Privacy Policy

This Privacy Policy describes how Punch Pizza ("we," "us," "our," or the "Company") collects, uses, discloses, and safeguards your personal information when you visit our website at punchs-pizz.rest, place orders, use our services, or otherwise interact with us. Please read this policy carefully. By using our website or services, you agree to the practices described in this Privacy Policy.

We are committed to protecting your privacy and handling your personal data in a transparent, lawful, and responsible manner. This policy applies to all visitors, customers, and users of our digital and physical services in the United States.

1. Who We Are

Punch Pizza is a food service business operating in the United States. We provide pizza and related food products and services to customers online and in person.

For any questions, concerns, or requests regarding your personal information, please contact us using the details provided in the Contact Us section at the end of this policy.

2. Applicable Laws and Legal Framework

As a business operating in the United States, we comply with applicable federal and state privacy laws, including but not limited to:

• The Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive practices in connection with the collection and use of consumer data.
• The California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), which grant California residents specific rights regarding their personal information.
• The CAN-SPAM Act, which governs commercial email communications.
• The Children's Online Privacy Protection Act (COPPA), which restricts the collection of personal data from children under the age of 13.
• Other applicable state and federal consumer protection and data privacy regulations.

If you are a resident of California, please see Section 11 of this policy for additional rights and disclosures specific to California consumers under the CCPA/CPRA.

3. Information We Collect

We collect various types of information in connection with the services we provide. The categories of personal information we may collect are described below.

3.1 Information You Provide Directly

When you interact with us — whether by creating an account, placing an order, contacting customer support, signing up for our newsletter, or otherwise communicating with us — you may provide us with the following personal information:

• Identity Information: First name, last name, username, or similar identifier.
• Contact Information: Email address, telephone number, billing address, delivery address, and postal code.
• Account Credentials: Password and other login information if you create an account with us.
• Payment Information: Credit card numbers, debit card details, billing information, and other financial data necessary to process transactions. Note that payment information is processed by our third-party payment processors and is not stored directly on our servers in its raw form.
• Order Information: Details about the food products you order, special dietary requests, delivery preferences, and order history.
• Communications Data: Any messages, feedback, reviews, or other content you submit to us via email, contact forms, or social media.
• Marketing Preferences: Your preferences for receiving marketing communications from us.

3.2 Information Collected Automatically

When you visit our website or use our digital platforms, we and our third-party service providers automatically collect certain technical and usage information, including:

• Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution, and hardware information.
• Usage Data: Pages viewed, links clicked, time and date of your visit, time spent on pages, referring URL, and navigation paths through our website.
• Location Data: General geographic location inferred from your IP address, or more precise location data if you grant permission through your device settings.
• Log Data: Server logs that record activity on our website, including access times and error reports.
• Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies. Please see Section 8 for more information about our use of cookies.

3.3 Information from Third Parties

We may receive personal information about you from third-party sources, including:

• Third-Party Delivery Platforms: If you place an order through a third-party delivery app or platform (such as DoorDash, Uber Eats, or Grubhub), we may receive order and contact information from those platforms.
• Payment Processors: Transaction confirmation and fraud prevention signals from our payment processing partners.
• Analytics Providers: Aggregated and anonymized data from analytics tools to help us understand website performance.
• Social Media Platforms: If you interact with us on social media or use social login features, we may receive profile information according to the platform's settings and your privacy preferences.
• Marketing Partners: Information that helps us reach you with relevant advertising, within the bounds of applicable law.

3.4 Sensitive Personal Information

We do not intentionally collect sensitive personal information such as Social Security numbers, government-issued identification numbers, medical information, or biometric data. If you provide dietary information (such as allergies or religious dietary restrictions) in connection with your food orders, we use that information solely to fulfill your order and to ensure your safety.

4. How We Use Your Information

We use the personal information we collect for the following purposes:

4.1 Providing and Managing Our Services

• Processing and fulfilling your food orders, including delivery and pickup arrangements.
• Creating and managing your customer account.
• Processing payments and preventing fraudulent transactions.
• Communicating with you about your order status, updates, and confirmations.
• Responding to your inquiries, complaints, and customer service requests.
• Providing technical support and troubleshooting issues with our website.

4.2 Improving Our Services and Operations

• Analyzing usage patterns to improve our website functionality, menu offerings, and customer experience.
• Conducting internal research and data analytics to better understand customer preferences and behavior.
• Testing and developing new features, products, and services.
• Monitoring and ensuring the security of our systems and data.

4.3 Marketing and Promotional Communications

• Sending you promotional emails, special offers, discounts, and newsletters about our products and services, where you have consented or where permitted by applicable law.
• Personalizing your experience and showing you relevant content, offers, and recommendations based on your order history and preferences.
• Delivering targeted advertising through third-party platforms, where permitted.
• Conducting surveys and gathering feedback to improve our services.

