Privacy Policy

1. Introduction

Welcome to Imos Pizza ("we," "our," "us," or the "Company"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website imospizza.digital, place orders for our delicious St. Louis style pizza, use our mobile applications, or interact with us in any other way.

At Imos Pizza, we understand that your personal information is valuable and sensitive. We have implemented comprehensive privacy practices to ensure that your data is handled with the utmost care and in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

This Privacy Policy applies to all information collected through our website, mobile applications, in-store interactions, catering services, franchise operations, loyalty programs, and any other services we offer (collectively, the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

2. Information We Collect

We collect various types of information to provide you with the best possible food service experience, process your orders efficiently, and continuously improve our offerings. The information we collect falls into three main categories:

2.1 Information You Provide Directly

When you interact with Imos Pizza, you may voluntarily provide us with the following information:

• Personal Identification Information: Your name, email address, phone number, and physical address (including delivery addresses). This information is essential for processing and delivering your orders accurately.
• Account Information: When you create an account with us, we collect your username, password (stored in encrypted form), order history, saved addresses, and favorite menu items. This allows us to provide a personalized experience and quick reordering options.
• Payment Information: Credit card numbers, billing addresses, and other payment details. Please note that we use industry-standard encryption and secure payment processors. We do not store complete credit card numbers on our servers.
• Order History and Preferences: Details of your past orders, including items ordered, customizations, delivery instructions, and order frequency. This helps us understand your preferences and provide personalized recommendations.
• Dietary Preferences and Allergen Information: If you inform us of dietary requirements such as vegan, vegetarian, gluten-free, halal, kosher, or specific food allergies, we collect and store this information to ensure your safety and satisfaction. This information is handled with special care due to its sensitive nature.
• Loyalty Program Data: If you participate in our rewards program, we collect information about your earned points, redeemed rewards, tier status, and program activity.
• Table Reservation Information: For dine-in reservations, we collect date, time, party size, special occasion details, and seating preferences.
• Catering Event Details: For catering orders, we collect event date, location, number of guests, menu selections, budget, and special requirements.
• Contact Form Submissions: Any information you provide when contacting us, including inquiries, feedback, complaints, and suggestions.
• Reviews and Testimonials: If you leave reviews or testimonials about our food or service, we may collect and display this information with your consent.
• Marketing Preferences: Your preferences regarding receiving promotional communications, newsletters, and special offers from us.

2.2 Information Collected Automatically

When you visit our website or use our mobile applications, certain information is collected automatically through cookies and similar technologies:

• Device Information: Your IP address, browser type and version, operating system, device type (desktop, tablet, mobile), screen resolution, and unique device identifiers.
• Usage Data: Pages you visit, links you click, time spent on each page, menu items you view, search queries, and your navigation path through our site.
• Cookie Data: Session identifiers, user preferences, shopping cart contents, and analytics data. See Section 6 for more details about our cookie usage.
• Location Information: Approximate geographic location based on your IP address. With your permission, we may also collect precise location data from your mobile device to help you find nearby locations or provide accurate delivery estimates.
• Referral Information: How you arrived at our website (e.g., search engine, social media, direct link, advertisement).

2.3 Information from Third Parties

We may receive information about you from other sources, including:

• Social Media Platforms: If you connect your social media accounts (Facebook, Google, Apple) to our services or interact with us on social media, we may receive your profile information, friends list, and other information you've made public.
• Payment Processors: Our payment partners may provide us with transaction details, fraud detection information, and payment verification results.
• Delivery Partners: Third-party delivery services may share order status updates, delivery confirmation, and customer feedback.
• Marketing Partners: Advertising networks and data analytics providers may share information about your interactions with our advertisements and general demographic data.
• Franchise Partners: If you interact with one of our franchise locations, they may share order and customer service information with us.

3. How We Use Your Information

We use the information we collect for various purposes, all aimed at providing you with excellent service and continuously improving your experience with Imos Pizza.

3.1 Service Provision and Order Fulfillment

• Order Processing: To receive, confirm, prepare, and fulfill your food orders accurately and efficiently.
• Delivery Services: To coordinate delivery to your specified location, provide real-time tracking, and communicate delivery updates.
• Customer Support: To respond to your inquiries, resolve issues, process refunds, and provide assistance with your orders or account.
• Account Management: To create and maintain your account, authenticate your identity, and manage your preferences and saved information.
• Dietary Accommodation: To ensure your orders comply with your dietary requirements and allergen restrictions, protecting your health and safety.
• Quality Improvement: To analyze feedback and identify opportunities to enhance our menu, service quality, and overall customer experience.

