Privacy Policy

Last Updated: January 15, 2026

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

1. Introduction

At Punch pizza, we are committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website at pizz-punch.digital, use our mobile application, or engage with our food delivery and dining services.

This policy applies to all information collected through our services, including but not limited to online ordering, delivery services, catering, loyalty programs, and customer support interactions. By accessing or using our services, you agree to the terms outlined in this Privacy Policy.

Important Note: We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection and privacy.

If you do not agree with the terms of this Privacy Policy, please discontinue use of our services immediately.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

  • Create an Account: Name, email address, phone number, date of birth, username, and password
  • Place Orders: Delivery address, billing information, food preferences, special dietary requirements (vegan, vegetarian, gluten-free, halal, kosher, allergies), special instructions
  • Payment Information: Credit card details, payment method preferences (securely encrypted and stored by our payment processors)
  • Contact Us: Messages, feedback, reviews, ratings, customer service inquiries
  • Marketing Preferences: Newsletter subscriptions, promotional communications preferences
  • Loyalty Program: Participation in rewards programs, points balance, redemption history
  • Table Reservations: Party size, special occasions, seating preferences, arrival times
  • Catering Services: Event details, guest count, dietary requirements, delivery locations

2.2 Information Automatically Collected

When you use our services, we automatically collect certain information:

  • Device Information: IP address, browser type, operating system, device identifiers, mobile network information
  • Usage Data: Pages visited, time spent on site, click patterns, search queries, ordering history
  • Location Information: Approximate location derived from IP address, precise location when you enable GPS for delivery services
  • Cookie Data: Session identifiers, user preferences, shopping cart contents, analytics data
  • Order History: Past orders, favorite items, ordering patterns, delivery addresses used

2.3 Information from Third Parties

We may receive information about you from third-party sources:

  • Social Media Platforms: If you connect your social media accounts (Facebook, Instagram, Twitter)
  • Payment Processors: Transaction information, payment verification, fraud prevention data
  • Delivery Partners: Delivery status updates, location tracking during delivery
  • Marketing Partners: Demographic information, interest categories, advertising interaction data
  • Data Brokers: Publicly available information used for fraud prevention and account verification

3. How We Use Your Information

3.1 Service Provision

  • Order Processing: Fulfilling your food orders, coordinating with kitchen staff, managing inventory
  • Delivery Services: Routing deliveries, tracking order status, coordinating with delivery personnel
  • Account Management: Creating and maintaining your account, authentication, password resets
  • Customer Support: Responding to inquiries, resolving complaints, processing refunds
  • Quality Improvement: Analyzing ordering patterns, improving menu offerings, optimizing delivery times
  • Personalization: Recommending menu items based on your preferences and order history

3.2 Communication

  • Order Updates: Confirmation emails, SMS notifications about order status, delivery tracking
  • Customer Service: Responding to support requests, following up on issues
  • Important Notices: Policy changes, service updates, security alerts
  • Marketing Communications: Promotional offers, newsletters, special event invitations (with your explicit consent)
  • Loyalty Program: Points balance updates, reward notifications, special member offers

3.3 Marketing and Analytics

  • Personalized Advertising: Showing relevant ads based on your interests and behavior
  • Website Analytics: Understanding how visitors use our site, identifying popular content
  • Campaign Effectiveness: Measuring success of marketing campaigns, A/B testing
  • Market Research: Developing new menu items, expanding to new locations
  • Customer Segmentation: Creating targeted marketing campaigns for different customer groups

3.4 Legal Compliance and Safety

  • Legal Requirements: Complying with applicable laws, regulations, and legal processes
  • Fraud Prevention: Detecting and preventing fraudulent transactions and activities
  • Security: Protecting our systems, customers, and employees from security threats
  • Dispute Resolution: Resolving conflicts, investigating complaints, enforcing our terms
  • Public Safety: Cooperating with law enforcement when required by law

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who assist us in operating our business:

  • Payment Processors: Stripe, PayPal, and other payment services for secure transaction processing
  • Delivery Companies: Third-party delivery services for order fulfillment and tracking
  • Cloud Storage Providers: Amazon Web Services, Google Cloud for secure data storage and hosting
  • Email Services: Mailchimp, SendGrid for marketing communications and transactional emails
  • Analytics Providers: Google Analytics, Mixpanel for website usage analysis
  • Customer Support Tools: Zendesk, Intercom for managing customer inquiries

