Privacy Policy for iwantnypizza.com
At iwantnypizza.com (“we,” “our,” “us”), your privacy is of paramount importance. We are fully committed to protecting your personal data and respecting your privacy rights in accordance with the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other applicable data protection laws. This Privacy Policy outlines the types of personal data we collect, how we use it, your legal rights, and the steps we take to safeguard your information.
Please read this Privacy Policy carefully to understand how we collect, use, disclose, and secure your data when you visit or interact with iwantnypizza.com.
1. Scope of This Policy and Data Controller Role
This Privacy Policy applies to all personal data processed through the website iwantnypizza.com, including data you provide directly to us and data we collect automatically when you interact with the site.
For the purposes of GDPR and other applicable laws, the data controller responsible for your personal data is iwantnypizza.com. To exercise your rights or for questions regarding data processing, you may contact us at [email protected].
2. Categories of Data We Process
We collect and process the following categories of personal data depending on your interaction with our website and services:
A. Usage Data
Information related to your use of iwantnypizza.com including your IP address, browser type and version, time zone setting, referral URLs, pages visited, duration of visits, clickstream data, session logs, and other diagnostic data.
B. Account Data
Personal information you provide when you create an account or place an order, such as your full name, email address, telephone number, billing and shipping addresses.
C. Profile Data
Information about your preferences, order history, loyalty program activity, saved items, and other behavior on our platform.
D. Communication Data
Details from your communication with us including support requests, contact forms, email correspondence, chat records, and messaging history.
E. Technical Data
Details about the device and operating system used to access our services, including device identifiers, hardware type, operating system version, browser settings, language preferences, and diagnostic/crash data.
F. Transaction Data
Information related to your purchases including payment details (processed securely through third-party payment processors), transaction history, delivery preferences, and fulfillment updates.
G. Preference Data
Marketing and promotional preferences, your opt-in or opt-out status for newsletters and campaigns, product categories of interest, and survey responses.
3. Legal Bases for Processing Personal Data
Under GDPR, we rely on several lawful bases to process personal data:
– Consent: Where you have provided affirmative, clear consent for a specific purpose (e.g., subscribing to a newsletter).
– Contract: When processing is necessary to perform or enter into a contractual agreement with you (e.g., processing your pizza order).
– Legitimate Interest: Where processing is necessary for the functioning and improvement of our business, and these interests do not override your rights (e.g., preventing fraud, analytics, customer support).
– Legal Obligation: Where we are required to process data to comply with a legal or regulatory requirement (e.g., tax obligations).
4. Your Rights Over Your Personal Data
Subject to applicable data protection laws, you have the following rights:
– Right of Access: Obtain confirmation as to whether we process your data and request a copy.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your personal data in certain circumstances (“Right to be Forgotten”).
– Right to Restriction: Request that processing of your personal data is restricted in certain cases.
– Right to Portability: Receive your personal data in a structured, machine-readable format and transfer it to another controller.
– Right to Object: Object to the processing of your data where we rely on legitimate interest or process it for direct marketing purposes.
– Right to Withdraw Consent: Where we rely on your consent to process data, you may withdraw it at any time without affecting prior processing.
To exercise any of these rights, you may contact us at [email protected].
5. Security Measures
We implement industry-standard security measures to safeguard your personal data, including:
– Encryption of data in transit and at rest
– Role-based access controls and authentication protocols
– Regular vulnerability scans and security assessments
– Secure backups and disaster recovery procedures
– Employee training in data protection and privacy practices
6. International Data Transfers
We may transfer your personal data to jurisdictions outside the European Economic Area (EEA) or the United States where such transfers are subject to appropriate safeguards in line with GDPR and other regulatory frameworks. These include Standard Contractual Clauses, international data protection certifications, or adequacy decisions of the European Commission and similar bodies.
7. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, and to satisfy legal, accounting, or reporting requirements. The specific retention periods are:
– Usage Data: up to 12 months after collection
– Account Data: active period of account plus 6 years compliance retention
– Profile Data: up to 3 years from last activity
– Communication Data: 3 years from last correspondence
– Technical Data: 12 months
– Transaction Data: 7 years, in line with tax law requirements
– Preference Data: until you change your preferences or withdraw consent
Where data is no longer needed, we ensure its secure deletion or anonymization.
8. Cookie Policy
Our website uses cookies and similar tracking technologies to enhance user experience and to deliver relevant content. These include:
– Essential Cookies: Required for core operations of the site such as placing orders or accessing secure areas.
– Functional Cookies: Enable enhanced functionality and personalization, including user preferences and language settings.
– Analytics Cookies: Collect aggregated, anonymous data to help us understand site performance using tools such as Google Analytics.
– Performance Cookies: Monitor how users interact with iwantnypizza.com to improve responsiveness and design.
9. Cookie Management and Legal Compliance
We provide users with the ability to manage cookie settings through our website banner and consent management tool in compliance with GDPR and CCPA principles. You may also adjust your browser settings to block or delete cookies.
California residents may request information about the categories of personal data collected, disclosure to third parties, and may opt-out of the “sale” of their personal data as defined by the CCPA. We honor “Do Not Track” signals and equivalent mechanisms.
10. Children’s Privacy
We do not knowingly collect personal data from children under 13 years of age. If we become aware that we have collected data from a child under 13, we will take immediate steps to delete such information. Parents or legal guardians who believe their child has submitted data to iwantnypizza.com should contact us at [email protected].
11. Updates to This Privacy Policy
We reserve the right to change or update this Privacy Policy from time to time to reflect changes in legal or regulatory obligations or operational requirements. In the event of significant changes, we will inform users via prominent updates on iwantnypizza.com and, where applicable, direct communication.
12. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights as a data subject, please reach out to us at:
Email: [email protected]
We are committed to full compliance with applicable privacy and data protection regulations. We value your trust and strive to handle your data responsibly and transparently.