Privacy Policy

1. Introduction

Welcome to Pizza Ranch. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, place orders, or interact with us through any of our platforms.

This policy applies to all services offered by Pizza Ranch, including our website, mobile applications, online ordering system, delivery services, catering services, loyalty programs, and franchise operations. By accessing our services, creating an account, placing an order, or providing us with your personal information, you agree to the collection and use of information in accordance with this policy.

Important Note: We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection and privacy.

2. Information We Collect

2.1 Information You Provide Directly

• Personal Identification Information: Full name, email address, phone number, billing and delivery addresses, date of birth (for age verification)
• Account Information: Username, password, profile picture, communication preferences, account settings
• Order and Purchase History: Items ordered, quantities, special instructions, delivery preferences, order frequency, payment methods used
• Dietary Information: Food allergies, dietary restrictions (vegetarian, vegan, gluten-free, etc.), special dietary requirements (halal, kosher), ingredient preferences
• Payment Information: Credit card details, billing information, payment history (stored securely through encrypted payment processors)
• Contact Form Data: Inquiries, feedback, complaints, support requests, survey responses
• Marketing Preferences: Email subscription choices, SMS consent, promotional preferences, communication frequency settings
• Loyalty Program Data: Reward points, membership tier, redemption history, bonus point activities
• Reservation Information: Table booking details, party size, special occasion notes, seating preferences
• Catering Event Details: Event type, guest count, menu selections, delivery instructions, setup requirements

2.2 Information Automatically Collected

• Device Information: IP address, device type, operating system, browser type and version, screen resolution, device identifiers
• Usage Data: Pages visited, time spent on site, click patterns, search queries, referral sources, exit pages
• Location Data: Approximate location based on IP address, GPS coordinates (if permitted), delivery zone identification
• Cookie Data: Session identifiers, user preferences, shopping cart contents, login status, analytics data
• Performance Data: Page load times, error messages, technical issues, crash reports

2.3 Information from Third Parties

• Social Media Platforms: Profile information when you connect social accounts (Facebook, Google, Instagram)
• Payment Processors: Transaction verification, fraud detection data, payment method validation
• Delivery Partners: Delivery status updates, driver location, delivery confirmation
• Marketing Partners: Campaign performance data, audience insights, conversion tracking
• Review Platforms: Customer reviews and ratings from third-party sites

3. How We Use Your Information

3.1 Service Provision

• Order Processing: Fulfilling food orders, coordinating delivery or pickup, managing inventory, processing payments
• Account Management: Creating and maintaining user accounts, authenticating users, providing personalized experiences
• Customer Support: Responding to inquiries, resolving issues, providing technical assistance, handling complaints
• Quality Improvement: Analyzing service performance, identifying areas for enhancement, optimizing user experience
• Loyalty Program Management: Tracking points, processing rewards, managing membership tiers, sending program updates

3.2 Communication

• Transactional Communications: Order confirmations, delivery notifications, payment receipts, account updates
• Customer Service: Support responses, follow-up communications, satisfaction surveys
• Important Notices: Policy changes, service updates, security alerts, system maintenance notifications
• Marketing Communications: Promotional emails, special offers, new menu items, seasonal campaigns (with your explicit consent)

3.3 Marketing and Analytics

• Personalization: Customized menu recommendations, targeted promotions, personalized content delivery
• Analytics: Website traffic analysis, user behavior patterns, conversion rate optimization, A/B testing
• Advertising: Creating targeted advertising campaigns, measuring ad effectiveness, retargeting website visitors
• Market Research: Understanding customer preferences, developing new products, analyzing market trends

3.4 Legal Compliance and Security

• Legal Obligations: Responding to legal requests, court orders, regulatory requirements
• Fraud Prevention: Detecting suspicious activities, preventing unauthorized access, protecting against security threats
• Rights Protection: Protecting our intellectual property, enforcing terms of service, defending legal claims
• Safety: Ensuring food safety standards, protecting public health, emergency response coordination

