Privacy Policy

At Pizza Luce, we are deeply committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website luce-food.rest, place orders, or otherwise interact with our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

This Privacy Policy applies to all information collected through our website, mobile experience, and any related services, sales, marketing, or events (collectively, the "Services"). We have drafted this policy to comply with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission (FTC) Act governing unfair or deceptive practices.

1. Who We Are

Pizza Luce is a food service business operating in the United States. Our contact details for all privacy-related matters are as follows:

For all privacy inquiries, data requests, or complaints, please contact us directly at the email address listed above.

2. Information We Collect

We collect several types of information in connection with the Services we provide. This includes information you provide directly to us, information collected automatically through technology, and information obtained from third parties.

2.1 Personal Information You Provide to Us

When you interact with Pizza Luce — whether you create an account, place an order, subscribe to our newsletter, contact customer support, or participate in a promotion — you may provide us with personal information such as:

• Identification Data: Your full name, username, or similar identifiers.
• Contact Information: Email address, mailing address, billing address, delivery address, and phone number.
• Account Credentials: Password and security questions (stored in encrypted form).
• Payment Information: Credit or debit card numbers, bank account details, and billing information. Note: Full payment card details are processed by PCI-DSS compliant third-party payment processors; we do not store raw card numbers on our servers.
• Order and Transaction Data: Details about items purchased, special requests, dietary preferences or restrictions, order history, and delivery instructions.
• Communications: Messages, feedback, reviews, survey responses, and any other content you send to us.
• Loyalty Program Data: Points balances, reward redemptions, and participation history.
• Marketing Preferences: Your preferences for receiving marketing communications from us and our partners.

2.2 Information Collected Automatically

When you access our website or use our digital services, certain information is collected automatically through cookies, web beacons, pixel tags, and similar tracking technologies:

• Device Information: IP address, browser type and version, operating system, device type (desktop, mobile, tablet), device identifiers, and time zone settings.
• Usage Data: Pages viewed, links clicked, search queries entered on our site, time spent on pages, referral URLs, and navigation paths.
• Location Data: General geographic location derived from your IP address. If you grant permission, we may collect more precise GPS location to assist with finding nearby locations or enabling delivery services.
• Cookie and Tracking Data: Information stored in cookies, pixel tags, and local storage as described further in Section 7 of this policy.
• Log Files: Server logs that record requests made to our servers, including timestamps, page requests, and error codes.

2.3 Information from Third Parties

We may receive information about you from third-party sources, which we combine with information we already hold about you:

• Social Media Platforms: If you log in or register using a social media account (such as Facebook or Google), we receive profile information as authorized by you through that platform's privacy settings.
• Delivery Partners: Third-party delivery services may share order and delivery status information with us.
• Analytics Providers: We receive aggregated and anonymized analytics data from providers such as Google Analytics.
• Advertising Networks: Ad networks may provide us with information about how you interact with advertisements we serve on other platforms.
• Review Platforms: If you leave a public review on third-party platforms (e.g., Yelp, Google Reviews), we may collect that information to improve our services.

3. How We Use Your Information

We use the personal information we collect for the following purposes, all of which are grounded in legitimate business interests, contractual necessity, legal obligations, or your consent:

3.1 Service Provision and Order Fulfillment

• Processing and fulfilling your food orders, including coordinating delivery or in-store pickup.
• Creating and managing your user account and loyalty profile.
• Processing payments and sending transactional communications (order confirmations, receipts, delivery updates).
• Responding to your inquiries, requests, and customer support needs.
• Managing our loyalty and rewards programs.

3.2 Website and Service Improvement

• Analyzing usage patterns to improve website performance, design, and functionality.
• Conducting internal research and development to expand and improve our menu and services.
• Diagnosing technical problems and fixing bugs or errors on our platform.
• Testing new features before public launch.

3.3 Marketing and Promotional Communications

• Sending promotional emails, special offers, newsletters, and information about new menu items, where you have opted in or where we have a legitimate interest to do so under applicable law.
• Delivering personalized content and product recommendations based on your order history and preferences.
• Serving targeted advertising on third-party platforms and websites, including social media.
• Conducting sweepstakes, contests, and other promotional activities.

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at [email protected]. Opting out of marketing communications will not affect your receipt of transactional messages related to active orders.

3.4 Legal Compliance and Safety

• Complying with applicable laws, regulations, court orders, and legal processes.
• Enforcing our Terms of Service and other agreements.
• Detecting, preventing, and investigating fraud, unauthorized activity, and security incidents.
• Protecting the rights, property, and safety of Pizza Luce, our customers, and the public.

3.5 Business Operations

• Conducting accounting, auditing, and financial reporting.
• Managing supplier and partner relationships.
• Facilitating corporate transactions such as mergers, acquisitions, or asset sales (see Section 4).

