Privacy Policy

Effective Date: May 28, 2026 | Last Updated: May 28, 2026

Welcome to Giordano's Pizza. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website giordanospizzas.rest, place an order, use our services, or otherwise interact with us. Please read this policy carefully. If you disagree with its terms, please discontinue use of our website immediately.

This Privacy Policy applies to all information collected through our website, online ordering platform, mobile applications (if applicable), and any related services, sales, marketing, or events (collectively referred to as the "Services").

1. Who We Are

Giordano's Pizza is a food service business operating in the United States. We operate the website giordanospizzas.rest and offer pizza ordering, catering, and related food services to our customers. For purposes of this Privacy Policy, "we," "us," or "our" refers to Giordano's Pizza.

Business Name	Giordano's Pizza
Email Address	[email protected]
Website	giordanospizzas.rest

2. Applicable Laws and Regulations

As a business operating in the United States, we comply with all applicable federal and state privacy laws, including but not limited to:

The Federal Trade Commission Act (FTC Act) — governing unfair or deceptive practices in commerce, including data privacy.
The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) — for residents of California.
The Children's Online Privacy Protection Act (COPPA) — governing the collection of data from children under 13.
The CAN-SPAM Act — governing commercial email communications.
The Telephone Consumer Protection Act (TCPA) — governing telephone marketing.
Any other applicable state or federal privacy legislation that may apply to our operations.

We are committed to ensuring that our data practices are fair, transparent, and lawful under all applicable frameworks.

3. Information We Collect

We collect information about you in a variety of ways when you interact with our Services. The categories of information we may collect include:

3.1 Personal Information You Provide to Us

When you create an account, place an order, contact us, or otherwise interact with our Services, you may voluntarily provide us with the following personal information:

Identity Data: Full name, username or similar identifier, and date of birth (where required to verify age).
Contact Data: Billing address, delivery address, email address, and telephone number.
Financial Data: Payment card details, bank account information, and billing information. Note: We use third-party payment processors and do not store full payment card details on our servers.
Transaction Data: Details of orders you have placed with us, products purchased, pricing, and transaction history.
Account Credentials: Username and password when you create an account with us.
Preferences Data: Your food preferences, dietary restrictions, favorite orders, and other preferences you provide to us.
Communications Data: Content of messages, feedback, complaints, or inquiries you send to us via email, web forms, telephone, or other communication channels.
Marketing Preferences: Your preferences in receiving marketing from us and your communication preferences.

3.2 Information Collected Automatically

When you access or use our website, we automatically collect certain technical information about your device and browsing behavior, including:

Usage Data: Information about how you use our website, such as pages visited, time spent on pages, links clicked, search queries, and browsing patterns.
Device Data: Information about your device, including IP address, browser type and version, browser plug-ins, operating system and platform, device identifiers, and screen resolution.
Location Data: General geographic location based on your IP address. We may also collect more precise location data if you grant permission through your device settings.
Log Data: Server log files, error reports, and diagnostic information related to your use of our Services.
Referral Data: Information about the website or source from which you arrived at our website.
Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies as described in our Cookie section below.

3.3 Information From Third Parties

We may receive information about you from third-party sources, including:

Social Media Platforms: If you connect your social media account to our Services or interact with us on social media, we may receive certain profile information such as your name, email address, profile picture, and friend list (subject to your social media privacy settings).
Payment Processors: Transaction confirmation and fraud detection information from our payment processing partners.
Analytics Providers: Aggregated analytics data about how users interact with our website.
Delivery Partners: Order fulfillment and delivery status information from third-party delivery platforms or partners.
Marketing Partners: Information to help us target advertising and improve our marketing efforts, in compliance with applicable laws.

3.4 Information You Do Not Need to Provide

You are not required to provide all information requested. However, if you choose not to provide certain required information (such as your delivery address or payment information), we may not be able to process your orders or provide certain aspects of our Services.

