completely secure. Please take steps to secure your access credentials such as login name and password, and do not share them with anyone.

Back to Top

9.  Retention

Unless a specific retention period is mandated or permitted under applicable law, McDonald’s will only retain personal information for the duration of time necessary to fulfill the purposes described in this Statement, including the applicable country-specific addendum. Our records policies reflect applicable laws. We will retain and use your information to the extent necessary to manage your relationship with us, personalize and improve your overall customer experience, and to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, enforce our agreements, and as otherwise described in this Statement.

Back to Top

10. International Data Transfers

The McDonald’s Family is global in nature with business processes, management structures and technical systems that cross borders. As such, we may share information about you within the McDonald’s Family and transfer it to countries in the world where our vendors or members of the McDonald’s Family are established. Any international data transfers will be in accordance with this Privacy Statement and in compliance with applicable laws.

If we are established in EU/EEA, the UK, or Switzerland, or are otherwise subject to the GDPR or similar laws, we only transfer your personal information to countries that are considered by those laws to provide an adequate level of protection or otherwise where we have established or confirmed that all data recipients will provide an adequate level of data protection, in particular by way of entering into appropriate data transfer agreements based on Standard Contractual Clauses (e.g., Commission Implementing Decision (EU) 2021/914) and other suitable measures, which are accessible from us upon request.

McDonald’s Corporation and McDonald’s Global Markets LLC’s participation in the EU-U.S., the UK Extension, and Swiss-U.S. Data Privacy Frameworks

McDonald’s Corporation and McDonald’s Global Markets LLC, a wholly-owned subsidiary, participate in and comply with the EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the UK Extension of the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (“Swiss-U.S. DPF”) (collectively, “DPF”) as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information from European Union member countries, the United Kingdom, and Switzerland. For purposes of this DPF section only, McDonald’s Corporation and McDonald’s Global Markets LLC are each individually and collectively referred as “McDonald’s Global.” McDonald’s Global’s participation in the DPF subjects it to the investigatory and enforcement power of the Federal Trade Commission.

As a DPF participant, McDonald’s Global is committed to and has certified to the U.S. Department of Commerce that it adheres to: (i) the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal information received from the European Union; (ii) the UK Extension to the EU-US DPF with regard to the processing of personal information received from the United Kingdom; and (iii) the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal information received from Switzerland.  If there is any conflict between the terms in this Privacy Statement and the EU-U.S. DPF Principles, the UK Extension, and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the DPF program, and to refer to our certification, please visit the DPF website

Please note the following:

  • McDonald’s Global may share personal information that is subject to the DPF Principles with vendors acting as agents to provide services to it, as described above in Section 3. McDonald’s Global may be liable under the DPF if these vendors process such personal information in a manner inconsistent with the DPF, unless McDonald’s Global proves that it is not responsible for the event giving rise to the damage.
  • McDonald’s Global may disclose personal information received in reliance on the DPF in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
  • You have the right to request access to personal information received by McDonald’s Global in reliance on the DPF, and to exercise choice in limiting McDonald’s Global use and disclosure of such information, including with respect to disclosures of such information to third parties and using the information for a purpose that is materially different from the purpose(s) for which it was originally collected or subsequently authorized by the individuals. If you are interested in exercising your rights and choices, please contact McDonald’s Global at the address, phone number or email address below or update your preferences via the cookie banner on our website.

McDonald’s Global privacy practices are provided in this Privacy Statement. McDonald’s Global encourages you to contact it at any time as specified in the Contact Us section below with questions, concerns or complaints about its privacy practices and participation in the DPF. You may also refer a complaint to your local data protection authority and McDonald’s Global will work with them to resolve your concern.

If McDonald’s Global is unable to resolve your concern regarding your personal information received by McDonald’s Global under the DPF, you have the right to direct your unresolved concern to JAMS, an independent dispute resolution service based in the United States, to provide recourse at no charge to you. To seek recourse for an unresolved concern, visit JAMS' DPF Dispute Resolution page. If JAMS is unable to resolve your concern, you may have the right to invoke binding arbitration under certain conditions. To learn more about this option, visit the  DPF’s "How to Submit a Complaint" page.

Please note that the foregoing processes apply only to the resolution of disputes regarding personal information received by McDonald’s Global under the DPF. All other disputes that you may have with McDonald’s Global or any other members of the McDonald’s Family, or any agents, representatives, agencies, officers, directors, or employees, must be resolved in accordance with the terms and conditions of any applicable websites, mobile apps, email newsletters, email subscriptions or other digital properties owned or controlled by a member of the McDonald’s Family.

For more information about the DPF program, and to view McDonald’s Global certification, please visit the DPF website.

