Privacy Policy

1. Introduction

Welcome to Punch pizza ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website pizzas-punchs.click, use our mobile applications, or engage with our food delivery and catering services.

This policy applies to all information collected through our services, including our website, mobile apps, in-store interactions, phone orders, online ordering system, loyalty programs, catering services, and any related services, sales, marketing, or events.

By accessing or using our services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

Important Note: We never sell your personal data to third parties for their marketing purposes. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection.

2. Information We Collect

2.1 Information You Provide Directly

• Personal Identification Information: Name, email address, phone number, delivery address, billing address, date of birth (for age verification and birthday promotions)
• Account Information: Username, password, profile picture, order history, payment preferences
• Order and Dietary Information: Food preferences, allergen information, dietary restrictions (vegan, vegetarian, gluten-free, halal, kosher), special dietary requirements, favorite orders, portion preferences
• Payment Information: Credit card details, billing information (securely processed and encrypted)
• Delivery and Location Data: Delivery addresses, GPS coordinates for accurate delivery, delivery instructions, preferred delivery times
• Loyalty and Rewards Data: Points earned, rewards redeemed, membership tier, promotional codes used, participation in contests
• Reservation Information: Table booking details, party size, special occasion notes, seating preferences
• Catering Information: Event details, guest count, menu preferences, setup requirements, event location
• Communication Records: Customer service interactions, feedback, reviews, survey responses, marketing preferences
• Contest and Promotion Data: Entry information for sweepstakes, contests, and promotional campaigns

2.2 Information Collected Automatically

• Device Information: IP address, browser type and version, operating system, device identifiers, mobile device information
• Usage Data: Pages visited, time spent on site, click-through rates, search queries, referring websites, exit pages
• Location Information: Approximate location derived from IP address, GPS data when location services are enabled
• Cookie Data: Session IDs, user preferences, shopping cart contents, authentication tokens
• Performance Data: Website loading times, error logs, system performance metrics

2.3 Information from Third Parties

• Social Media Platforms: Profile information when you connect your social media accounts
• Payment Processors: Transaction confirmations and fraud prevention data
• Delivery Partners: Delivery status updates and location tracking
• Marketing Partners: Demographic information and marketing analytics
• Review Platforms: Public reviews and ratings you submit about our services

3. How We Use Your Information

3.1 Service Provision and Order Management

• Order Processing: Processing and fulfilling your food orders, managing payment transactions, coordinating delivery or pickup
• Account Management: Creating and maintaining your account, authenticating your identity, providing customer support
• Delivery Services: Coordinating delivery logistics, tracking order status, communicating delivery updates
• Catering Services: Planning and executing catering events, coordinating setup and logistics
• Reservation Management: Processing table reservations, managing seating arrangements, sending confirmation reminders
• Quality Improvement: Analyzing service performance, identifying areas for improvement, enhancing user experience

3.2 Communication and Customer Support

• Order Communications: Sending order confirmations, preparation status, delivery tracking, pickup notifications
• Customer Support: Responding to inquiries, resolving complaints, providing technical assistance
• Important Notices: Alerting you about policy changes, service updates, security notices
• Marketing Communications: Sending promotional offers, new menu announcements, loyalty rewards (with your consent)
• Feedback Collection: Requesting reviews, conducting satisfaction surveys, gathering service feedback

3.3 Marketing, Personalization, and Analytics

• Personalized Recommendations: Suggesting menu items based on past orders and preferences
• Targeted Advertising: Creating personalized marketing campaigns, displaying relevant promotions
• Website Analytics: Analyzing traffic patterns, user behavior, and site performance
• Market Research: Understanding customer preferences, developing new products, improving services
• Loyalty Programs: Managing rewards points, offering personalized benefits, tracking program engagement

3.4 Legal Compliance and Security

• Legal Obligations: Complying with applicable laws, regulations, and legal processes
• Fraud Prevention: Detecting and preventing fraudulent transactions and activities
• Safety and Security: Protecting our systems, preventing unauthorized access, maintaining data integrity
• Dispute Resolution: Investigating and resolving customer disputes, chargebacks, and complaints
• Risk Management: Assessing and mitigating business risks, ensuring operational safety

4. Information Sharing and Disclosure

4.1 Service Providers and Business Partners

• Payment Processors: Stripe, PayPal, and other payment services to process transactions securely
• Delivery Services: Third-party delivery partners to fulfill delivery orders
• Cloud Storage Providers: Amazon Web Services, Google Cloud for secure data storage and processing
• Email Marketing Services: Mailchimp, SendGrid for sending promotional and transactional emails
• Analytics Services: Google Analytics, Facebook Analytics for website and marketing analysis
• Customer Support Tools: Zendesk, Intercom for managing customer service interactions
• SMS Services: Twilio for sending order notifications and promotional messages

