Privacy Policy

2.1 Information You Provide to Us

• Personal Identification: Name, email address, phone number, delivery and billing addresses
• Account Information: Username, password, order history, dietary preferences, and favorite menu items
• Payment Information: Credit card details, billing information (encrypted and securely stored)
• Order Details: Food selections, special instructions, allergen information, dietary requirements (vegan, vegetarian, gluten-free, halal, kosher, etc.)
• Loyalty Program Data: Rewards points, membership status, promotional preferences
• Reservation Information: Table booking details, party size, special occasions
• Catering Requests: Event details, guest count, menu preferences, delivery information
• Communication Records: Contact form submissions, customer service interactions, reviews, and feedback
• Marketing Preferences: Email subscription choices, promotional interests

2.2 Information We Collect Automatically

• Device Information: IP address, browser type and version, operating system, device identifiers
• Usage Data: Pages visited, time spent on site, click patterns, search terms, referral sources
• Location Information: Approximate location derived from IP address for delivery zone verification
• Cookie Data: Session identifiers, user preferences, shopping cart contents, login status
• Performance Data: Page load times, error reports, site functionality metrics

2.3 Information from Third Parties

• Social Media Integration: Profile information if you connect social media accounts
• Payment Processors: Transaction verification and fraud prevention data
• Delivery Partners: Order status and delivery confirmation information
• Marketing Partners: Aggregated demographic and interest data for targeted advertising

3.1 Service Provision

• Order Processing: Preparing, cooking, and delivering your food orders accurately and efficiently
• Account Management: Maintaining your user account, processing payments, managing preferences
• Customer Support: Responding to inquiries, resolving issues, providing assistance
• Quality Improvement: Analyzing feedback to enhance our recipes, service, and overall experience
• Reservation Management: Booking tables, managing waitlists, coordinating special events

3.2 Communication

• Order Confirmations: Email and SMS notifications about order status and delivery updates
• Customer Service: Responding to support requests and feedback
• Important Notices: Service changes, policy updates, security alerts
• Marketing Communications: Promotional offers, new menu items, special events (with your consent)
• Loyalty Rewards: Points balance, reward redemptions, exclusive member offers

3.3 Marketing and Analytics

• Personalized Experience: Recommending menu items based on your preferences and order history
• Website Analytics: Understanding traffic patterns, popular pages, user behavior
• Marketing Effectiveness: Measuring campaign success, ROI analysis, A/B testing
• Market Research: Developing new products, improving existing offerings, understanding customer needs

3.4 Legal Compliance and Protection

• Legal Obligations: Complying with applicable laws, regulations, and legal processes
• Fraud Prevention: Detecting and preventing fraudulent transactions and activities
• Safety and Security: Protecting our customers, employees, and business operations
• Dispute Resolution: Resolving customer complaints and legal disputes

4.1 Service Providers

We share information with trusted third-party service providers who help us operate our business:

• Payment Processors: Secure handling of credit card transactions and payment verification
• Delivery Services: Third-party delivery companies for order fulfillment
• Cloud Storage Providers: Secure data storage and backup services
• Email Marketing Services: Managing newsletter subscriptions and promotional campaigns
• Analytics Tools: Website performance monitoring and user behavior analysis
• Customer Support Software: Managing and tracking customer service interactions

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

• Legal Process: Court orders, subpoenas, search warrants, and other legal requirements
• Regulatory Compliance: Health department inspections, food safety regulations
• Law Enforcement: Cooperation with police investigations and public safety matters
• Emergency Situations: Protecting the safety of our customers and employees

4.3 Business Transfers

In the event of a business transaction such as a merger, acquisition, or sale of assets:

• Customer information may be transferred to the new owner
• We will provide advance notice of any such transfer
• The new owner will be bound by this Privacy Policy
• You will have the option to delete your account if you disagree with the transfer

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

• Participating in partner promotions or contests
• Sharing testimonials or reviews (with your permission)
• Joint marketing campaigns with business partners

