Privacy Policy

This Privacy Policy describes how Punch Pizza ("we," "us," "our," or "the Company") collects, uses, discloses, and protects your personal information when you visit our website at punchpizzamenu.rest, place orders, interact with our digital services, or otherwise engage with us. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and respect.

Please read this Privacy Policy carefully. By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described herein. If you do not agree with this Privacy Policy, please discontinue use of our website and services immediately.

This Privacy Policy is governed by applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable consumer protection regulations.

1. About Us

Punch Pizza is a food service business operating in the United States. We provide pizza and related food products and services to consumers through our physical locations and digital platforms.

2. Information We Collect

We collect various types of information in connection with your use of our website and services. This collection occurs both directly (when you provide information to us) and automatically (when you browse our site or interact with our digital tools).

2.1 Personal Information You Provide Directly

When you interact with our website or services, you may voluntarily provide us with personal information, including:

• Identity Information: First and last name, username, or similar identifier.
• Contact Information: Email address, telephone number, delivery address, and billing address.
• Account Credentials: Username and password if you create an account on our platform.
• Order and Transaction Information: Details about the food items you order, your order history, special dietary instructions, and preferences you communicate to us.
• Payment Information: Credit or debit card numbers, billing details, and other financial information necessary to process your payments. Note: We do not store full payment card details on our servers. Payment processing is handled by trusted third-party payment processors who are PCI-DSS compliant.
• Communications: Messages, feedback, reviews, complaints, or other communications you send to us via email, contact forms, or customer service channels.
• Marketing Preferences: Your preferences for receiving marketing communications from us.
• Loyalty and Rewards Information: Participation data if you join any loyalty, rewards, or promotional program we operate.

2.2 Information Collected Automatically

When you visit our website, certain information is collected automatically through cookies, web beacons, and similar tracking technologies. This includes:

• Usage Data: Pages you visit, links you click, time spent on each page, referring URLs, and navigation paths through our website.
• Device Information: Device type (desktop, mobile, tablet), operating system, browser type and version, screen resolution, and device identifiers.
• Network Information: IP address, internet service provider (ISP), geographic location (at the city or region level derived from your IP address), and connection type.
• Cookie and Tracking Data: Information stored in or retrieved from cookies and similar technologies placed on your browser. Please see Section 9 (Cookie Usage) for more details.
• Log Files: Server log files that record requests made to our servers, error logs, and other technical data used for system administration and security monitoring.
• Interaction Data: Clickstream data, search queries made within our website, items added to your cart, and other engagement metrics.

2.3 Information from Third Parties

We may also receive information about you from third-party sources, including:

• Delivery platforms and third-party food ordering services that process orders on our behalf.
• Social media platforms if you engage with our content or log in using social media authentication.
• Analytics providers that supply aggregated or anonymized insights about how users interact with websites similar to ours.
• Marketing partners and advertising networks that share information relevant to advertising preferences and demographics.
• Business partners with whom we collaborate on promotions, events, or joint ventures, where you have consented to share your information with those partners.

2.4 Sensitive Personal Information

We generally do not seek to collect sensitive personal information such as government identification numbers, precise geolocation data beyond what is necessary for delivery purposes, health information, racial or ethnic origin, or religious beliefs. To the extent that any sensitive information is collected (for example, dietary restrictions related to health conditions), we handle such data with additional care and in compliance with applicable law.

3. How We Use Your Information

We use the personal information we collect for the following purposes, always ensuring that each use is grounded in a legitimate legal basis under applicable United States privacy law:

3.1 Service Provision and Order Fulfillment

• Processing your food orders and coordinating delivery or pickup services.
• Managing your account if you choose to create one on our platform.
• Sending you order confirmations, receipts, and status updates.
• Resolving complaints, handling returns, or addressing customer service inquiries.
• Personalizing your experience on our website, such as remembering your previous orders or food preferences.

3.2 Payment Processing

• Facilitating secure payment transactions for orders placed through our website.
• Detecting, preventing, and investigating fraudulent transactions or unauthorized use of our payment systems.