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

  • In response to court orders, subpoenas, or other legal processes
  • To comply with applicable laws, regulations, or governmental requests
  • To protect our rights, property, or safety, or that of our customers or the public
  • In connection with legal disputes, investigations, or regulatory inquiries
  • To prevent fraud, security breaches, or other illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Your information may be transferred as part of the business transaction
  • We will notify you before your information is transferred and subject to a different privacy policy
  • The acquiring company will be required to comply with this Privacy Policy
  • You will have the option to delete your account before the transfer if you disagree

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

  • Partnering with local restaurants for special promotions
  • Participating in community events or charity initiatives
  • Integration with third-party applications you choose to connect

5. Data Security

5.1 Technical Security Measures

  • Encryption: All data transmission is protected using SSL/TLS encryption (256-bit)
  • Secure Storage: Personal data is stored in encrypted databases with restricted access
  • Firewalls: Advanced firewall systems protect our servers from unauthorized access
  • Access Controls: Role-based access controls ensure only authorized personnel can access personal data
  • Monitoring: 24/7 security monitoring and intrusion detection systems
  • Regular Backups: Secure data backups to prevent data loss
  • Vulnerability Testing: Regular security assessments and penetration testing

5.2 Organizational Security Measures

  • Employee Training: Regular privacy and security training for all staff members
  • Data Handling Procedures: Strict protocols for collecting, processing, and storing personal data
  • Confidentiality Agreements: All employees and contractors sign comprehensive confidentiality agreements
  • Incident Response Plan: Detailed procedures for responding to security breaches or data incidents
  • Regular Audits: Internal and external audits to ensure compliance with security standards
  • Vendor Management: Due diligence and ongoing monitoring of third-party service providers

5.3 Your Security Responsibilities

You also play a crucial role in protecting your information:

  • Strong Passwords: Use unique, complex passwords and enable two-factor authentication when available
  • Account Security: Never share your login credentials with others
  • Public Computers: Always log out when using shared or public computers
  • Suspicious Activity: Report any unauthorized account access immediately
  • Phishing Awareness: Be cautious of suspicious emails or messages asking for personal information

5.4 Security Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

  • Notify you within 72 hours of discovering the breach
  • Inform relevant supervisory authorities as required by law
  • Provide details about what information was involved and steps being taken
  • Offer guidance on protective measures you can take
  • Implement additional security measures to prevent future incidents

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience and understand how our services are used:

Type Purpose Duration
Essential Cookies Basic site functionality, user authentication, shopping cart, security Session (deleted when browser closes)
Functional Cookies Remember preferences, language settings, location, previous orders Up to 1 year
Analytics Cookies Website usage analysis, performance measurement, user behavior Up to 2 years
Marketing Cookies Personalized advertising, social media features, campaign tracking Up to 1 year

Specific Tracking Technologies Used:

  • Google Analytics: Website traffic analysis and user behavior insights
  • Facebook Pixel: Social media advertising measurement and retargeting
  • Web Beacons: Email open rates and interaction tracking
  • Local Storage: Storing preferences and application data in your browser
  • Session Storage: Temporary storage for current browsing session

Cookie Management:

You can control cookies through your browser settings:

  • Accept or reject cookies before they are stored
  • Delete existing cookies from your device
  • Set preferences for specific websites
  • Receive notifications when cookies are being used

Note: Disabling certain cookies may affect website functionality, including the ability to place orders or access account features.

7. Your Privacy Rights

Under applicable privacy laws (GDPR, CCPA, and others), you have the following rights regarding your personal information:

7.1 Right of Access

You can request a copy of all personal information we hold about you, including:

  • Account information and order history
  • Data processing purposes and legal basis
  • Categories of data and sources
  • Data retention periods
  • Third parties with whom data is shared

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information:

  • Update contact information
  • Correct billing or delivery addresses
  • Modify dietary preferences or allergies
  • Update account details

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information when:

  • The information is no longer necessary for its original purpose
  • You withdraw consent for processing
  • Your information has been unlawfully processed
  • Erasure is required for legal compliance

7.4 Right to Restrict Processing

You can request limitation of how we use your information when:

  • You contest the accuracy of the data
  • Processing is unlawful but you prefer restriction over deletion
  • We no longer need the data but you need it for legal claims
  • You have objected to processing pending our response

7.5 Right to Data Portability

You can request to receive your personal information in a structured, commonly used, machine-readable format for transfer to another service provider.

