Privacy Policy

This Privacy Policy describes how Giordano's ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit and interact with our website located at giordanospizzas.digital (the "Website"), place orders, or otherwise engage with our food services. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and in full compliance with applicable United States privacy laws, including but not limited to the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission (FTC) Act.

Please read this Privacy Policy carefully. By accessing or using our Website, placing an order, or providing us with your personal information, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our Website and services immediately.

1. About Us

Giordano's is a food service business operating through its digital platform at giordanospizzas.digital. We provide online food ordering and related services to customers throughout the United States.

2. Scope of This Privacy Policy

This Privacy Policy applies to all personal information collected by Giordano's through the following channels:

• Our website at giordanospizzas.digital
• Online food ordering and delivery services
• Customer support communications via email, phone, or other contact methods
• Marketing communications, newsletters, and promotional materials
• Loyalty programs, contests, sweepstakes, or surveys
• Any other interaction you may have with our business, whether online or offline

This Privacy Policy does not apply to third-party websites, applications, or services that may be linked to from our Website. We encourage you to review the privacy policies of any third-party platforms you visit.

3. Information We Collect

We collect various categories of personal information depending on how you interact with our Website and services. Below is a detailed breakdown of the types of data we collect:

3.1 Personal Identification Information

When you create an account, place an order, or contact us, we may collect the following personally identifiable information (PII):

• Full name – to identify you and personalize your experience
• Email address – for order confirmations, account management, and marketing communications
• Phone number – for order updates, delivery coordination, and customer support
• Mailing and delivery address – to fulfill and deliver food orders to the correct location
• Date of birth – to verify age eligibility for certain promotions or services
• Username and password – to secure your online account

3.2 Payment and Financial Information

When you make a purchase through our Website, we collect payment-related information necessary to process your transaction, including:

• Credit card or debit card details (processed through secure, PCI-DSS-compliant payment processors)
• Billing address associated with your payment method
• Transaction history and order records

3.3 Usage and Behavioral Data

We automatically collect certain information when you visit or interact with our Website, including:

• Pages visited and content viewed
• Time and date of your visit and duration of sessions
• Search queries entered on our Website
• Referring website or source from which you arrived at our site
• Clickstream data and navigation paths
• Shopping cart contents and order history
• Interaction with promotional emails (opens, clicks)

3.4 Device and Technical Information

We collect technical information about the device and software you use to access our Website:

• IP address and approximate geographic location derived from it
• Browser type, version, and language settings
• Operating system and device type (desktop, mobile, tablet)
• Screen resolution and display settings
• Unique device identifiers and advertising IDs
• Network information and internet service provider (ISP)

3.5 Location Data

With your permission, we may collect precise geolocation data from your device to provide location-based services, such as identifying nearby store locations or facilitating accurate delivery services. You can disable location tracking at any time through your device or browser settings.

3.6 Communications and Customer Support Data

When you contact our customer support team or communicate with us by email, phone, or other means, we may collect and retain:

• The content of your messages, inquiries, and complaints
• Records of correspondence and customer service interactions
• Feedback, reviews, and survey responses you submit

3.7 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing activity on our Website. For a detailed explanation of how we use cookies and your options for managing them, please see Section 9 – Cookie Usage of this Privacy Policy.

3.8 Information Collected from Third Parties

We may also receive personal information about you from third-party sources, including:

• Social media platforms (if you choose to connect your account or interact with our social media pages)
• Third-party food delivery and ordering platforms
• Marketing and advertising partners
• Analytics service providers
• Publicly available databases and commercial data providers

4. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes. Specifically, we use your data to:

4.1 Service Provision and Order Fulfillment

• Process and confirm your food orders and transactions
• Coordinate delivery or pickup of your orders
• Manage your account and provide access to account features
• Send you order confirmation, receipts, and status updates
• Respond to your inquiries and provide customer support
• Resolve disputes, troubleshoot problems, and enforce our agreements

4.2 Analytics and Service Improvement

• Analyze user behavior and trends to understand how our Website is used
• Monitor and improve the performance, functionality, and usability of our Website
• Conduct research and development for new products and features
• Measure the effectiveness of our marketing campaigns
• Identify and fix technical errors or security vulnerabilities

4.3 Marketing and Promotional Communications

• Send you promotional emails, newsletters, and special offers (with your consent or where permitted by law)
• Provide personalized recommendations based on your order history and preferences
• Display targeted advertising on our Website and on third-party platforms
• Administer loyalty programs, contests, giveaways, and surveys

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at [email protected].