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who assist us in operating our business:

• Payment Processors: Secure transaction processing, fraud detection, payment method verification (Stripe, PayPal, Square)
• Delivery Companies: Order fulfillment, route optimization, delivery tracking, customer notifications
• Cloud Storage Providers: Secure data storage, backup services, disaster recovery (AWS, Google Cloud, Microsoft Azure)
• Email Service Providers: Marketing campaigns, transactional emails, newsletter delivery (Mailchimp, SendGrid)
• Analytics Services: Website usage analysis, performance monitoring, user behavior insights (Google Analytics, Adobe Analytics)
• Customer Support Tools: Help desk systems, live chat services, ticket management platforms

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

• Legal Process: Court orders, subpoenas, search warrants, regulatory investigations
• Law Enforcement: Criminal investigations, national security matters, public safety concerns
• Regulatory Compliance: Food safety audits, health department inspections, tax reporting
• Emergency Situations: Immediate threats to safety, medical emergencies, natural disasters

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

• Customer information may be transferred to the new entity
• We will notify you before your information is transferred
• The new owner must comply with this privacy policy or provide notice of changes
• You will have the right to delete your account before the transfer

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

• Participating in joint marketing campaigns
• Sharing reviews and testimonials
• Third-party loyalty program partnerships
• Social media integrations and sharing

5. Data Security

5.1 Technical Security Measures

• Encryption: All data transmission is protected using SSL/TLS encryption (256-bit). Sensitive data is encrypted at rest using AES-256 encryption standards.
• Firewall Protection: Advanced firewall systems monitor and filter all network traffic, blocking unauthorized access attempts.
• Access Controls: Role-based access control ensures only authorized personnel can access personal data on a need-to-know basis.
• 24/7 Monitoring: Continuous security monitoring systems detect and respond to suspicious activities in real-time.
• Regular Backups: Automated daily backups ensure data recovery capabilities and business continuity.
• Vulnerability Management: Regular security scans and penetration testing to identify and address potential vulnerabilities.

5.2 Organizational Security Measures

• Employee Training: Regular security awareness training for all staff members handling personal data.
• Data Handling Procedures: Documented procedures for data collection, processing, storage, and deletion.
• Confidentiality Agreements: All employees and contractors sign strict confidentiality agreements.
• Incident Response Plan: Comprehensive plan for handling security breaches and data incidents.
• Regular Audits: Annual security audits by independent third parties to assess our security posture.
• Vendor Management: Due diligence and security assessments of all third-party service providers.

5.3 Your Security Responsibilities

Please help us protect your information by:

• Strong Passwords: Use complex passwords with a mix of letters, numbers, and symbols
• Password Security: Never share your login credentials with others
• Public Computers: Always log out when using shared or public devices
• Phishing Awareness: Be cautious of suspicious emails requesting personal information
• Account Monitoring: Regularly review your account activity for unauthorized access
• Immediate Reporting: Contact us immediately if you suspect unauthorized account access

5.4 Security Breach Notification

In the unlikely event of a security breach affecting your personal data, we will:

• Notify you within 72 hours of discovering the breach
• Provide details about what information was involved
• Explain the steps we're taking to address the breach
• Offer guidance on protective measures you can take
• Notify relevant authorities as required by law

6. Cookies and Tracking Technologies

Additional Tracking Technologies

• Google Analytics: Website traffic analysis, user behavior patterns, conversion tracking
• Facebook Pixel: Social media advertising effectiveness, audience insights, retargeting campaigns
• Web Beacons: Email open rates, click-through rates, engagement measurement
• Local Storage: Browser data storage for improved performance and user experience
• Session Storage: Temporary data storage during your browsing session

Cookie Management

You can control cookies through your browser settings:

• Accept or reject cookies before they are stored
• Delete existing cookies from your device
• Set preferences for specific websites
• Block third-party cookies while allowing first-party cookies

Note: Disabling certain cookies may affect website functionality, including the ability to place orders, save preferences, or access your account.