4. Sharing Your Information with Third Parties

We do not sell your personal information to unaffiliated third parties for their own independent marketing purposes. However, we do share your information in the following circumstances:

4.1 Service Providers

We engage trusted third-party service providers who assist us in operating our business. These providers are contractually obligated to protect your data and may only use it as directed by us. Categories of service providers include:

• Payment Processors: Companies that securely handle payment card transactions (e.g., Stripe, Square).
• Delivery Partners: Third-party couriers and delivery aggregators used to fulfill delivery orders.
• Cloud Hosting and IT Infrastructure: Providers that host our website, databases, and applications.
• Email and SMS Service Providers: Platforms used to send transactional and marketing communications.
• Analytics Providers: Services such as Google Analytics that help us understand website usage.
• Customer Support Platforms: Tools that help us manage and respond to customer inquiries.
• Advertising and Marketing Partners: Companies that help us run and track advertising campaigns.

4.2 Legal Requirements

We may disclose your personal information if required to do so by law or in the good-faith belief that such action is necessary to:

• Comply with a legal obligation, subpoena, court order, or governmental request.
• Enforce our Terms of Service or other agreements.
• Protect and defend the rights or property of Pizza Luce.
• Prevent or investigate possible wrongdoing in connection with the Services.
• Protect the personal safety of users of the Services or the public.
• Protect against legal liability.

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.4 Aggregated or Anonymized Data

We may share aggregated, anonymized, or de-identified data — which cannot reasonably be used to identify you — with third parties for research, marketing, analytics, and other purposes.

4.5 With Your Consent

We may disclose your information for any other purpose with your explicit consent.

5. Data Security

Pizza Luce takes the security of your personal information seriously. We have implemented a range of technical, administrative, and physical security measures designed to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: Data transmitted between your browser and our servers is protected using industry-standard Transport Layer Security (TLS/SSL) encryption.
• Access Controls: Personal data is accessible only to authorized employees and contractors who require it to perform their job functions. We enforce the principle of least privilege.
• Password Security: Account passwords are stored using one-way cryptographic hashing algorithms. We do not store passwords in plain text.
• Payment Security: We are committed to PCI-DSS compliance. Full payment card data is handled exclusively by our certified payment processors and is not stored on our servers.
• Regular Security Assessments: We conduct periodic reviews of our information collection, storage, and processing practices, as well as security measures.
• Incident Response: We maintain a data breach response plan. In the event of a breach affecting your rights and freedoms, we will notify you and relevant authorities as required by applicable law.
• Employee Training: Our staff receive regular training on privacy best practices and data handling obligations.

6. Your Privacy Rights

Depending on your state of residence within the United States, you may have specific legal rights regarding your personal information. We honor these rights as described below.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

• Right to Know: You have the right to request that we disclose what personal information we have collected about you, the categories of sources from which it was collected, the business purposes for collection, and the categories of third parties with whom it is shared.
• Right to Access: You have the right to request a copy of the specific pieces of personal information we hold about you.
• Right to Deletion: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions (e.g., where retention is necessary to complete a transaction, detect security incidents, or comply with legal obligations).
• Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
• Right to Limit Use of Sensitive Personal Information: Where we process sensitive personal information, you have the right to limit its use to what is necessary to perform the services you request.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge different prices, or provide a lesser quality of service because you exercised your privacy rights.

6.2 General Rights for All U.S. Residents

Regardless of your state of residence, we extend the following rights to all of our customers:

• Right to Access: You may request a copy of the personal information we hold about you.
• Right to Correction: You may request that we correct or update inaccurate information in your account. You can also update much of your information directly in your account settings.
• Right to Deletion: You may request that we delete your personal information, subject to applicable legal exceptions.
• Right to Data Portability: Where technically feasible, you may request your personal data in a structured, commonly used, and machine-readable format.
• Right to Opt-Out of Marketing: You can unsubscribe from our marketing communications at any time.

6.3 How to Exercise Your Rights

To exercise any of the rights described above, please submit a verifiable consumer request to us by one of the following methods:

• Email: [email protected]

We will confirm receipt of your request within 10 business days and endeavor to respond substantively within 45 calendar days. If we require additional time, we will inform you of the reason and the extension period (up to an additional 45 days) in writing. We may need to verify your identity before processing your request to prevent unauthorized disclosure or deletion of your data. Verification may involve confirming details associated with your account.

You may designate an authorized agent to submit requests on your behalf. We will require written proof of authorization and may still verify your identity directly.

7. Cookies and Tracking Technologies

Our website uses cookies, pixel tags, web beacons, and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver targeted advertising.