4.4 Legal and Compliance Purposes

• Comply with applicable federal, state, and local laws and regulations
• Respond to lawful requests from regulatory authorities or law enforcement agencies
• Protect the legal rights, property, and safety of Giordano's, our customers, and the public
• Detect, prevent, and address fraud, unauthorized activities, and security threats
• Enforce our Terms of Service and other contractual obligations

5. How We Share Your Information

We respect your privacy and do not sell your personal information for monetary consideration. However, we may share your data with certain trusted third parties in the following circumstances:

5.1 Service Providers and Business Partners

We engage third-party service providers who assist us in operating our business and delivering our services. These providers are given access to your personal information only as necessary to perform their services on our behalf and are contractually bound to protect your data. These service providers include:

• Payment processors – to securely process your financial transactions
• Delivery and logistics partners – to fulfill and coordinate food delivery services
• Cloud hosting and IT infrastructure providers – to maintain and operate our Website and systems
• Email and marketing platforms – to send communications and manage campaigns
• Analytics providers (e.g., Google Analytics) – to analyze Website usage and performance
• Customer support software providers – to manage and track support requests

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

• Comply with a legal obligation, court order, subpoena, or other lawful government request
• Cooperate with law enforcement agencies in criminal investigations
• Protect the rights, property, or safety of Giordano's, our users, or the general public
• Prevent or investigate fraud, security breaches, or illegal activities

5.3 Business Transfers

In the event of a merger, acquisition, sale of assets, reorganization, or other business transfer, your personal information may be transferred to the acquiring entity as part of the transaction. We will notify you by email or prominent notice on our Website if such a transfer results in a material change to this Privacy Policy.

5.4 With Your Consent

We may share your personal information with other third parties when you have given us your explicit consent to do so. You may withdraw your consent at any time by contacting us at [email protected].

5.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, analytics, or marketing purposes. This data is not subject to the restrictions in this Privacy Policy.

6. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

• SSL/TLS Encryption: All data transmitted between your browser and our Website is encrypted using industry-standard Secure Sockets Layer (SSL) / Transport Layer Security (TLS) protocols.
• Secure Data Storage: Personal information is stored on secure servers with restricted access controls and firewall protections.
• Access Controls: Access to personal data is limited to authorized personnel who require it for legitimate business purposes. All employees with access to personal data are bound by confidentiality obligations.
• PCI-DSS Compliance: Our payment processing systems comply with Payment Card Industry Data Security Standards to protect your financial information.
• Regular Security Audits: We conduct periodic security assessments and vulnerability testing to identify and address potential risks.
• Incident Response Plan: We maintain a data breach response plan and will notify affected users and relevant authorities as required by applicable law in the event of a security incident.

7. Your Privacy Rights

Depending on your state of residence, you may have specific rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.

7.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA, as amended by the CPRA:

7.2 General Privacy Rights for All U.S. Residents

Regardless of your state of residence, we provide the following rights to all users of our Website:

• Right to Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request that we update or correct inaccurate information in your account.
• Right to Deletion: You may request deletion of your personal data, subject to applicable legal requirements.
• Right to Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
• Right to Opt Out of Marketing: You may unsubscribe from marketing communications at any time.

7.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a verifiable consumer request by:

• Email: [email protected]

We will acknowledge your request within 10 business days and respond substantively within 45 calendar days. If we require additional time (up to a maximum of 90 days total), we will notify you in writing of the extension and the reason for it.

To protect your privacy and security, we may need to verify your identity before processing your request. This may involve confirming details associated with your account or providing additional information to verify that you are the person whose data is being requested.

You may designate an authorized agent to submit requests on your behalf. Authorized agents must provide written authorization signed by you, and we may require additional verification of both the agent's identity and yours.

8. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements. The following general retention periods apply:

When personal information is no longer needed for the purposes described above, we will securely delete, destroy, or anonymize it in accordance with our data retention and disposal procedures.