7. Your Rights (GDPR/CCPA Compliance)

7.1 Right of Access

You have the right to request confirmation of whether we process your personal data and obtain a copy of your data. This includes:

• Account information and profile details
• Order history and purchase records
• Communication preferences and marketing consent
• Loyalty program data and rewards history

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data, including:

• Updating contact information
• Correcting delivery addresses
• Modifying dietary preferences or allergies
• Changing payment information

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when:

• The data is no longer necessary for its original purpose
• You withdraw consent for data processing
• The data has been unlawfully processed
• Legal obligations require deletion

7.4 Right to Restrict Processing

You can request limitation of data processing when:

• You contest the accuracy of the data
• Processing is unlawful but you don't want deletion
• We no longer need the data but you need it for legal claims
• You object to processing pending verification

7.5 Right to Data Portability

You can request your data in a structured, machine-readable format for:

• Transferring to another service provider
• Personal use and analysis
• Backup and archival purposes

7.6 Right to Object

You can object to data processing for:

• Direct marketing communications
• Profiling for marketing purposes
• Processing based on legitimate interests
• Scientific or statistical purposes

7.7 Right Against Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces legal effects or similarly significant effects concerning you.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: [email protected]
• Phone: +1 407-593-4422
• Online: Through your account settings
• Mail: 9101 International Dr #1220, Orlando, FL 32819, USA

Response Time: We will respond to your request within 30 days and may extend this period by two months for complex requests.

8. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect, use, or disclose personal information from children under 16 without appropriate parental consent.

If You Are a Parent or Guardian

If you believe your child under 16 has provided us with personal information, please contact us immediately at [email protected]. We will:

• Verify the child's age and parental relationship
• Promptly delete the child's personal information
• Take steps to prevent future collection
• Provide confirmation of data deletion

Age Verification

We may request age verification for certain services, such as:

• Account creation for loyalty programs
• Alcohol delivery orders
• Contest or promotion participation
• Marketing communication subscriptions

Parental Controls

Parents can help protect their children's privacy by:

• Monitoring their children's internet activity
• Using parental control software
• Teaching children about online privacy
• Reviewing website privacy policies together

9. International Data Transfers

9.1 Protection Measures

When transferring your personal data internationally, we implement appropriate safeguards:

• Adequacy Decisions: Transfers to countries with adequate data protection laws as recognized by relevant authorities
• Standard Contractual Clauses (SCCs): EU-approved contracts ensuring adequate protection standards
• Data Processing Agreements: Binding agreements with all international partners
• Security Measures: Additional technical and organizational measures for high-risk transfers
• Regular Compliance Reviews: Ongoing monitoring of transfer mechanisms and protection standards

9.2 Transfer Destinations

Your data may be transferred to and processed in:

• United States: Primary data centers and cloud storage facilities
• European Union: Analytics services and customer support operations
• Canada: Payment processing and backup storage
• Other Countries: As necessary for service provision, with appropriate safeguards

9.3 Your Rights Regarding Transfers

You have the right to:

• Information about specific transfer mechanisms used
• Copies of safeguards in place for your data
• Object to transfers in certain circumstances
• Request local data processing where technically feasible

10. Data Retention Periods

Safe Data Disposal

When data reaches the end of its retention period, we ensure secure disposal through:

• Electronic Deletion: Complete removal from all systems with overwriting to prevent recovery
• Physical Destruction: Secure shredding of paper records using certified destruction services
• Backup Purging: Systematic removal from all backup systems and archives
• Third-party Notification: Ensuring service providers also delete data as required
• Disposal Documentation: Maintaining records of data disposal for compliance purposes

Extended Retention

We may retain data beyond standard periods when:

• Legal proceedings are pending or reasonably anticipated
• Regulatory investigations require data preservation
• You have specifically consented to extended retention
• Data is anonymized and used for statistical purposes

