Privacy Policy

Welcome to Pequod's Pizza. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website pequods-food.rest, place orders, interact with our services, or otherwise communicate with us. Please read this policy carefully. If you do not agree with the terms of this Privacy Policy, please discontinue use of our website and services immediately.

By accessing or using our website, placing an order, subscribing to our newsletter, or engaging with any of our digital services, you acknowledge that you have read, understood, and agree to the data practices described in this Privacy Policy.

1. Who We Are

Pequod's Pizza operates as a food service business in the United States. We operate the website located at pequods-food.rest and provide food ordering, delivery, and related services to customers across the United States.

For all privacy-related inquiries, data subject requests, or complaints, please contact us using the details provided above or through the dedicated contact information provided in Section 15 of this policy.

2. Scope and Applicable Law

This Privacy Policy applies to all personal information collected by Pequod's Pizza through our website, mobile interfaces, in-store digital systems, third-party integrations, and any other means of communication. Our data practices are governed by applicable United States federal and state privacy laws, including but not limited to:

• The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), applicable to California residents;
• The Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive acts or practices in commerce;
• The CAN-SPAM Act, governing commercial email communications;
• The Children's Online Privacy Protection Act (COPPA), governing online data collection from minors under 13;
• State-specific data breach notification laws applicable in the state(s) where we operate;
• Any other applicable federal or state privacy regulations that may come into force during the effective period of this policy.

We are committed to compliance with all applicable laws and regulations and will update this policy whenever required by changes in law or our data practices.

3. Information We Collect

We collect different types of information in connection with your use of our website and services. The categories of personal information we may collect include the following:

3.1 Personal Identification Information

When you create an account, place an order, make a reservation, subscribe to our newsletter, or contact us, we may collect:

• Full name
• Email address
• Phone number
• Mailing address and delivery address
• Date of birth (when required for age verification purposes)
• Username and password (stored in encrypted format)
• Profile picture (if voluntarily uploaded)

3.2 Payment and Financial Information

To process your food orders and payments, we collect:

• Credit or debit card information (processed through secure, PCI-DSS compliant payment processors)
• Billing address
• Transaction history and order details
• Digital wallet identifiers (e.g., Apple Pay, Google Pay references)

Please note: We do not store your full credit card number on our servers. All payment data is processed by our third-party payment processors who maintain their own privacy and security standards.

3.3 Order and Transaction Data

• Items ordered and quantity
• Order preferences, customizations, and special instructions
• Order history and purchase frequency
• Loyalty program participation and reward points
• Coupon and promotional code usage
• Delivery instructions and preferences

3.4 Usage and Technical Data

When you visit our website, we automatically collect certain technical information, including:

• IP address and approximate geographic location derived from IP
• Browser type, version, and language settings
• Operating system and device type
• Screen resolution and display settings
• Pages visited, time spent on each page, and navigation paths
• Referring URL (the website that directed you to ours)
• Links clicked and features used
• Error logs and crash reports
• Session identifiers and timestamps

3.5 Device Information

• Device identifiers (mobile device ID, advertising ID)
• Hardware model and firmware version
• Network information and carrier data
• Mobile app usage data (if applicable)

3.6 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your interactions with our website. Please refer to Section 10 of this policy for detailed information about our cookie practices.

3.7 Communications Data

• Messages and inquiries submitted through our contact forms
• Customer service correspondence (email, chat, phone recordings where permitted by law)
• Feedback and reviews submitted by you
• Survey responses and promotional contest entries
• Social media interactions and comments directed at our business accounts

3.8 Information from Third Parties

We may also receive personal information about you from third-party sources, including:

• Third-party food delivery platforms (e.g., DoorDash, Uber Eats, Grubhub) if you place orders through those services
• Social media platforms when you choose to log in or connect your account
• Marketing partners and lead generation services
• Analytics providers and advertising networks
• Payment processors and fraud detection services

4. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes, including:

4.1 Service Provision and Order Fulfillment

• Processing and fulfilling your food orders, including delivery and pickup arrangements
• Managing your account and providing account-related services
• Sending order confirmations, receipts, and delivery updates
• Processing payments and managing refunds or chargebacks
• Managing our loyalty and rewards program
• Facilitating table reservations or catering inquiries

4.2 Customer Support

• Responding to your questions, complaints, and feedback
• Resolving disputes and troubleshooting service issues
• Verifying your identity for account security purposes
• Communicating important service updates or changes to our terms

4.3 Analytics and Service Improvement

• Analyzing usage patterns to improve website functionality and user experience
• Understanding customer preferences to improve our menu offerings
• Conducting internal research and business intelligence activities
• Monitoring and improving website performance and security
• Developing new features, services, and promotional offerings

4.4 Marketing and Promotional Communications

• Sending newsletters, special offers, and promotional materials (with your consent where required)
• Delivering personalized recommendations based on your order history and preferences
• Running targeted advertising campaigns on third-party platforms
• Conducting surveys, contests, and promotional events
• Retargeting website visitors through digital advertising networks

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email, by contacting us at [email protected], or by adjusting your account communication preferences.