Back to Top

11.  How To Contact Us 

In line with our Standards of Business Conduct, we hold ourselves to ethical standards when it comes to data privacy and protection and we welcome any feedback or questions you may have concerning the collection and processing of your personal information. Our contact details and those of our Local Data Protection Offices as well as the contact details of our data protection officer, if appointed, can be found in the country-specific addendum.

The McDonald’s Global Data Protection Office can be reached at

Attention: Global Data Protection Office
Privacy at McDonald's, Dept. 282
110 North Carpenter Street
Chicago, IL 60607-2101, USA
contact.privacy@us.mcd.com

McDonald’s Corporation has appointed a data protection officer who can be reached at:

Attention: Data Protection Officer
Privacy at McDonald's, Dept. 282
110 North Carpenter Street
Chicago, IL 60607-2101, USA
contact.privacy@us.mcd.com

 

12.  Changes To Our Privacy Statement

From time to time we may change, modify, or amend this Statement in order to comply with the evolving regulatory environment or reflect the way we operate our business or use technologies. Subject to any applicable legal requirements to provide additional notice and/or obtain consent, any changes to this Statement will be communicated to you through existing McDonald’s communication channels and resources.

Back to Top

Ireland

Last updated: 4th December 2025

Data Controller

McDonald’s Restaurants of Ireland Limited is the data controller for the processing of your personal information.

Scope of this Irish Privacy Statement

This Irish Privacy Statement supplements the McDonald’s Global Privacy Statement and is intended to provide additional information about how McDonald’s uses your personal information in connection with online and in-restaurant services that McDonald’s makes available in Ireland (including in respect of McDonald’s website, mobile app, social media pages, email newsletters, in-restaurant ordering screens and drive thru windows) and any other personal information collected by McDonald’s which we receive from third parties such as delivery operators who share your personal information with us when you consent to receiving our marketing communications.

Your Personal Information Rights

In connection with your personal information rights, you may request the following:

  • Where processing your personal information is based on your consent you may withdraw this consent at any time; the withdrawal of the consent shall not affect the lawfulness of processing based on consent before its withdrawal;
  • Request access to your personal information and obtain a copy of it;
  • Obtain your personal information in a structured, commonly used and machine-readable format and request us to transmit it directly to another company in case your personal information is processed based on your prior consent, or required for the performance of a contract;
  • Have your personal information corrected when it is inaccurate or incomplete;
  • Object on grounds relating to your particular situation to our processing of your personal information based on our legitimate business interest, including profiling, and to the sending of marketing communications;
  • Have your personal information erased, including any links to, copy or replication of such information, as permitted under applicable law; for instance, when your information is outdated, not necessary or unlawful or when you withdraw your consent to our processing based on such consent, or when you successfully object to our processing;
  • Obtain the restriction of the processing while we are processing your request or challenge pertaining to the accuracy of your personal information or the lawfulness of the processing of your personal information and our legitimate interests to process this information, or if you need the personal information for litigation purposes.

You may exercise these rights free of charge by submitting a request via our Privacy Rights Center which can be accessed by clicking here. However, we may charge a reasonable fee or refuse to act on a request if it is manifestly unfounded or excessive, in particular because of its repetitive character. In some situations, McDonald’s may refuse to act or impose limitations on the information disclosed if, for instance, the disclosure is likely to adversely affect the rights and freedoms of others, prejudice the execution or enforcement of the law, or interfere with pending or future litigation.

You also have the right to lodge a complaint about our processing of your personal information with the Data Protection Commissioner, which is the Supervisory Authority in Ireland, by e-mailing info@dataprotection.ie

Children’s Privacy Notice

We do not intend to process personal information about any child unless data is needed for a specific activity of which their parent or legal guardian is fully aware.

Please note, children’s personal information may also be processed by us:

  • in exceptional circumstances, for example in the case of an emergency occurring in a restaurant; or
  • incidentally when carrying out the other activities described in this Privacy Statement, for example when a child visits a restaurant they may be recorded by CCTV (for more information, see the CCTV and Body Worn Cameras section below).

Cookies and Other Technologies

A copy of McDonald’s Irish cookies policy can be found here.  

Purposes for which we process your personal information
 

  • Facebook Custom Audiences

Where you are a registered user of Facebook, we will use your email address in an encrypted format to match with your Facebook profile so that we can provide you with personalised advertising on Facebook.

Please note that such activity is also subject to the privacy choices you have elected to make on Facebook.

 

  • Facebook Lookalike Audiences

Where you are a registered user of Facebook, we will use your email address in an encrypted format to enable Facebook to find other registered users of their services that share similar interests to you based on:

     - information that we observe about you from your interactions with our Services, or when you visit one of our restaurants; and

     - the information Facebook holds about you.

