Privacy Policy
This Privacy Policy describes how Dions ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit and use our website located at pizzadions.digital (the "Site"), place orders, or otherwise interact with our food service business. We are committed to protecting your privacy and handling your personal data in a transparent, responsible, and lawful manner in accordance with applicable United States privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission (FTC) Act.
Please read this Privacy Policy carefully before using our Site or services. By accessing or using pizzadions.digital, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please discontinue use of our Site and services immediately.
For any questions, concerns, or requests related to this Privacy Policy, you may contact us directly at:
1. Scope of This Privacy Policy
This Privacy Policy applies to all personal information collected by Dions through the following channels:
- Our website at pizzadions.digital
- Online food ordering systems integrated into or linked from our Site
- Email communications between you and Dions
- Loyalty programs, promotions, contests, and marketing campaigns we operate
- Customer service and support interactions
- Any other digital or physical touchpoint where personal information is collected with reference to this policy
This policy does not apply to third-party websites, applications, or services that may be linked to or from our Site. Those third parties operate under their own independent privacy policies, and we encourage you to review them before providing any personal information.
2. Information We Collect
We collect several types of information in connection with the operation of our food service business and online presence. The categories of personal information we may collect include the following:
2.1 Personal Identification Information
When you place an order, create an account, sign up for our newsletter, or contact us, we may collect:
- Full name
- Email address
- Mailing or delivery address
- Phone number
- Username and password (for registered accounts)
- Date of birth (where required for age verification purposes)
2.2 Order and Transaction Information
To process your food orders and manage your account, we collect:
- Order history, including items ordered, quantities, customizations, and special instructions
- Payment information (such as credit or debit card details, billing address) — note that full payment card numbers are processed by our secure third-party payment processors and are not stored on our servers
- Transaction amounts and dates
- Delivery preferences and instructions
- Loyalty points, rewards redemption history, and promotional code usage
2.3 Usage and Technical Data
When you visit pizzadions.digital, we automatically collect certain technical and usage data, including:
- IP address
- Browser type and version
- Operating system and device type
- Pages visited, time spent on pages, and navigation paths within our Site
- Referring URLs (the website that brought you to our Site)
- Date and time of visits
- Clicks, search queries entered on our Site, and interaction with features
- Error logs and diagnostic information
2.4 Cookies and Tracking Technologies
We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your browsing behavior and preferences. For detailed information about how we use cookies and how you can control them, please refer to Section 9 of this Privacy Policy (Cookie Usage).
2.5 Communications Data
If you contact us via email, contact forms, or other communication channels, we collect:
- The content of your messages and correspondence
- Your contact details as provided in the communication
- Records of any complaints, feedback, or support requests
2.6 Marketing and Preference Data
With your consent or as permitted by law, we may collect:
- Your marketing preferences and communication opt-in/opt-out status
- Survey responses and feedback submitted through our platforms
- Information provided when entering contests or promotional campaigns
2.7 Information From Third Parties
We may receive personal information about you from third-party sources, such as:
- Third-party delivery platforms and food ordering aggregators
- Social media platforms (if you interact with our social media pages or use social login features)
- Analytics and advertising partners
- Fraud prevention and identity verification services
3. How We Use Your Information
We use the personal information we collect for the following purposes, in accordance with applicable law and, where required, with your consent:
3.1 Providing and Managing Our Services
- Processing and fulfilling your food orders, including coordinating delivery or pickup
- Managing your customer account and profile
- Processing payments and issuing receipts or invoices
- Communicating with you about your orders, including confirmations, updates, and changes
- Providing customer support and resolving disputes or complaints
- Administering loyalty programs, rewards, and promotional offers
3.2 Improving Our Website and Services
- Analyzing usage patterns and website performance to enhance user experience
- Conducting internal research and development to improve our menu, ordering process, and services
- Monitoring and addressing technical issues, bugs, and security vulnerabilities
- Personalizing your experience on our Site, such as remembering your preferences and past orders
3.3 Marketing and Promotional Communications
- Sending you promotional emails, newsletters, special offers, and updates about new menu items — only where you have opted in or where we have a legitimate interest to do so under applicable law
- Displaying targeted advertising on our Site and on third-party platforms based on your preferences and browsing behavior
- Conducting surveys, contests, and sweepstakes
- Measuring the effectiveness of our marketing campaigns and promotions
You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at [email protected].