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email, or by contacting us at [email protected]. Opting out of marketing communications will not affect transactional communications related to your orders.

4.4 Legal and Compliance Purposes

• Complying with applicable laws, regulations, legal processes, and government requests.
• Enforcing our Terms of Service and other agreements.
• Protecting the rights, property, and safety of our Company, our customers, and the public.
• Detecting and preventing fraud, abuse, and other harmful activities.
• Maintaining records as required by law.

5. Sharing Your Information with Third Parties

We do not sell your personal information to third parties for monetary compensation. However, we may share your personal information in the following circumstances:

5.1 Service Providers and Business Partners

We work with trusted third-party companies and individuals who assist us in operating our business and providing services to you. These service providers are authorized to use your personal information only as necessary to perform services on our behalf and are contractually obligated to maintain appropriate confidentiality and security measures. Categories of service providers include:

• Payment Processors: To securely process your payment transactions.
• Delivery Partners: Third-party delivery drivers and logistics companies that fulfill your delivery orders.
• Cloud Hosting and IT Services: Companies that host our website, databases, and IT infrastructure.
• Analytics Providers: Services such as Google Analytics that help us understand how users interact with our website.
• Email Marketing Platforms: Services used to send transactional and marketing emails.
• Customer Support Tools: Platforms used to manage customer inquiries and support tickets.

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law or in response to valid legal requests, including:

• Compliance with a court order, subpoena, or legal process.
• Requests from government or law enforcement agencies.
• Protection of our legal rights or to defend against legal claims.
• Prevention of fraud, criminal activity, or imminent threats to safety.

5.3 Business Transfers

In the event of a merger, acquisition, asset sale, reorganization, or other business transfer involving Punch Pizza, your personal information may be transferred to the successor entity. We will notify you via email or prominent notice on our website before your personal information becomes subject to a different privacy policy as a result of such a transaction.

5.4 With Your Consent

We may share your personal information with third parties in other ways when you have explicitly consented to such sharing.

6. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical safeguards to protect your data from unauthorized access, use, disclosure, alteration, or destruction. Our security measures include:

• Encryption: We use Secure Sockets Layer (SSL) / Transport Layer Security (TLS) encryption for data transmitted between your browser and our website. Sensitive data, such as payment information, is encrypted both in transit and at rest.
• Access Controls: Access to personal information is restricted to authorized employees and service providers who need it to perform their job functions. We enforce the principle of least privilege.
• Secure Payment Processing: Payment card information is handled by PCI DSS-compliant payment processors. We do not store raw credit card details on our servers.
• Regular Security Assessments: We periodically review our systems and data practices to identify and address potential vulnerabilities.
• Employee Training: Our staff receives training on data protection practices and the importance of safeguarding customer information.
• Incident Response: We have procedures in place to detect, respond to, and notify affected individuals and authorities of data breaches, as required by applicable law.

Despite our best efforts, no method of electronic transmission or data storage is completely secure. We cannot guarantee the absolute security of your personal information, and we encourage you to take steps to protect your own data, such as using a strong, unique password for your account and being cautious about phishing attempts.

7. Your Rights and Choices

Depending on your location and applicable law, you may have the following rights with respect to your personal information:

7.1 Right to Access

You have the right to request a copy of the personal information we hold about you. We will provide this information in a commonly used electronic format upon verified request.

7.2 Right to Correction

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you. You may also update certain account information directly through your account settings on our website.

7.3 Right to Deletion

You have the right to request that we delete your personal information, subject to certain exceptions (such as information we are required to retain by law, or information necessary to complete a transaction you have requested).

7.4 Right to Data Portability

You have the right to request that we provide your personal information in a structured, commonly used, machine-readable format so that you can transfer it to another organization, where technically feasible.

7.5 Right to Opt Out of Marketing

You may opt out of receiving marketing communications from us at any time by using the unsubscribe link in any email we send, or by contacting us directly. Note that even if you opt out of marketing emails, we will still send you important transactional messages related to your orders and account.

7.6 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices, or provide a different level of service based solely on your exercise of privacy rights.

7.7 How to Exercise Your Rights

To exercise any of the rights described above, please submit a request to us by:

• Email: [email protected]
• Website: punchs-pizz.rest

We may need to verify your identity before processing your request. We will respond to verified requests within the timeframe required by applicable law (generally within 45 days, with the possibility of a 45-day extension where reasonably necessary). We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and support our marketing efforts. Cookies are small text files stored on your device when you visit a website.