 

  • CCTV,  Body Worn Cameras  

CCTV is used in McDonald’s restaurants for the following legitimate business interests:

     (i)  To prevent and detect crime and disorder and misconduct, and to protect McDonald’s systems, facilities, and property against damage, disruption, vandalism, fraudulent activity, and other crime (including detecting fraudulent use or misuse of customer-facing services);

     (ii) To assist law enforcement in the prevention, investigation, detection and prosecution of crime;

     (iii) To provide evidence in the event of legal proceedings by or against McDonald’s;

     (iv) To ensure restaurants are being run in a safe manner;

     (v) To assist in the day-to-day management of restaurants and offices, including for health and safety purposes. 

In addition, Body Worn Cameras (BWCs) may be used in some McDonald’s restaurants in pursuit of the above purposes. BWCs may capture audio and video recordings but are switched off by default – they will only capture recordings when activated by an authorised restaurant crew member in appropriate situations, such as preventing and detecting crime, disorder and misconduct or conducting research to improve the running of McDonald’s restaurants.

McDonald’s also captures your image if you are using our drive thru, at the time you place an order. This is not permanently saved onto any device. Instead, it is displayed on the cashier’s till in the drive thru window, and is then automatically deleted within 30 minutes of the sale being completed. The image captured will generally include only the head and shoulders of the individual making the order, and is captured for McDonald’s legitimate business interests to ensure that the completed food and beverage order is passed to the same person who placed the order.

 

  • Customer Services

We may monitor, record, store and use any telephone, email or other communication with you for our legitimate business interests in order to check any instructions given to us, for training purposes and to improve the quality of our customer service. It is in our legitimate interests to use your personal information for this purpose.

 

  • Bringing and defending legal claims – sharing with our insurer

We may share your personal information with our insurance brokers, Artex Risk Solutions (UK) Limited (trading as Amber Insurance and Risk Management, “Amber”), where necessary to bring or defend legal claims and/or to protect the rights, interests, safety and security of our organisation, our employees or franchisees, or members of the public. Amber uses the information in accordance with its privacy notice located at https://www.artexrisk.com/privacy-notice/. To exercise your rights in relation to Amber’s processing of your personal data, please contact Amber directly as set out in section 9 of Amber’s (Contact us) of Amber’s privacy notice.

It is in our legitimate interest bring and defend legal claims and to use your personal information for this purpose.

 

  • Prize promotions (including competitions, draws and instant win offers)

If you win a prize through our prize promotions we may be required, by self-regulatory codes that we are subject to, to publish or make available personal information to demonstrate that a valid award took place. Such information will typically be your title, surname and the county where you live, but may include other personal information relating to the prize promotion. You are entitled to object to us sharing your personal information for this purpose (see ‘How to Contact McDonald’s Ireland’ below), but we may still provide this to self-regulatory bodies (the Advertising Standards Authority for Ireland) on request.

It is in our legitimate interests to use your personal information in this way to ensure that our prize promotion is administered fairly and effectively and to ensure that we comply with self-regulatory codes.

  • Public consultation for planning applications for new McDonald’s restaurant sites.

If you participate in a public consultation run by one of our partners for a new McDonald’s restaurant site, we will be joint controllers with our partner of the limited personal data you provide at the consultation (normally your name, email address and response to the consultation). Where McDonald’s are the controller of this personal data, we either rely on the consent collected by our partner or that it is in McDonald’s legitimate business interest to seek the opinion of the local community in relation to a new McDonald’s restaurant to assist with our planning applications.

We will process personal data in relation to public consultations in accordance with other sections of this privacy statement.
 

International Data Transfers

We may transfer your personal information to countries that do not have laws which adequately protect your personal information. In such cases, we take measures (such as standard data protection clauses) to ensure that your personal information receives adequate protection. If you have any questions about these measures or if you want to obtain a copy of the standard contractual clauses we use to safeguard personal information we transfer, please contact us using the contact information provided below.

 

 

How to Contact McDonald’s Ireland

If you have data protection questions specific to McDonald’s Ireland, you can reach us via the following link: https://customerservices.mcdonalds.co.uk/hc/en-gb/requests/new or by writing to us at:

Attention: Data Protection Office
McDonald's Restaurants of Ireland Limited
Customer Services
11-59 High Road
East Finchley
London N2 8AW
UK

Back to Top



Order McDelivery®

Select a delivery partner to continue
Please select a McDelivery® partner.
You are leaving McDonald’s to visit a site not hosted by McDonald’s. Please review the third-party’s privacy policy, accessibility policy, and terms. McDonald’s is not responsible for the content provided by third-party sites.