Privacy Policy

Welcome to Dions. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website pizzdion.digital, place orders, or interact with our food services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site immediately.

This Privacy Policy applies to all information collected through our website (pizzdion.digital), and any related services, sales, marketing, or events (collectively referred to as the "Services").

1. Who We Are

Dions is a food business operating in the United States. We are the data controller responsible for your personal information collected through our website and related services.

For any privacy-related questions, concerns, or requests, you may contact us at the email address listed above. We are dedicated to responding promptly and thoroughly to all inquiries.

2. Information We Collect

We collect various types of information in connection with your use of our Services. This information helps us provide better food service experiences and improve our platform. The categories of data we collect are outlined below.

2.1 Personal Information You Provide to Us

When you use our Services, you may voluntarily provide us with personally identifiable information, including but not limited to:

• Full Name: Used to identify you and personalize your experience.
• Email Address: Used for order confirmations, account management, and marketing communications (where consented).
• Phone Number: Used for delivery coordination and customer service purposes.
• Billing and Delivery Address: Used to process and deliver food orders accurately.
• Payment Information: Credit or debit card details, processed through secure, PCI-compliant third-party payment processors. We do not store full card numbers on our servers.
• Account Credentials: Username and password if you create an account with us.
• Dietary Preferences and Special Instructions: Information you voluntarily share when placing food orders.
• Customer Support Communications: Records of your communications when you contact our support team.

2.2 Information Collected Automatically

When you access and use our website, certain information is collected automatically through technical means, including:

• IP Address: Your internet protocol address, which helps us identify your general geographic location and prevent fraudulent activity.
• Browser Type and Version: Information about the web browser you use to access our site.
• Operating System: The operating system running on your device.
• Device Information: Device type (mobile, tablet, desktop), screen resolution, and device identifiers.
• Referring URLs: The website or source that directed you to our site.
• Pages Visited: Records of the pages you view, how long you spend on each page, and the sequence of pages visited.
• Time and Date of Visits: Timestamps of when you access our website.
• Clickstream Data: Information about the links you click and actions you take on our platform.
• Search Queries: Any searches you perform within our website.

2.3 Information Collected Through Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing behavior. These tools help us recognize you, remember your preferences, analyze traffic, and deliver personalized content. For full details about our use of cookies, please refer to our Cookie Policy available on our website.

Types of cookies we use include:

• Strictly Necessary Cookies: Essential for the website to function properly and cannot be disabled.
• Performance and Analytics Cookies: Help us understand how visitors interact with our site (e.g., Google Analytics).
• Functional Cookies: Remember your preferences such as language settings and saved cart items.
• Targeting and Advertising Cookies: Used to display relevant advertisements and measure campaign effectiveness.

2.4 Information from Third Parties

We may receive information about you from third-party sources, such as:

• Social media platforms (if you connect your social accounts or interact with our social media content)
• Payment processors and financial institutions
• Delivery and logistics partners
• Marketing and analytics service providers
• Publicly available databases

3. How We Use Your Information

We use the information we collect for various legitimate purposes related to the operation of our food business and improvement of our Services. Specifically, we use your information to:

3.1 Service Provision and Order Fulfillment

• Process and fulfill your food orders accurately and efficiently
• Coordinate delivery logistics and communicate order status updates
• Manage your account and provide customer support
• Process payments and issue refunds or credits when applicable
• Verify your identity and prevent fraudulent transactions
• Respond to your inquiries, comments, and requests

3.2 Analytics and Service Improvement

• Analyze usage patterns and trends to improve our website and user experience
• Monitor and analyze the effectiveness of our menu offerings and promotions
• Conduct research and development to enhance our products and services
• Identify technical issues and troubleshoot problems with our platform
• Generate aggregate, anonymized reports for internal business analysis

3.3 Marketing and Communications

• Send promotional offers, discounts, and special deals via email, SMS, or push notifications (where you have provided consent)
• Deliver personalized menu recommendations based on your order history and preferences
• Conduct surveys and gather feedback to improve our services
• Administer loyalty programs, contests, and sweepstakes
• Display targeted advertisements on third-party platforms

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any of our emails, texting STOP to our SMS number, or contacting us directly at [email protected].

3.4 Legal and Compliance Purposes

• Comply with applicable laws, regulations, and legal obligations
• Enforce our Terms of Service and other applicable policies
• Protect the rights, property, and safety of Dions, our customers, and the public
• Respond to legal processes, court orders, and government requests
• Maintain records required by food safety, tax, and other regulatory authorities

4. Legal Basis for Processing

Under applicable United States federal and state laws, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents, and in accordance with Federal Trade Commission (FTC) Act guidelines for consumer protection, we process your personal data on the following legal bases:

• Performance of a Contract: Processing necessary to fulfill your food orders and deliver our services.
• Legitimate Interests: Processing necessary for our legitimate business interests, such as fraud prevention, security, and service improvement, provided these interests are not overridden by your rights.
• Consent: Where you have given explicit consent, such as for marketing communications or certain cookies.
• Legal Obligation: Processing required to comply with applicable laws and regulations.