9. Cookie Usage

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and support our marketing efforts. Cookies are small text files stored on your device when you visit our Website.

9.1 Types of Cookies We Use

• Essential/Strictly Necessary Cookies: Required for the Website to function properly (e.g., session management, shopping cart functionality). These cannot be disabled without affecting core Website features.
• Performance and Analytics Cookies: Help us understand how visitors interact with our Website by collecting aggregated, anonymized usage data (e.g., Google Analytics).
• Functional Cookies: Remember your preferences and settings (e.g., language, location) to personalize your experience.
• Marketing and Advertising Cookies: Track your browsing activity across websites to deliver targeted advertisements relevant to your interests.

9.2 Managing Your Cookie Preferences

You can control and manage cookies in several ways:

• Through our cookie consent banner displayed when you first visit our Website
• By adjusting your browser settings to block or delete cookies
• By opting out of third-party advertising cookies through the Network Advertising Initiative (NAI) opt-out tool or the Digital Advertising Alliance (DAA) opt-out page

Please be aware that disabling certain cookies may affect the functionality of our Website and your ability to use some features. For complete details on our cookie practices, please refer to our full Cookie Policy available on our Website.

10. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not intentionally collect personal information from children under 13 years of age. If we become aware that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take prompt steps to delete such information from our records.

If you are a parent or legal guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected] so we can take appropriate action.

11. International Data Transfers

Giordano's is based in the United States, and our Website is primarily directed to users located within the United States. If you access our Website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where our servers are located and our operations are conducted.

Data protection laws in the United States may differ from those in your country of residence. By using our Website and providing us with your personal information, you acknowledge and consent to the transfer of your data to the United States and its processing under the terms of this Privacy Policy.

We take appropriate measures to ensure that any international transfers of personal data are conducted in accordance with applicable laws and that your information receives adequate protection regardless of where it is processed.

12. Third-Party Links and Services

Our Website may contain links to third-party websites, applications, or services that are not owned or controlled by Giordano's. We are not responsible for the privacy practices of these third parties, and this Privacy Policy does not apply to any information collected by them.

We encourage you to review the privacy policies of any third-party websites or services you visit before providing them with your personal information. The inclusion of a link on our Website does not imply endorsement of the linked site or its privacy practices.

13. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals websites not to track your online browsing activity. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As such, our Website does not currently respond to browser DNT signals.

However, you may opt out of certain types of tracking through our cookie management tools and by adjusting your browser settings. For California residents, please note that our practices regarding the "sale" or "sharing" of personal information are described in Section 7.1 of this Privacy Policy.

14. FTC Compliance and Consumer Protection

We operate in compliance with the Federal Trade Commission (FTC) Act, which prohibits unfair or deceptive acts or practices in commerce. Our privacy and data practices are designed to be transparent, accurate, and consistent with the representations made in this Privacy Policy.

We do not engage in deceptive data collection practices, misrepresent how your data is used, or employ unfair methods to collect, retain, or share personal information. If you believe our practices violate FTC guidelines or any applicable consumer protection law, you have the right to file a complaint with the FTC at www.ftc.gov.

15. Filing a Complaint with a Data Protection Authority

If you believe that we have violated your privacy rights or applicable data protection laws, we encourage you to first contact us directly so that we can address your concerns:

• Email: [email protected]

If you are not satisfied with our response, you have the right to file a complaint with the appropriate regulatory authority based on your location:

15.1 For California Residents

California residents may file complaints with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

• California Privacy Protection Agency (CPPA): cppa.ca.gov
• California Attorney General – Privacy Enforcement: oag.ca.gov/privacy

15.2 For All U.S. Residents

All United States residents may file complaints with the Federal Trade Commission (FTC):

• FTC Complaint Portal: reportfraud.ftc.gov
• FTC Website: www.ftc.gov

16. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or business operations. When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our Website
• Send an email notification to registered users where required by law or where we deem it appropriate

Your continued use of our Website following the posting of an updated Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If changes are significant and require your consent, we will obtain your explicit consent before the changes take effect.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. Our privacy team is available to assist you:

We are committed to resolving privacy inquiries and complaints promptly and effectively. Upon receipt of your inquiry, we will acknowledge your message within 5 business days and work to provide a complete response within the timeframes required by applicable law.