5.1 Technical Security Measures

• Encryption: All data transmission protected by SSL/TLS encryption (256-bit)
• Secure Storage: Personal data encrypted at rest using industry-standard protocols
• Firewall Protection: Advanced firewall systems protecting our servers and databases
• Access Controls: Strict access limitations - only authorized personnel with business need
• Monitoring: 24/7 security monitoring and intrusion detection systems
• Regular Backups: Automated, encrypted backups stored in secure, geographically distributed locations
• Vulnerability Testing: Regular penetration testing and security audits

5.2 Organizational Security Measures

• Employee Training: Regular security awareness training for all staff members
• Data Handling Procedures: Documented protocols for accessing and processing personal data
• Confidentiality Agreements: All employees and contractors sign strict confidentiality agreements
• Incident Response Plan: Comprehensive procedures for handling potential security breaches
• Regular Audits: Internal and external security assessments conducted quarterly
• Background Checks: Thorough vetting of employees with access to customer data

5.3 Your Security Responsibilities

You can help protect your information by:

• Strong Passwords: Using complex passwords with numbers, symbols, and mixed case letters
• Account Security: Never sharing your login credentials with others
• Safe Browsing: Always logging out of public or shared computers
• Phishing Awareness: Being cautious of suspicious emails or links claiming to be from us
• Prompt Reporting: Immediately contacting us if you suspect unauthorized account access
• Regular Monitoring: Reviewing your account statements and order history regularly

5.4 Security Breach Notification

In the unlikely event of a security breach that affects your personal information, we will:

• Promptly investigate and contain the incident
• Notify you within 72 hours of discovering the breach
• Inform relevant regulatory authorities as required by law
• Provide clear information about what data was affected
• Offer guidance on protective steps you can take
• Implement additional security measures to prevent future incidents

6.1 Tracking Technologies We Use

• Google Analytics: Website traffic analysis, user demographics, behavior flow
• Facebook Pixel: Advertising effectiveness measurement, custom audience creation
• Web Beacons: Email open rates, campaign engagement tracking
• Local Storage: Storing user preferences and shopping cart data in your browser
• Session Storage: Temporary data storage for current browsing session

6.2 Cookie Management

You have control over cookies through your browser settings:

• Accept/Reject: Choose which types of cookies to allow
• Delete Cookies: Remove existing cookies from your device
• Notification Settings: Get alerts when cookies are being set
• Browser Controls: Use built-in privacy settings and ad blockers

Please note that disabling certain cookies may affect website functionality, such as staying logged in or maintaining your shopping cart contents.

7.1 Right of Access

You can request to see what personal information we have about you, including:

• Account details and order history
• Payment information (encrypted portions)
• Communication records and preferences
• Website usage data and analytics

7.2 Right to Rectification

You can request corrections to inaccurate or incomplete personal data:

• Update contact information and addresses
• Correct dietary preferences and allergen information
• Modify payment details and billing information

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when:

• The data is no longer necessary for the original purpose
• You withdraw consent and no other legal basis exists
• The data was unlawfully processed
• Deletion is required for legal compliance

7.4 Right to Restrict Processing

You can request limitations on how we use your data when:

• You contest the accuracy of the data
• Processing is unlawful but you don't want deletion
• We no longer need the data but you need it for legal claims

7.5 Right to Data Portability

You can request your data in a machine-readable format to:

• Transfer your account to another service
• Keep a personal copy of your information
• Use your data with other applications

7.6 Right to Object

You can object to processing based on legitimate interests, including:

• Direct marketing communications
• Profiling for marketing purposes
• Analytics and performance tracking

7.7 Right Against Automated Decision-Making

You can request human review of automated decisions that significantly affect you, such as:

• Credit or payment approval processes
• Fraud detection algorithms
• Delivery area determinations

7.8 How to Exercise Your Rights

To exercise any of these rights, please contact us using the information in Section 13. We will respond within 30 days and may require identity verification to protect your privacy.

