Privacy Policy

Welcome to Giordanos. This Privacy Policy explains how Giordanos ("we," "us," "our," or "the Company") collects, uses, discloses, and protects your personal information when you visit our website at giordanos-meal.top, place orders, or otherwise interact with our food services. We are committed to protecting your privacy and handling your personal data in a transparent, lawful, and responsible manner.

By accessing or using our website, placing an order, or communicating with us in any way, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with the terms outlined herein, please discontinue use of our website and services immediately.

This Privacy Policy is governed by applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable consumer protection regulations.

1. About Us

Giordanos is a food service business operating in the United States. Our contact details are as follows:

For any questions, concerns, or requests regarding this Privacy Policy or your personal data, you may contact us at any time using the email address listed above.

2. Information We Collect

We collect various types of information in connection with your use of our website and services. This information falls into several categories as described below.

2.1 Personal Identification Information

When you place an order, create an account, subscribe to our newsletter, or contact us directly, we may collect personal identification information, including but not limited to:

• Full name
• Email address
• Telephone or mobile number
• Billing and delivery address
• Payment information (processed securely through third-party payment processors; we do not store full card details)
• Account login credentials (username and encrypted password)
• Order history and food preferences
• Special dietary requirements or allergy information you voluntarily provide

2.2 Usage Data and Website Activity

When you visit our website at giordanos-meal.top, we automatically collect certain technical and usage information, including:

• Internet Protocol (IP) address
• Browser type and version
• Operating system and device type
• Pages visited and time spent on each page
• Referring website or URL
• Clickstream data and navigation patterns
• Date and time of your visit
• Search terms entered on our website
• Links clicked and menu items viewed

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage objects, and similar tracking technologies to enhance your experience on our website. Cookies allow us to recognize you as a returning visitor, remember your preferences, and analyze how you interact with our content. Please refer to our dedicated Cookie Policy for detailed information about the types of cookies we use and how to manage your preferences.

You may adjust your browser settings to refuse cookies or receive alerts when cookies are being sent. However, please note that disabling certain cookies may affect the functionality of some features on our website.

2.4 Device Information

We may collect information about the device you use to access our website, including:

• Device model and manufacturer
• Mobile network information
• Screen resolution and display settings
• Unique device identifiers (such as IMEI or advertising ID)
• Mobile operating system version

2.5 Communications and Feedback

If you contact us via email, phone, or through online forms, we may retain records of those communications, including any attachments, feedback, reviews, or complaint information you provide. This helps us respond to your inquiries efficiently and improve our services.

2.6 Information From Third Parties

We may receive information about you from third-party sources, such as social media platforms (if you connect your account or share our content), delivery partners, marketing affiliates, or analytics providers. This information is combined with data we collect directly from you to provide a more complete picture of our customers and improve our offerings.

3. How We Use Your Information

We use the information collected for the following lawful purposes:

3.1 Service Provision and Order Fulfillment

• Processing and fulfilling food orders placed through our website
• Communicating order confirmations, updates, and delivery notifications
• Managing your customer account and preferences
• Processing payments through secure, third-party payment gateways
• Coordinating delivery logistics and addressing special requests
• Handling returns, refunds, and customer complaints

3.2 Analytics and Service Improvement

• Analyzing website traffic, usage patterns, and customer behavior to improve our platform
• Conducting internal research and development to enhance menu offerings and user experience
• Monitoring and evaluating the performance of our website
• Identifying technical issues and troubleshooting errors
• Testing new features, designs, and service models

3.3 Marketing and Communications

• Sending you promotional offers, discounts, and news about new menu items (only where you have provided consent or where permitted by applicable law)
• Personalizing content, recommendations, and advertisements based on your preferences and browsing history
• Administering loyalty programs, surveys, and contests
• Retargeting you with relevant advertisements on third-party platforms

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us directly at [email protected].