3.2 Communication

• Order Confirmations: To send you order confirmations, preparation updates, and delivery notifications via email, SMS, or push notifications.
• Customer Support Responses: To reply to your questions, complaints, and feedback in a timely and helpful manner.
• Important Notices: To inform you of changes to our menu, pricing, operating hours, terms of service, or this privacy policy.
• Marketing Communications: With your consent, to send you promotional offers, new menu announcements, special discounts, and newsletters. You can opt out of marketing communications at any time.

3.3 Marketing and Analytics

• Personalized Advertising: To show you relevant advertisements based on your preferences, order history, and browsing behavior.
• Traffic Analysis: To understand how visitors use our website, which pages are most popular, and how we can improve navigation and user experience.
• Campaign Effectiveness: To measure the success of our marketing campaigns and optimize our advertising spend.
• Market Research: To develop new menu items, services, and features that meet customer needs and preferences.
• Loyalty Program Management: To track your rewards points, process redemptions, and provide personalized offers based on your loyalty status.

3.4 Legal Compliance and Protection

• Legal Obligations: To comply with applicable laws, regulations, and legal processes.
• Fraud Prevention: To detect, investigate, and prevent fraudulent transactions and other illegal activities.
• Rights Protection: To protect our rights, property, and safety, as well as the rights, property, and safety of our customers and others.
• Dispute Resolution: To resolve disputes, enforce our agreements, and collect amounts owed to us.

4. Information Sharing and Disclosure

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

4.1 Service Providers

We work with trusted third-party companies that help us operate our business:

• Payment Processors: Companies like Stripe, Square, and PayPal that securely process your credit card transactions. They are contractually obligated to protect your payment information.
• Delivery Partners: Third-party delivery services (DoorDash, Uber Eats, Grubhub) that help us deliver orders when our own drivers are unavailable. They receive only the information necessary to complete the delivery.
• Cloud Storage Providers: Secure data centers (AWS, Google Cloud) that host our website and store our data with enterprise-grade security.
• Email Service Providers: Companies that help us send order confirmations, marketing emails, and other communications.
• Analytics Tools: Services like Google Analytics that help us understand website traffic and user behavior.
• Customer Support Platforms: Tools that help us manage and respond to customer inquiries efficiently.

4.2 Legal Requirements

We may disclose your information when required by law or in response to valid legal requests:

• Court orders, subpoenas, or other legal processes
• Requests from law enforcement or government agencies
• To protect our legal rights and defend against legal claims
• To prevent imminent physical harm or financial loss
• To investigate suspected violations of our terms of service

4.3 Business Transfers

In the event of a merger, acquisition, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity. We will notify you via email and/or prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent. For example, if you participate in a joint promotion with one of our partners, we will ask for your permission before sharing your information with them.

5. Data Security

Protecting your personal information is a top priority at Imos Pizza. We implement comprehensive security measures to safeguard your data from unauthorized access, disclosure, alteration, and destruction.

5.1 Technical Measures

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols. Look for the padlock icon in your browser's address bar when visiting our site.
• Advanced Firewall Systems: We use enterprise-grade firewalls to protect our servers from unauthorized access and malicious attacks.
• Access Control: Only authorized personnel with a legitimate business need have access to your personal information, and they are required to maintain its confidentiality.
• 24/7 Security Monitoring: Our systems are continuously monitored for suspicious activity, intrusion attempts, and other security threats.
• Regular Backups: We perform regular backups of our data to secure, geographically distributed locations to ensure business continuity.
• Encryption at Rest: Sensitive data stored on our servers is encrypted using strong encryption algorithms.

5.2 Organizational Measures

• Employee Training: All employees receive regular training on data protection, privacy best practices, and security awareness.
• Data Handling Procedures: We have established clear procedures for collecting, storing, processing, and disposing of personal data.
• Third-Party Agreements: All service providers are required to sign confidentiality agreements and demonstrate compliance with applicable data protection standards.
• Incident Response Plan: We have a comprehensive plan in place to respond to security incidents, minimize damage, and notify affected individuals as required by law.
• Regular Audits: We conduct periodic security audits and assessments to identify vulnerabilities and ensure compliance with our security policies.

