Privacy Policy
This Privacy Policy describes how Giordanos ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website at cafegiordanos.click, place orders, interact with our services, or otherwise engage with us. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and respect.
Please read this Privacy Policy carefully. By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described herein. If you do not agree with any part of this policy, please discontinue use of our website and services immediately.
This Privacy Policy is governed by the laws of the United States, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission (FTC) Act regarding consumer protection and fair business practices. We comply with all applicable federal and state privacy laws governing our operations.
1. Who We Are
Giordanos is a food service business operating in the United States. We operate through our website cafegiordanos.click to provide customers with information about our menu, services, online ordering capabilities, promotions, and other food-related offerings. We act as the data controller for all personal information collected through our website and associated services.
Contact Information:
- Company Name: Giordanos
- Website: cafegiordanos.click
- Email: [email protected]
For all privacy-related inquiries, requests, or concerns, you may contact us using the details provided above or through the dedicated contact section outlined later in this policy.
2. Information We Collect
We collect various types of information in connection with your use of our website and services. This includes information you provide directly to us, information collected automatically when you use our services, and information obtained from third-party sources.
2.1 Personal Information You Provide Directly
When you interact with our website, place an order, create an account, sign up for newsletters, participate in promotions, or contact us, you may provide us with the following personal information:
- Identity Information: Full name, username, or display name
- Contact Information: Email address, telephone number, mailing address, and delivery address
- Account Credentials: Username, password, and security questions (if applicable)
- Order Information: Food preferences, dietary restrictions, special requests, order history, and delivery instructions
- Payment Information: Credit or debit card numbers, billing address, and other payment details (processed securely through our payment processors)
- Communications: Messages, feedback, reviews, survey responses, and any other information you choose to share when contacting us
- Marketing Preferences: Your preferences for receiving marketing communications from us
2.2 Information Collected Automatically
When you visit our website or use our digital services, we automatically collect certain technical information about your device and how you interact with our platform. This includes:
- Device Information: IP address, device type, operating system, browser type and version, screen resolution, and device identifiers
- Usage Data: Pages visited, time spent on pages, links clicked, referring URLs, search queries on our website, and navigation paths
- Log Data: Server logs, error reports, and diagnostic information
- Location Data: General geographic location derived from your IP address, and precise location data if you grant permission through your device settings (used to assist with delivery services)
- Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies (described in detail in Section 7)
2.3 Information from Third-Party Sources
We may receive information about you from third parties in certain circumstances, including:
- Social Media Platforms: If you connect your social media account or log in through a social media platform, we may receive profile information such as your name, profile picture, and email address
- Payment Processors: Transaction confirmation and fraud prevention data from payment service providers
- Analytics Providers: Aggregated and anonymized data about how users interact with our website
- Delivery Partners: Information related to the fulfillment and delivery of your orders
- Marketing Partners: Information about your interests and preferences to help us better tailor our marketing efforts
2.4 Sensitive Information
We generally do not seek to collect sensitive personal information such as health data, racial or ethnic origin, political opinions, or similar categories. However, if you voluntarily provide dietary information related to allergies or health conditions when placing orders, this information will be used solely to fulfill your order and ensure your safety. We handle such information with the highest degree of care and confidentiality.
3. How We Use Your Information
We use the information we collect for a variety of lawful purposes related to the operation of our food service business. Specifically, we use your personal information for the following purposes:
3.1 Providing and Managing Our Services
- Processing and fulfilling your food orders, including delivery and pickup services
- Creating and managing your account on our website
- Processing payments and preventing fraudulent transactions
- Sending order confirmations, receipts, and delivery updates
- Providing customer support and responding to your inquiries and complaints
- Managing loyalty programs, rewards, and promotional offers specific to your account
3.2 Improving Our Services and Website
- Analyzing usage patterns and customer behavior to enhance our website functionality
- Conducting research and analysis to understand customer preferences and improve our menu offerings
- Testing new features, services, and website improvements
- Monitoring and fixing technical issues, bugs, and security vulnerabilities
- Generating internal reports and business analytics to support decision-making
3.3 Marketing and Communications
- Sending you promotional emails, newsletters, and special offers about our food, services, and events — but only if you have opted in to receive such communications
- Delivering personalized content, recommendations, and advertisements based on your preferences and order history
- Conducting surveys and gathering feedback to improve our customer experience
- Notifying you about changes to our services, menu, pricing, or this Privacy Policy
- Running contests, sweepstakes, and promotional campaigns
3.4 Legal and Compliance Purposes
- Complying with applicable federal and state laws, regulations, and legal obligations
- Enforcing our Terms of Service and other applicable agreements
- Protecting the rights, property, and safety of Giordanos, our customers, and the general public
- Detecting, investigating, and preventing fraudulent, unauthorized, or illegal activity
- Cooperating with law enforcement agencies and regulatory authorities when required by law
4. How We Share Your Information
We respect your privacy and do not sell your personal information to third parties for their own independent marketing purposes. However, we may share your personal information in the following circumstances:
4.1 Service Providers and Business Partners
We engage trusted third-party companies and individuals to assist us in providing, improving, and operating our services. These service providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures. Our service providers may include:
- Payment Processors: To securely process credit and debit card transactions
- Delivery Partners: To coordinate and fulfill food delivery services
- Cloud Hosting Providers: To host our website and store data securely
- Email Marketing Platforms: To send newsletters and promotional communications on our behalf
- Analytics Providers: Such as Google Analytics, to help us understand how users interact with our website
- Customer Support Tools: To manage and respond to customer inquiries efficiently
- Fraud Prevention Services: To detect and prevent fraudulent transactions and account activity
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information if we are required to do so by law, or if we believe in good faith that such disclosure is necessary to:
- Comply with a legal obligation, court order, subpoena, or government request
- Enforce our Terms of Service or other agreements
- Protect and defend the rights or property of Giordanos
- Prevent or investigate possible wrongdoing in connection with our services
- Protect the personal safety of our users, customers, employees, or the public
- Protect against legal liability
4.3 Business Transfers
In the event that Giordanos undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of its assets, your personal information may be transferred to the acquiring entity or successor organization. We will notify you via email or a prominent notice on our website before your personal information becomes subject to a different privacy policy.