4.5 Legal Compliance and Safety

• Complying with applicable federal and state laws and regulations
• Responding to lawful requests from law enforcement or regulatory authorities
• Preventing fraud, unauthorized access, and other illegal activities
• Enforcing our Terms of Service and other agreements
• Protecting the safety and rights of our customers, employees, and the public

5. Legal Basis for Processing

Under applicable U.S. privacy laws, including the CCPA/CPRA, we process your personal information based on the following grounds:

• Contractual necessity: Processing required to fulfill your orders and deliver our services
• Legitimate business interests: Analytics, fraud prevention, security, and service improvement
• Legal obligation: Compliance with federal and state laws
• Consent: Marketing communications and non-essential cookies, where your explicit consent is obtained

6. Sharing Your Information with Third Parties

We do not sell your personal information to third parties for monetary compensation. However, we may share your information in the following circumstances:

6.1 Service Providers and Vendors

We work with carefully selected third-party service providers who assist us in operating our business. These providers may access your personal information only to perform specific functions on our behalf and are contractually obligated to protect your data. Service provider categories include:

• Payment processors — to securely handle financial transactions
• Delivery partners — to coordinate food delivery logistics
• Cloud hosting providers — to store and manage website data
• Email marketing platforms — to send promotional communications
• Analytics providers — such as Google Analytics, to analyze website usage
• Customer support software — to manage customer service interactions
• Fraud detection services — to prevent unauthorized transactions
• Advertising networks — to deliver targeted advertisements

6.2 Food Delivery Platforms

If you place an order through a third-party delivery platform (such as DoorDash, Uber Eats, or Grubhub), that platform's own privacy policy governs the collection and use of your data by that platform. We receive limited order information necessary to fulfill your food order.

6.3 Legal and Regulatory Disclosures

We may disclose your personal information when required to do so by law, or in response to a valid legal process, including:

• Court orders, subpoenas, or warrants
• Requests from federal, state, or local law enforcement agencies
• Regulatory investigations by the Federal Trade Commission or state attorneys general
• Other mandatory legal disclosures

6.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity as part of the transaction. We will notify you via email or a prominent notice on our website if such a transfer results in a material change to this Privacy Policy.

6.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data — which cannot reasonably be used to identify you — with business partners, researchers, or the public for legitimate business and analytical purposes.

7. Data Security

We take the security of your personal information seriously and implement a range of administrative, technical, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

• SSL/TLS encryption for all data transmitted between your browser and our website
• PCI-DSS compliance for all payment data processing
• Password hashing using industry-standard algorithms (e.g., bcrypt)
• Access controls limiting employee access to personal data on a need-to-know basis
• Regular security audits and vulnerability assessments
• Firewalls and intrusion detection systems to monitor for suspicious activity
• Data minimization practices to limit collection to only what is necessary
• Employee training on data privacy and security best practices
• Incident response protocols for rapid containment and notification in the event of a data breach

Despite our best efforts, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach that is likely to affect your rights, we will notify affected individuals in accordance with applicable state data breach notification laws, which vary by state but generally require notification within a specified timeframe.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention guidelines are as follows:

After the applicable retention period expires, we will securely delete, destroy, or anonymize your personal information. You may request earlier deletion of your data subject to the limitations described in Section 9 below.

9. Your Privacy Rights

Depending on your state of residence within the United States, you may have certain rights regarding your personal information. We honor these rights regardless of your state of residence to the fullest extent practicable.

9.1 Rights Under the CCPA/CPRA (California Residents)

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you, including the categories and specific pieces of data collected.
• Right to Delete: You have the right to request the deletion of your personal information that we have collected, subject to certain exceptions (e.g., data required for legal compliance or ongoing service fulfillment).
• Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes.
• Right to Limit Use of Sensitive Personal Information: Where we collect sensitive personal information (as defined under CPRA), you have the right to limit its use to specific permitted purposes.
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level of service because you exercised your privacy rights.

9.2 General Privacy Rights (All U.S. Residents)

• Right to Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request that we correct any inaccurate or incomplete information we hold about you.
• Right to Deletion: You may request deletion of your personal information, subject to applicable legal exceptions.
• Right to Portability: Where technically feasible, you may request that we provide your data in a portable, machine-readable format.
• Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing prior to withdrawal.
• Right to Opt-Out of Marketing: You may opt out of receiving marketing communications from us at any time.