4. How We Use Your Information

We use the information we collect for a variety of legitimate business purposes. Specifically, we use your information to:

4.1 Service Provision and Order Fulfillment

Process and fulfill your food orders, including delivery or pick-up arrangements.
Manage your customer account and maintain accurate records of your transactions.
Process payments and prevent fraudulent transactions.
Provide customer support, respond to inquiries, and resolve disputes.
Send order confirmations, delivery updates, and other transactional communications.
Manage loyalty programs or reward points where applicable.

4.2 Website Operation and Improvement

Operate, maintain, and improve our website, online ordering platform, and Services.
Monitor and analyze usage patterns and trends to enhance user experience.
Detect, investigate, and prevent technical issues, security breaches, and fraudulent activity.
Test new features and functionality before deployment.
Ensure the website functions correctly across different devices and browsers.

4.3 Marketing and Communications

Send promotional emails, newsletters, and special offers where you have consented to receive such communications or where we have a legitimate interest in doing so.
Deliver targeted advertising on our website or third-party platforms based on your browsing behavior and preferences.
Conduct surveys, contests, or promotions in which you have chosen to participate.
Notify you about changes to our menu, Services, or policies.

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send, or by contacting us directly at [email protected].

4.4 Legal Compliance and Safety

Comply with applicable laws, regulations, legal processes, and governmental requests.
Enforce our Terms of Service and other applicable agreements.
Protect the rights, property, and safety of Giordano's Pizza, our customers, and the public.
Cooperate with law enforcement agencies where legally required or authorized.

4.5 Business Analytics and Research

Analyze customer purchasing patterns to optimize menu offerings and pricing.
Conduct internal research and development to improve our products and Services.
Generate aggregated statistical data for business planning purposes.

5. Sharing Your Information With Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

5.1 Service Providers and Business Partners

We share your information with trusted third-party service providers who assist us in operating our business and delivering our Services. These may include:

Payment Processors: To securely process your payment transactions (e.g., Stripe, Square, or similar providers).
Delivery Partners: To fulfill and deliver your food orders (e.g., third-party delivery platforms or independent couriers).
Cloud Hosting Providers: To host our website, databases, and technical infrastructure.
Email Service Providers: To send transactional and marketing emails on our behalf.
Analytics Providers: Such as Google Analytics, to help us understand how customers use our website.
Customer Support Tools: Platforms that help us manage and respond to customer inquiries.
Marketing and Advertising Platforms: To display targeted advertisements to you on third-party websites and social media platforms.

All third-party service providers are required to protect your information and are prohibited from using it for any purpose other than providing services to us.

5.2 Legal Requirements

We may disclose your personal information if required to do so by law, or if we believe in good faith that such disclosure is necessary to:

Comply with a legal obligation, court order, subpoena, or governmental request.
Protect and defend our legal rights or property.
Prevent or investigate possible wrongdoing in connection with our Services.
Protect the personal safety of our customers, employees, or the public.

5.3 Business Transfers

In the event of a merger, acquisition, sale of assets, corporate restructuring, or similar business transaction, your personal information may be transferred to the acquiring entity as part of the business assets. You will be notified of any such change through a notice on our website or via email, and we will ensure your information continues to be protected in accordance with this Privacy Policy.

5.4 With Your Consent

We may share your personal information with other third parties when we have obtained your explicit consent to do so. You may withdraw such consent at any time by contacting us.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies (such as web beacons, pixel tags, and local storage) to collect and store information about your interactions with our website. Cookies are small text files placed on your device that allow us to recognize you and improve your experience.

We use the following categories of cookies:

Cookie Type	Purpose
Strictly Necessary	Essential for the website to function properly, including login sessions and shopping cart functionality.
Performance / Analytics	Help us understand how visitors interact with our website by collecting anonymous usage data (e.g., Google Analytics).
Functionality	Remember your preferences (e.g., language, location, saved orders) to provide a personalized experience.
Marketing / Advertising	Track your browsing activity to deliver relevant advertisements and measure the effectiveness of our campaigns.

You can manage or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of our website. For detailed information about the specific cookies we use, please refer to our Cookie Policy.

We also honor browser-level Do Not Track (DNT) signals where technically feasible, and we comply with applicable opt-out mechanisms for interest-based advertising.

7. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures to protect it against unauthorized access, loss, alteration, or disclosure. Our security measures include:

Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers.
Access Controls: We restrict access to personal information to authorized personnel only, on a need-to-know basis.
Secure Payment Processing: We use PCI DSS-compliant payment processors and do not store full credit card numbers on our servers.
Regular Security Audits: We conduct regular reviews and assessments of our data security practices.
Employee Training: Our staff receive training on data privacy and security best practices.
Incident Response: We maintain procedures for detecting, reporting, and responding to data security incidents.

Important Notice: While we take all reasonable precautions to protect your information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data. If you have reason to believe your interaction with us is no longer secure, please notify us immediately at [email protected].

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention practices are as follows:

Data Category	Retention Period
Customer account information	For the duration of the account's existence, plus 3 years after account closure.
Order and transaction records	7 years from the date of the transaction (for tax and accounting purposes).
Marketing communication preferences	Until you unsubscribe or withdraw consent, plus 1 year after withdrawal.
Customer support communications	3 years from the date of the last communication.
Website usage and analytics data	Up to 26 months (consistent with Google Analytics standard retention settings).
Cookie data	Varies by cookie type; session cookies expire when you close your browser; persistent cookies may last up to 24 months.
Legal compliance records	As required by applicable law, which may be up to 7 years or more.

When personal information is no longer required, we securely delete, anonymize, or destroy it in accordance with our data retention procedures.

9. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information under applicable U.S. privacy laws. We are committed to honoring these rights.

9.1 Rights Available to All U.S. Customers

Right to Know: You have the right to request information about what personal data we collect, use, and disclose about you.
Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You have the right to request that we correct inaccurate or incomplete personal information.
Right to Deletion: You may request the deletion of your personal information, subject to certain legal exceptions.
Right to Opt Out of Marketing: You may opt out of receiving promotional communications from us at any time.

9.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you are afforded additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know (Specific Pieces): The right to request specific pieces of personal information we have collected about you in the preceding 12 months.
Right to Delete: The right to request deletion of personal information we have collected, subject to exceptions.
Right to Correct: The right to request correction of inaccurate personal information we maintain about you.
Right to Opt Out of Sale or Sharing: The right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell personal information, but you may submit an opt-out request regardless.
Right to Limit Use of Sensitive Personal Information: The right to limit how we use and disclose sensitive personal information (such as health data or precise geolocation).
Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA/CPRA rights. We will not deny you services, charge different prices, or provide a different quality of service based solely on your exercise of these rights.
Right to Data Portability: The right to receive your personal information in a portable, readily usable format.

To submit a verifiable consumer request under the CCPA/CPRA, please contact us at [email protected]. We will respond to verified requests within 45 days of receipt. In certain circumstances, we may extend this period by an additional 45 days, in which case we will notify you.

9.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a request through one of the following methods:

Email: [email protected] with the subject line "Privacy Rights Request"
Website: giordanospizzas.rest (through any available contact form)

Please include your full name, email address associated with your account, and a description of the right you wish to exercise. We may need to verify your identity before processing your request to protect your privacy and security. We will not discriminate against you for exercising your rights.

If you are submitting a request on behalf of another individual (e.g., as an authorized agent), you must provide written authorization or a power of attorney, and we may verify this authorization before processing the request.

10. Children's Privacy

Age Restriction: Our Services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 18.

We take the protection of children's privacy very seriously. Our website, online ordering platform, and related Services are not directed to individuals under the age of 18. We do not knowingly collect, use, or disclose personal information from minors under 18 years of age.

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under the age of 13. If you are under 13 years of age, you are not permitted to use our Services or provide any personal information to us.

If we become aware that we have inadvertently collected personal information from a child under the age of 18, we will take immediate steps to delete such information from our records. If you believe we may have collected personal information from a minor, please contact us immediately at [email protected].

Parents and guardians who wish to review, request deletion of, or stop the collection of their child's personal information should contact us using the information provided in this policy.

11. International Data Transfers

Giordano's Pizza is based in the United States, and we primarily process and store personal information on servers located within the United States. However, because we may use third-party service providers, technology platforms, or cloud-based services with servers located in other countries, your personal information may be transferred to, stored in, or processed in countries outside of the United States.