3.4 Legal Compliance and Safety
- Complying with applicable federal and state laws, regulations, and legal obligations
- Responding to lawful requests from law enforcement, regulatory agencies, or courts
- Detecting, preventing, and investigating fraudulent transactions, unauthorized access, and other illegal activities
- Protecting the rights, property, and safety of Dions, our customers, and the public
- Enforcing our Terms of Service and other agreements
3.5 Business Operations
- Maintaining accurate business records and financial accounts
- Carrying out internal audits and quality control processes
- Facilitating corporate restructuring, mergers, acquisitions, or asset sales (see Section 6.4)
4. Legal Basis for Processing
While specific legal basis requirements vary by jurisdiction, Dions relies on the following grounds for processing your personal information:
- Contractual necessity: Processing required to fulfill your orders and provide our services
- Legitimate interests: Processing for fraud prevention, network security, analytics, and direct marketing to existing customers (where permitted)
- Legal obligation: Processing required to comply with applicable laws and regulations
- Consent: Processing where you have given explicit consent, such as for certain marketing communications and non-essential cookies
5. Cookies and Tracking Technologies
Our website pizzadions.digital uses cookies and similar tracking technologies to enhance your experience, analyze traffic, and support our marketing activities. Cookies are small text files stored on your device when you visit a website.
5.1 Types of Cookies We Use
| Cookie Type | Purpose | Examples |
|---|---|---|
| Strictly Necessary | Essential for the website to function, including processing orders and maintaining your session | Session cookies, authentication cookies |
| Functional | Remembers your preferences, such as saved addresses and past orders | Preference cookies, language settings |
| Analytics | Helps us understand how visitors use our Site to improve performance | Google Analytics, performance cookies |
| Marketing | Tracks your browsing to deliver relevant advertisements and measure campaign effectiveness | Advertising pixels, retargeting cookies |
5.2 Managing Your Cookie Preferences
You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, disabling certain cookies may affect the functionality of our Site, including your ability to place orders. You may also opt out of analytics tracking by visiting the relevant opt-out pages of third-party analytics providers.
For California residents, please note that certain uses of tracking technologies may constitute a "sale" or "sharing" of personal information under the CCPA/CPRA. You have the right to opt out of such activities. See Section 8 for more information on your rights.
6. Sharing Your Information With Third Parties
We do not sell your personal information to third parties for their own direct marketing purposes. However, we may share your information with carefully selected third parties in the following circumstances:
6.1 Service Providers and Business Partners
We work with trusted third-party service providers who assist us in operating our business and delivering our services. These providers are only permitted to use your personal information to perform services on our behalf and are contractually obligated to maintain confidentiality and security. Such providers include:
- Payment processors and financial institutions
- Food delivery and logistics partners
- Cloud hosting and data storage providers
- Email marketing and customer communication platforms
- Analytics and website performance tools
- Fraud detection and cybersecurity services
- Customer relationship management (CRM) systems
- Loyalty program management platforms
6.2 Legal and Regulatory Requirements
We may disclose your personal information when required to do so by law, regulation, or valid legal process, including:
- Complying with court orders, subpoenas, or other legal obligations
- Responding to lawful requests from law enforcement agencies or government regulators
- Cooperating with investigations into fraud, intellectual property infringement, or other illegal activity
- Reporting obligations under applicable federal and state laws
6.3 Protection of Rights and Safety
We may disclose personal information when we believe in good faith that such disclosure is necessary to:
- Prevent or address potential fraud, abuse, or illegal activity
- Protect the physical safety of any person
- Protect the rights and property of Dions
- Enforce our Terms of Service or other agreements
6.4 Business Transfers
In the event that Dions undergoes a merger, acquisition, reorganization, asset sale, or other business transaction, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website if such a transaction occurs and if it results in a material change to how your data is handled.
6.5 With Your Consent
We may share your information with additional third parties when you have given us your explicit consent to do so.