3.3 Analytics and Website Improvement

• Analyzing how visitors navigate and use our website to improve its design, functionality, and content.
• Conducting internal research and analytics to understand customer preferences and behavior.
• Monitoring website performance, diagnosing technical issues, and maintaining system security.
• Developing new products, services, and features based on user feedback and usage patterns.

3.4 Marketing and Promotional Communications

• Sending you marketing emails, newsletters, special offers, and promotional materials about our products and services, where you have consented to receive such communications or where permitted by applicable law.
• Displaying targeted advertisements on our website and on third-party platforms based on your interests and online behavior.
• Administering loyalty programs, contests, sweepstakes, and other promotional activities.
• Measuring the effectiveness of our marketing campaigns and communications.

3.5 Legal Compliance and Safety

• Complying with applicable federal, state, and local laws and regulations.
• Responding to lawful requests from government authorities, law enforcement agencies, or courts.
• Protecting the rights, property, and safety of our customers, employees, and the general public.
• Enforcing our Terms of Service and other applicable agreements.
• Detecting and preventing security breaches, fraud, and other harmful activities.

3.6 Business Operations

• Managing our internal business operations, including accounting, record-keeping, and auditing.
• Conducting due diligence in connection with potential business transactions such as mergers, acquisitions, or asset sales.

4. Sharing Your Information with Third Parties

We respect your privacy and do not sell your personal information for monetary compensation. However, we may share your information with certain trusted third parties under the circumstances described below.

4.1 Service Providers

We engage third-party service providers who perform functions on our behalf. These providers have access to your personal information only as necessary to perform their services and are contractually obligated to keep your information confidential and secure. Service providers include:

• Payment Processors: Companies that securely process credit and debit card transactions on our behalf.
• Delivery Partners: Third-party delivery services or logistics companies that fulfill food delivery orders.
• Cloud and Hosting Providers: Companies that provide our website hosting, data storage, and infrastructure services.
• Email and Communication Platforms: Services used to send transactional and marketing emails on our behalf.
• Analytics Providers: Platforms such as Google Analytics that help us understand how our website is used.
• Customer Support Tools: Software platforms used to manage customer service communications.
• Marketing and Advertising Partners: Platforms that assist us in delivering targeted advertising campaigns.

4.2 Business Transfers

If Punch Pizza undergoes a merger, acquisition, restructuring, sale of assets, or bankruptcy proceeding, your personal information may be transferred as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.3 Legal Obligations and Law Enforcement

We may disclose your personal information to law enforcement agencies, government authorities, courts, or other third parties when we believe in good faith that disclosure is necessary to:

• Comply with a legal obligation, subpoena, court order, or governmental request.
• Protect the rights or property of Punch Pizza.
• Prevent or investigate potential wrongdoing in connection with our services.
• Protect the personal safety of our users, employees, or members of the public.
• Protect against legal liability.

4.4 With Your Consent

We may share your personal information with additional third parties when you have given us your explicit consent to do so. You may withdraw such consent at any time by contacting us at [email protected].

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other purposes. This does not constitute the sharing of personal information.

5. Data Security Measures

We take the security of your personal information seriously and implement a variety of technical and organizational measures designed to protect your data from unauthorized access, use, disclosure, alteration, or destruction. Our security practices include:

5.1 Technical Safeguards

• Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers. Sensitive data stored on our systems is encrypted at rest using industry-standard encryption protocols.
• Firewalls and Intrusion Detection: Our network infrastructure is protected by firewalls and intrusion detection systems to prevent unauthorized access.
• Secure Payment Processing: Payment transactions are processed through PCI-DSS compliant third-party payment processors. We do not store full payment card numbers on our servers.
• Access Controls: Access to personal information is restricted to authorized personnel who require it to perform their job functions. We implement role-based access controls and require strong authentication mechanisms.
• Regular Security Testing: We conduct periodic security assessments, vulnerability scans, and penetration testing to identify and remediate potential weaknesses in our systems.