7.6 Right to Object

You can object to processing of your personal information, particularly for:

  • Direct marketing communications
  • Profiling for marketing purposes
  • Processing based on legitimate interests

7.7 Right Against Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces legal effects or significantly affects you.

How to Exercise Your Rights

To exercise any of these rights, contact us using the information provided in Section 13. We will:

  • Respond to your request within 30 days
  • Verify your identity to protect your privacy
  • Provide clear explanations of any limitations
  • Not charge fees for reasonable requests

8. Children's Privacy

Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under 16 without parental consent.

Our Commitment:

  • We do not intentionally solicit or collect information from children
  • We do not use or disclose information from children for behavioral advertising
  • We do not condition participation in activities on disclosure of more information than necessary

Parental Rights:

If we discover that we have collected information from a child under 16 without parental consent, we will:

  • Delete the information immediately
  • Not use the information for any purpose
  • Not disclose the information to third parties
  • Notify parents of the collection and deletion

For Parents:

If you believe your child has provided personal information to us, please contact us immediately at [email protected]. We will take prompt action to investigate and address your concerns.

9. International Data Transfers

As part of our global operations, your personal information may be transferred to and processed in countries other than your own. We ensure appropriate protection through:

9.1 Adequacy Decisions

  • Transfers to countries with European Commission adequacy decisions
  • Countries deemed to provide adequate level of protection
  • Regular monitoring of adequacy status changes

9.2 Standard Contractual Clauses (SCCs)

  • EU-approved contractual clauses with data importers
  • Legal guarantees for data protection standards
  • Regular compliance audits and assessments

9.3 Additional Safeguards

  • Technical measures: encryption, pseudonymization, access controls
  • Organizational measures: staff training, data processing agreements
  • Legal measures: government access transparency reports

9.4 Transfer Destinations

Your data may be processed in the following regions:

  • United States: Cloud hosting and data analytics services
  • European Union: Customer support and data processing
  • Other Countries: As needed for service provision with appropriate safeguards

10. Data Retention

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements.

Information Type Retention Period Reason for Retention
Account Information 6 months after account deletion Legal obligations, dispute resolution, fraud prevention
Order History 7 years from last transaction Tax and accounting requirements, warranty claims
Payment Information As required by payment processors Fraud prevention, chargebacks, legal compliance
Marketing Consent 3 months after withdrawal Compliance record-keeping, consent management
Website Usage Logs Up to 2 years Security monitoring, analytics, system optimization
Customer Support Records 3 years after resolution Service quality improvement, training purposes
Delivery Address History 2 years from last use Improved delivery service, fraud prevention
Dietary Preferences Until account deletion or update Service personalization, safety requirements

Safe Data Disposal

When retention periods expire, we ensure secure deletion:

  • Electronic Data: Complete overwriting making data unrecoverable
  • Physical Records: Secure shredding and destruction
  • Backup Systems: Systematic deletion from all backup copies
  • Third-Party Services: Verified deletion from service providers
  • Documentation: Maintaining records of disposal activities

11. Third-Party Links and Services

Our website and services may contain links to third-party websites, applications, or services that are not owned or controlled by Punch pizza.

Our Responsibility:

  • We are not responsible for the privacy practices of third-party sites
  • We do not control the content or policies of external websites
  • Links do not constitute an endorsement of third-party services
  • We encourage you to review privacy policies of any third-party sites you visit

Common Third-Party Services:

  • Social Media Platforms: Facebook, Instagram, Twitter integration
  • Payment Providers: Credit card processors, digital wallets
  • Review Sites: Google Reviews, Yelp, TripAdvisor
  • Maps and Directions: Google Maps, Apple Maps

Your Responsibilities:

  • Review privacy policies before providing personal information
  • Understand what data you're sharing with third parties
  • Adjust privacy settings on third-party platforms
  • Contact third parties directly for questions about their practices

12. Policy Changes and Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or business operations.

12.1 Notification Methods

When we make significant changes, we will notify you through:

  • Website Notice: Prominent banner on our website for 30 days
  • Email Notification: Direct email to registered users
  • App Notification: Push notification through our mobile application
  • Account Dashboard: Notice in your account when you log in

12.2 Significant Changes

We consider the following as significant changes requiring explicit consent:

  • New purposes for data processing
  • Sharing data with new categories of third parties
  • Changes to data retention periods
  • International transfers to new countries
  • Material changes to your rights

12.3 Checking for Updates

  • The latest version is always available on our website
  • Check the "Last Updated" date at the top of this policy
  • Subscribe to policy update notifications in your account settings
  • Review the policy periodically to stay informed

12.4 Your Options

If you disagree with policy changes:

  • You can opt out of new data uses
  • Update your privacy preferences
  • Delete your account if you no longer wish to use our services
  • Contact us to discuss specific concerns

Continued Use: By continuing to use our services after policy updates, you acknowledge acceptance of the revised terms.

13. Contact Information

Get in Touch About Privacy

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

General Inquiries

Email: [email protected]

Phone: +1 859-710-8877

Response Time: Within 3 business days

Mailing Address

Punch pizza
Privacy Department
7847 Tanners Ln Suite 100
Florence, KY 41042
United States

Business Hours

Monday - Friday: 9:00 AM - 6:00 PM EST
Saturday: 10:00 AM - 4:00 PM EST
Sunday: Closed

13.1 Privacy Rights Requests

For specific privacy rights requests (access, deletion, portability), please include:

  • Your full name and email address associated with your account
  • Specific request type (access, deletion, correction, etc.)
  • Description of the information you're requesting
  • Proof of identity for verification purposes

13.2 Complaint Resolution

If you have a privacy complaint:

  • Step 1: Contact us directly using the information above
  • Step 2: We will investigate and respond within 30 days
  • Step 3: If unsatisfied, contact your local data protection authority

US Residents: Federal Trade Commission (FTC)
EU Residents: Your local Data Protection Authority
UK Residents: Information Commissioner's Office (ICO)

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing activities that are based on your consent.

14.1 Marketing Communications

You can withdraw consent for marketing communications by:

  • Email Unsubscribe: Click the unsubscribe link in any marketing email
  • Account Settings: Update your communication preferences in your account dashboard
  • Customer Support: Contact our support team to opt out
  • Phone Opt-out: Call +1 859-710-8877 to remove your number from marketing lists

14.2 Cookie Consent

Manage cookie preferences through:

  • Our cookie consent banner when you first visit
  • Cookie settings panel in website footer
  • Browser settings for individual cookie control
  • Third-party opt-out tools for advertising cookies

14.3 Account Deletion

To completely withdraw consent and delete your account:

  • Online: Use the account deletion option in your profile settings
  • Email Request: Send deletion request to [email protected]
  • Phone Request: Call +1 859-710-8877 to request account deletion

14.4 Important Notes

  • Withdrawal of consent does not affect lawfulness of processing before withdrawal
  • Some data may be retained for legal compliance even after consent withdrawal
  • Withdrawing consent may limit your ability to use certain services
  • You can re-consent at any time by contacting us or updating your preferences

15. Conclusion

At Punch pizza, protecting your privacy is fundamental to our business values and customer relationships. We are committed to maintaining the highest standards of data protection while providing you with exceptional food delivery and dining experiences.

Our Privacy Promise:

  • Transparency: We will always be clear about what data we collect and how we use it
  • Choice: You have control over your personal information and privacy settings
  • Security: We implement robust security measures to protect your data
  • Respect: We honor your privacy rights and respond promptly to your requests
  • Compliance: We adhere to all applicable privacy laws and regulations

Building Trust Through Privacy

Your trust is essential to our success, and we earn that trust every day through responsible data practices. We believe that privacy protection and great customer service go hand in hand, creating better experiences for everyone.

Stay Informed

Privacy laws and best practices continue to evolve, and so do we. We encourage you to:

  • Review this policy periodically to stay informed about our practices
  • Check your privacy settings regularly
  • Contact us with any questions or concerns
  • Exercise your privacy rights whenever needed

Thank You

Thank you for choosing Punch pizza and for taking the time to understand our privacy practices. We look forward to serving you while protecting your privacy every step of the way.

Last Updated: January 15, 2026

Please bookmark this page and check back regularly for updates.