These countries may have data protection laws that differ from those in your state or jurisdiction. When we transfer personal information internationally, we take reasonable steps to ensure that adequate safeguards are in place to protect your information, including:

Entering into data processing agreements with third-party providers that include standard contractual clauses or equivalent protections.
Selecting service providers that maintain internationally recognized security certifications (e.g., ISO 27001, SOC 2).
Ensuring that third-party providers are bound by confidentiality obligations and data protection requirements consistent with this Privacy Policy.

By using our Services, you acknowledge and consent to the transfer of your personal information to the United States and potentially to other countries as described in this section.

12. Third-Party Websites and Links

Our website may contain links to third-party websites, social media platforms, delivery partner sites, or other external services. These third-party sites have their own privacy policies and practices, which we do not control. We are not responsible for the privacy practices of third-party websites, and we encourage you to review their privacy policies before providing any personal information.

The inclusion of a link to a third-party website on our platform does not imply our endorsement of that site or its privacy practices.

13. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that signals to websites that a user does not wish to have their browsing activity tracked. Currently, there is no universally accepted standard for responding to DNT signals. While we do not currently respond to DNT browser signals in a uniform way, we provide you with options to control tracking through our cookie settings and the opt-out choices described in this Privacy Policy.

We will continue to monitor developments in this area and update our practices as industry standards and legal requirements evolve.

14. California "Shine the Light" Law

Under California Civil Code Section 1798.83, also known as the "Shine the Light" law, California residents who have an established business relationship with us may request, once per year, information about categories of personal information (if any) we disclosed to third parties for their direct marketing purposes and the names and addresses of those third parties during the preceding calendar year.

To make such a request, please contact us at [email protected] with the subject line "California Shine the Light Request." We will respond within 30 days of receiving a valid request.

15. Nevada Privacy Rights

Nevada residents have the right to opt out of the sale of certain covered information we collect. As noted in this Privacy Policy, we do not sell personal information. However, Nevada residents may still submit an opt-out request by contacting us at [email protected] and we will honor such requests.

16. Filing a Complaint With a Data Protection Authority

If you believe that we have not handled your personal information in accordance with applicable law, you have the right to file a complaint with the relevant regulatory authority.

In the United States, the primary regulatory authority for consumer privacy matters is the Federal Trade Commission (FTC):

Federal Trade Commission (FTC)
600 Pennsylvania Avenue, NW
Washington, DC 20580
Website: www.ftc.gov
Complaint Center: reportfraud.ftc.gov

For California residents, complaints regarding violations of the CCPA/CPRA may also be directed to the California Privacy Protection Agency (CPPA):

California Privacy Protection Agency (CPPA)
2101 Arena Blvd
Sacramento, CA 95834
Website: cppa.ca.gov

We encourage you to contact us first before filing a formal complaint so that we have the opportunity to address your concerns directly and promptly.

17. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time and for any reason. When we make changes, we will update the "Last Updated" date at the top of this page and, depending on the significance of the changes, we may notify you by:

Posting a prominent notice on our website homepage.
Sending an email notification to the address associated with your account.
Presenting a pop-up or banner on our website upon your next visit.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services following any modification to this Privacy Policy constitutes your acknowledgment of the changes and your agreement to abide by and be bound by the updated policy.

If we make material changes that significantly affect your rights or how we use your personal information, we will provide at least 30 days' notice before the changes take effect.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your concerns promptly and transparently.

Business Name	Giordano's Pizza
Privacy Inquiries Email	[email protected]
Website	giordanospizzas.rest

When contacting us regarding privacy matters, please include the following information to help us respond efficiently:

Your full name and the email address associated with your account (if applicable).
A clear description of your question, request, or concern.
The specific right you wish to exercise (if applicable).
Your state of residence (to determine applicable legal rights).

We aim to acknowledge all privacy-related inquiries within 5 business days and to fully resolve requests within the timeframes required by applicable law.

Effective Date of This Policy: This Privacy Policy is effective as of May 28, 2026. All prior versions of this policy are superseded by this document.