5. Sharing Your Information with Third Parties

We do not sell, trade, or rent your personal information to third parties for their own independent marketing purposes. However, we may share your information in the following circumstances:

5.1 Service Providers and Business Partners

We engage trusted third-party companies and individuals to perform services on our behalf. These service providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security standards. Categories of service providers include:

• Payment Processors: Stripe, PayPal, or similar processors to handle secure payment transactions
• Delivery Partners: Third-party courier and logistics companies to fulfill food deliveries
• Cloud Hosting Providers: Companies that host and maintain our website infrastructure
• Analytics Providers: Services such as Google Analytics to help us understand website usage
• Email Service Providers: Platforms used to send transactional and marketing emails
• Customer Support Tools: Software platforms used to manage customer inquiries and support tickets
• Marketing Platforms: Advertising networks that help us reach customers with relevant promotions

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our business assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

5.3 Legal Requirements and Protection of Rights

We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to:

• Comply with a legal obligation, subpoena, court order, or governmental request
• Protect and defend the rights or property of Dions
• Prevent or investigate possible wrongdoing in connection with the Services
• Protect the personal safety of users of the Services or the public
• Protect against legal liability

5.4 Aggregated and Anonymized Data

We may share aggregated or anonymized information that cannot reasonably be used to identify you with third parties for industry analysis, research, demographic profiling, and other purposes.

6. Data Security

The security of your personal information is important to us. We implement a variety of technical, administrative, and physical safeguards designed to protect your information from unauthorized access, use, alteration, disclosure, or destruction. Our security measures include:

• Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers.
• Secure Payment Processing: All payment transactions are processed through PCI-DSS compliant payment processors. We do not store sensitive card data on our servers.
• Access Controls: We restrict access to personal information to authorized employees and contractors who need it to perform their job functions.
• Regular Security Audits: We conduct periodic reviews of our information collection, storage, and processing practices.
• Firewalls and Intrusion Detection: We employ network security tools to monitor for and prevent unauthorized access.
• Data Minimization: We collect only the information necessary for the stated purposes.
• Employee Training: Our staff receive regular training on data privacy and security best practices.

7. Your Privacy Rights

Depending on your location within the United States, you may have certain rights regarding your personal information. Particularly, California residents have extensive rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). All users of our Services are afforded the following rights to the extent required by applicable law:

7.1 Right to Know and Access

You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business purposes for collecting or selling it, and the categories of third parties with whom we share it.

7.2 Right to Correction

You have the right to request that we correct inaccurate personal information we maintain about you. We will use commercially reasonable efforts to correct your information upon a verifiable request.

7.3 Right to Deletion

You have the right to request that we delete your personal information that we have collected, subject to certain exceptions. We may deny your deletion request if retaining the information is necessary for us or our service providers to complete a transaction, comply with a legal obligation, or perform other permitted purposes.

7.4 Right to Data Portability

You have the right to request that we provide your personal information in a portable, readily usable format that allows you to transmit the data to another entity without hindrance.

7.5 Right to Opt Out of Sale or Sharing

Under the CCPA/CPRA, California residents have the right to opt out of the sale or sharing of their personal information for cross-context behavioral advertising. If you wish to exercise this right, please contact us at [email protected] with the subject line "Do Not Sell or Share My Personal Information."

7.6 Right to Limit Use of Sensitive Personal Information

California residents have the right to limit the use and disclosure of sensitive personal information (as defined under CPRA) to only what is necessary to perform the services you request.

7.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge different prices, provide a different level of service quality, or suggest that you will receive a different level of service as a result of exercising your privacy rights.

7.8 How to Submit a Privacy Rights Request

To exercise any of the rights described above, please submit a verifiable consumer request to us by:

• Emailing us at: [email protected]
• Visiting our website: pizzdion.digital

We will acknowledge receipt of your request within 10 business days and respond substantively within 45 days. If we require more time, we will inform you of the reason and extension period in writing. We may need to verify your identity before processing your request.

8. Cookie Policy Summary

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and assist in our marketing efforts. By using our website, you consent to our use of cookies in accordance with this Privacy Policy.

Cookies are small data files placed on your device when you visit a website. They help us remember your preferences, understand how you interact with our site, and personalize your experience. You can control cookie settings through your browser preferences or our cookie consent tool.

