Privacy Policy

1. Introduction

At Punch pizza, we are deeply committed to protecting your privacy and maintaining the confidentiality of your personal information. This Privacy Policy outlines our practices regarding the collection, use, and protection of information when you use our services, visit our website at pizzas-punch.digital, place orders, or interact with us in any capacity.

This policy applies to all services offered by Punch pizza, including our restaurant dining services, online ordering platform, delivery services, catering options, loyalty programs, and any other services we may offer. By using our services, accessing our website, or providing us with your information, you agree to the collection and use of information in accordance with this policy.

Important Note: We never sell, rent, or trade your personal data to third parties for their marketing purposes. Your trust is fundamental to our business, and we are committed to maintaining it through transparent and responsible data practices.

2. Information We Collect

We collect various types of information to provide and improve our services, enhance your dining experience, and maintain effective communication with you.

2.1 Information You Provide to Us

Personal Identification Information: When you create an account, place an order, make a reservation, or contact us, we collect information such as your name, email address, phone number, delivery address, and billing information.

Order History and Preferences: We maintain records of your food orders, including specific menu items, customizations, portion sizes, and frequency of orders to provide personalized recommendations and improve your experience.

Dietary Information: When you provide information about food allergies, dietary restrictions (vegetarian, vegan, gluten-free, halal, kosher), nutritional preferences, or special dietary requirements, we use this information to ensure your safety and satisfaction.

Account Information: Your username, password (encrypted), purchase history, saved payment methods, preferred delivery addresses, and account preferences.

Payment Information: Credit card numbers, billing addresses, and payment preferences. Note that payment card information is encrypted and processed through secure payment processors and is never stored in plain text on our servers.

Communication Records: Information from your contact form submissions, customer service interactions, reviews, feedback, and any other communications you have with us.

Loyalty Program Data: Points earned, rewards redeemed, membership tier status, and participation in special promotions or events.

Reservation and Event Information: Table reservation details, party size, special occasion notes, catering event specifications, and venue requirements.

2.2 Information We Collect Automatically

Device Information: We collect information about the device you use to access our services, including IP address, browser type and version, operating system, device identifiers, and mobile device information.

Usage Data: Information about how you use our website and services, including pages visited, time spent on pages, click patterns, search queries, menu items viewed, and ordering patterns.

Location Data: We collect approximate location information from your IP address to provide location-based services such as delivery options, nearest restaurant locations, and estimated delivery times. With your explicit consent, we may collect precise location data from your mobile device for delivery services.

Cookie and Tracking Data: Information collected through cookies, web beacons, and similar tracking technologies, including session IDs, user preferences, shopping cart contents, and analytical data.

2.3 Information from Third Parties

Social Media Integration: If you choose to connect your social media accounts (Facebook, Google, etc.) with our services, we may receive information from these platforms in accordance with their privacy policies.

Payment Processors: Information from payment service providers to process transactions and prevent fraud.

Delivery Partners: Information from third-party delivery services to coordinate order fulfillment and track deliveries.

Marketing Partners: Information from marketing and advertising partners to measure campaign effectiveness and provide relevant offers.

3. How We Use Your Information

We use your information for various purposes to provide, maintain, and improve our services while ensuring your privacy and security.

3.1 Service Provision

Order Processing and Fulfillment: Processing your food orders, coordinating kitchen preparation, managing delivery logistics, and ensuring accurate and timely service.

Account Management: Creating and maintaining your user account, authenticating your identity, and providing access to your order history and preferences.

Customer Support: Responding to your inquiries, resolving issues, processing refunds or exchanges, and providing assistance with our services.

Quality Improvement: Analyzing usage patterns to improve our menu offerings, optimize our website and mobile applications, and enhance overall service quality.

Personalization: Customizing your experience based on your preferences, dietary requirements, and order history to provide relevant menu suggestions and offers.

3.2 Communication

Order Communications: Sending order confirmations, preparation updates, delivery notifications, and receipt information.

Customer Support: Responding to your questions, concerns, and feedback through various communication channels.

Important Notices: Communicating important information about our services, policy changes, security updates, and other essential notifications.

Marketing Communications: With your explicit consent, sending promotional emails, special offers, new menu announcements, and loyalty program updates. You can opt out at any time.