9.3 How to Exercise Your Rights

To exercise any of the rights listed above, please submit a verifiable request to us using the following methods:

• Email: [email protected]
• Website: pequods-food.rest

We will respond to verifiable consumer requests within 45 days of receipt. If we require additional time (up to 90 days total), we will notify you of the extension in writing. We may request that you verify your identity before processing your request to prevent unauthorized access to your information. We will not charge a fee for your first request in any 12-month period unless it is excessive, repetitive, or manifestly unfounded.

You may also designate an authorized agent to submit requests on your behalf, provided the agent provides written proof of authorization and you verify your own identity directly with us.

10. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertising. Cookies are small text files stored on your device when you visit our website.

10.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the website to function properly (e.g., shopping cart, login sessions). These cannot be disabled.
• Performance and Analytics Cookies: Collect information about how visitors use our website (e.g., Google Analytics). This helps us improve functionality and user experience.
• Functional Cookies: Remember your preferences and settings (e.g., language, saved addresses) to personalize your experience.
• Marketing and Advertising Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.
• Third-Party Cookies: Set by our partners (e.g., social media platforms, advertising networks) when you interact with embedded content or features.

10.2 Managing Your Cookie Preferences

You can manage or disable non-essential cookies through:

• Our cookie consent banner displayed on your first visit to our website
• Your browser settings (consult your browser's help documentation)
• Opt-out tools provided by advertising networks (e.g., the Digital Advertising Alliance's opt-out at aboutads.info)

Please note that disabling certain cookies may impact the functionality of our website and services.

11. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect, use, or disclose personal information from children under the age of 13. Our services are not directed toward minors, and we do not market food or related services to children through our website.

If you are a parent or guardian and believe that your child under 18 years of age has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to investigate and delete any such information from our records.

We encourage parents and guardians to monitor their children's online activities and to supervise the use of food ordering websites and applications.

12. International Data Transfers

Pequod's Pizza is a U.S.-based business, and your personal information is primarily collected and processed within the United States. However, some of our third-party service providers — including cloud hosting, analytics, and marketing platform providers — may operate servers or process data in countries outside the United States.

If your personal information is transferred outside the United States, we ensure that appropriate safeguards are in place to protect your data in accordance with applicable U.S. privacy laws. Such safeguards may include:

• Contractual data processing agreements with our service providers
• Verification that receiving parties maintain adequate security standards
• Use of service providers that comply with applicable international data protection frameworks

If you are located outside the United States and choose to use our website or services, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your home country. By using our services, you consent to such transfer and processing of your information.

13. Third-Party Links and Services

Our website may contain links to third-party websites, applications, social media platforms, and services. This includes links to food delivery platforms, review websites, and social media profiles. This Privacy Policy applies solely to our website and services. We have no control over the privacy practices of third-party websites and strongly encourage you to review the privacy policies of any third-party sites you visit.

We are not responsible for the content, privacy practices, or data security of any third-party websites, even if you access them through a link on our website.

14. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Currently, there is no universally agreed-upon standard for how websites should respond to DNT signals. At this time, our website does not alter its data collection practices in response to DNT signals. However, we provide you with options to manage your cookie and tracking preferences as described in Section 10 of this policy.

We will continue to monitor developments in DNT technology and regulatory guidance and will update this section accordingly if a standardized response becomes required or recommended.

15. How to File a Complaint

We are committed to resolving any concerns or complaints about our privacy practices. If you believe that we have not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to contact us first so that we may attempt to resolve the matter.

You may also have the right to file a complaint with a relevant regulatory authority:

• Federal Trade Commission (FTC): If you believe our data practices violate the FTC Act or other federal consumer protection laws, you may file a complaint at reportfraud.ftc.gov or call 1-877-FTC-HELP (1-877-382-4357).
• California Privacy Protection Agency (CPPA): California residents may file complaints regarding CCPA/CPRA violations with the California Privacy Protection Agency at cppa.ca.gov.
• State Attorney General: Residents of other states may file privacy-related complaints with their respective state attorney general's office.

16. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy;
• Post the revised policy on our website at pequods-food.rest;
• Send a notification email to registered account holders (for significant changes);
• Display a prominent notice on our website homepage (for material changes).

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our website or services following the posting of changes constitutes your acceptance of those changes.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team using the information below:

We aim to respond to all privacy-related inquiries within 10 business days and to resolve all verifiable consumer requests within the timeframes required by applicable law (generally 45 days, extendable by an additional 45 days with prior notice).