3.4 Legal Compliance and Safety

• Complying with applicable laws, regulations, and legal obligations under United States federal and state law
• Responding to lawful requests from government authorities, law enforcement agencies, or courts
• Enforcing our Terms of Service and other policies
• Detecting and preventing fraud, unauthorized access, and other illegal activities
• Protecting the rights, property, and safety of our company, customers, and the general public

4. Legal Basis for Processing

In accordance with applicable United States privacy laws, including the CCPA/CPRA, we process your personal information under the following lawful bases:

• Contractual Necessity: Processing is necessary to fulfill orders and provide services you have requested from us.
• Legitimate Interests: We process data for our legitimate business interests, including improving our services, preventing fraud, and marketing our products, provided such interests do not override your fundamental rights and freedoms.
• Consent: Where required by law, we obtain your explicit consent before processing certain types of data, particularly for marketing communications and the use of non-essential cookies.
• Legal Obligation: We process data when required by law to fulfill regulatory requirements or respond to enforceable legal demands.

5. Data Sharing With Third Parties

We do not sell your personal information to third parties. However, we may share your data with the following categories of recipients under specific and controlled circumstances:

5.1 Service Providers and Business Partners

We engage trusted third-party companies to assist us in operating our business, including:

• Payment Processors: To securely process credit card and electronic payments on our behalf.
• Delivery and Logistics Partners: To fulfill food delivery orders and track shipments.
• Email Marketing Platforms: To manage and send promotional communications.
• Cloud Hosting Providers: To store and manage our website data securely.
• Analytics Providers: Such as Google Analytics, to analyze website usage and performance.
• Customer Support Tools: To manage inquiries and resolve complaints efficiently.

All third-party service providers are contractually obligated to handle your personal information in accordance with applicable privacy laws and to use it only for the specific purposes for which it was disclosed.

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law or in response to valid requests by public authorities (e.g., a court order, subpoena, or government agency request). We may also disclose data to:

• Enforce our legal rights or defend against legal claims
• Investigate or prevent suspected illegal activity or violations of our policies
• Protect the safety and security of our customers, employees, or the public

5.3 Business Transfers

In the event of a merger, acquisition, sale of assets, or other business restructuring, your personal information may be transferred to the acquiring entity or successor company. We will notify you via email or a prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

5.4 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with business partners, researchers, or the public for purposes such as market research, trend analysis, or industry reporting.

6. Data Security Measures

We take the security of your personal information seriously and implement a range of technical, organizational, and administrative safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers.
• Access Controls: Access to personal data is restricted to authorized personnel only, on a need-to-know basis, and protected by strong authentication protocols.
• Firewalls and Intrusion Detection: Our infrastructure is protected by firewalls and continuous intrusion detection systems to monitor for suspicious activity.
• Regular Security Audits: We conduct periodic security assessments and vulnerability testing to identify and remediate potential risks.
• Payment Security: We do not store full payment card details on our servers. Payment transactions are processed by PCI DSS-compliant third-party payment processors.
• Employee Training: All staff with access to personal data receive regular training on data protection best practices and security protocols.
• Incident Response: We maintain a data breach response plan to quickly identify, contain, and notify affected individuals in the event of a security incident, in accordance with applicable legal requirements.

7. Your Privacy Rights

Depending on your state of residence within the United States, you may have specific privacy rights under applicable law. In particular, California residents have rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These rights may include:

7.1 Right to Know and Access

You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared.

7.2 Right to Correction

You have the right to request that we correct inaccurate personal information we hold about you. We will take reasonable steps to verify your identity and update the information accordingly.

7.3 Right to Deletion

You have the right to request that we delete personal information we have collected from you, subject to certain exceptions permitted by law (such as when the data is necessary to complete a transaction, comply with legal obligations, or detect and prevent fraud).

7.4 Right to Data Portability

Where technically feasible and required by applicable law, you have the right to receive a copy of your personal information in a structured, commonly used, and machine-readable format and to transmit that data to another service provider.

7.5 Right to Opt Out of Sale or Sharing

We do not sell personal information. However, to the extent that any sharing of your data for cross-context behavioral advertising constitutes a "sale" or "sharing" under the CCPA/CPRA, you have the right to opt out of such practices.

7.6 Right to Limit Use of Sensitive Personal Information

California residents have the right to limit the use and disclosure of sensitive personal information (such as precise geolocation data or financial information) to only those purposes necessary to provide the requested services.

7.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge you different prices, or provide a different quality of service as a result of exercising your rights under this policy or applicable law.

7.8 How to Exercise Your Rights

To submit a request to exercise any of the rights described above, please contact us using one of the following methods:

• Email: [email protected]
• Website: giordanos-meal.top

We will verify your identity before processing any request and will respond within the timeframes required by applicable law (generally within 45 days, with the possibility of a 45-day extension where reasonably necessary). You may designate an authorized agent to submit requests on your behalf, provided appropriate verification is completed.