3.3 Marketing and Analytics

Personalized Advertising: Creating targeted advertising campaigns based on your preferences and behavior to show you relevant promotions and menu items.

Website Analytics: Analyzing traffic patterns, user behavior, and website performance to improve functionality and user experience.

Campaign Measurement: Measuring the effectiveness of our marketing campaigns and promotional activities to optimize future efforts.

Market Research: Conducting research to understand customer preferences, develop new menu items, and improve our services.

3.4 Legal Compliance and Protection

Legal Obligations: Responding to legal requests, court orders, and regulatory requirements as mandated by applicable laws.

Fraud Prevention: Detecting and preventing fraudulent activities, unauthorized access, and other security threats.

Rights Protection: Protecting our rights, property, and safety, as well as those of our customers and employees.

Dispute Resolution: Resolving disputes and enforcing our terms of service and other agreements.

4. Information Sharing and Disclosure

We may share your information in specific circumstances to provide our services and comply with legal obligations, always with appropriate safeguards in place.

4.1 Service Providers

Payment Processors: We share payment information with secure, PCI-DSS compliant payment processors to handle credit card transactions and ensure secure payment processing.

Delivery Services: We share necessary delivery information (name, address, phone number, order details) with our delivery partners and third-party delivery services to fulfill your orders.

Cloud Storage Providers: We use reputable cloud service providers to securely store and process your data with appropriate technical and organizational security measures.

Email Service Providers: We work with email service providers to send you order confirmations, promotional emails, and other communications, always with your consent where required.

Analytics Services: We use analytics tools like Google Analytics to understand website usage and improve our services, with data anonymized where possible.

4.2 Legal Requirements

Legal Process: We may disclose your information in response to subpoenas, court orders, legal proceedings, or other lawful requests from public authorities.

Regulatory Compliance: Sharing information as required to comply with applicable laws, regulations, and industry standards.

Safety and Security: Disclosing information when we believe it is necessary to protect the rights, property, or safety of Punch pizza, our customers, or the public.

Emergency Situations: Sharing information during emergencies or public safety situations as required by law or to protect individuals from harm.

4.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of assets, your information may be transferred to the new entity. We will notify you before your information is transferred and becomes subject to a different privacy policy, giving you the opportunity to delete your account if you disagree with the new terms.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, clearly explaining the purpose and recipient of such sharing before obtaining your agreement.

5. Data Security

We implement comprehensive security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

5.1 Technical Security Measures

Encryption: All data transmitted between your device and our servers is protected using SSL/TLS encryption protocols. Sensitive information is encrypted both in transit and at rest.

Firewall Protection: Our systems are protected by advanced firewall systems that monitor and control incoming and outgoing network traffic based on predetermined security rules.

Access Controls: We implement strict access controls ensuring that only authorized personnel with a legitimate business need can access your personal information.

Security Monitoring: We maintain 24/7 security monitoring systems to detect and respond to potential security threats and unauthorized access attempts.

Regular Backups: We perform regular, secure backups of your data to prevent data loss and ensure business continuity while maintaining the same security standards for backup data.

System Updates: We regularly update our systems, software, and security protocols to address new security vulnerabilities and maintain the highest security standards.

5.2 Organizational Security Measures

Employee Training: All employees receive regular security training on data protection principles, security procedures, and best practices for handling personal information.

Data Handling Procedures: We have established comprehensive procedures governing the collection, processing, storage, and deletion of personal data throughout its lifecycle.

Third-Party Agreements: All third-party service providers are required to sign confidentiality agreements and maintain appropriate security measures when handling your data.

Incident Response Plan: We maintain a comprehensive security incident response plan to quickly address any security breaches or data incidents.

Regular Security Audits: We conduct regular internal and external security audits to identify vulnerabilities and ensure our security measures remain effective.

5.3 Your Security Responsibilities

Strong Passwords: Use strong, unique passwords for your account and avoid sharing them with others.

Account Security: Log out of your account when using shared or public computers, and never share your login credentials.

Suspicious Activity: Be cautious of phishing attempts and suspicious emails claiming to be from us. We will never ask for sensitive information via email.

Report Issues: Immediately report any unauthorized access to your account or suspicious activity to our customer support team.

