Privacy Policy

Last Updated: December 2024

1. Introduction

Welcome to Punch pizza. We are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our website, mobile applications, and services.

This policy applies to all users of our food delivery and restaurant services, including online ordering, catering services, loyalty programs, and customer support interactions. By using our services, creating an account, or placing an order, you agree to the collection and use of information in accordance with this policy.

Our Commitment: We never sell your personal data to third parties. Your privacy is our priority, and we only use your information to provide better service and enhance your dining experience.

2. Information We Collect

2.1 Information You Provide

Personal Identification Information:

  • Full name, email address, phone number
  • Delivery and billing addresses
  • Date of birth (for age verification and special offers)
  • Profile photo (optional)

Account Information:

  • Username and password (encrypted)
  • Order history and purchase records
  • Payment methods (stored securely with encryption)
  • Dietary preferences and restrictions
  • Allergen information you provide
  • Special dietary requirements (vegan, halal, kosher, gluten-free, etc.)

Food Service-Specific Information:

  • Favorite orders and frequently ordered items
  • Loyalty program participation and rewards data
  • Table reservation details and preferences
  • Catering event information and guest counts
  • Special occasion notes (birthdays, anniversaries)
  • Food ratings and reviews

Communication Data:

  • Contact form submissions and customer inquiries
  • Customer service chat logs and support tickets
  • Survey responses and feedback
  • Marketing communication preferences
  • Newsletter subscription status

2.2 Automatically Collected Information

Device and Technical Information:

  • IP address and approximate location
  • Browser type, version, and language settings
  • Operating system and device information
  • Screen resolution and device identifiers
  • Mobile device model and carrier information

Usage Data:

  • Website browsing history and page views
  • Time spent on pages and click patterns
  • Search queries and menu browsing behavior
  • App usage statistics and feature interactions
  • Order completion rates and abandoned carts

Location Data:

  • GPS coordinates (with permission for delivery)
  • Delivery route optimization data
  • Restaurant proximity and distance calculations
  • Geofencing for location-based promotions

2.3 Information from Third Parties

  • Social Media Platforms: Profile information if you connect social accounts
  • Payment Processors: Transaction confirmation and fraud prevention data
  • Delivery Partners: Delivery status and location tracking
  • Marketing Partners: Campaign performance and audience insights
  • Review Platforms: Public reviews and ratings you post

3. How We Use Your Information

3.1 Service Provision

  • Order Processing: Prepare, cook, and deliver your food orders
  • Account Management: Create and maintain your user account
  • Payment Processing: Secure transaction handling and receipt generation
  • Delivery Coordination: Route optimization and real-time tracking
  • Customer Support: Respond to inquiries and resolve issues
  • Quality Assurance: Monitor service quality and food safety
  • Personalization: Customize menu recommendations based on preferences
  • Loyalty Programs: Track rewards, points, and special offers

3.2 Communication

  • Order Updates: Confirmation, preparation, and delivery notifications
  • Service Communications: Important updates about your account or orders
  • Customer Support: Response to your questions and feedback
  • Marketing Communications: Promotional offers and new menu items (with consent)
  • Safety Alerts: Food safety recalls or allergen warnings
  • Policy Updates: Changes to terms of service or privacy policy

3.3 Marketing and Analytics

  • Personalized Advertising: Relevant promotions based on order history
  • Traffic Analysis: Website and app performance optimization
  • Usage Patterns: Understanding customer behavior and preferences
  • Campaign Effectiveness: Measuring marketing success and ROI
  • Market Research: Development of new menu items and services
  • A/B Testing: Improving user experience and interface design

3.4 Legal Compliance

  • Legal Obligations: Compliance with food safety and business regulations
  • Fraud Prevention: Detecting and preventing fraudulent activities
  • Security Protection: Safeguarding our systems and user data
  • Dispute Resolution: Resolving customer complaints and legal issues
  • Law Enforcement: Responding to legal requests and court orders

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who help us operate our business:

  • Payment Processors: Stripe, PayPal, and other secure payment gateways for transaction processing
  • Cloud Storage Providers: AWS, Google Cloud for secure data storage and backup
  • Delivery Partners: Third-party delivery services for order fulfillment
  • Customer Support Tools: Zendesk, Intercom for customer service management
  • Marketing Services: Mailchimp, Constant Contact for email campaigns
  • Analytics Providers: Google Analytics, Facebook Pixel for usage analysis
  • SMS Services: Twilio for order notifications and updates

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

  • Court orders, subpoenas, and legal process
  • Government agencies for regulatory compliance
  • Law enforcement for criminal investigations
  • Protection of our rights, property, and safety
  • Protection of our customers and the public
  • Emergency situations requiring immediate action

4.3 Business Transfers

In the event of a business sale, merger, or acquisition:

  • Customer data may be transferred to the new owner
  • We will provide prominent notice before transfer
  • New owners must comply with this privacy policy
  • You will have the option to delete your account before transfer

4.4 With Your Consent

We may share information for other purposes with your explicit consent, such as:

  • Social media integration and sharing
  • Promotional partnerships and collaborations
  • Third-party loyalty program participation
  • Marketing research and surveys

5. Data Security

5.1 Technical Measures

  • Encryption: SSL/TLS encryption for all data transmission
  • Data Storage: AES-256 encryption for data at rest
  • Firewall Protection: Advanced firewall systems and intrusion detection
  • Access Control: Multi-factor authentication and role-based access
  • Monitoring: 24/7 security monitoring and threat detection
  • Backups: Regular encrypted backups with secure storage
  • Vulnerability Testing: Regular security audits and penetration testing

5.2 Organizational Measures

  • Employee Training: Regular security awareness and privacy training
  • Data Handling Procedures: Strict protocols for data access and processing
  • Confidentiality Agreements: All staff and contractors sign NDAs
  • Incident Response: Comprehensive data breach response plan
  • Third-Party Audits: Regular security assessments by external experts
  • Privacy by Design: Security built into all systems from the ground up

5.3 Your Security Responsibilities

Help us keep your account secure:

  • Use strong, unique passwords for your account
  • Enable two-factor authentication when available
  • Don't share your login credentials with others
  • Log out from public or shared devices
  • Be cautious of phishing emails and suspicious links
  • Report any unauthorized account access immediately
  • Keep your contact information up to date

Security Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

  • Notify you within 72 hours of discovering the breach
  • Inform relevant regulatory authorities as required by law
  • Provide clear information about what data was affected
  • Explain the steps we're taking to address the issue
  • Offer guidance on protecting yourself from potential harm

6. Cookies and Tracking Technologies

We use various technologies to collect information about your browsing behavior and preferences. Here's a breakdown of the types we use:

Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart Session (deleted when browser closes)
Functional Cookies User preferences, language settings, location Up to 1 year
Analytics Cookies Usage analysis, performance measurement Up to 2 years
Marketing Cookies Personalized advertising, campaign tracking Up to 1 year

Tracking Technologies We Use

  • Google Analytics: Website traffic analysis and user behavior insights
  • Facebook Pixel: Social media advertising measurement and optimization
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Browser data storage for improved performance
  • Session Storage: Temporary data storage for single sessions
  • Heatmap Tools: User interaction analysis and UX improvement

Cookie Management

You can control cookies through your browser settings:

  • Accept/Reject: Choose which types of cookies to allow
  • Delete: Remove existing cookies from your browser
  • Block Third-Party: Prevent external tracking cookies
  • Notifications: Get alerts before cookies are set

Important Note: Disabling essential cookies may affect website functionality, including the ability to log in, place orders, or maintain your shopping cart.

7. Your Rights (GDPR/CCPA Compliance)

You have several rights regarding your personal data. These rights may vary depending on your location and applicable laws:

7.1 Right of Access

You can request to view all personal data we hold about you, including:

  • Account information and profile data
  • Order history and purchase records
  • Communication preferences and marketing data
  • Technical information and usage logs

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data:

  • Update contact information and delivery addresses
  • Correct dietary preferences and allergen information
  • Modify payment method details
  • Fix any errors in your order history

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there's no other legal basis
  • The data has been unlawfully processed
  • Deletion is required for legal compliance

7.4 Right to Restrict Processing

You can limit how we use your data in certain circumstances:

  • While disputing the accuracy of your data
  • When processing is unlawful but you don't want deletion
  • When we no longer need the data but you need it for legal claims
  • While waiting for verification of overriding legitimate interests

7.5 Right to Data Portability

You can receive your personal data in a machine-readable format:

  • CSV or JSON format for easy import
  • Includes account information, order history, and preferences
  • Allows transfer to other service providers

7.6 Right to Object

You can object to certain types of data processing:

  • Marketing communications and promotional emails
  • Profiling for advertising purposes
  • Processing based on legitimate interests

7.7 Right Against Automated Decision-Making

You can opt out of automated decisions that significantly affect you:

  • Automated credit or fraud risk assessments
  • Algorithm-based pricing or promotions
  • Automated customer service decisions

How to Exercise Your Rights

To request any of the above rights:

  • Email: [email protected]
  • Phone: +1 202-789-1234
  • Mail: Privacy Officer, Punch pizza, 1201 24th St NW, Washington, DC 20037, USA
  • Response Time: We will respond within 30 days

8. Children's Privacy

Protecting children's privacy is extremely important to us. Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from children.

Our Commitment

  • We do not intentionally collect data from children under 16
  • We do not create profiles or target advertising to children
  • We require parental consent for any data collection from minors
  • We promptly delete any data discovered to be from children

Parents and Guardians:

If you believe we have collected information from your child under 16, please contact us immediately at [email protected]. We will investigate and delete any such information within 30 days of verification.