8.1 Our Policy on Children's Data

• We do not knowingly collect, use, or disclose personal information from children under 16
• We do not knowingly allow children under 16 to create accounts or place orders
• Our website and marketing are not directed toward children
• We do not participate in behavioral advertising directed at children

8.2 If We Discover Children's Information

If we become aware that we have collected personal information from a child under 16:

• We will immediately delete the information from our systems
• We will terminate any accounts created by the child
• We will not use the information for any purpose
• We will not disclose the information to third parties

8.3 Notice to Parents

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at [email protected]. We will promptly investigate and take appropriate action to protect your child's privacy.

9.1 Protection Measures

When we transfer your personal data internationally, we ensure adequate protection through:

• Adequacy Decisions: Transfers to countries recognized as providing adequate data protection
• Standard Contractual Clauses: EU-approved contract terms ensuring data protection standards
• Data Processing Agreements: Binding contracts with third-party processors
• Security Safeguards: Encryption, access controls, and monitoring during transfers
• Regular Audits: Ongoing compliance monitoring and assessment

9.2 Transfer Destinations

Your data may be transferred to and processed in:

• United States: Cloud storage and analytics services
• European Union: Data analytics and marketing services
• Other Countries: As needed for business operations, always with appropriate safeguards

10.1 Secure Data Disposal

When retention periods expire, we ensure secure disposal through:

• Electronic Deletion: Complete removal from all systems with multiple overwriting passes
• Physical Destruction: Secure shredding of any physical records
• Backup Removal: Deletion from all backup systems and archives
• Third-Party Notification: Ensuring service providers also delete data
• Disposal Records: Maintaining logs of data destruction for compliance

11.1 Our Responsibility

• We are not responsible for the privacy practices of third-party websites
• We do not control the content or policies of external sites
• Links to third parties do not imply endorsement of their privacy practices
• We encourage you to review privacy policies of any sites you visit

11.2 Your Responsibility

When clicking on third-party links, please:

• Read their privacy policies before providing personal information
• Understand how they collect, use, and protect your data
• Use appropriate privacy settings on social media platforms
• Contact third parties directly with questions about their practices

12.1 Change Notification Methods

When we update this Privacy Policy, we will notify you through:

• Website Notice: Prominent banner on our homepage and relevant pages
• Email Notification: Direct communication to registered users
• Account Dashboard: In-app notifications when you log in
• Social Media: Announcements on our official social channels

12.2 Significant Changes

For material changes that affect your rights or how we use your data:

• We will provide 30 days advance notice
• We may require explicit consent for continued service use
• You will have the option to delete your account if you disagree
• We will clearly explain what has changed and why

12.3 Staying Informed

To stay updated on policy changes:

• Check the "Last Updated" date at the top of this page
• Review the policy periodically for changes
• Ensure your email address is current for notifications
• Continued use of our services indicates acceptance of changes

13.1 Response Commitment

We are committed to addressing your privacy concerns promptly:

• Initial Response: Within 3 business days
• Full Resolution: Within 30 days for most requests
• Complex Cases: Up to 90 days with regular updates
• Emergency Issues: Within 24 hours

13.2 Filing Complaints

If you're not satisfied with our response, you can contact supervisory authorities:

• Canadian Privacy Commissioner: For residents of Canada
• EU Data Protection Authorities: For EU residents
• California Attorney General: For CCPA-related complaints
• Local Privacy Regulators: In your jurisdiction

14.1 Marketing Consent Withdrawal

You can stop receiving marketing communications at any time through:

• Unsubscribe Links: Click the unsubscribe link in any promotional email
• Account Settings: Update your communication preferences in your account dashboard
• Direct Contact: Email us at [email protected] or call +1 418-872-4386
• SMS Opt-out: Reply STOP to any promotional text message

14.2 Account Deletion Process

To delete your account and associated data:

1. Log into your account and go to Account Settings
2. Select "Delete Account" and confirm your identity
3. Choose what data to keep for legal requirements (order history for taxes)
4. Confirm deletion - this action cannot be undone
5. Receive email confirmation of account closure

Note: Some information may be retained for legal compliance, fraud prevention, or legitimate business purposes as outlined in our retention policy.