7.1 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for the website to function, including session management, authentication, and shopping cart functionality. These cannot be disabled without impairing core site functions.
• Performance and Analytics Cookies: These collect information about how visitors use our site (e.g., which pages are most visited, error messages). We use tools like Google Analytics for this purpose.
• Functionality Cookies: These allow the website to remember choices you make (such as your location preference or language) to provide a more personalized experience.
• Targeting and Advertising Cookies: Used to deliver advertisements relevant to you and your interests, both on our site and across other websites. They also limit how many times you see an ad and help us measure the effectiveness of advertising campaigns.

7.2 Managing Your Cookie Preferences

You can control and manage cookies in several ways. Most browsers allow you to refuse or accept cookies, delete cookies that have already been set, and set preferences for certain websites. Please note that disabling certain cookies may affect your ability to use some features of our website.

You may also opt out of interest-based advertising by visiting:

• Network Advertising Initiative (NAI) Opt-Out
• Digital Advertising Alliance (DAA) Opt-Out

For more detailed information about how we use cookies and how to manage your preferences, please refer to our Cookie Policy, which is available on our website at luce-food.rest.

8. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention practices are as follows:

When personal information is no longer required, we will securely delete, anonymize, or aggregate it in accordance with our data destruction policies.

9. Children's Privacy

Pizza Luce does not direct its Services to children under 18, and we do not knowingly collect personal information from minors. If we become aware that we have inadvertently collected personal information from a person under 18 years of age without appropriate parental consent, we will take prompt steps to delete that information from our systems.

If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information, please contact us immediately at [email protected]. We will investigate and, if confirmed, delete the relevant information as quickly as practicable.

This commitment is consistent with the requirements of the Children's Online Privacy Protection Act (COPPA) and related FTC guidelines, which restrict the collection of personal information from children under 13 without verifiable parental consent.

10. International Data Transfers

Pizza Luce is based in the United States, and all data we collect is primarily processed and stored on servers located within the United States. If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in a country that may not have the same data protection laws as your country of residence.

By using our Services and providing us with your personal information, you acknowledge and consent to the transfer of your information to the United States and its processing in accordance with this Privacy Policy.

Where we transfer personal data internationally to third-party service providers, we take steps to ensure appropriate safeguards are in place, including:

• Entering into data processing agreements with service providers that include appropriate data protection commitments.
• Ensuring that international transfers comply with applicable U.S. federal and state privacy regulations.
• Using services from providers that maintain strong data security certifications (e.g., SOC 2, ISO 27001).

11. Third-Party Links and Services

Our website may contain links to third-party websites, applications, and services that are not owned or controlled by Pizza Luce. This includes social media platforms, delivery aggregator apps, review sites, and partner websites. We have no control over and assume no responsibility for the privacy practices or content of any third-party websites or services.

We strongly encourage you to review the privacy policies of every third-party website or service you visit or use. This Privacy Policy applies solely to information collected by Pizza Luce through our own Services.

12. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activity tracked. At this time, because there is no consistent industry standard for recognizing and implementing DNT signals, our website does not currently respond to browser DNT signals. We will continue to monitor developments in this area and update our practices accordingly.

However, you can manage your preferences regarding tracking cookies and interest-based advertising as described in Section 7 of this policy.

13. How to File a Complaint

If you believe that your privacy rights have been violated, we encourage you to contact us first so that we can attempt to resolve your concern directly and efficiently.

13.1 Contact Pizza Luce

Please reach out to our privacy team with a description of your concern:

• Email: [email protected]
• Website: luce-food.rest

We will acknowledge your complaint within 10 business days and work to resolve it within 30 days, or notify you if additional time is required.

13.2 Regulatory Authorities

If we are unable to resolve your concern to your satisfaction, you have the right to file a complaint with the appropriate regulatory authority:

• Federal Trade Commission (FTC): The FTC enforces federal consumer protection and privacy laws in the United States. You can file a complaint at:
  reportfraud.ftc.gov or call 1-877-FTC-HELP (1-877-382-4357).
• California Residents – California Privacy Protection Agency (CPPA): If you are a California resident and believe your rights under the CCPA/CPRA have been violated, you may file a complaint with the California Privacy Protection Agency:
  cppa.ca.gov
• State Attorneys General: Many U.S. states have offices that handle consumer protection and privacy complaints. You may contact your state's Attorney General office for assistance specific to your jurisdiction.

14. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy.
• Post a prominent notice on our website for a period of time after the change takes effect.
• Where required by law or where the change is significant, send you a direct notification via email.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our Services after the effective date of any updated Privacy Policy constitutes your acceptance of the changes.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team:

We are committed to working with you to resolve any privacy concerns fairly and transparently, in accordance with our obligations under applicable United States federal and state privacy law, including the CCPA/CPRA and the FTC Act.