8.1 Types of Cookies We Use

• Essential Cookies: Necessary for the basic functioning of our website, including shopping cart functionality and user authentication. These cannot be disabled without impacting website performance.
• Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymized information about pages visited, time spent, and navigation paths. We may use tools such as Google Analytics for this purpose.
• Functional Cookies: Allow our website to remember your preferences, such as your location, language settings, and previously viewed items.
• Marketing and Advertising Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns. These may be set by our advertising partners.

8.2 Managing Your Cookie Preferences

You can control and manage cookies in several ways. Most browsers allow you to refuse or delete cookies through their settings. Please note that disabling certain cookies may affect the functionality of our website. You may also opt out of interest-based advertising by visiting the Digital Advertising Alliance's opt-out tool at optout.aboutads.info or the Network Advertising Initiative's opt-out tool at optout.networkadvertising.org.

For more detailed information about the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

9. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes outlined in this Privacy Policy, or as required or permitted by applicable law. The criteria we use to determine appropriate retention periods include:

When personal information is no longer required for its original purpose and is not subject to a legal retention obligation, we will securely delete or anonymize it. Anonymized data may be retained and used indefinitely for statistical and research purposes.

10. Children's Privacy

Our website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from children under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA), or from individuals under the age of 18 without verifiable parental consent.

If you are under 18 years of age, please do not use our website or provide any personal information to us. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your consent, please contact us immediately at [email protected] and we will take prompt steps to delete such information from our records.

We do not condition participation in any activity on the disclosure of more personal information from a child than is reasonably necessary for that activity.

11. California Residents — CCPA/CPRA Rights

If you are a resident of the State of California, you have specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). This section supplements the rest of our Privacy Policy and applies specifically to California consumers.

11.1 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information as defined under the CCPA:

• Identifiers: Such as name, email address, IP address, and account name.
• Commercial Information: Including records of products purchased, ordering history, and purchasing preferences.
• Internet or Other Electronic Network Activity: Including browsing history on our website and interactions with our digital content.
• Geolocation Data: General location derived from IP address or device settings for delivery purposes.
• Inferences: Drawn from the above categories to create a profile about preferences and behaviors.

11.2 Your CCPA/CPRA Rights

As a California consumer, you have the following rights:

• Right to Know: The right to request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: The right to request deletion of personal information we have collected from you, subject to certain exceptions.
• Right to Correct: The right to request correction of inaccurate personal information we maintain about you.
• Right to Opt Out of Sale or Sharing: The right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. To exercise this right, please contact us at [email protected].
• Right to Limit Use of Sensitive Personal Information: The right to limit our use and disclosure of sensitive personal information to certain purposes.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

11.3 Submitting CCPA Requests

To submit a CCPA rights request, please contact us at [email protected] or visit our website at punchs-pizz.rest. We will verify your identity before processing requests, and we aim to respond within 45 calendar days. If we require additional time, we will inform you in writing.

You may designate an authorized agent to submit a rights request on your behalf. The authorized agent must provide written authorization from you, and we may contact you directly to verify the request.

12. International Data Transfers

Punch Pizza operates primarily within the United States. However, some of our third-party service providers and technology partners may process or store data on servers located outside of the United States. If your data is transferred internationally, we ensure that appropriate safeguards are in place to protect your personal information in accordance with applicable U.S. laws and, where applicable, international data protection standards.

By using our website and services, you acknowledge and consent to the potential transfer of your personal information to countries outside your country of residence, which may have different data protection rules. We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

13. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services, including social media platforms, third-party food delivery apps, and payment gateways. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access through our website. The presence of a link to a third-party site does not constitute an endorsement of that site's privacy practices.

14. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Because there is currently no universally accepted standard for how websites should respond to DNT signals, our website does not currently respond to DNT browser signals. We will continue to monitor developments in this area and update our practices if industry standards emerge. You may still manage your tracking preferences through cookie settings and opt-out tools as described in Section 8.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will notify you by:

• Posting the updated policy on our website at punchs-pizz.rest with a new effective date at the top of the page.
• Sending an email notification to the address associated with your account, where appropriate.
• Displaying a prominent notice on our website.

Your continued use of our website or services after the effective date of the revised Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this policy periodically to stay informed about how we protect your information.

16. How to File a Complaint

If you believe that we have not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to contact us first so we can attempt to resolve your concern directly.

16.1 Contacting Us

Please send your complaint or concern to:

• Email: [email protected]
• Website: punchs-pizz.rest

We will acknowledge your complaint within a reasonable time and work to resolve the matter promptly.

16.2 Filing a Complaint with Regulatory Authorities

If you are not satisfied with our response, or if you believe we are processing your personal information in violation of applicable law, you have the right to file a complaint with the relevant data protection or consumer protection authority. In the United States, relevant authorities include:

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team:

We are committed to working with you to achieve a fair resolution of any privacy concern. Our team will make every effort to respond to your inquiry in a timely and professional manner.