Privacy Policy
Effective Date: May 20, 2026 | Last Updated: May 20, 2026
1. Introduction and Our Commitment to Privacy
At Giordanos, we take your privacy seriously. We are a food service business operating in the United States, and we are committed to protecting the personal information of every customer, visitor, and user who interacts with our website and services. This Privacy Policy is designed to be transparent, thorough, and easy to understand so that you can make informed decisions about your personal data.
This Privacy Policy applies to all personal information we collect through our website (giordanos-meal.rest), mobile interactions, telephone orders, in-person transactions, and any other means by which you engage with Giordanos. By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of information in accordance with its terms.
We comply with all applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), the CAN-SPAM Act, and the Children's Online Privacy Protection Act (COPPA). Where applicable, we also adhere to any state-specific privacy regulations that govern the handling of personal information.
2. Information We Collect
We collect a variety of personal and non-personal information to provide, maintain, and improve our food service offerings. The categories of information we collect are described below.
2.1 Personal Identification Information
When you create an account, place a food order, make a reservation, or contact us, we may collect the following personal identification information:
- Full name — to identify you as a customer and personalize your experience
- Email address — to send order confirmations, receipts, and communications
- Phone number — for order updates, delivery coordination, and customer support
- Mailing and delivery address — to facilitate food delivery and billing purposes
- Date of birth — where required for age verification purposes
- Username and password — for account creation and management
2.2 Payment and Financial Information
When you complete a purchase or food order through our website, we collect the payment information necessary to process your transaction. This may include:
- Credit or debit card details (card number, expiration date, CVV — processed securely through encrypted payment gateways)
- Billing address associated with your payment method
- Transaction history and order records
- Digital wallet information (e.g., Apple Pay, Google Pay) where applicable
2.3 Order and Food Preference Data
To enhance your dining experience and provide personalized recommendations, we may collect:
- Your food order history and menu preferences
- Dietary restrictions, allergies, or special instructions you provide
- Feedback, ratings, and reviews you submit about our food and services
- Loyalty program participation and reward points data
2.4 Usage Data and Technical Information
When you visit giordanos-meal.rest, we automatically collect certain technical and usage data, including:
- IP address — your Internet Protocol address
- Browser type and version — the web browser you are using
- Operating system — the software running on your device
- Device type and identifiers — desktop, tablet, mobile, or other devices
- Pages visited and time spent — your navigation behavior on our website
- Referring URLs — the website that directed you to our site
- Click-stream data — records of how you interact with our website interface
- Search queries — terms you search for within our website
- Date and time of access — timestamps of your visits
2.5 Cookie and Tracking Data
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing behavior on our website. This data helps us improve our website functionality and deliver relevant content. Please refer to Section 8 of this policy for detailed information about our cookie practices.
2.6 Location Data
With your permission, we may collect precise or approximate geolocation data from your device to provide location-based services such as finding nearby restaurant locations, estimating delivery times, and suggesting relevant menu offerings based on your region.
2.7 Communications Data
When you contact us through email, phone, web forms, or any other communication channel, we collect and retain records of those communications, including:
- Content of messages and inquiries you send to us
- Your responses to our surveys, promotions, or feedback requests
- Records of customer service interactions
2.8 Information from Third Parties
We may receive additional information about you from third-party sources, such as:
- Social media platforms if you connect your social account to our services
- Third-party food delivery platforms and aggregator services
- Marketing and analytics partners
- Publicly available data sources
3. How We Use Your Information
We use the personal information we collect for a variety of legitimate business purposes. These purposes include:
3.1 Providing and Managing Our Food Services
- Processing your food orders and managing your account
- Coordinating food delivery or pickup arrangements
- Sending order confirmations, receipts, and delivery notifications
- Processing payments and preventing fraudulent transactions
- Managing reservations and table bookings where applicable
- Providing customer support and resolving complaints or disputes
3.2 Improving Our Services and Website
- Analyzing website usage patterns to enhance user experience
- Conducting internal research and development to improve our menu and offerings
- Testing new features and functionality on our website
- Monitoring website performance, security, and technical issues
- Understanding customer preferences and food ordering trends
3.3 Marketing and Promotional Communications
- Sending you promotional emails, newsletters, and special offers (with your consent where required by law)
- Personalizing marketing content and recommendations based on your order history
- Administering loyalty programs, contests, and sweepstakes
- Delivering targeted advertising through our website and third-party platforms
- Measuring the effectiveness of our marketing campaigns
You may opt out of marketing communications at any time by following the unsubscribe instructions in our emails or contacting us directly at [email protected].
3.4 Legal and Compliance Purposes
- Complying with applicable laws, regulations, and legal obligations
- Responding to lawful requests from government authorities or law enforcement agencies
- Enforcing our Terms of Service and other agreements
- Protecting our legal rights, interests, and property
- Preventing, detecting, and investigating fraud, abuse, or other harmful activities
3.5 Business Operations
- Maintaining accurate business records and financial accounts
- Conducting audits and quality assurance reviews
- Facilitating business transactions such as mergers, acquisitions, or asset sales
4. How We Share Your Information
We respect your privacy and do not sell your personal information for monetary compensation. However, we may share your information with certain third parties as described below.