8. Cookie Policy Summary

Our website uses cookies and similar tracking technologies to improve your browsing experience, analyze traffic, and deliver personalized content and advertisements. Cookies are small text files stored on your device when you visit our website.

We use the following types of cookies:

You can manage your cookie preferences through your browser settings or by using our cookie consent tool on the website. Please note that blocking certain cookies may impact the functionality of our website.

9. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. The specific retention periods vary depending on the type of data and the purpose for which it was collected:

After the applicable retention period, we will securely delete or anonymize your personal information in a manner that prevents reconstruction or identification.

10. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable laws, we do not intentionally collect personal information from minors. If you are under 18 years of age, you are not permitted to use our website or provide any personal information to us.

If we become aware that we have inadvertently collected personal information from a child under the age of 18 without verifiable parental consent, we will take immediate steps to delete such information from our records. If you believe we may have collected information from a minor, please contact us immediately at [email protected], and we will investigate and address the matter promptly.

Parents or guardians who discover that their child has provided personal information to us without their consent are encouraged to contact us so that we can delete the information without delay.

11. International Data Transfers

Giordanos operates within the United States, and the personal information we collect is primarily processed and stored on servers located within the United States. However, some of our third-party service providers, partners, or technology vendors may be located in or operate from countries outside the United States.

When we transfer personal data internationally, we take appropriate steps to ensure that such transfers comply with applicable laws and that your information receives an adequate level of protection. These steps may include:

• Entering into Standard Contractual Clauses (SCCs) or similar contractual safeguards with the receiving party
• Verifying that the recipient country provides an adequate level of data protection recognized under applicable law
• Implementing additional technical safeguards such as encryption during data transit

By using our website and providing us with your personal information, you acknowledge and agree that your information may be transferred to, stored in, and processed in the United States or other countries as described in this section.

12. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, or integrated services (such as payment gateways and delivery tracking tools) that are not owned or controlled by Giordanos. This Privacy Policy applies only to information collected by our website and services.

We are not responsible for the privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party websites you visit through links on our platform. The inclusion of a link to a third-party website does not imply our endorsement of that site or its privacy practices.

13. Your California Privacy Rights (CCPA/CPRA)

If you are a resident of California, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), which came into full effect on January 1, 2023. These rights are in addition to those described in Section 7 of this policy and include:

• Right to Know: Request disclosure of personal information collected, used, disclosed, or sold over the past 12 months.
• Right to Delete: Request deletion of personal information collected, subject to applicable exceptions.
• Right to Correct: Request correction of inaccurate personal information.
• Right to Opt Out of Sale/Sharing: Direct us not to sell or share your personal information for cross-context behavioral advertising.
• Right to Limit Sensitive Data Use: Limit the use of sensitive personal information to what is necessary to perform the requested service.
• Right to Non-Discrimination: Receive equal service and price regardless of your privacy choices.

To exercise these rights, please contact us at [email protected]. We will respond to verifiable consumer requests within 45 days, as required by the CCPA/CPRA.

14. Filing a Complaint

If you believe that we have not adequately addressed your privacy concerns or have violated applicable data protection laws, you have the right to file a complaint with the relevant authorities.

14.1 California Residents

California residents may file a complaint with the California Privacy Protection Agency (CPPA), the state agency responsible for enforcing the CCPA/CPRA:

• Agency: California Privacy Protection Agency
• Website: cppa.ca.gov

14.2 All United States Consumers

Consumers across the United States may contact the Federal Trade Commission (FTC) to report unfair or deceptive trade practices related to privacy:

• Agency: Federal Trade Commission
• Website: ftc.gov
• Complaint Portal: reportfraud.ftc.gov

Before filing a complaint with any regulatory authority, we encourage you to first contact us directly at [email protected] so that we have the opportunity to resolve your concern promptly and effectively.

15. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by:

• Updating the "Last Updated" date at the top of this policy
• Posting a prominent notice on our website homepage
• Sending an email notification to registered users where required by law

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services following the posting of any changes constitutes your acceptance of those changes.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team:

We are committed to resolving your privacy inquiries in a timely and satisfactory manner. We will acknowledge receipt of your inquiry within 5 business days and provide a substantive response within the timeframes required by applicable law.