7. Data Security
Dions takes the security of your personal information seriously. We implement a range of technical, organizational, and administrative measures designed to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security measures include:
7.1 Technical Safeguards
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols
- Encrypted Data Storage: Sensitive personal information stored on our servers is encrypted at rest
- Firewalls and Intrusion Detection: We use firewalls and network monitoring tools to protect against unauthorized access and cyberattacks
- Secure Payment Processing: Payment card information is processed by PCI-DSS compliant third-party payment processors
- Access Controls: Access to personal data is restricted to authorized personnel only, based on the principle of least privilege
7.2 Organizational Safeguards
- Regular staff training on data protection best practices
- Internal data protection policies and procedures
- Vendor due diligence and contractual data protection obligations for all third-party service providers
- Periodic security audits and vulnerability assessments
- Incident response procedures for data breaches
7.3 Data Breach Notification
In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals and the relevant authorities as required by applicable law. Notification will be provided as promptly as practicable and in accordance with any legally mandated timeframes.
While we strive to use commercially reasonable security measures to protect your personal information, no method of data transmission or storage is completely secure. We cannot guarantee absolute security of your data.
8. Your Privacy Rights
Depending on your location, you may have certain rights regarding your personal information. Dions respects and honors these rights in accordance with applicable United States privacy laws, including the CCPA/CPRA for California residents.
8.1 Rights Available to All Users
- Right to Access: You have the right to request a copy of the personal information we hold about you
- Right to Correction: You have the right to request that we correct inaccurate or incomplete personal information
- Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions (e.g., where retention is required by law or necessary for completing a transaction)
- Right to Opt Out of Marketing: You may opt out of receiving marketing communications at any time
8.2 Additional Rights for California Residents (CCPA/CPRA)
If you are a California resident, you have the following additional rights under the CCPA/CPRA:
- Right to Know: The right to know what personal information we have collected, disclosed, sold, or shared about you in the past 12 months
- Right to Delete: The right to request deletion of personal information we have collected from you, subject to certain exceptions
- Right to Correct: The right to request correction of inaccurate personal information we maintain about you
- Right to Opt Out of Sale/Sharing: The right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising
- Right to Limit Use of Sensitive Personal Information: The right to limit our use of sensitive personal information to that which is necessary to perform our services
- Right to Non-Discrimination: The right not to receive discriminatory treatment for exercising your CCPA/CPRA privacy rights. We will not deny services, charge different prices, or provide a lower quality of service because you exercised your rights
- Right to Data Portability: The right to receive your personal information in a portable, usable format where technically feasible
8.3 How to Exercise Your Rights
To exercise any of the rights described above, please contact us using the following methods:
- Email: [email protected]
- Website: pizzadions.digital
When submitting a request, please provide sufficient information to verify your identity. We will respond to verified requests within the timeframes required by applicable law (generally within 45 days, with the possibility of a 45-day extension where necessary).
If you are submitting a request on behalf of another individual (e.g., as an authorized agent), you must provide proof of authorization.
9. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, enforce our agreements, and for other legitimate business purposes. The specific retention periods depend on the type of data and the purpose for which it was collected:
| Data Category | Retention Period | Reason |
|---|---|---|
| Account information | Duration of account plus 3 years after account closure | Customer service, legal compliance |
| Order history and transaction records | 7 years | Tax and financial record-keeping obligations |
| Payment information | As required by PCI-DSS and payment processors | Fraud prevention, chargebacks |
| Marketing preferences and communications | 3 years from last interaction or opt-out | Marketing compliance |
| Website usage and analytics data | Up to 26 months | Analytics and improvement |
| Customer support records | 3 years from resolution | Quality assurance, dispute resolution |
| Legal and compliance records | As required by applicable law (up to 7 years or longer) | Legal obligation |
When personal information is no longer needed, we will securely delete or anonymize it in accordance with our data retention procedures.
10. Children's Privacy
Our website and services are intended for individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA), or from minors under 18 years of age without verifiable parental consent where required by law.
By using our Site and placing orders, you represent and warrant that you are at least 18 years of age. If we become aware that we have inadvertently collected personal information from a child under 13 without appropriate parental consent, we will take immediate steps to delete such information from our records.
If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected] so that we can take appropriate action.
11. International Data Transfers
Dions is based in the United States, and we primarily process and store personal information within the United States. However, some of our third-party service providers and business partners may be located in or operate from other countries. As a result, your personal information may be transferred to, stored in, or processed in countries outside of the United States.
