Privacy Policy

1. Introduction

Welcome to Toppers Pizza ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website piztoppers.digital, place orders through our platform, visit our physical locations, or interact with us through any other means.

This Privacy Policy applies to all information collected through our website, mobile applications, in-store transactions, delivery services, loyalty programs, and any related services, sales, marketing, or events (collectively, the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy.

If you have any questions about this Privacy Policy or our data practices, please contact us using the information provided in the Contact section below. We encourage you to read this Privacy Policy carefully and check back periodically for updates, as we may modify this policy from time to time to reflect changes in our practices or legal requirements.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you register on our website, place an order, subscribe to our newsletter, participate in promotions, request information, or otherwise contact us. This information may include:

• Personal Identification Information: Name, email address, phone number, delivery address, and billing address
• Account Information: Username, password (encrypted), order history, saved preferences, and favorite menu items
• Payment Information: Credit/debit card numbers, payment processor tokens, and billing details (note: full payment card details are processed and stored by our secure payment processors, not directly by us)
• Order Information: Food preferences, dietary restrictions, allergen information, special cooking instructions, and customization requests
• Dietary and Health Information: Allergen alerts (gluten, nuts, dairy, etc.), dietary preferences (vegetarian, vegan, halal, kosher), and any health-related food requirements you share with us
• Loyalty Program Data: Points accumulated, rewards redeemed, membership tier, and program participation history
• Reservation and Catering Information: Table booking details, party size, event dates, catering orders, and special event requirements
• Feedback and Reviews: Product reviews, ratings, customer service feedback, survey responses, and social media interactions
• Marketing Preferences: Communication preferences, newsletter subscriptions, and promotional opt-in/opt-out status

2.2 Automatically Collected Information

When you access our website or use our Services, we automatically collect certain information about your device and your usage of our Services:

• Device Information: IP address, browser type and version, operating system, device type (mobile, tablet, desktop), screen resolution, and device identifiers
• Usage Data: Pages viewed, links clicked, time spent on pages, navigation paths through our site, search queries, and interaction patterns
• Cookie Data: Session identifiers, user preferences, shopping cart contents, authentication tokens, and analytics data
• Location Information: Approximate geographic location derived from your IP address, and precise location data if you enable location services for delivery or store locator features
• Referral Information: The website or source that referred you to our site, and how you discovered our Services

2.3 Information from Third Parties

We may receive information about you from third-party sources and combine it with information we have collected:

• Social Media Platforms: If you connect your social media account (Facebook, Google, etc.) to our Services, we may receive your profile information, friend lists, and other data you have made public
• Payment Processors: Transaction confirmations, fraud prevention data, and payment verification information from services like Stripe, PayPal, or Square
• Delivery Partners: Delivery status updates, driver feedback, and logistics information from third-party delivery services
• Marketing Partners: Demographic data, interest categories, and advertising effectiveness metrics from marketing and analytics partners
• Business Partners: Information from joint promotions, co-branded services, or affiliate programs

3. How We Use Your Information

3.1 Service Provision

We use your information to provide, maintain, and improve our Services:

• Order Processing: Processing and fulfilling your food orders, managing customizations, handling dietary requirements, and ensuring accurate delivery
• Delivery Services: Coordinating delivery logistics, providing real-time order tracking, optimizing delivery routes, and communicating delivery updates
• Account Management: Creating and maintaining your account, authenticating your identity, managing your preferences, and providing access to order history
• Customer Support: Responding to your inquiries, resolving complaints, processing refunds, and providing assistance with orders
• Quality Improvement: Analyzing feedback, identifying service improvements, testing new features, and enhancing our menu offerings
• Loyalty Program: Managing your points, processing rewards, tracking membership status, and personalizing offers
• Reservations and Catering: Managing table bookings, coordinating catering events, and ensuring special requests are fulfilled

3.2 Communication

We use your contact information to communicate with you:

• Order Updates: Confirmation emails, order status notifications, delivery tracking updates, and estimated arrival times
• Customer Service: Responses to your questions, feedback acknowledgments, and resolution updates
• Important Notices: Service announcements, policy updates, security alerts, and account-related notifications
• Marketing Communications: Promotional offers, new menu items, special events, and newsletters (only with your consent, and you can opt-out at any time)

3.3 Marketing and Analytics

With your consent where required, we use your information for marketing and analytical purposes:

• Personalized Advertising: Tailoring advertisements and offers based on your preferences, order history, and browsing behavior
• Traffic Analysis: Understanding how visitors use our website, identifying popular pages, and analyzing user flows
• Campaign Effectiveness: Measuring the success of marketing campaigns, email open rates, and promotional conversions
• Market Research: Conducting surveys, analyzing trends, and gathering insights for new product development
• Recommendation Engine: Suggesting menu items you might enjoy based on your previous orders and preferences

3.4 Legal Compliance and Protection

We may use your information for legal and safety purposes:

• Legal Obligations: Complying with applicable laws, regulations, and legal processes
• Fraud Prevention: Detecting, preventing, and investigating fraudulent transactions or illegal activities
• Rights Protection: Protecting our rights, property, and safety, as well as those of our customers and the public
• Dispute Resolution: Handling claims, disputes, and legal proceedings

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who assist us in operating our business:

• Payment Processors: Companies like Stripe, PayPal, and Square that securely process your payment transactions and prevent fraud
• Delivery Services: Third-party delivery partners (DoorDash, Uber Eats, etc.) who need your delivery address and order details to complete deliveries
• Cloud Storage Providers: Secure cloud platforms (AWS, Google Cloud) that host our data with enterprise-level security
• Email Service Providers: Marketing platforms that send transactional and promotional emails on our behalf
• Analytics Services: Tools like Google Analytics that help us understand website usage and improve our services
• Customer Support Tools: Helpdesk software that enables us to manage and respond to customer inquiries

All service providers are bound by contractual obligations to keep your information confidential and use it only for the purposes for which we disclose it to them.

4.2 Legal Requirements

We may disclose your information when required by law or in response to valid legal requests:

• Court orders, subpoenas, or other legal processes
• Requests from law enforcement or government agencies
• To comply with applicable laws, regulations, or legal proceedings
• To protect the rights, property, or safety of Toppers Pizza, our customers, or others
• In connection with investigations of fraud, intellectual property infringement, or other illegal activity

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your information.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent. For example, if you choose to participate in a joint promotion with a partner company, we may share relevant information with that partner with your permission.

5. Data Security

5.1 Technical Measures

We implement robust technical security measures to protect your personal information:

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols (256-bit encryption)
• Firewall Protection: Advanced firewall systems monitor and filter network traffic to prevent unauthorized access
• Access Controls: Strict access controls ensure that only authorized personnel with a legitimate business need can access your data
• 24/7 Monitoring: Continuous security monitoring systems detect and respond to potential threats in real-time
• Regular Backups: Automated, encrypted backups ensure data recovery in case of system failures
• Secure Payment Processing: PCI-DSS compliant payment processing ensures your financial data is handled securely

5.2 Organizational Measures

We maintain organizational security practices to safeguard your information:

• Employee Training: Regular security awareness training for all employees who handle personal data
• Data Handling Procedures: Documented procedures for collecting, processing, and disposing of personal information
• Third-Party Agreements: Confidentiality and data protection agreements with all vendors and partners
• Incident Response Plan: Comprehensive procedures for detecting, reporting, and responding to security incidents
• Regular Audits: Periodic security assessments and penetration testing by independent security experts

5.3 Your Responsibilities

You also play an important role in keeping your information secure:

• Create strong, unique passwords for your account (mix of letters, numbers, and symbols)
• Never share your password or account credentials with others
• Log out of your account when using public or shared computers
• Be cautious of phishing emails or suspicious links claiming to be from Toppers Pizza
• Report any unauthorized access or suspicious activity to us immediately
• Keep your device and browser software up to date with security patches

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small text files stored on your device that help us recognize you, remember your preferences, and understand how you use our Services.

Types of Cookies We Use

Other Tracking Technologies

• Google Analytics: Used to analyze website traffic patterns, user behavior, and demographic information to improve our services
• Facebook Pixel: Measures the effectiveness of Facebook advertising campaigns and enables remarketing to website visitors
• Web Beacons: Small graphics used in emails to track open rates and engagement with our communications
• Local Storage: Browser storage used to save preferences and enhance website performance

Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

• View what cookies are stored and delete them individually
• Block third-party cookies
• Block cookies from specific websites
• Block all cookies from being set
• Delete all cookies when you close your browser

Please note that disabling cookies may affect the functionality of our website. Essential cookies are required for features like shopping cart and checkout to work properly.

7. Your Rights (GDPR/CCPA Compliance)

Depending on your location, you may have certain rights regarding your personal information under data protection laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA):

7.1 Right of Access

You have the right to request a copy of the personal information we hold about you. We will provide this information in a commonly used, machine-readable format within 30 days of your request.

7.2 Right to Rectification

If you believe any personal information we hold about you is inaccurate or incomplete, you have the right to request correction. You can update most information directly through your account settings, or contact us for assistance.

7.3 Right to Erasure (Right to be Forgotten)

You may request that we delete your personal information in certain circumstances, such as when the data is no longer necessary for the purpose it was collected, or you withdraw consent. Note that we may need to retain certain information for legal or legitimate business purposes.

7.4 Right to Restrict Processing

You have the right to request that we limit how we use your personal information in certain circumstances, such as while we verify the accuracy of disputed data.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format (such as CSV or JSON) and to transmit that data to another controller.

7.6 Right to Object

You have the right to object to the processing of your personal information for certain purposes, including direct marketing. If you object to marketing communications, we will stop sending them to you.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you. If we use automated decision-making, we will inform you and provide an opportunity for human review upon request.