4.2 Legal Requirements and Public Safety

• Law Enforcement: When required by subpoenas, court orders, or other legal processes
• Regulatory Compliance: To comply with food safety regulations, health department requirements
• Public Safety: To protect the safety of our customers, employees, and the general public
• Emergency Situations: During emergencies that threaten safety or security

4.3 Business Transfers and Corporate Events

• Mergers and Acquisitions: In connection with corporate restructuring, mergers, or acquisitions
• Asset Sales: If we sell or transfer business assets that include customer data
• Customer Notice: We will notify customers before personal information becomes subject to a different privacy policy
• Buyer Obligations: Ensuring new owners comply with similar privacy protection standards

4.4 Consent-Based Sharing

• Explicit Consent: When you provide specific consent for other sharing purposes
• Social Media Integration: When you choose to share content on social media platforms
• Third-Party Services: When you authorize integration with external services

5. Data Security

5.1 Technical Security Measures

• Encryption: All data transmission protected by SSL/TLS encryption (256-bit encryption)
• Secure Storage: Personal data stored in encrypted databases with restricted access
• Firewall Protection: Advanced firewall systems preventing unauthorized network access
• Access Controls: Multi-factor authentication and role-based access for all systems
• Security Monitoring: 24/7 monitoring for suspicious activities and security threats
• Data Backups: Regular encrypted backups stored in secure, geographically distributed locations
• Vulnerability Testing: Regular penetration testing and security assessments

5.2 Organizational Security Measures

• Employee Training: Mandatory data protection and cybersecurity training for all staff
• Access Limitations: Personal data access limited to employees who need it for their job functions
• Confidentiality Agreements: All employees and contractors bound by strict confidentiality agreements
• Incident Response Plan: Comprehensive procedures for responding to security incidents
• Vendor Management: Due diligence and security assessments for all third-party vendors
• Regular Audits: Internal and external security audits to ensure compliance

5.3 Your Security Responsibilities

• Strong Passwords: Use unique, complex passwords for your account
• Account Protection: Do not share your login credentials with anyone
• Public Computer Safety: Always log out when using public or shared computers
• Phishing Awareness: Be cautious of suspicious emails or links claiming to be from us
• Immediate Reporting: Report any unauthorized account access immediately
• Software Updates: Keep your devices and browsers updated with latest security patches

Security Breach Notification: In the unlikely event of a data security incident that affects your personal information, we will promptly notify you and relevant authorities as required by law. We will provide details about the incident, steps we've taken to address it, and actions you can take to protect yourself.

6. Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience on our website and mobile applications. The following table outlines the types of cookies we use:

Other Tracking Technologies We Use:

• Google Analytics: Traffic analysis, user behavior tracking, conversion monitoring
• Facebook Pixel: Advertising effectiveness measurement, custom audience creation
• Web Beacons: Email open rates, link clicks, engagement tracking
• Local Storage: Storing user preferences and application data in your browser
• Session Storage: Temporary data storage during your browsing session

Cookie Management:

You can control cookies through your browser settings. Most browsers allow you to:

• View and delete existing cookies
• Block new cookies from being set
• Receive notifications when cookies are being used
• Delete all cookies when closing your browser

Important Note: Disabling certain cookies may affect website functionality. Essential cookies cannot be disabled as they are necessary for core site operations.

7. Your Rights (GDPR/CCPA Compliance)

Depending on your location, you may have the following rights regarding your personal information:

7.1 Right of Access

You have the right to request access to your personal data and receive information about how we process it. We will provide you with a copy of your personal data in a commonly used format.

7.2 Right to Rectification

You can request correction of inaccurate personal data and completion of incomplete data. You can update most information directly through your account settings.

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the original purpose or you withdraw consent.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal data in certain situations, such as when you contest the accuracy of the data or object to processing.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format and to request that we transfer this data to another service provider.

7.6 Right to Object

You can object to processing of your personal data for direct marketing purposes or when processing is based on legitimate interests.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you.

How to Exercise Your Rights:

To exercise any of these rights, please contact us using the information provided in Section 13. We will respond to your request within 30 days and may need to verify your identity before processing your request.

8. Children's Privacy

Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 without parental consent. Our online ordering system requires users to confirm they are 16 or older.

If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to remove that information from our servers promptly.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately at [email protected], and we will work to delete such information.

For any orders placed on behalf of minors, the adult placing the order assumes full responsibility for the transaction and any associated data collection.