4.1 Service Providers and Business Partners
We work with trusted third-party service providers who assist us in operating our business and delivering services to you. These providers are contractually obligated to protect your information and may only use it for the specific purposes we authorize. Categories of service providers include:
| Service Provider Category | Purpose |
|---|---|
| Payment Processors | Secure processing of credit/debit card transactions |
| Delivery and Logistics Partners | Coordinating food delivery to your address |
| Cloud Hosting and IT Providers | Website hosting, data storage, and infrastructure |
| Email and Communication Platforms | Sending transactional and marketing emails |
| Analytics Providers | Website analytics and user behavior tracking |
| Customer Support Tools | Managing customer service inquiries |
| Fraud Prevention Services | Detecting and preventing fraudulent activity |
| Marketing and Advertising Platforms | Delivering targeted promotional content |
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information if we believe in good faith that such disclosure is necessary to:
- Comply with a valid legal obligation, court order, subpoena, or government request
- Enforce our Terms of Service or protect our rights and property
- Protect the safety, rights, or property of our customers, employees, or the public
- Investigate potential violations of law or our policies
4.3 Business Transfers
In the event that Giordanos undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of its assets, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your information becomes subject to a different privacy policy.
4.4 Aggregated and De-Identified Data
We may share aggregated, de-identified, or anonymized data — which cannot reasonably be used to identify you — with third parties for research, analytics, and marketing purposes without restriction.
4.5 With Your Consent
We may share your personal information with other third parties when we have obtained your explicit consent to do so, or where you have specifically requested such sharing.
5. Data Security
The security of your personal information is a top priority for Giordanos. We implement a comprehensive range of technical, administrative, and physical security measures designed to protect your data from unauthorized access, disclosure, alteration, and destruction.
5.1 Technical Security Measures
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using industry-standard Secure Socket Layer (SSL) and Transport Layer Security (TLS) protocols.
- Data Encryption at Rest: Sensitive personal data stored on our servers is encrypted using strong encryption algorithms.
- Firewalls and Intrusion Detection: We deploy firewalls, intrusion detection systems, and continuous monitoring to protect our network infrastructure.
- Access Controls: Access to personal data is restricted to authorized personnel who require it for legitimate business purposes, using role-based access controls.
- Secure Payment Processing: All financial transactions are processed through PCI-DSS compliant payment gateways.
5.2 Administrative Security Measures
- Regular employee training on data privacy and security best practices
- Data privacy impact assessments for new projects and technologies
- Vendor due diligence and contractual data protection requirements
- Incident response and data breach notification procedures
5.3 Data Breach Response
In the event of a data security breach that affects your personal information, we will promptly investigate the incident and notify affected individuals and relevant authorities as required by applicable law, including applicable state data breach notification statutes. We will provide you with information about what happened, what data was affected, and the steps we are taking to address the breach.
6. Your Privacy Rights
Depending on your state of residence within the United States, you may have certain rights regarding your personal information. We are committed to honoring these rights and providing you with the tools to exercise them.
6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)
If you are a resident of California, you have the following rights under the CCPA as amended by the CPRA:
| Right | Description |
|---|---|
| Right to Know | You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, and how we use and share it. |
| Right to Delete | You have the right to request that we delete personal information we have collected from you, subject to certain exceptions provided by law. |
| Right to Correct | You have the right to request that we correct inaccurate personal information we maintain about you. |
| Right to Opt-Out of Sale/Sharing | You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes. |
| Right to Limit Use of Sensitive Information | You have the right to limit the use and disclosure of your sensitive personal information to certain permitted purposes. |
| Right to Non-Discrimination | We will not discriminate against you for exercising any of your privacy rights. You will not receive a lower quality of service or different prices as a result of exercising your rights. |
| Right to Data Portability | You have the right to receive your personal information in a portable, readily usable format. |
6.2 General Privacy Rights Available to All Users
Regardless of your state of residence, we provide all users with the following rights:
- Right to Access: You may request a copy of the personal information we hold about you.
- Right to Correction: You may request that we update or correct inaccurate information associated with your account.
- Right to Deletion: You may request that we delete your personal information, subject to our legal obligations and legitimate business needs.
- Right to Withdraw Consent: Where we process your data based on consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
- Right to Opt-Out of Marketing: You may opt out of receiving promotional and marketing communications from us at any time.
6.3 How to Exercise Your Rights
To exercise any of the rights described above, please contact us using one of the following methods:
- Email: [email protected]
- Website: giordanos-meal.rest
We will acknowledge your request within 10 business days and respond substantively within 45 calendar days of receipt. If we require additional time (up to 90 days total), we will notify you with an explanation of the reason for the extension. We may need to verify your identity before processing certain requests to protect the security of your information.
7. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements.
7.1 Retention Periods by Data Category
| Data Category | Typical Retention Period |
|---|---|
| Account and profile information | Duration of account plus 3 years after closure |
| Order history and transaction records | 7 years (for tax and accounting purposes) |
| Payment information (tokenized) | Duration required by payment processor agreements |
| Website usage and analytics data | Up to 26 months |
| Marketing preferences and communications | Until opt-out or account closure, plus 1 year |
| Customer service records | 3 years from last interaction |
| Legal and compliance records | As required by applicable law (typically 5–7 years) |
After the applicable retention period expires, we will securely delete or anonymize your personal information in accordance with our data disposal procedures.
8. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertising.
8.1 What Are Cookies?
Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work more efficiently, remember your preferences, and provide website operators with information about how their sites are used.
8.2 Types of Cookies We Use
- Strictly Necessary Cookies: Essential for the website to function and cannot be switched off. These include cookies for login sessions, shopping cart contents, and security.
- Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting information such as pages visited and error messages.
- Functional Cookies: Enable enhanced functionality such as remembering your food preferences, saved addresses, and language settings.
- Targeting and Advertising Cookies: Used to deliver advertisements relevant to you and your interests, both on our website and on third-party platforms.
8.3 Managing Your Cookie Preferences
You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. Please note that disabling certain cookies may affect the functionality of our website. For more detailed information about the cookies we use and how to manage your preferences, please refer to our dedicated Cookie Policy available on our website at giordanos-meal.rest.
9. Children's Privacy
Our website and food ordering services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, and we do not direct our services to minors.
In compliance with the Children's Online Privacy Protection Act (COPPA), if we discover that we have inadvertently collected personal information from a child under 13 without verifiable parental consent, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child under 13 has provided us with personal information, please contact us immediately at [email protected] so that we can take appropriate action.
Individuals between the ages of 13 and 17 may only use our services with the direct supervision and express consent of a parent or legal guardian who accepts responsibility for compliance with this Privacy Policy.
10. International Data Transfers
Giordanos is a United States-based food service business, and our primary operations, servers, and data processing activities are located within the United States. If you access our website from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where privacy laws may differ from those in your country of residence.
By using our website and services from outside the United States, you consent to the transfer of your personal information to the United States. We will ensure that any such transfers are conducted in accordance with applicable data protection laws and with appropriate safeguards in place to protect your information.
If you have questions or concerns about international data transfers, please contact us at [email protected].
11. Third-Party Links and Services
Our website may contain links to third-party websites, services, and applications that are not operated by Giordanos. These may include food delivery platforms, social media sites, payment processors, and partner services. When you click on a third-party link, you will be directed to that third party's site.
We strongly advise you to review the Privacy Policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. This Privacy Policy applies solely to information collected by Giordanos through our own website and services.
12. Do Not Track Signals
Some web browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites requesting that your browsing activity not be tracked. Currently, there is no uniform standard for responding to DNT signals, and our website does not currently respond to DNT signals in a specific way. We will update this policy if and when a recognized standard for DNT compliance is established.
California residents may also opt out of cross-context behavioral advertising through our cookie preference settings or by contacting us directly.
13. Sensitive Personal Information
In connection with our food services, we may collect certain sensitive personal information, including:
- Dietary information and food allergies — which may indirectly reveal health-related information
- Financial account information — including payment card data processed through secure payment gateways
- Precise geolocation data — collected with your consent for delivery purposes
We handle sensitive personal information with the highest level of care and limit its use to the specific purposes for which it was collected. Under the CPRA, California residents have the right to limit the use and disclosure of sensitive personal information to those purposes strictly necessary for providing our services. To exercise this right, please contact us at [email protected].
14. Automated Decision-Making
We may use automated systems to process your personal information for purposes such as:
- Fraud detection and prevention when processing orders and payments
- Personalizing menu recommendations and promotional offers based on your order history
- Analyzing website behavior to optimize user experience
Where automated decision-making produces significant effects on you, we will ensure that human oversight is available and that you have the right to request a manual review of automated decisions that affect you. Please contact us if you have concerns about any automated decision made about your account or orders.
15. Filing Complaints
If you have concerns about how we handle your personal information and are not satisfied with our response, you have the right to file a complaint with the appropriate regulatory authority.
15.1 California Residents
If you are a California resident, you may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:
- California Privacy Protection Agency: cppa.ca.gov
- California Attorney General: oag.ca.gov/privacy
15.2 Federal Complaints
For federal consumer protection matters, you may contact the Federal Trade Commission (FTC):
- FTC Complaint Center: ftc.gov/complaint
- FTC Phone: 1-877-FTC-HELP (1-877-382-4357)
15.3 Other State Residents
Residents of other states with applicable privacy laws should refer to their state's Attorney General office or designated data protection authority to file complaints regarding privacy violations.
16. Changes to This Privacy Policy
We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or technological developments. When we make material changes to this policy, we will:
- Update the "Last Updated" date at the top of this page
- Post a prominent notice on our website at giordanos-meal.rest
- Send an email notification to registered users where required by law or where we deem it appropriate
Your continued use of our website and services after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your privacy inquiries promptly and thoroughly.
When contacting us about a privacy matter, please provide sufficient information to allow us to identify your account or the specific concern you are raising. We will make every effort to respond to your inquiry within 10 business days and to resolve any issue within 45 calendar days, as required by applicable law.
This Privacy Policy was last reviewed and updated on May 20, 2026. © 2026 Giordanos. All rights reserved.