5.3 Your Responsibilities

While we take extensive measures to protect your information, security is a shared responsibility. We encourage you to:

• Choose a strong, unique password for your Imos Pizza account
• Never share your password with anyone
• Log out of your account when using shared or public computers
• Be cautious of phishing emails and suspicious links claiming to be from Imos Pizza
• Report any unauthorized access to your account immediately by contacting us
• Keep your devices and software up to date with the latest security patches

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website, analyze usage patterns, and deliver personalized content and advertising.

Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential Cookies	Required for basic website functionality, including login state, shopping cart contents, and security features. These cannot be disabled.	Session
Functional Cookies	Remember your preferences such as language settings, saved delivery addresses, favorite menu items, and display options.	Up to 1 year
Analytics Cookies	Help us understand how visitors interact with our website, which pages are popular, and where improvements can be made.	Up to 2 years
Marketing Cookies	Used to deliver personalized advertisements based on your interests and track the effectiveness of our marketing campaigns.	Up to 1 year

Other Tracking Technologies

• Google Analytics: We use Google Analytics to analyze website traffic, user behavior, and demographic information. This helps us improve our website and marketing efforts.
• Facebook Pixel: We use Facebook Pixel to measure the effectiveness of our Facebook advertising and deliver relevant ads to users who have visited our website.
• Web Beacons: Small invisible images in our emails that help us track email open rates and click-through rates.
• Local Storage: We may store certain information in your browser's local storage for faster page loading and offline functionality.

Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

• View what cookies are stored on your device
• Delete all or specific cookies
• Block all cookies or only third-party cookies
• Configure notifications when cookies are set

Please note that disabling certain cookies may affect the functionality of our website. For example, if you disable essential cookies, you may not be able to add items to your cart or complete orders.

7. Your Rights (GDPR/CCPA Compliance)

Depending on your location, you may have certain rights regarding your personal information. We are committed to honoring these rights and making it easy for you to exercise them.

7.1 Right of Access

You have the right to request a copy of the personal information we hold about you. We will provide this information in a commonly used, machine-readable format within 30 days of your request.

7.2 Right to Rectification

If any of your personal information is inaccurate or incomplete, you have the right to request that we correct or update it. You can also update much of your information directly through your account settings.

7.3 Right to Erasure (Right to be Forgotten)

You have the right to request that we delete your personal information. Please note that we may need to retain certain information for legal, accounting, or legitimate business purposes, such as order history for tax compliance.

7.4 Right to Restrict Processing

You have the right to request that we limit how we use your personal information while we address your concerns or verify the accuracy of your data.

7.5 Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, machine-readable format (such as JSON or CSV) and to transmit that data to another service provider.

7.6 Right to Object

You have the right to object to certain types of processing, including:

• Processing based on legitimate interests
• Processing for direct marketing purposes
• Processing for research and statistical purposes

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects or significantly affect you.

8. Children's Privacy

Our Services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately.

If we discover that we have inadvertently collected personal information from a child under 16, we will take prompt steps to:

• Delete the information from our servers
• Notify the parent or guardian if contact information is available
• Review our data collection practices to prevent future occurrences

Parents and guardians may contact us at any time to:

• Request access to information we may have about their child
• Request deletion of any such information
• Refuse further collection or use of their child's information

9. International Data Transfers

Imos Pizza is headquartered in the United States, and our primary data processing operations are located there. If you access our Services from outside the United States, your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

9.1 Protection Measures

When we transfer personal information internationally, we implement appropriate safeguards to ensure your data receives adequate protection:

• Adequacy Decisions: We rely on adequacy decisions made by relevant authorities that recognize certain countries as providing adequate data protection.
• Standard Contractual Clauses (SCCs): We use EU-approved Standard Contractual Clauses when transferring data to countries without adequacy decisions.
• Data Processing Agreements: All third parties that process personal data on our behalf are required to sign data processing agreements that include appropriate security and privacy commitments.
• Security Measures: We ensure that appropriate technical and organizational security measures are in place regardless of where data is processed.
• Regular Audits: We conduct regular compliance audits of our international data transfer mechanisms.