5.2 Organizational Safeguards

• Employee Training: Our staff receive regular training on data privacy and security best practices.
• Data Minimization: We collect only the personal information that is necessary for the purposes for which it is collected.
• Vendor Management: We carefully vet third-party service providers and require them to maintain appropriate security standards through contractual agreements.
• Incident Response: We maintain an incident response plan to address potential data breaches promptly and in accordance with applicable law.

Despite our best efforts, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security of your information. If you have reason to believe that your interaction with us is no longer secure, please notify us immediately at [email protected].

6. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights with respect to your personal information. We are committed to honoring these rights and providing you with mechanisms to exercise them.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the purposes for which we use it, the categories of third parties with whom we share it, and the sources from which we collected it.
• Right to Delete: You have the right to request that we delete personal information we have collected about you, subject to certain exceptions (such as when the information is necessary to complete a transaction or comply with a legal obligation).
• Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: While we do not sell your personal information for monetary consideration, certain sharing of personal information with advertising partners may be considered a "sale" or "sharing" under California law. You have the right to opt out of such practices.
• Right to Limit Use of Sensitive Personal Information: You have the right to direct us to limit our use and disclosure of sensitive personal information to what is necessary to perform the services you request.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide you with a different quality of service as a result of your exercise of these rights.

6.2 General Privacy Rights for All Users

Regardless of your location, we aim to provide all users with the following rights:

• Right of Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request that we update or correct any inaccurate or incomplete personal information we hold about you.
• Right to Deletion: You may request that we delete your personal information, subject to applicable legal requirements and legitimate business needs.
• Right to Data Portability: Where technically feasible, you may request that we provide your personal information in a structured, commonly used, and machine-readable format so that you can transfer it to another service provider.
• Right to Withdraw Consent: Where our processing of your personal information is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Right to Opt-Out of Marketing: You may opt out of receiving marketing communications from us at any time by clicking the "unsubscribe" link in our emails or by contacting us directly.

6.3 How to Exercise Your Rights

To exercise any of the rights described above, please contact us using the following methods:

• Email: [email protected]
• Website: punchpizzamenu.rest

We will verify your identity before processing your request to protect the security of your personal information. You may designate an authorized agent to make a request on your behalf, in which case we may require written proof of that authorization. We will respond to your request within 45 days, with a possible extension of an additional 45 days where necessary, as permitted by applicable law.

7. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable law. Our general retention periods are as follows:

After the applicable retention period expires, we will securely delete, destroy, or anonymize your personal information in accordance with our data disposal procedures. In some cases, we may retain data longer if required by law, or to resolve disputes, enforce agreements, or address legitimate legal claims.

8. Children's Privacy

Our website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from children under the age of 18.

We do not knowingly collect personal information from children under 13 as governed by the Children's Online Privacy Protection Act (COPPA). If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take immediate steps to delete that information from our records.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. We will investigate and take appropriate action, including deletion of the relevant data.

We encourage parents and guardians to monitor their children's online activities and to help enforce this Privacy Policy by instructing their children never to provide personal information on our website without parental permission.

9. Cookie Usage

Our website uses cookies and similar tracking technologies (such as web beacons, pixel tags, and local storage) to enhance your browsing experience, analyze website traffic, and deliver relevant content and advertising.

9.1 Types of Cookies We Use

• Essential Cookies: These cookies are necessary for the basic functioning of our website. They enable core features such as shopping cart functionality, user authentication, and security. You cannot opt out of these cookies without affecting website functionality.
• Performance and Analytics Cookies: These cookies collect information about how visitors use our website, such as which pages are most visited and whether users encounter error messages. We use this data to improve our website's performance.
• Functionality Cookies: These cookies allow our website to remember your preferences (such as your location or language) to provide a more personalized experience.
• Marketing and Advertising Cookies: These cookies track your browsing activity across websites to help us deliver more relevant advertisements. They may be placed by us or by our advertising partners.