9. International Data Transfers

We may transfer your personal data to countries outside your region for processing and storage. We ensure appropriate protection through:

9.1 Protection Measures

  • Adequacy Decisions: Transfers to countries with equivalent data protection
  • Standard Contractual Clauses (SCC): EU-approved contract terms for data protection
  • Data Processing Agreements: Binding contracts with all third-party processors
  • Certification Programs: Partners certified under recognized privacy frameworks
  • Security Measures: Encryption and access controls for all transfers

9.2 Transfer Destinations

  • United States: Cloud storage and payment processing
  • European Union: Data analytics and customer support
  • Canada: Customer service and technical support
  • Other Countries: Only with appropriate safeguards in place

10. Data Retention Periods

We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by law:

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order History 7 years Tax and accounting requirements
Payment Data 7 years (encrypted) Financial regulations, fraud prevention
Marketing Consent 3 months after withdrawal Consent record keeping
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement
Dietary Preferences While account is active Service personalization, safety
Delivery Addresses 2 years after last order Future order convenience

Safe Data Disposal

When data reaches the end of its retention period, we ensure secure disposal:

  • Electronic Data: Complete deletion using secure wiping methods
  • Physical Records: Shredding and secure disposal
  • Backup Systems: Automated deletion from all backup systems
  • Third-Party Storage: Verified deletion from all external systems
  • Disposal Records: Maintaining logs of data destruction activities

11. Third-Party Links and Services

Our website and app may contain links to external websites, social media platforms, and third-party services. Please note:

  • External Links: We are not responsible for the privacy practices of other websites
  • Social Media: Posts and interactions on social platforms are governed by their privacy policies
  • Payment Processors: Credit card information is handled directly by secure payment providers
  • Review Platforms: Reviews posted on external sites follow their terms and policies

Your Responsibility: Before providing personal information to any third-party website or service, please review their privacy policy and terms of use. We recommend being cautious about sharing personal information on external platforms.

12. Policy Changes and Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations.

12.1 How We Notify You of Changes

  • Website Notice: Prominent banner on our homepage
  • Email Notification: Direct email to all registered users
  • App Notification: Push notification for mobile app users
  • Account Dashboard: Notice in your account settings
  • Social Media: Announcements on our official social channels

12.2 Significant Changes

For major changes that affect how we use your data:

  • We will provide at least 30 days advance notice
  • We may require explicit consent for new uses of your data
  • You will have the option to delete your account before changes take effect

12.3 Staying Informed

  • Check this page regularly for updates
  • Note the "Last Updated" date at the top of this policy
  • Continued use of our services indicates acceptance of changes
  • Contact us if you have questions about any changes

13. Contact Information

For any privacy-related questions, concerns, or requests, please contact us:

General Contact

Company: Punch pizza

Address:
1201 24th St NW
Washington, DC 20037
USA

Phone: +1 202-789-1234

Email: [email protected]

Privacy Officer

Email: [email protected]

Subject Line: Please use "Privacy Request" for faster processing

Business Hours:
Monday - Friday: 9:00 AM - 6:00 PM EST
Saturday: 10:00 AM - 4:00 PM EST
Sunday: Closed

Response Commitment: We will respond to all privacy inquiries within 3 business days. For complex requests, we may need up to 30 days to provide a complete response.

Filing Complaints

If you're not satisfied with our response to your privacy concern, you can contact the relevant supervisory authority:

  • US Residents: Federal Trade Commission (FTC)
  • EU Residents: Your local Data Protection Authority
  • California Residents: California Attorney General's Office
  • Other Jurisdictions: Your local privacy regulator

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing at any time. Here's how:

14.1 Marketing Communications

  • Email Unsubscribe: Click the unsubscribe link in any marketing email
  • Account Settings: Update your communication preferences in your account dashboard
  • Customer Support: Contact us directly to opt out of all marketing
  • Phone Opt-out: Call +1 202-789-1234 to stop SMS/phone marketing

14.2 Account Deletion Process

To permanently delete your account and data:

  1. Log into your account dashboard
  2. Navigate to "Account Settings" → "Privacy Settings"
  3. Click "Delete My Account"
  4. Confirm your identity and reason for deletion
  5. We will process your request within 30 days

Important Note: Some data may be retained for legal compliance purposes (such as order records for tax reporting) even after account deletion. We will inform you of any data that cannot be immediately deleted.

15. Conclusion

At Punch pizza, we are committed to protecting your privacy and maintaining the trust you place in us. Your personal information is valuable, and we treat it with the utmost care and security.

We believe that transparency about our data practices helps you make informed decisions about sharing your information with us. This Privacy Policy represents our ongoing commitment to being open about how we collect, use, and protect your data.

Your trust is essential to our business, and we work hard every day to earn and maintain it. We understand that privacy is not just about compliance with laws and regulations – it's about respecting your fundamental right to control your personal information.

If you have any questions about this Privacy Policy or our privacy practices, please don't hesitate to contact us. We value your feedback and are always looking for ways to improve our data protection measures.

Thank you for choosing Punch pizza. We appreciate your business and your trust in our commitment to privacy protection.

Last Updated: December 2024
Please check this page periodically for any updates to our Privacy Policy.