9. International Data Transfers

9.1 Protection Measures

When we transfer your personal data internationally, we ensure appropriate safeguards are in place:

• Adequacy Decisions: Transfers to countries recognized by your local authority as providing adequate protection
• Standard Contractual Clauses (SCCs): EU-approved contractual terms ensuring data protection
• Data Processing Agreements: Binding contracts with all international vendors
• Security Measures: Encryption and secure transmission protocols for all transfers
• Regular Compliance Audits: Ongoing monitoring of international partners' data practices

9.2 Transfer Destinations

Your personal data may be transferred to and stored in:

• United States: Cloud storage services (Amazon Web Services, Google Cloud)
• European Union: Analytics and marketing services
• Other Countries: As necessary for service provision, always with appropriate safeguards

All international transfers comply with applicable data protection laws and regulations.

10. Data Retention Periods

We retain personal information only as long as necessary for the purposes outlined in this policy or as required by law:

Safe Data Disposal:

When personal data reaches the end of its retention period, we ensure secure disposal:

• Electronic Data: Complete deletion using industry-standard methods that make recovery impossible
• Physical Records: Secure shredding and incineration of paper documents
• Backup Systems: Systematic removal from all backup and archival systems
• Disposal Records: Maintenance of disposal logs for compliance verification

11. Third-Party Links and Services

Our website and mobile applications may contain links to external websites, social media platforms, and third-party services that are not operated by us. This Privacy Policy does not apply to these external sites.

Examples of Third-Party Links:

• Social media platforms (Facebook, Instagram, Twitter)
• Review sites (Yelp, Google Reviews)
• Payment processor websites
• Partner restaurant websites
• Food delivery platform integrations

Your Responsibility: We strongly advise you to review the privacy policies of any third-party sites you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

Data Sharing with Third Parties: When you interact with third-party services through our platform, you may be sharing information directly with those services according to their own privacy policies.

12. Privacy Policy Changes

12.1 Change Notification Methods

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we make changes, we will notify you through:

• Website Notice: Prominent banner on our homepage and key service pages
• Email Notification: Direct email to all registered users
• App Notifications: Push notifications through our mobile application
• Account Dashboard: Notice in your account settings upon login
• Explicit Consent: For material changes that require additional consent

12.2 Staying Informed

To stay informed about policy changes:

• Check the "Last Updated" date at the top of this policy regularly
• Review your email for policy update notifications
• Visit this page periodically to review the current version
• Enable notifications in your account settings

Continued Use: Your continued use of our services after the effective date of changes constitutes acceptance of the updated policy. If you disagree with changes, you may discontinue using our services and request account deletion.

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Response Commitment: We will acknowledge receipt of your inquiry within 3 business days and provide a substantive response within 30 days.

13.1 Filing Complaints

If you are not satisfied with our response to your privacy concern, you have the right to contact the appropriate supervisory authority:

• EU Residents: Your local Data Protection Authority
• UK Residents: Information Commissioner's Office (ICO)
• California Residents: California Attorney General's Office
• Other US Residents: Federal Trade Commission (FTC)

14. Withdrawal of Consent

14.1 Marketing Communications

You can withdraw consent for marketing communications at any time through:

• Email Unsubscribe: Click the unsubscribe link at the bottom of any marketing email
• Account Settings: Update your communication preferences in your online account
• Customer Service: Contact our support team to opt out of specific communications
• SMS Opt-Out: Reply "STOP" to any promotional text message
• Phone Opt-Out: Request removal from our calling list during any promotional call

14.2 Account Deletion Process

To permanently delete your account and associated data:

1. Log into your account and go to Account Settings
2. Select "Delete Account" and confirm your identity
3. Review what data will be deleted and what may be retained for legal purposes
4. Confirm deletion - this action cannot be undone
5. Receive email confirmation of account deletion within 48 hours

Note: Some information may be retained as required by law for tax records, fraud prevention, or dispute resolution, even after account deletion.

15. Conclusion

At Punch pizza, protecting your privacy is not just a legal obligation—it's fundamental to building and maintaining trust with our customers. We are committed to transparency in our data practices and continuously improving our privacy protections.

Your trust is the foundation of our relationship, and we take seriously our responsibility to safeguard the personal information you share with us. We believe that excellent food service goes hand in hand with excellent data stewardship.

We encourage you to reach out with any questions or concerns about our privacy practices. Our team is here to help ensure you feel confident and comfortable with how we handle your information.

Thank you for choosing Punch pizza. We look forward to continuing to serve you with delicious food and the highest standards of privacy protection.

Remember to check this policy periodically for updates by reviewing the "Last Updated" date at the top of this page.