9.2 Managing Your Cookie Preferences

You can manage your cookie preferences through your browser settings. Most browsers allow you to refuse or accept cookies, delete existing cookies, and set preferences for certain types of cookies. Please note that restricting cookies may impact your experience on our website.

You can also opt out of interest-based advertising through industry tools such as the Digital Advertising Alliance's opt-out tool at optout.aboutads.info or the Network Advertising Initiative at optout.networkadvertising.org.

For full details about the cookies we use and how to manage them, please refer to our Cookie Policy available on our website at punchpizzamenu.rest.

10. International Data Transfers

Punch Pizza operates primarily within the United States. However, some of our third-party service providers and partners may be located in, or operate from, countries outside the United States. When we transfer personal information to countries that may not provide the same level of data protection as your home country, we take appropriate safeguards to ensure your information remains protected.

Such safeguards may include:

• Entering into data processing agreements with service providers that incorporate standard contractual clauses or other legally recognized transfer mechanisms.
• Selecting service providers who participate in recognized data protection frameworks.
• Conducting due diligence to ensure that recipient countries or organizations provide adequate protection for personal data.

By using our website and services, you acknowledge that your personal information may be transferred to and processed in countries outside your country of residence. We will always handle your information in accordance with this Privacy Policy, regardless of where it is processed.

11. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not operated or controlled by Punch Pizza. These may include social media platforms, partner websites, delivery platforms, or review sites. This Privacy Policy does not apply to such third-party services, and we are not responsible for their privacy practices.

We encourage you to review the privacy policies of any third-party services you access through links on our website. The inclusion of a link to a third-party website does not imply our endorsement of that website or its privacy practices.

12. Do Not Track Signals

Some web browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked across different websites. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As a result, our website does not currently respond to DNT browser signals.

However, you can manage your tracking preferences through cookie settings and opt-out tools as described in Section 9 of this Privacy Policy. We will continue to monitor developments in DNT standards and update our practices accordingly.

13. Marketing Communications

With your consent or where otherwise permitted by applicable law, we may send you promotional emails, newsletters, special offers, and updates about our products, services, and events. Each marketing email we send includes an easy way to opt out of future marketing communications.

To opt out of marketing communications, you may:

• Click the "Unsubscribe" link at the bottom of any marketing email we send you.
• Contact us at [email protected] with the subject line "Unsubscribe."

Please note that even after opting out of marketing communications, you may still receive transactional or service-related emails (such as order confirmations, receipts, and account notifications) that are necessary for the provision of our services.

14. How to File a Complaint

If you believe that your privacy rights have been violated or that we have failed to comply with this Privacy Policy or applicable privacy laws, we encourage you to contact us first so that we can attempt to resolve the matter directly.

14.1 Contact Us

Please submit your complaint or privacy concern to:

We will acknowledge receipt of your complaint within 10 business days and aim to resolve all privacy concerns within 45 days. If we require additional time, we will notify you of the extension and the reason for it.

14.2 Regulatory Complaints

If you are not satisfied with our response or believe we are not addressing your concern adequately, you have the right to file a complaint with the relevant regulatory authority:

• Federal Trade Commission (FTC): The FTC enforces consumer protection laws, including online privacy practices. You may file a complaint at ftc.gov/complaint or by calling 1-877-FTC-HELP (1-877-382-4357).
• California Privacy Protection Agency (CPPA): If you are a California resident, you may file a complaint with the California Privacy Protection Agency, which enforces the CCPA/CPRA. Visit cppa.ca.gov for more information.
• Your State Attorney General: Many state attorneys general have the authority to investigate privacy complaints. You may contact your state's attorney general's office for guidance on filing a complaint.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, legal requirements, or for other operational reasons. When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this page.
• Post the revised Privacy Policy on our website at punchpizzamenu.rest.
• Where required by law or where the changes are significant, provide you with more prominent notice, such as a banner on our website or an email notification.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after the posting of any revised Privacy Policy constitutes your acceptance of the updated terms.

16. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and transparently.