8. Children's Privacy

Our Services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16, we will take immediate steps to delete that information from our systems. We encourage parents and guardians to monitor their children's online activities and to help enforce this policy.

While children may be present during food orders placed by adults, any personal information collected is that of the adult placing the order. Adults are responsible for ensuring any information shared about minors is done so appropriately and with proper consent.

9. International Data Transfers

9.1 Protection Measures

If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and other countries where our servers and service providers are located. We take appropriate safeguards to ensure your information is protected:

• Adequacy Decisions: Where applicable, we rely on adequacy decisions by regulatory authorities confirming adequate data protection
• Standard Contractual Clauses: We use EU-approved Standard Contractual Clauses (SCCs) for transfers to countries without adequacy decisions
• Data Processing Agreements: All third-party processors are bound by contractual data protection obligations
• Security Measures: We implement appropriate technical and organizational security measures regardless of data location
• Regular Compliance Audits: We conduct periodic audits to ensure ongoing compliance with international data transfer requirements

9.2 Transfer Destinations

Your data may be processed in the following locations:

• United States: Primary servers and cloud storage (AWS)
• European Union: Backup servers and certain analytics processing
• Other Countries: Where our service providers maintain operations, always with appropriate protections in place

10. Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Safe Data Disposal

When data is no longer needed, we ensure it is securely disposed of:

• Electronic Data: Complete and unrecoverable deletion using industry-standard data sanitization methods
• Physical Records: Secure shredding and destruction of any paper documents
• Backup Data: Systematic deletion from all backup systems within retention cycles
• Disposal Records: Documentation maintained for compliance and audit purposes

11. Third-Party Links

Our website may contain links to third-party websites, applications, or services that are not operated by us. These may include:

• Social media platforms (Facebook, Instagram, Twitter)
• Third-party delivery service websites
• Partner restaurant or franchise websites
• Review platforms and food blogs
• Payment service provider websites

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. When you click on a link to a third-party website, you will be subject to that website's own privacy policy and terms of service.

We strongly encourage you to review the privacy policy of every site you visit before providing any personal information. The inclusion of a link on our website does not imply endorsement of the linked site or any association with its operators.

12. Policy Changes

12.1 Change Notification

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will notify you through:

• Website Notice: A prominent banner or notification on our website homepage
• Email Notification: Direct email to registered users for material changes
• Login Notification: Pop-up notice when you log into your account
• Explicit Consent: Request for your consent for significant changes that affect how we use your data

12.2 Checking for Changes

We recommend that you:

• Periodically review this Privacy Policy for any updates
• Check the "Last Updated" date at the top of this page
• Subscribe to our notifications to receive updates automatically

Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of those changes. If you do not agree with the updated policy, you have the right to stop using our Services and request deletion of your data.

13. Contact Information

Response Commitment: We are committed to responding to all privacy-related inquiries within 3 business days. For requests regarding your data rights (access, deletion, etc.), we will respond within 30 days as required by applicable law.

13.1 Complaints

If you have concerns about how we handle your personal information, please contact us first. We take all privacy complaints seriously and will work to resolve your concerns.

If you are not satisfied with our response, you have the right to lodge a complaint with a supervisory authority:

• United States: Federal Trade Commission (FTC) at www.ftc.gov
• California Residents: California Attorney General's Office at oag.ca.gov/privacy
• European Union: Your local Data Protection Authority

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent to receive marketing communications at any time through:

• Email Unsubscribe: Click the "Unsubscribe" link at the bottom of any marketing email
• Account Settings: Log into your account and update your communication preferences
• Contact Support: Email or call us to request removal from marketing lists
• SMS Opt-Out: Reply "STOP" to any promotional text message

Please note that even after opting out of marketing, you will still receive transactional communications related to your orders, account, and important service updates.

14.2 Account Deletion

To delete your account and associated personal information:

1. Log into your account at piztoppers.digital
2. Navigate to Account Settings > Privacy
3. Click "Delete My Account"
4. Confirm your decision and provide your password
5. Your account will be deactivated immediately and data deleted within 30 days

Alternatively, you can contact us at [email protected] to request account deletion. Please note that we may need to retain certain information for legal compliance (tax records, fraud prevention) even after account deletion.

15. Conclusion

At Toppers Pizza, protecting your privacy is fundamental to how we operate. We believe that trust is earned through transparency and responsible data practices. This Privacy Policy reflects our commitment to being clear about what information we collect, how we use it, and the choices you have.

We understand that you have many choices when it comes to where you order food, and we are honored that you choose to share your information with us. We take this responsibility seriously and continuously work to improve our privacy and security practices.

If you have any questions, concerns, or suggestions about this Privacy Policy or our data practices, we encourage you to reach out to us. Your feedback helps us improve and serve you better.

Remember: This Privacy Policy was last updated on January 15, 2025. Please check back periodically for any updates.