11. Third-Party Links and Services

Our website and services may contain links to third-party websites, applications, or services that are not owned or controlled by Pizza Ranch. This includes:

Types of Third-Party Links

• Social Media Platforms: Links to our Facebook, Instagram, Twitter profiles
• Payment Processors: Redirects to secure payment gateways
• Delivery Partners: Tracking systems and partner applications
• Review Sites: Links to Yelp, Google Reviews, TripAdvisor
• Business Partners: Affiliated restaurants, suppliers, franchisees
• Government Sites: Health department information, regulatory resources

Our Responsibility

We are not responsible for:

• Privacy practices of third-party websites or services
• Content, accuracy, or reliability of external sites
• Data collection by third-party plugins or widgets
• Security measures implemented by external services
• Terms of service or policies of linked websites

Your Responsibility

When using third-party services, please:

• Review the privacy policies of all external sites
• Understand what information is being collected
• Verify the security measures in place
• Make informed decisions about data sharing
• Contact third parties directly with privacy concerns

Social Media Integration

Our social media features may collect information such as:

• Your IP address and browser information
• Pages you view on our site with social features
• Cookies set by the social media platform
• Your interaction with social media buttons

These interactions are governed by the privacy policies of the respective social media companies.

12. Policy Changes and Updates

12.1 Change Notification Process

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make changes, we will notify you through:

• Website Notice: Prominent banner on our homepage highlighting the policy update
• Email Notification: Direct email to all registered users with account email addresses
• Account Dashboard: Pop-up notification when you log into your account
• Mobile App Alert: Push notification for mobile app users
• Social Media: Announcements on our official social media channels

12.2 Types of Changes

• Minor Changes: Clarifications, contact information updates, formatting improvements
• Material Changes: New data collection practices, expanded sharing arrangements, significant policy modifications
• Legal Updates: Changes required by new regulations or court decisions
• Business Changes: Updates due to new services, partnerships, or business structure changes

12.3 Your Response Options

After notification of policy changes, you may:

• Accept Changes: Continue using our services under the new terms
• Request Clarification: Contact us with questions about specific changes
• Modify Your Preferences: Update your consent settings or communication preferences
• Discontinue Services: Stop using our services if you disagree with changes
• Delete Account: Request complete account deletion before changes take effect

12.4 Effective Date and Transition

• Changes become effective 30 days after notification (unless legally required sooner)
• Continued use of our services after the effective date constitutes acceptance
• Previous policy versions remain available for reference
• Significant changes may require explicit consent before taking effect

12.5 Staying Informed

To stay updated on policy changes:

• Check the "Last Updated" date at the top of this policy
• Subscribe to our policy update notifications
• Follow our official social media channels
• Enable account notifications in your settings
• Bookmark this page for periodic review

13. Contact Information and Support

Primary Contact Details

Contact Methods

• Email: [email protected] (Primary privacy inquiries)
• Phone: +1 407-593-4422 (Customer service and privacy questions)
• Online Form: Available through our contact page
• Live Chat: Available on our website during business hours
• Mail: Send written inquiries to our physical address above
• Account Portal: Access privacy settings through your online account

Response Commitment

We are committed to addressing your privacy concerns promptly:

• Initial Response: Within 3 business days of receiving your inquiry
• Data Requests: Fulfilled within 30 days (may extend to 60 days for complex requests)
• Urgent Issues: Security concerns addressed within 24 hours
• Account Deletion: Processed within 7 business days
• Marketing Opt-out: Immediate processing, effective within 24 hours

13.1 Privacy-Related Complaints

If you have concerns about our privacy practices:

Step 1: Contact Us Directly

• Email your specific concern to [email protected]
• Include relevant details and desired resolution
• Our privacy team will investigate and respond
• Most issues are resolved within one week

Step 2: Supervisory Authority

If you're not satisfied with our response, you may contact the relevant data protection authority in your jurisdiction:

• EU Residents: Your local Data Protection Authority or the European Data Protection Board
• UK Residents: Information Commissioner's Office (ICO)
• California Residents: California Attorney General's Office
• Canadian Residents: Office of the Privacy Commissioner of Canada
• Other Jurisdictions: Your local privacy regulator or consumer protection agency

Information to Include in Your Privacy Request

To help us process your request efficiently, please include:

• Your full name and email address associated with your account
• Specific type of request (access, deletion, correction, etc.)
• Detailed description of your privacy concern
• Any relevant account numbers or order numbers
• Preferred method of response (email, phone, mail)
• Identity verification information (for security purposes)

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through multiple methods:

Email Marketing Withdrawal:

• Unsubscribe Links: Click the unsubscribe link in any marketing email
• Account Settings: Log into your account and modify email preferences
• Contact Support: Email [email protected] with "Unsubscribe" in the subject line
• Phone Request: Call +1 407-593-4422 during business hours

SMS/Text Marketing Withdrawal:

• Reply STOP: Text "STOP" to any promotional SMS
• Account Settings: Disable SMS notifications in your account
• Customer Service: Call or email to remove your number from SMS lists

Promotional Calls Withdrawal:

• Do Not Call Registration: Add your number to the National Do Not Call Registry
• Direct Request: Ask to be removed during any promotional call
• Account Update: Set call preferences to "No promotional calls" in your account

14.2 Complete Account Deletion

To permanently delete your account and withdraw all consent:

Self-Service Deletion:

• Log into your account settings
• Navigate to "Privacy Settings" or "Account Management"
• Click "Delete Account" and follow the confirmation steps
• Confirm deletion via email verification

Assisted Deletion:

• Email [email protected] with subject "Account Deletion Request"
• Provide your full name and email address for verification
• Include the reason for deletion (optional)
• Confirm your identity through security questions

14.3 What Happens After Withdrawal

• Immediate Effect: Marketing communications stop within 24 hours
• Transactional Communications: Essential service emails continue (order confirmations, etc.)
• Account Access: You can still use services but won't receive promotional materials
• Data Retention: Personal data retained according to legal requirements and retention policy
• Re-consent: You can opt back in at any time through the same methods

14.4 Partial Consent Management

You don't have to withdraw all consent - you can selectively opt out of:

• Specific types of marketing (email only, SMS only, etc.)
• Certain product categories or promotions
• Frequency of communications (weekly vs. daily)
• Personalization features while maintaining basic services
• Third-party data sharing for marketing purposes

15. Conclusion

At Pizza Ranch, protecting your privacy is not just a legal obligation—it's a fundamental aspect of the trust relationship we build with every customer. We understand that when you share your personal information with us, you're placing confidence in our ability to handle that data responsibly and securely.

Our Commitment to You

We pledge to:

• Maintain the highest standards of data protection and security
• Be transparent about how we collect and use your information
• Give you control over your personal data and privacy choices
• Continuously improve our privacy practices and security measures
• Respond promptly and professionally to your privacy inquiries
• Stay current with evolving privacy laws and best practices

Your Role in Privacy Protection

While we implement comprehensive security measures, your privacy protection is a shared responsibility. We encourage you to:

• Regularly review and update your privacy preferences
• Keep your account information current and accurate
• Use strong passwords and secure login practices
• Stay informed about privacy best practices
• Contact us promptly with any privacy concerns

Ongoing Dialogue

Privacy protection is an ongoing conversation, not a one-time policy document. We welcome your feedback, questions, and suggestions about our privacy practices. Your input helps us improve our services and better protect your information.

Whether you're a longtime customer or new to Pizza Ranch, we value the trust you place in us. We're committed to earning and maintaining that trust through transparent, responsible data handling practices.

Questions and Support

If you have any questions about this Privacy Policy or our data practices, please don't hesitate to contact us. Our customer service team is trained to handle privacy inquiries and is available during business hours to assist you.

Thank you for choosing Pizza Ranch and for taking the time to understand how we protect your privacy. We look forward to serving you while keeping your personal information secure.