Privacy Policy

2.1 Information You Provide Directly

• Personal Identification: Name, email address, phone number, postal address, date of birth
• Account Information: Username, password, profile preferences, order history, dietary preferences
• Payment Information: Credit/debit card details, billing address (encrypted and securely stored)
• Food Service Information: Allergen information, dietary restrictions (vegan, halal, kosher, gluten-free), special meal requirements
• Order Details: Food preferences, favorite orders, delivery instructions, table reservation details
• Loyalty Program Data: Rewards points, membership status, participation history
• Catering Information: Event details, guest count, special requirements
• Communication: Contact form submissions, customer reviews, feedback, support inquiries
• Marketing Preferences: Email subscription status, promotional preferences

2.2 Information Automatically Collected

• Device Information: IP address, browser type and version, operating system, device identifiers
• Usage Data: Pages visited, time spent on site, click patterns, search queries, referral URLs
• Location Data: Approximate location from IP address, GPS location (with permission) for delivery services
• Cookie Data: Session identifiers, user preferences, shopping cart contents, analytics data
• Performance Data: Website loading times, error reports, technical diagnostics

2.3 Information from Third Parties

• Social Media: Profile information from connected social media accounts (Facebook, Instagram, Google)
• Payment Processors: Transaction verification, fraud prevention data
• Delivery Partners: Delivery status updates, GPS tracking information
• Marketing Partners: Advertising effectiveness data, demographic information
• Public Sources: Publicly available information to verify identity or prevent fraud

3.1 Service Provision

• Processing and fulfilling food orders, including preparation and delivery coordination
• Managing table reservations and in-restaurant dining experiences
• Account creation, maintenance, and user authentication
• Payment processing and transaction management
• Customer support and service quality improvement
• Managing loyalty programs and rewards redemption
• Coordinating catering events and special orders
• Ensuring food safety compliance and allergen management

3.2 Communication

• Order confirmations, preparation updates, and delivery notifications
• Table reservation confirmations and reminders
• Customer support responses and service recovery communications
• Important service announcements and policy changes
• Marketing emails and promotional offers (with explicit consent only)
• Loyalty program updates and reward notifications
• Safety recalls or important food safety information

3.3 Marketing and Analytics

• Personalized food recommendations based on order history
• Website traffic analysis and user experience optimization
• Marketing campaign effectiveness measurement
• Menu development and food preference analysis
• Seasonal promotion planning and targeted advertising
• Customer satisfaction surveys and feedback analysis
• Delivery route optimization and service area planning

3.4 Legal Compliance and Security

• Responding to lawful requests from authorities
• Fraud prevention and detection in payment processing
• Protecting company rights, property, and customer safety
• Dispute resolution and legal proceedings
• Food safety compliance and health department reporting
• Anti-money laundering and financial compliance

4.1 Service Providers

• Payment Processors: Secure transaction processing and fraud prevention (Stripe, PayPal)
• Delivery Companies: Order fulfillment and GPS tracking for delivery services
• Cloud Storage Providers: Secure data storage and backup services (Amazon AWS, Google Cloud)
• Email Marketing Services: Newsletter delivery and marketing campaigns (Mailchimp, SendGrid)
• Analytics Tools: Website usage analysis and performance monitoring (Google Analytics)
• Customer Support: Help desk services and customer communication platforms
• Food Safety Compliance: Third-party auditing and certification services

4.2 Legal Requirements

• Court orders, subpoenas, and other legal process requirements
• Compliance with food safety regulations and health department inquiries
• Protection of Pizza Ranch's rights, property, and business interests
• Public safety emergencies and urgent health notifications
• Tax reporting and financial compliance obligations
• Anti-fraud investigations and law enforcement cooperation

4.3 Business Transfers

In the event of a merger, acquisition, asset sale, or other business transfer involving Pizza Ranch, customer information may be transferred to the new entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy. The new owner will be required to honor existing privacy commitments.

4.4 With Your Explicit Consent

We may share your information for purposes not covered in this policy only with your explicit, informed consent. You may withdraw such consent at any time by contacting us.