When we transfer personal data internationally, we take appropriate steps to ensure that your information receives an adequate level of protection in accordance with applicable law. Such steps may include:
- Using service providers who have implemented appropriate data protection safeguards
- Entering into contractual agreements that impose data protection obligations consistent with applicable law
- Ensuring transfers are made only to countries that have been recognized as providing adequate data protection
By using our services and providing us with your personal information, you acknowledge and consent to the transfer and processing of your data as described in this section.
12. Third-Party Links and Integrations
Our website may contain links to third-party websites, applications, or services, including social media platforms, delivery partners, and payment processors. These third-party services are not governed by this Privacy Policy, and we are not responsible for their privacy practices or content. We encourage you to review the privacy policies of any third-party service you access through our Site before providing them with any personal information.
Our integration with third-party delivery platforms or ordering systems may result in the sharing of certain order and contact information necessary to fulfill your order. We only share the minimum information necessary and require our partners to handle it in accordance with applicable law.
13. Do Not Track Signals
Some browsers offer a "Do Not Track" (DNT) feature that sends signals to websites requesting that your browsing activity not be tracked. Currently, there is no universally accepted standard for responding to DNT signals, and our Site does not alter its data collection or use practices in response to DNT browser signals. However, we offer cookie preference controls and opt-out options as described in Section 5 and Section 8 of this Privacy Policy.
14. California Privacy Rights — Additional Disclosures
In addition to the rights described in Section 8, California residents are entitled to receive the following disclosures under the CCPA/CPRA:
14.1 Categories of Personal Information Collected
In the preceding 12 months, we have collected the following categories of personal information (as defined under the CCPA):
- Identifiers (e.g., name, email address, phone number, IP address)
- Commercial information (e.g., order history, purchasing records)
- Internet or other electronic network activity information (e.g., browsing history on our Site)
- Geolocation data (e.g., delivery address, approximate location)
- Inferences drawn from personal information (e.g., preferences, behavior patterns)
14.2 Business Purpose for Collection
We collect the above categories of personal information for the business purposes described in Section 3 of this Privacy Policy, including providing food ordering services, processing payments, improving our Site, and communicating with customers.
14.3 Sale and Sharing of Personal Information
Dions does not sell your personal information for monetary consideration. However, to the extent that our use of analytics or advertising cookies constitutes "sharing" of personal information for cross-context behavioral advertising under the CPRA, you have the right to opt out of such sharing. To exercise this right, please contact us at [email protected].
14.4 Shine the Light Law
Under California Civil Code Section 1798.83 ("Shine the Light" law), California residents may request information about personal information disclosed to third parties for their direct marketing purposes. If applicable, you may submit such a request by contacting us at [email protected].
15. Filing a Complaint
If you believe that Dions has not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to first contact us directly so that we can attempt to resolve your concern:
- Email: [email protected]
If you are not satisfied with our response, you have the right to file a complaint with the relevant data protection or consumer protection authority. Depending on your location, applicable authorities may include:
15.1 Federal Level (United States)
- Federal Trade Commission (FTC): The FTC enforces consumer protection and privacy laws at the federal level. You may file a complaint at www.ftc.gov/complaint or by calling 1-877-FTC-HELP (1-877-382-4357).
15.2 State Level — California
- California Privacy Protection Agency (CPPA): The CPPA is the state agency responsible for enforcing the CCPA/CPRA. You may submit a complaint at cppa.ca.gov.
- California Attorney General's Office: You may also contact the California Attorney General's Office at oag.ca.gov/privacy/ccpa.
15.3 Other States
Residents of other states with applicable privacy laws may contact their respective state Attorney General's office or the relevant state consumer protection agency.
16. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or the services we offer. When we make material changes, we will:
- Update the "Last Updated" date at the top of this policy
- Post the revised Privacy Policy on our website at pizzadions.digital
- Where required by law or where we consider it appropriate, notify you by email or through a prominent notice on our Site
Your continued use of our Site and services after the effective date of the revised Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
17. Contact Us
If you have any questions, concerns, requests, or feedback regarding this Privacy Policy or our privacy practices, please do not hesitate to contact us. We are committed to addressing your inquiries in a timely and transparent manner.
We aim to respond to all privacy-related inquiries within 30 business days of receipt. For requests submitted under the CCPA/CPRA or other applicable state privacy laws, we will respond within the legally required timeframe (generally 45 days, with a possible 45-day extension).