We use the following types of cookies:

For comprehensive information about the cookies we use and how to manage them, please review our full Cookie Policy available on our website at pizzdion.digital.

9. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including satisfying any legal, accounting, or reporting requirements. The retention periods we apply are as follows:

When personal information is no longer needed, we securely delete or anonymize it in accordance with our internal data disposal procedures.

10. Children's Privacy

We do not knowingly collect, solicit, or process personal information from children under the age of 18. Our website and food ordering services are not directed at minors, and we do not intentionally market our products or services to children.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will take prompt steps to delete such information from our records.

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected information from a child under 13, we will delete it promptly.

11. International Data Transfers

Dions operates primarily within the United States. However, some of our third-party service providers may be located in other countries, and your personal information may be transferred to, stored, or processed in countries outside of the United States.

When we transfer personal information internationally, we take steps to ensure that appropriate safeguards are in place to protect your information in accordance with applicable law. These safeguards may include:

• Entering into data processing agreements with service providers that include appropriate contractual clauses
• Ensuring that recipient countries provide an adequate level of data protection as recognized by applicable U.S. law
• Implementing additional technical and organizational security measures to protect transferred data

By using our Services, you acknowledge that your personal information may be transferred and processed in countries that may have different data protection laws than your country of residence. We will always treat your information in accordance with this Privacy Policy.

12. Third-Party Websites and Links

Our website may contain links to third-party websites, applications, and services that are not owned or controlled by Dions. This Privacy Policy does not apply to the privacy practices of those third parties. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.

We strongly encourage you to review the privacy policies of any third-party websites you visit through links on our platform. The inclusion of any link does not imply our endorsement of the linked site or service.

13. California-Specific Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), effective January 1, 2023. These rights include:

• Right to Know: You may request disclosure of the personal information we collect, use, disclose, and sell about you.
• Right to Delete: You may request deletion of your personal information subject to certain exceptions.
• Right to Correct: You may request correction of inaccurate personal information we hold about you.
• Right to Opt Out: You may opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
• Right to Limit: You may limit the use of sensitive personal information.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.

During the preceding 12 months, we may have collected the following categories of personal information from California consumers:

• Identifiers (name, email, phone number, IP address)
• Commercial information (order history, purchase records)
• Internet or electronic network activity information (browsing history, cookies)
• Geolocation data (delivery address, approximate location)
• Inferences drawn from other personal information (preferences, purchasing behavior)

California consumers may submit privacy rights requests by contacting us at [email protected]. You may also designate an authorized agent to submit requests on your behalf.

For additional information about our CCPA/CPRA compliance, or to exercise your California privacy rights, please contact us directly.

14. Filing Complaints with Regulatory Authorities

If you believe that we have not adequately addressed your privacy concerns, you have the right to file a complaint with the appropriate regulatory authorities. The following authorities oversee privacy and consumer protection matters in the United States:

14.1 Federal Trade Commission (FTC)

The Federal Trade Commission is the primary U.S. consumer protection authority and enforces federal privacy laws, including the FTC Act, COPPA, and other applicable regulations.

• Website: www.ftc.gov
• Complaint Portal: reportfraud.ftc.gov
• Phone: 1-877-382-4357

14.2 California Privacy Protection Agency (CPPA)

California residents may also file complaints with the California Privacy Protection Agency, which is the dedicated state agency responsible for enforcing the CCPA and CPRA.

• Website: cppa.ca.gov
• Email: [email protected]

14.3 State Attorney General Offices

Depending on your state of residence, you may also have the right to file a complaint with your state's Attorney General office, which may have jurisdiction over consumer privacy matters in your state.

Before filing a complaint with a regulatory authority, we encourage you to contact us directly at [email protected] to allow us the opportunity to resolve your concern promptly and amicably.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last Updated" date at the top of this policy. Material changes to this Privacy Policy will be communicated through a prominent notice on our website and/or a direct notification to your registered email address.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after the posting of any changes constitutes your acceptance of the revised Privacy Policy.

If we make material changes that significantly affect your privacy rights, we will provide at least 30 days' advance notice before the changes take effect where technically feasible.

16. Contact Us for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our Privacy Team. We are committed to addressing your concerns promptly and transparently.

When contacting us about your privacy rights or submitting a data request, please include:

• Your full name and contact information
• The nature of your inquiry or the specific right you wish to exercise
• Sufficient information to allow us to verify your identity
• Any relevant account information (e.g., the email address associated with your account)

We will acknowledge receipt of your request within 10 business days and provide a substantive response within 45 calendar days. In complex cases, we may extend this period by an additional 45 days, and we will notify you of any such extension.