Privacy Policy

This Privacy Policy describes how Piada ("we," "us," or "our") collects, uses, discloses, and protects the personal information of individuals ("you" or "your") who visit our website at cafe-piada.rest, place orders, or otherwise interact with our food services. We are committed to protecting your privacy and ensuring transparency about how your data is handled.

By accessing or using our website, mobile services, or any related digital properties, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms described herein, please refrain from using our services.

This policy is designed to comply with applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant consumer protection regulations.

1. About Us

Piada is a food service business operating in the United States. We provide dining, catering, and related food services to our customers. For all privacy-related matters, you may reach us using the contact information below:

2. Information We Collect

We collect various categories of personal information when you interact with our website, place food orders, sign up for newsletters, participate in loyalty programs, or contact us for support. The categories of information we collect are outlined below.

2.1 Personal Identification Information

We may collect information that directly identifies you as an individual, including:

• Full name
• Email address
• Phone number
• Billing address and delivery address
• Account username and password (stored in encrypted form)
• Profile picture or avatar (if uploaded voluntarily)
• Date of birth (for age verification or promotional purposes)

2.2 Order and Transaction Information

When you place an order through our website or associated platforms, we collect:

• Details of food items ordered, customizations, and special requests
• Order history and frequency
• Payment method type (e.g., credit card, debit card, digital wallet — we do not store full payment card numbers)
• Transaction amount and timestamps
• Delivery preferences and instructions
• Loyalty points or rewards balance information

2.3 Usage and Behavioral Data

We automatically collect certain information about how you interact with our website and digital services, including:

• Pages visited and time spent on each page
• Links and buttons clicked
• Search queries submitted through our website
• Items added to cart or viewed without purchase
• Referral source (how you arrived at our website)
• Session duration and frequency of visits
• Error logs and crash reports

2.4 Device and Technical Information

When you access our services using a browser or mobile device, we collect technical data including:

• IP address
• Browser type and version
• Operating system and device type
• Screen resolution and language settings
• Mobile device identifier (if applicable)
• Time zone setting
• Network provider information

2.5 Location Data

With your consent or based on your IP address, we may collect approximate or precise location data to:

• Determine nearby restaurant locations
• Facilitate delivery services
• Provide locally relevant promotions and menu items

2.6 Communications and Feedback

When you contact us via email, phone, or our website contact forms, we retain records of:

• Your messages and inquiries
• Customer service correspondence
• Reviews, ratings, and feedback you submit
• Responses to surveys or promotional campaigns

2.7 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing activity. For full details, please refer to Section 9 (Cookie Usage) of this policy.

2.8 Information from Third Parties

We may receive personal information about you from third-party sources, including:

• Social media platforms if you choose to log in or link your account
• Third-party delivery partners (e.g., DoorDash, Uber Eats, Grubhub)
• Analytics providers
• Marketing partners and data brokers (where permitted by law)
• Payment processors

3. How We Use Your Information

We use the personal information we collect for legitimate business purposes, including the following:

3.1 Providing and Managing Our Services

• Processing and fulfilling your food orders
• Managing your customer account and preferences
• Facilitating online reservations or catering inquiries
• Processing payments and issuing receipts or confirmations
• Communicating order status, delivery updates, and confirmations

3.2 Customer Support

• Responding to your questions, complaints, and service requests
• Investigating and resolving disputes or billing issues
• Maintaining records of customer interactions for quality assurance

3.3 Marketing and Promotions

• Sending you promotional emails, offers, and newsletters (with your consent where required)
• Personalizing recommendations based on your order history and preferences
• Running loyalty programs, sweepstakes, and seasonal campaigns
• Displaying targeted advertising on third-party platforms
• Retargeting website visitors with relevant advertisements

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails or contacting us directly at [email protected].

3.4 Analytics and Service Improvement

• Analyzing website traffic, usage patterns, and customer behavior
• Testing and improving our website features and menu offerings
• Conducting internal research and business intelligence activities
• Monitoring the performance and security of our digital platforms

3.5 Legal Compliance and Safety

• Complying with applicable federal and state laws and regulations
• Responding to lawful requests from law enforcement or regulatory authorities
• Protecting the rights, property, and safety of Piada, our customers, and the public
• Detecting, preventing, and investigating fraudulent or illegal activity
• Enforcing our Terms of Service and other agreements

4. Sharing Your Information with Third Parties

We do not sell your personal information for monetary consideration. However, we may share your data with certain third parties under the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party companies and individuals to perform functions on our behalf. These service providers have access to personal information only as necessary to perform their designated tasks and are contractually obligated to maintain confidentiality. Categories of service providers include:

• Payment Processors: To securely handle transactions (e.g., Stripe, Square, PayPal)
• Delivery Partners: To fulfill delivery orders on our behalf
• Email Marketing Platforms: To send newsletters and promotional communications
• Cloud Hosting Providers: To store and process data securely
• Analytics Providers: To analyze website usage and performance (e.g., Google Analytics)
• Customer Support Tools: To manage support tickets and inquiries
• Loyalty and Rewards Platforms: To operate our rewards program

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

• Comply with a legal obligation, court order, subpoena, or governmental request
• Protect and defend the rights or property of Piada
• Prevent or investigate possible wrongdoing in connection with our services
• Protect the personal safety of users or the general public

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the successor entity as part of that transaction. We will provide notice of such a transfer and any choices you may have regarding your data.

4.4 Advertising and Analytics Partners

We may share de-identified, aggregated, or pseudonymized data with advertising networks and analytics companies to improve our marketing campaigns and analyze usage trends. These partners may use cookies and tracking technologies independently.

4.5 With Your Consent

We may share your information with other third parties when you have provided explicit consent for such sharing, such as when you participate in co-branded promotions or integrate third-party applications with your account.

4.6 Disclosure Under CCPA/CPRA

Under the California Consumer Privacy Act and the California Privacy Rights Act, certain sharing of personal information with third parties for cross-context behavioral advertising may qualify as a "sale" or "sharing" of personal information. California residents have the right to opt out of such practices. Please see Section 7 for information on how to exercise this right.

5. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction.

5.1 Security Measures We Employ

• Encryption: All data transmitted between your browser and our servers is protected using Transport Layer Security (TLS) encryption.
• Secure Storage: Personal data is stored on secure servers with access controls and firewalls.
• Password Protection: User account passwords are stored using industry-standard hashing algorithms.
• Access Controls: Access to personal data is restricted to employees and contractors who need it to perform their job functions.
• Regular Audits: We conduct periodic security assessments and vulnerability testing of our digital infrastructure.
• Incident Response: We maintain a data breach response plan to address security incidents promptly and in accordance with applicable notification laws.

5.2 Limitations

Despite our best efforts, no method of electronic transmission or data storage is 100% secure. We cannot guarantee absolute security of your information. If you have reason to believe your interaction with us is no longer secure, please notify us immediately at [email protected].

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary based on the category of data:

When data is no longer required, we securely delete or anonymize it in accordance with our internal data retention procedures.

7. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.

7.1 Rights Available to All Users

• Right to Know: You may request that we disclose what personal information we have collected about you, the sources, purposes, and categories of third parties with whom we have shared it.
• Right to Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request that we correct inaccurate or incomplete personal information.
• Right to Deletion: You may request that we delete your personal information, subject to certain legal exceptions.
• Right to Opt Out of Marketing: You may opt out of receiving promotional communications from us at any time.

7.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you are entitled to the following additional rights under the CCPA and CPRA:

• Right to Opt Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes.
• Right to Limit Use of Sensitive Personal Information: You may request that we limit the use and disclosure of sensitive personal information to what is necessary to provide our services.
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights. We will not deny you services, charge you different prices, or provide a lower quality of service as a result of your exercise of these rights.
• Right to Data Portability: You may request that we provide your personal information in a portable, machine-readable format.

7.3 How to Submit a Privacy Request

To exercise any of the rights listed above, please contact us using the following methods:

• Email: [email protected] with the subject line "Privacy Rights Request"

We will acknowledge your request within 10 business days and respond substantively within 45 calendar days. If we require additional time, we will notify you of the extension and the reason for it. We may need to verify your identity before processing your request to protect the security of your information.

7.4 Authorized Agents

You may designate an authorized agent to submit a privacy rights request on your behalf. We may require verification of the agent's authorization and your identity before processing such a request.

8. Children's Privacy

Piada's website and digital services are not directed to children under the age of 18. We do not knowingly solicit or collect personal information from minors. If you are a parent or legal guardian and believe that your child under 18 has provided us with personal information without your consent, please contact us immediately at [email protected] so that we may delete such information.

In addition to compliance with general U.S. privacy law, we comply with the Children's Online Privacy Protection Act (COPPA), which prohibits the collection of personal information from children under the age of 13 without verifiable parental consent. Should we discover that any information has been collected from a child under 13, we will take immediate steps to delete that data from our systems.

9. Cookie Usage

We use cookies and similar tracking technologies (such as web beacons, pixel tags, and local storage objects) to enhance your experience on our website, analyze usage patterns, and deliver personalized content and advertisements.

