Privacy Policy

This Privacy Policy describes how Pizza Luce ("we," "us," "our," or "the Company") collects, uses, discloses, retains, and protects your personal information when you visit our website at lucespizzas.rest, place an online order, subscribe to our communications, or otherwise interact with our services. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and in full compliance with applicable United States privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable state and federal regulations.

Please read this Privacy Policy carefully. By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described in this policy. If you do not agree with any part of this policy, please discontinue use of our website and services immediately.

1. About Us

Pizza Luce is a food service business operating in the United States. We provide pizza and related food products through our physical locations and online ordering platform. Our contact information for privacy-related matters is as follows:

For all privacy inquiries, data subject access requests, or complaints, please contact us using the email address listed above. We will make every effort to respond within a reasonable time frame and no later than the timeframes required by applicable law.

2. Information We Collect

We collect various categories of personal information depending on how you interact with our website and services. The categories below outline what we collect, why we collect it, and from where it originates.

2.1 Personal Identification Information

When you create an account, place an order, or contact us, we may collect:

• Full name
• Email address
• Phone number
• Delivery address and billing address
• Username and password (stored in encrypted form)
• Date of birth (where relevant for promotional purposes or age verification)

2.2 Transaction and Order Data

When you place an order through our website or app, we collect:

• Order history and details (items ordered, quantities, prices)
• Payment information (we do not store full credit card numbers; payment processing is handled by PCI-DSS-compliant third-party processors)
• Order preferences, special instructions, and dietary preferences you voluntarily provide
• Gift card usage and loyalty program activity
• Delivery notes and location instructions

2.3 Usage and Browsing Data

When you visit our website, we automatically collect certain technical information, including:

• IP address
• Browser type and version
• Operating system and device type
• Referring URLs and exit pages
• Pages visited on our website and time spent on each page
• Clickstream data and navigation paths
• Search queries made on our website
• Date and time of your visit

2.4 Device Information

We may collect information about the device you use to access our services:

• Device identifiers (e.g., mobile advertising ID)
• Hardware model
• Mobile network information
• Time zone settings
• Language preferences

2.5 Cookie and Tracking Technology Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect data about your browsing behavior. This may include session identifiers, preferences, and analytics data. For more details on how we use cookies, please refer to Section 8 (Cookie Usage) of this policy.

2.6 Communications Data

If you contact us via email, phone, or through our website contact form, we may collect:

• The content of your message or inquiry
• Any attachments you send
• Records of correspondence
• Survey responses and feedback

2.7 Marketing and Preference Data

With your consent, we may collect information about your marketing preferences, subscription status for email newsletters, promotional communications, and your interactions with our marketing materials, including email open rates and link clicks.

2.8 Information from Third Parties

We may receive information about you from third-party sources, including:

• Social media platforms (if you interact with our social media pages or use social login features)
• Third-party delivery partners and platforms
• Analytics providers
• Advertising networks
• Publicly available sources

3. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes. Below is a detailed explanation of how and why we use your data.

3.1 Service Provision and Order Fulfillment

• To process and fulfill your food orders and deliver them to your specified location
• To manage your customer account and profile
• To send order confirmations, receipts, and delivery updates
• To handle returns, refunds, and complaints
• To provide customer support and respond to your inquiries
• To facilitate loyalty programs and reward systems

3.2 Payment Processing

• To process payments securely through our third-party payment processors
• To detect and prevent fraudulent transactions
• To comply with financial record-keeping obligations

3.3 Website Operations and Improvement

• To operate, maintain, and improve our website and online ordering system
• To monitor and analyze usage patterns and performance metrics
• To troubleshoot technical issues and improve user experience
• To conduct A/B testing and feature development

3.4 Analytics and Business Intelligence

• To understand customer behavior and preferences
• To analyze sales trends and menu performance
• To conduct market research and business planning
• To measure the effectiveness of our marketing campaigns

3.5 Marketing and Promotional Communications

• To send you promotional emails, newsletters, and special offers (with your consent where required by law)
• To personalize your experience and show you relevant content and advertisements
• To conduct promotional contests, sweepstakes, and loyalty campaigns
• To retarget you with relevant advertisements on third-party platforms

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at [email protected].

3.6 Legal Compliance and Security

• To comply with applicable laws, regulations, and legal obligations
• To enforce our Terms of Service and other policies
• To detect, investigate, and prevent fraudulent or illegal activity
• To protect the rights, property, and safety of Pizza Luce, our customers, and others
• To respond to lawful requests from government authorities

4. Legal Bases for Processing (U.S. Framework)

While the United States does not have a single comprehensive federal privacy law equivalent to the European GDPR, we process your personal information based on the following recognized legal grounds:

• Contractual Necessity: Processing necessary to fulfill your order or deliver services you have requested.
• Legitimate Business Interests: Processing that serves our legitimate business interests, such as fraud prevention, website security, and business analytics, provided these interests are not overridden by your privacy rights.
• Consent: Where required by law (such as for marketing communications or certain cookie usage), we obtain your consent before processing your personal information.
• Legal Obligation: Processing required to comply with applicable federal, state, or local laws and regulations.

5. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

5.1 Service Providers and Business Partners

We share personal information with trusted third-party service providers who assist us in operating our business and delivering services to you. These providers are contractually obligated to protect your information and may only use it for the specific purpose for which it was shared. Categories of service providers include:

• Payment processors (e.g., credit card processing companies)
• Delivery and logistics partners
• Website hosting and cloud infrastructure providers
• Email and marketing communication platforms
• Customer relationship management (CRM) software providers
• Analytics and data analysis services (e.g., Google Analytics)
• IT support and cybersecurity vendors
• Legal, accounting, and compliance advisors

5.2 Advertising Networks

With your consent where required, we may share information with advertising partners to deliver targeted advertisements based on your browsing behavior and preferences. These partners may use cookies and similar tracking technologies to serve you relevant ads on our website and on third-party platforms.

5.3 Social Media Platforms

If you interact with our social media pages or use social login features, your information may be shared with or collected by the relevant social media platform in accordance with their own privacy policies. We encourage you to review those policies independently.

5.4 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law or in response to a valid legal request, including:

• Compliance with a subpoena, court order, or other legal process
• Requests from government or regulatory authorities
• Protection of the legal rights of Pizza Luce or third parties
• Prevention of fraud, illegal activity, or harm to individuals

5.5 Business Transfers

In the event that Pizza Luce undergoes a merger, acquisition, sale of assets, or other corporate restructuring, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or use of your personal information and provide you with choices as required by applicable law.

5.6 With Your Consent

We may share your information with other third parties not listed above when we have obtained your explicit consent to do so.

6. Data Security

Pizza Luce takes the security of your personal information seriously. We implement a variety of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, and destruction.

6.1 Technical Measures

• Encryption of data in transit using Secure Sockets Layer (SSL) / Transport Layer Security (TLS) protocols
• Encryption of sensitive data at rest (including passwords and payment-related data)
• Firewalls and intrusion detection systems
• Regular software updates and security patching
• Multi-factor authentication for administrative access
• Access controls and role-based permissions for staff

6.2 Administrative Measures

• Regular employee training on data privacy and security best practices
• Internal data handling policies and confidentiality agreements
• Vendor due diligence and contractual security requirements for third-party service providers
• Incident response procedures in the event of a data breach

6.3 Physical Measures

• Restricted physical access to servers and data centers
• Secure disposal of physical records and electronic devices

7. Your Privacy Rights

Depending on your state of residence, you may have various rights with respect to your personal information. We are committed to honoring these rights and responding to your requests in a timely and compliant manner.

7.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights:

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the purposes for collection, the categories of sources, and the third parties with whom we share your information.
• Right to Delete: You have the right to request deletion of personal information we have collected about you, subject to certain exceptions permitted by law.
• Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. To exercise this right, visit our website or contact us at [email protected].
• Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of sensitive personal information to specific permitted purposes.
• Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA/CPRA privacy rights.
• Right to Data Portability: You may request a copy of your personal information in a portable and readily usable format.

7.2 Rights Under Other State Privacy Laws

Residents of other states (including but not limited to Colorado, Virginia, Connecticut, Texas, Montana, and Oregon) may have similar privacy rights under their respective state privacy laws, including rights to access, correct, delete, and port personal information, as well as the right to opt out of targeted advertising and profiling. We will honor such rights as required by applicable state law.

7.3 How to Submit a Rights Request

To exercise any of the rights described above, please submit a request by:

• Emailing us at: [email protected]
• Visiting our website: lucespizzas.rest

We will verify your identity before processing your request to protect your privacy and prevent unauthorized access. We may ask you to provide additional information to confirm your identity. We will respond to verifiable requests within 45 days of receipt. If additional time is needed, we will notify you of the extension and the reason for it. We are permitted to extend this period once by an additional 45 days where reasonably necessary.

You may designate an authorized agent to submit a request on your behalf. We will require proof of the agent's authorization and may still contact you directly to verify your identity.

8. Cookie Usage

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and support our marketing efforts. Cookies are small text files stored on your device when you visit a website.

8.1 Types of Cookies We Use

• Strictly Necessary Cookies: These cookies are essential for the website to function properly, including maintaining your session when placing an order.
• Functional Cookies: These cookies remember your preferences and settings, such as your saved address or language preference.
• Analytics Cookies: These cookies collect information about how visitors use our website, helping us improve performance and user experience (e.g., Google Analytics).
• Marketing and Advertising Cookies: These cookies track your browsing activity to deliver targeted advertisements and measure the effectiveness of our campaigns.