Security Breach Notification: In the unlikely event of a security breach that may affect your personal information, we will promptly notify you and relevant authorities as required by law, providing information about the incident and steps we are taking to address it.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyze usage patterns, and provide personalized services. The following table outlines the types of cookies we use:

Other Tracking Technologies

Google Analytics: We use Google Analytics to understand how visitors interact with our website, which pages are most popular, and how we can improve user experience.

Facebook Pixel: We use Facebook Pixel to measure the effectiveness of our advertising campaigns and provide personalized ads to users who have visited our website.

Web Beacons: Small transparent images used in emails to track email open rates and measure the effectiveness of our email campaigns.

Local Storage: Browser-based storage used to save user preferences and improve website performance across visits.

Cookie Management

You can control and manage cookies through your browser settings. Most browsers allow you to accept, reject, or delete cookies. However, please note that disabling certain cookies may affect the functionality and user experience of our website.

To manage cookies in popular browsers:

• Chrome: Settings > Privacy and Security > Cookies and other site data
• Firefox: Options > Privacy & Security > Cookies and Site Data
• Safari: Preferences > Privacy > Cookies and website data
• Edge: Settings > Privacy, search, and services > Cookies and site permissions

7. Your Privacy Rights

We respect your privacy rights and provide you with various options to control your personal information in accordance with applicable privacy laws, including GDPR and CCPA.

7.1 Right of Access

You have the right to request access to your personal data that we hold. This includes the right to know what personal information we have about you, how we use it, and with whom we share it.

7.2 Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal information we hold about you. You can update most of your information directly through your account settings.

7.3 Right to Erasure (Right to be Forgotten)

You have the right to request deletion of your personal data under certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected.

7.4 Right to Restrict Processing

You have the right to request that we limit how we process your personal data under certain circumstances, such as when you contest the accuracy of the data.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another data controller.

7.6 Right to Object

You have the right to object to the processing of your personal data, particularly for marketing purposes. You can opt out of marketing communications at any time.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects or significantly affect you.

How to Exercise Your Rights

To exercise any of these rights, you can:

• Contact us using the information provided in Section 13
• Use the privacy controls in your account settings
• Send us a written request with proper identification

We will respond to your request within 30 days and may require additional information to verify your identity before processing certain requests.

8. Children's Privacy

Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16 without parental consent, we will take steps to delete that information promptly.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately using the contact information provided in this policy. We will investigate and take appropriate action to remove the child's information from our systems.

Parents and guardians are encouraged to monitor their children's online activities and help enforce our privacy policy by instructing children never to provide personal information through our services without permission.

9. International Data Transfers

We may transfer your personal information to countries outside your country of residence for processing and storage. We ensure appropriate safeguards are in place to protect your data during international transfers.

9.1 Protection Measures

Adequacy Decisions: We transfer data to countries that have been deemed to provide adequate protection by relevant data protection authorities, such as countries with EU adequacy decisions.

Standard Contractual Clauses (SCCs): For transfers to countries without adequacy decisions, we use Standard Contractual Clauses approved by the European Commission or other appropriate legal mechanisms.

Data Processing Agreements: All third-party processors are required to sign comprehensive data processing agreements that include appropriate safeguards for your data.

Security Measures: We implement appropriate technical and organizational measures to ensure the security of transferred data.

Regular Audits: We regularly audit our international data transfer practices to ensure continued compliance with applicable laws.

9.2 Transfer Destinations

Your data may be transferred to and processed in:

• United States: For cloud storage and data processing services
• European Union: For analytics and marketing services
• Other countries: As necessary to provide our services, always with appropriate protection measures in place

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with legal obligations, and resolve disputes. The following table outlines our retention periods:

Safe Data Disposal

When personal information reaches the end of its retention period, we ensure secure disposal through:

• Complete Electronic Deletion: Digital records are permanently deleted using methods that make recovery impossible
• Physical Record Destruction: Paper records are securely shredded or incinerated
• Backup Data Removal: Information is also removed from all backup systems and archives
• Disposal Documentation: We maintain records of data disposal for compliance purposes

11. Third-Party Links

Our website may contain links to external websites, services, or applications that are not operated by us. This privacy policy does not apply to third-party websites or services.