9.1 Types of Cookies We Use

• Essential Cookies: Necessary for the website to function properly. These cannot be disabled.
• Performance and Analytics Cookies: Help us understand how visitors interact with our website.
• Functional Cookies: Remember your preferences (e.g., language, location, saved cart items).
• Marketing and Advertising Cookies: Used to deliver relevant advertisements and track campaign effectiveness.

9.2 Managing Your Cookie Preferences

You can manage your cookie preferences through your browser settings. Most browsers allow you to block or delete cookies. However, please note that disabling certain cookies may affect the functionality of our website. You may also opt out of interest-based advertising through the Digital Advertising Alliance at optout.aboutads.info or the Network Advertising Initiative at optout.networkadvertising.org.

For detailed information about the specific cookies we use, their purposes, and retention periods, please refer to our dedicated Cookie Policy, available on our website at cafe-piada.rest.

10. International Data Transfers

Piada is headquartered in the United States and primarily operates within the United States. However, some of our third-party service providers, including cloud hosting and analytics platforms, may process or store your data in servers located outside of the United States or in other countries.

If your personal information is transferred outside the United States, we take steps to ensure that such transfers are made in compliance with applicable data protection laws. This may include relying on:

• Standard contractual clauses or data processing agreements with third-party service providers
• Adequacy decisions or recognized transfer mechanisms under applicable law
• Your explicit consent where required

Please be aware that data protection laws in other countries may differ from those in your jurisdiction. By using our services, you acknowledge and consent to the transfer of your personal information to countries outside your country of residence, including the United States, where privacy laws may be different from your jurisdiction.

11. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, or embedded content from external services (such as mapping tools, payment portals, or social sharing buttons). These third-party services have their own privacy policies and data practices, and we are not responsible for their content, policies, or data handling.

We encourage you to review the privacy policies of any third-party services you access through our website. The inclusion of a link does not imply our endorsement of the linked site or its privacy practices.

12. California-Specific Disclosures

This section applies specifically to California residents and supplements the information provided elsewhere in this Privacy Policy, in accordance with the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), effective January 1, 2023.

12.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected personal information falling into the following CCPA categories:

• Identifiers (name, email address, IP address)
• Commercial information (order history, purchasing preferences)
• Internet or electronic network activity (browsing behavior, interaction with our website)
• Geolocation data (approximate location based on IP address)
• Inferences drawn from the above categories (customer profiles and preferences)

12.2 Categories of Sources

We collect personal information directly from you, automatically through your use of our services, and from third-party partners as described in Section 2.8 of this policy.

12.3 Business or Commercial Purposes

We collect and use personal information for the business purposes described in Section 3 of this Privacy Policy.

12.4 Do Not Sell or Share My Personal Information

California residents have the right to opt out of the sale or sharing of their personal information. While we do not sell personal information in the traditional sense, we may share certain data with advertising partners in a manner that may constitute "sharing" under the CPRA. To exercise your opt-out right, please contact us at [email protected] with the subject line "Do Not Sell or Share My Personal Information."

12.5 Shine the Light Law

California Civil Code Section 1798.83 (the "Shine the Light" law) permits California residents to request information about the categories of personal information we have shared with third parties for direct marketing purposes during the preceding calendar year. To make such a request, please contact us at [email protected].

13. Your Rights Under Federal Law (FTC Act)

The Federal Trade Commission Act prohibits unfair or deceptive acts or practices in commerce, including deceptive privacy practices. Our privacy disclosures are designed to be accurate, clear, and consistent with how we actually collect, use, and share personal information. If you believe we have engaged in any unfair or deceptive practice related to your personal information, you have the right to report your concern to the Federal Trade Commission at www.ftc.gov or by calling 1-877-FTC-HELP (1-877-382-4357).

14. How to File a Privacy Complaint

If you have concerns about how we handle your personal information and wish to file a formal complaint, we encourage you to first contact us directly so that we can attempt to resolve your concern promptly.

14.1 Contact Us First

Please send your complaint or concern to:

We will investigate your complaint and respond within 30 calendar days of receipt.

14.2 External Regulatory Bodies

If you are not satisfied with our response, or if you believe we have violated applicable privacy law, you may file a complaint with the following regulatory authorities:

• Federal Trade Commission (FTC): reportfraud.ftc.gov
• California Attorney General (for California residents): oag.ca.gov/privacy
• California Privacy Protection Agency (CPPA): cppa.ca.gov
• State Attorney General Office in your state of residence

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post a prominent notice on our website
• Send an email notification to registered users (where required by law or as appropriate)

Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically to stay informed about how we protect your information.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team:

We are committed to resolving privacy-related inquiries promptly and transparently. Whether you have a question about the data we hold, wish to exercise a privacy right, or have a concern about our practices, our team is here to assist you.