5.1 Technical Security Measures

• Encryption: SSL/TLS encryption for all data transmission between your device and our servers
• Advanced Firewalls: Multi-layered firewall systems to prevent unauthorized access
• Access Controls: Role-based access with minimum necessary permissions for staff
• 24/7 Monitoring: Continuous security monitoring and intrusion detection systems
• Regular Backups: Automated, encrypted data backups stored in multiple secure locations
• Database Security: Encrypted storage of sensitive information including payment data
• Network Security: Secure VPN connections and network segmentation

5.2 Organizational Security Measures

• Employee Training: Regular security awareness training for all staff members
• Data Handling Procedures: Strict protocols for personal data access and processing
• Confidentiality Agreements: All employees and contractors sign comprehensive NDAs
• Incident Response Plan: Detailed procedures for handling security breaches
• Regular Audits: Third-party security assessments and compliance audits
• Vendor Management: Security requirements for all third-party service providers

5.3 Your Security Responsibilities

• Strong Passwords: Use complex, unique passwords for your account
• Account Security: Never share your login credentials with others
• Public Computers: Always log out when using shared or public devices
• Phishing Awareness: Be cautious of suspicious emails or links claiming to be from us
• Immediate Reporting: Contact us immediately if you suspect unauthorized account access
• Software Updates: Keep your devices and browsers updated with latest security patches

Additional Tracking Technologies

• Google Analytics: Website traffic analysis and user behavior insights
• Facebook Pixel: Social media advertising effectiveness and audience building
• Web Beacons: Email open rates and engagement tracking
• Local Storage: Browser-based data storage for improved user experience
• Session Recording: Anonymous user interaction analysis for website optimization

7.1 Right of Access

You have the right to know what personal information we collect, use, and share about you. You can request a copy of all personal data we hold about you.

7.2 Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal information we have about you.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information, subject to certain legal exceptions such as order records required for tax purposes.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information while we address your concerns or verify information accuracy.

7.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, machine-readable format for transfer to another service.

7.6 Right to Object

You can object to processing of your personal information, particularly for marketing purposes or when processing is based on legitimate interests.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces legal or significant effects.

9.1 Protection Measures

When we transfer personal information internationally, we ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries with adequate data protection laws (EU-Japan adequacy decisions)
• Standard Contractual Clauses (SCCs): EU-approved contracts ensuring data protection standards
• Data Processing Agreements: Binding commitments with all international service providers
• Technical Safeguards: Encryption and secure transmission protocols for all transfers
• Regular Audits: Ongoing compliance monitoring and assessment

9.2 Transfer Destinations

Your personal information may be transferred to and processed in:

• United States: Cloud storage and analytics services
• European Union: Data processing and customer support services
• Other countries: As necessary for service provision, always with appropriate protections

Safe Data Disposal

When data retention periods expire, we ensure secure disposal through:

• Electronic Deletion: Complete, unrecoverable removal from all systems and backups
• Physical Destruction: Professional shredding of any physical documents
• Backup Purging: Systematic removal from all backup and archive systems
• Disposal Documentation: Maintaining records of secure disposal procedures

12.1 Change Notification

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will notify you through:

• Website Notice: Prominent notification banner on our homepage
• Email Notification: Direct email to all registered users about significant changes
• Account Dashboard: Pop-up notification when you log into your account
• Explicit Consent: For material changes that affect your rights, we will seek your explicit consent

12.2 Staying Informed

• Current Version: The most up-to-date version is always available on our website
• Last Updated Date: Check the "Last Updated" date at the top of this policy
• Continued Use: Your continued use of our services after changes indicates acceptance
• Disagreement: If you disagree with changes, you may discontinue using our services

13.1 Filing Complaints

If you have concerns about our privacy practices that we cannot resolve directly, you may contact your local data protection authority:

• First Step: Contact us directly for fastest resolution
• Supervisory Authority: If unsatisfied with our response, contact your local privacy regulator
• Additional Resources: Consumer protection agencies in your jurisdiction

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time through:

• Unsubscribe Links: Click unsubscribe in any promotional email
• Account Settings: Manage preferences in your online account dashboard
• Direct Contact: Email or call our customer support team
• Written Request: Send written notice to our business address

14.2 Account Deletion Process

To delete your account and associated personal data:

1. Log into your account and navigate to account settings
2. Select "Delete Account" and follow the confirmation prompts
3. Alternative: Contact customer support to initiate deletion
4. We will confirm deletion within 5 business days
5. Note: Some data may be retained for legal compliance as outlined in Section 10