8.2 Managing Your Cookie Preferences

You can manage or disable cookies through your browser settings. Note that disabling certain cookies may affect the functionality of our website. Most web browsers allow you to refuse cookies or delete existing cookies through your browser settings. You may also opt out of interest-based advertising through the Digital Advertising Alliance at www.aboutads.info or the Network Advertising Initiative at www.networkadvertising.org.

For full details on our cookie practices, please review our Cookie Policy, which is available on our website.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When personal data is no longer needed, we will securely delete, destroy, or anonymize it in accordance with our data retention and disposal procedures.

10. Children's Privacy

Pizza Luce is committed to protecting the privacy of minors. Our services are not directed at children under the age of 18, and we do not knowingly solicit or collect personal information from individuals under 18 years of age. Our online ordering system, account registration, and marketing materials are all designed for adult consumers.

If we become aware that we have inadvertently collected personal information from a child under the age of 18 without appropriate parental consent, we will take immediate steps to delete such information from our records. If you believe that a minor has provided us with personal information, please contact us immediately at [email protected].

This policy is consistent with the Children's Online Privacy Protection Act (COPPA), which prohibits the collection of personal information from children under 13 without verifiable parental consent. Our age threshold of 18 years exceeds this minimum requirement in recognition of the nature of our services.

11. International Data Transfers

Pizza Luce is a United States-based business, and your personal information is primarily collected, stored, and processed within the United States. However, some of our third-party service providers (such as cloud hosting providers, analytics tools, or payment processors) may operate in or transfer data to other countries.

If your personal information is transferred outside the United States, we take steps to ensure that such transfers are carried out in compliance with applicable privacy laws and that your information receives an adequate level of protection. These steps may include:

• Entering into appropriate data processing agreements with service providers
• Ensuring that overseas recipients are subject to privacy laws that provide comparable protections
• Relying on recognized legal transfer mechanisms where applicable

By using our website and services, you acknowledge and consent to the potential transfer of your personal information to the United States and to other countries where our service providers operate.

12. Third-Party Links and Websites

Our website may contain links to third-party websites, social media platforms, delivery partner portals, and other external services. This Privacy Policy applies only to our website and services at lucespizzas.rest. We are not responsible for the privacy practices of any third-party websites or services, and we encourage you to review the privacy policies of any third-party sites you visit.

The inclusion of a link to a third-party website on our platform does not imply endorsement of that website's privacy practices or content.

13. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that signals to websites that you do not wish to have your online activity tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals, and we do not currently alter our data collection and use practices in response to DNT signals.

However, if you are a California resident, you have the right to opt out of the sale or sharing of your personal information as described in Section 7 of this policy, including data shared for targeted advertising purposes.

14. Marketing Communications and Opt-Out

With your consent (where required by applicable law), we may send you promotional emails, SMS messages, push notifications, and other marketing communications related to our menu, special offers, events, and loyalty programs.

You may opt out of receiving marketing communications at any time by:

• Clicking the "unsubscribe" or "opt-out" link in any promotional email we send
• Replying "STOP" to any SMS marketing message
• Adjusting your communication preferences in your account settings
• Contacting us directly at [email protected]

Please note that even if you opt out of marketing communications, we may still send you transactional or service-related messages (such as order confirmations, delivery notifications, and account security alerts), as these are necessary for the provision of our services.

15. FTC Act Compliance and Consumer Protection

Pizza Luce is committed to complying with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive acts or practices in commerce, including those related to privacy and data security. We strive to maintain accurate representations about our privacy practices and to implement reasonable security measures to protect consumer data.

In the event of a material change to our privacy practices, we will provide clear notice to consumers as required by the FTC Act and applicable state laws. We do not engage in deceptive data collection practices, and we honor the commitments made in this Privacy Policy.

16. How to File a Privacy Complaint

If you have concerns about how we handle your personal information, we encourage you to contact us directly in the first instance so that we can attempt to resolve your complaint:

• Email: [email protected]
• Website: lucespizzas.rest

We will acknowledge your complaint within 5 business days and endeavor to resolve it within 30 days. If we are unable to resolve your complaint satisfactorily, you may escalate your complaint to the relevant authorities.

16.1 California Residents

California residents who have unresolved privacy complaints may contact the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

• California Privacy Protection Agency: cppa.ca.gov
• California Attorney General: oag.ca.gov/privacy

16.2 Federal Consumer Protection Complaints

Consumers may also file complaints related to privacy or unfair business practices with the Federal Trade Commission (FTC):

• FTC Complaint Assistant: reportfraud.ftc.gov
• FTC Website: www.ftc.gov

16.3 State Attorney General Offices

Residents of other states with applicable privacy laws may contact their respective State Attorney General's office for guidance or to file a formal complaint regarding our privacy practices.

17. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, applicable laws, or the services we offer. When we make changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post the revised policy on our website at lucespizzas.rest
• Provide prominent notice of material changes (such as via email notification or a banner on our website)

Your continued use of our website and services after the effective date of any revised Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out to us. We are here to help and are committed to addressing your privacy inquiries promptly and transparently.