We are not responsible for the privacy practices or content of third-party websites. These sites may have their own privacy policies and terms of use, and we encourage you to review them before providing any personal information.

When you click on third-party links or interact with third-party content, you are subject to their privacy policies and terms of service. We recommend exercising caution and reviewing the privacy practices of any website you visit.

If you have concerns about third-party websites linked from our site, please contact us, and we will investigate and take appropriate action if necessary.

12. Policy Changes

We may update this privacy policy from time to time to reflect changes in our practices, legal requirements, or business operations.

12.1 Change Notification Methods

Website Notice: We will post a prominent notice on our website announcing any significant changes to this policy.

Email Notification: Registered users will receive email notification of material changes that may affect their rights or how their data is processed.

Account Notification: Users will see a pop-up notification when logging into their account after significant policy changes.

Explicit Consent: For material changes that expand how we use your data, we will obtain your explicit consent before implementing the changes.

12.2 Staying Informed

Regular Review: We encourage you to periodically review this privacy policy to stay informed about how we protect your information.

Last Updated Date: Check the "Last Updated" date at the top of this policy to see when it was last modified.

Continued Use: Your continued use of our services after policy changes indicates your acceptance of the updated terms.

Disagreement Options: If you disagree with policy changes, you have the option to discontinue using our services and request deletion of your account.

13. Contact Information

If you have questions, concerns, or requests regarding this privacy policy or our data practices, please contact us using the following information:

Company: Punch pizza
Address: 751 Key Hwy, Baltimore, MD 21230, USA
Phone: +1 443-940-6610
Email: [email protected]
Business Hours: Monday - Friday: 9:00 AM - 6:00 PM (EST)

Response Commitment: We are committed to responding to your privacy-related inquiries within 3 business days. For complex requests, we may require additional time but will keep you informed of our progress.

13.1 Filing Complaints

We encourage you to contact us directly with any privacy concerns so we can work together to resolve them. If you are not satisfied with our response or believe we have not adequately addressed your concerns, you have the right to file a complaint with the relevant supervisory authority in your jurisdiction.

For EU Residents: You can contact your local Data Protection Authority or file a complaint with the authority in the country where you believe the violation occurred.

For US Residents: You can contact the Federal Trade Commission (FTC) or your state's Attorney General's office.

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing activities that are based on consent at any time.

14.1 Marketing Consent Withdrawal

To stop receiving marketing communications from us, you can:

• Email Unsubscribe: Click the "unsubscribe" link in any marketing email we send you
• Account Settings: Update your communication preferences in your account dashboard
• Customer Support: Contact our customer support team to opt out of all marketing communications
• Phone: Call us at +1 443-940-6610 to request removal from marketing lists

14.2 Account Deletion Process

To delete your account and associated data:

1. Log into your account and navigate to account settings
2. Select "Delete Account" and follow the verification process
3. Alternatively, contact customer support to request account deletion
4. We will confirm the deletion request via email
5. Account data will be deleted within 30 days, subject to legal retention requirements

Important Note: Some information may be retained for legal compliance, fraud prevention, or dispute resolution as outlined in our data retention policy.

15. Conclusion

At Punch pizza, protecting your privacy and personal information is not just a legal obligation—it's a fundamental part of building and maintaining trust with our valued customers. We understand that when you choose to dine with us, order our food, or engage with our services, you're placing your trust in us, and we take that responsibility seriously.

This privacy policy represents our commitment to transparency, accountability, and respect for your privacy rights. We continuously review and improve our data protection practices to ensure they meet the highest standards and reflect the evolving privacy landscape.

Your relationship with us is built on more than just great food—it's built on mutual trust and respect. We believe that by being transparent about our data practices and providing you with meaningful control over your personal information, we can continue to serve you better while protecting what matters most to you.

If you have any questions about this policy, our data practices, or how we can better serve your privacy needs, please don't hesitate to contact us. We're here to help and ensure your experience with Punch pizza is exceptional in every way.

Thank you for choosing Punch pizza and for trusting us with your personal information. We look forward to continuing to serve you with the same commitment to quality and privacy that defines our brand.

Please remember to check this policy periodically for updates. The "Last Updated" date at the top of this document indicates when the policy was last revised.