4.4 With Your Consent
We may share your personal information with third parties for any other purpose with your explicit prior consent. You may withdraw your consent at any time by contacting us at [email protected].
4.5 Aggregated and Anonymized Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other business purposes. This type of data sharing does not constitute a sale of personal information under applicable privacy laws.
5. Data Security
We take the security of your personal information seriously and implement a variety of technical, administrative, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, and destruction.
5.1 Security Measures We Implement
- Encryption: We use industry-standard SSL/TLS encryption to protect data transmitted between your browser and our servers
- Secure Payment Processing: All payment transactions are processed through PCI-DSS compliant payment processors. We do not store your full credit card numbers on our servers
- Access Controls: Access to personal information is restricted to authorized employees and contractors who need it to perform their job functions
- Regular Security Assessments: We conduct periodic security reviews, vulnerability assessments, and penetration testing to identify and address potential security risks
- Employee Training: Our team members receive training on data privacy and security practices to ensure responsible handling of personal information
- Incident Response: We maintain a data breach response plan and will notify affected users and relevant authorities promptly in the event of a security incident, as required by applicable law
5.2 Limitations
While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, and we encourage you to take steps to protect your own information, such as using strong passwords and keeping your account credentials confidential.
6. Your Privacy Rights
Depending on your location and applicable law, you may have certain rights regarding your personal information. We are committed to honoring these rights and making it easy for you to exercise them.
6.1 Rights Available to All Users
- Right to Access: You have the right to request a copy of the personal information we hold about you
- Right to Correction: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you
- Right to Deletion: You have the right to request that we delete your personal information, subject to certain legal exceptions
- Right to Object: You have the right to object to certain types of processing, including direct marketing communications
- Right to Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal
- Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to request that we transfer it to another party where technically feasible
6.2 California Residents — CCPA/CPRA Rights
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:
- Right to Know: The right to know what categories of personal information we collect about you, the purposes for which we use it, and whether we share or sell it
- Right to Delete: The right to request deletion of personal information we have collected from you, subject to certain exceptions
- Right to Correct: The right to correct inaccurate personal information we maintain about you
- Right to Opt-Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. If this practice changes, we will provide you with the right to opt-out
- Right to Limit Use of Sensitive Personal Information: The right to limit the use and disclosure of sensitive personal information to certain permitted purposes
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level or quality of service because you exercised your privacy rights
6.3 How to Exercise Your Rights
To exercise any of the privacy rights described in this section, please contact us using the following methods:
- Email: [email protected]
- Website: cafegiordanos.click
We may need to verify your identity before processing your request to ensure we do not disclose or alter information belonging to another person. We will respond to all legitimate requests within the timeframes required by applicable law. In some cases, we may not be able to fulfill your request due to legal obligations or other legitimate reasons, and we will explain the basis for any such decision.
7. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertisements.
7.1 What Are Cookies?
Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit a website. They help the website remember your preferences, keep you logged in, and understand how you use the site. Cookies may be "session cookies" (which expire when you close your browser) or "persistent cookies" (which remain on your device for a set period or until you delete them).
7.2 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential Cookies | Necessary for the website to function properly, including session management and shopping cart functionality | Session / Short-term |
| Analytics Cookies | Help us understand how visitors interact with our website by collecting and reporting anonymous data | Up to 2 years |
| Functional Cookies | Remember your preferences and settings to provide a more personalized experience | Up to 1 year |
| Marketing Cookies | Track your browsing activity to deliver relevant advertisements and measure the effectiveness of marketing campaigns | Up to 2 years |
7.3 Managing Your Cookie Preferences
You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, and set preferences for certain websites. Please note that disabling certain cookies may affect the functionality of our website and your user experience. For detailed information about our cookie practices, please refer to our full Cookie Policy available on our website at cafegiordanos.click.
7.4 Do Not Track Signals
Some browsers offer a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. Our website does not currently respond to DNT signals, as there is no industry standard for how websites should respond to such signals. We will continue to monitor developments in this area and update our practices as appropriate.
8. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by applicable law.
8.1 Retention Periods
| Data Category | Retention Period | Reason |
|---|---|---|
| Account Information | Duration of account + 3 years after closure | Service provision and legal compliance |
| Order History | 7 years | Tax, accounting, and legal requirements |
| Payment Records | 7 years | Financial and legal compliance obligations |
| Marketing Data | Until opt-out or 3 years from last interaction | Marketing and business analytics |
| Customer Support Communications | 3 years from last contact | Quality assurance and dispute resolution |
| Website Analytics Data | Up to 26 months | Website improvement and performance analysis |
| Cookie Data | Varies by cookie type (see Section 7) | Personalization and analytics |
When personal information is no longer needed for the purposes for which it was collected, we will securely delete or anonymize it. In some cases, we may retain certain data in anonymized form for statistical and analytical purposes indefinitely, as this data can no longer be used to identify you.
9. Children's Privacy
Our website and services are intended for users who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, and we do not direct our services toward individuals under 18 years of age.
If you are under 18 years of age, please do not use our website or submit any personal information through our services. If a parent or guardian believes that their child under the age of 13 has provided us with personal information without their consent, they should contact us immediately at [email protected]. We will take prompt steps to delete such information from our records.
We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13. In addition, we strongly recommend that minors between 13 and 17 use our website only with parental supervision and consent.
10. International Data Transfers
Giordanos is based in the United States, and your personal information is primarily stored and processed within the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.
By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States. We take appropriate steps to ensure that your personal information is treated securely and in accordance with this Privacy Policy, regardless of where it is processed.
If we transfer personal information to third-party service providers located outside the United States, we ensure that such transfers are conducted in compliance with applicable data protection laws and that appropriate safeguards are in place to protect your information.
11. Third-Party Links and Services
Our website may contain links to third-party websites, social media platforms, or other online services that are not operated or controlled by Giordanos. These links are provided for your convenience and information. When you click on a third-party link, you will be directed to that third party's website, which is governed by its own privacy policy.
We have no control over, and assume no responsibility for, the content, privacy practices, or security measures of any third-party websites or services. We encourage you to review the privacy policies of any third-party sites you visit. The inclusion of a link on our website does not imply our endorsement of that site or its privacy practices.
12. Marketing Communications and Opt-Out
We may send you promotional emails, newsletters, and other marketing communications about our food, services, promotions, and events, provided that you have given your consent to receive such communications or where permitted by applicable law.
12.1 How to Opt-Out
You may unsubscribe from our marketing communications at any time using one of the following methods:
- Clicking the "Unsubscribe" or "Opt-Out" link included in any marketing email we send you
- Logging into your account on cafegiordanos.click and updating your communication preferences
- Emailing us directly at [email protected] with "Unsubscribe" in the subject line
Please note that even if you opt-out of marketing communications, we may still send you transactional and service-related emails such as order confirmations, receipts, and account notifications. These communications are necessary for providing our services and are not subject to opt-out.
12.2 Promotional Texts and SMS
If you have opted in to receive promotional SMS messages from us, you may opt-out at any time by replying "STOP" to any message you receive or by contacting us at [email protected]. Standard message and data rates may apply based on your mobile carrier plan.
13. How to File a Complaint with a Data Protection Authority
If you believe that we have not handled your personal information in compliance with applicable privacy laws, you have the right to lodge a complaint with the relevant data protection authority or regulatory body.
13.1 For United States Residents
If you are a resident of the United States and have concerns about our privacy practices, you may contact the following regulatory bodies depending on your state of residence:
- Federal Trade Commission (FTC): The FTC enforces consumer protection and privacy laws at the federal level. You may file a complaint at www.ftc.gov/complaint
- California Residents — California Privacy Protection Agency (CPPA): California residents may contact the CPPA at cppa.ca.gov or submit a complaint to the California Attorney General's Office at oag.ca.gov
- State Attorneys General: Many states have consumer protection offices and Attorneys General that handle privacy complaints. Please consult your state's official government website for more information
Before filing a complaint with a regulatory authority, we encourage you to contact us directly at [email protected] so that we have an opportunity to address your concerns promptly and effectively.
14. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, applicable laws, or for other operational, legal, or regulatory reasons. When we make material changes to this policy, we will:
- Update the "Last Updated" date at the top of this page
- Post a prominent notice on our website informing you of the changes
- Send an email notification to registered users where required by applicable law or where we deem it appropriate given the significance of the changes
We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information. Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
15. Contact Us
If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our data handling practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and transparently.
Privacy Inquiries Contact Information
- Company: Giordanos
- Email: [email protected]
- Website: cafegiordanos.click
When contacting us about a privacy matter, please include your full name, email address, and a clear description of your request or concern so that we can respond to you as efficiently as possible. We aim to respond to all privacy-related inquiries within 30 days of receipt, unless a shorter timeframe is required by applicable law.
We value your trust and are dedicated to maintaining the privacy, security, and integrity of your personal information. Thank you for choosing Giordanos.