9.2 Transfer Destinations

Your data may be transferred to the following locations:

• United States: Primary data storage and processing
• European Union: Data analytics and customer support services
• Other Locations: As needed for specific services, always with appropriate protection measures in place

10. Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

Information Type	Retention Period	Reason
Account Information	6 months after account deletion	Legal obligations, dispute resolution, fraud prevention
Order History	7 years	Tax and accounting requirements, warranty claims
Payment Records	7 years	Financial regulations, audit requirements
Marketing Consent Records	3 months after withdrawal	Proof of consent compliance
Website Usage Logs	Up to 2 years	Security analysis, performance optimization
Customer Support Records	3 years	Service quality improvement, dispute resolution
Loyalty Program Data	Duration of membership + 1 year	Program administration, audit requirements
Dietary/Allergen Information	Duration of account + 6 months	Safety compliance, liability protection

Safe Data Disposal

When data reaches the end of its retention period, we ensure it is disposed of securely:

• Electronic Data: Securely deleted using industry-standard methods that make recovery impossible
• Physical Records: Cross-cut shredded and disposed of through certified destruction services
• Backup Data: Systematically removed from all backup systems during regular maintenance cycles
• Disposal Records: We maintain records of data disposal for compliance purposes

11. Third-Party Links

Our website and communications may contain links to third-party websites, applications, or services that are not owned or controlled by Imos Pizza. These include social media platforms, payment processors, review sites, and partner websites.

Please be aware that:

• We are not responsible for the privacy practices, content, or security of third-party websites
• This Privacy Policy does not apply to any third-party services
• We encourage you to review the privacy policies of any third-party services before providing them with your personal information
• Linking to a third-party website does not imply our endorsement of that site or its content

When you click on a third-party link, you leave our website and your interactions with that third party are governed by their own privacy policies and terms of service. We have no control over and assume no responsibility for the practices of third parties.

12. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons.

12.1 Change Notification

When we make changes to this Privacy Policy, we will notify you through one or more of the following methods:

• Website Notice: A prominent banner or notification on our homepage and/or this privacy policy page
• Email Notification: An email to the address associated with your account (for registered users)
• In-App Notification: A pop-up or notification when you log into your account or use our mobile app
• Explicit Consent: For significant changes that materially affect your rights, we may require you to review and accept the updated policy

12.2 Checking for Changes

• The most current version of this Privacy Policy is always available on our website
• Check the "Last Updated" date at the top of this page to see when the policy was last revised
• Your continued use of our Services after changes are posted constitutes your acceptance of the updated policy
• If you do not agree with any changes, you may stop using our Services and request deletion of your account

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Response Commitment: We are committed to responding to all privacy-related inquiries within 3 business days. For complex requests that require additional time, we will acknowledge your request and provide an estimated timeline for resolution.

13.1 Complaints

If you have a complaint about our data practices, we encourage you to contact us first so we can address your concerns directly. We take all complaints seriously and will work to resolve them promptly.

If you are unsatisfied with our response or believe we are processing your personal information in violation of applicable law, you have the right to lodge a complaint with your local data protection supervisory authority:

• United States: Federal Trade Commission (FTC) - ftc.gov/complaint
• California Residents: California Attorney General - oag.ca.gov
• European Union: Your local Data Protection Authority (DPA)

14. Withdrawal of Consent

Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing that occurred before the withdrawal.

14.1 Marketing Consent Withdrawal

You can withdraw your consent to receive marketing communications at any time through the following methods:

• Unsubscribe Link: Click the "unsubscribe" link at the bottom of any marketing email we send you
• Account Settings: Log into your account and update your communication preferences
• Contact Us: Email or call our customer support team to request removal from marketing lists
• SMS Opt-Out: Reply "STOP" to any promotional text message to unsubscribe from SMS marketing

Please note that even after withdrawing marketing consent, we may still send you transactional communications related to your orders, account, or important service updates.

14.2 Account Deletion

If you wish to delete your account and associated personal information, you can:

1. Log into your account and navigate to Account Settings
2. Select "Delete My Account" option
3. Confirm your decision (this action cannot be undone)
4. Your account will be deactivated immediately
5. Your personal data will be deleted within 30 days, except for information we are required to retain for legal or accounting purposes

Alternatively, you can contact our customer support team to request account deletion. We may ask you to verify your identity before processing the request.

15. Conclusion

At Imos Pizza, we are deeply committed to protecting your privacy and maintaining your trust. We believe that transparency about our data practices is fundamental to building a strong relationship with our customers.

We understand that you have a choice in where you order your pizza, and we appreciate that you have chosen to trust us with your personal information. This trust is not something we take lightly. We continuously review and update our privacy practices to ensure they meet the highest standards of data protection.

If you have any questions about this Privacy Policy or how we handle your personal information, please do not hesitate to reach out to us. We are here to help and are committed to addressing any concerns you may have.

Thank you for being a valued customer of Imos Pizza. We look forward to continuing to serve you delicious St. Louis style pizza while keeping your personal information safe and secure.