Privacy Policy

This Privacy Policy describes how Primo Hoagies ("we," "us," "our," or "the Company") collects, uses, discloses, retains, and protects information about you when you visit our website at food-primohoagies.click (the "Website"), place an order, interact with our digital services, or otherwise engage with our brand. We are committed to safeguarding your privacy and handling your personal information with transparency, integrity, and respect.

Please read this Privacy Policy carefully. By accessing or using our Website, placing an order, or otherwise interacting with our services, you acknowledge that you have read, understood, and agree to the practices described herein. If you do not agree with this Privacy Policy, please discontinue use of our Website and services immediately.

For questions or concerns regarding this Privacy Policy, you may contact us at any time using the information provided in the Contact Us section below.

1. About Us

Primo Hoagies is a food service business operating in the United States, dedicated to providing high-quality hoagies and food products to our valued customers. Our Website serves as an informational and transactional platform where customers can learn about our menu offerings, place orders, and interact with our brand online.

2. Scope of This Privacy Policy

This Privacy Policy applies to:

• All visitors to our Website at food-primohoagies.click
• Customers who place orders online or interact with our digital food ordering systems
• Individuals who subscribe to our newsletters, promotional emails, or loyalty programs
• Individuals who contact us through our Website forms, email, or phone
• Users who interact with our social media pages, advertisements, or third-party platforms linked to our services

This Privacy Policy does not apply to third-party websites, applications, or services that may be linked from our Website. We encourage you to review the privacy policies of any third-party platforms you visit independently.

3. Information We Collect

We collect various categories of information to provide, maintain, and improve our services. The types of information we collect include the following:

3.1 Personal Identification Information

When you register an account, place an order, sign up for our newsletter, or contact us, we may collect personal identification information, including but not limited to:

• Full name
• Email address
• Phone number
• Billing and shipping address (street address, city, state, ZIP code)
• Payment information (credit/debit card numbers, billing details — processed securely through our payment processors)
• Account username and password (stored in encrypted form)
• Date of birth (where required for age verification or promotional purposes)

3.2 Order and Transaction Data

When you place an order with us, we collect details related to that transaction, including:

• Items ordered, quantities, and special instructions
• Order history and purchase frequency
• Delivery preferences and address details
• Payment method type and transaction identifiers
• Order confirmation numbers and timestamps

3.3 Usage and Behavioral Data

We automatically collect certain information about how you interact with our Website, including:

• Pages visited, links clicked, and time spent on each page
• Search queries entered on our Website
• Items viewed, added to cart, or abandoned
• Referral URLs (the page you visited before arriving at our Website)
• Session duration and navigation patterns

3.4 Device and Technical Information

When you access our Website, we automatically receive technical information about the device and connection you are using, such as:

• IP address
• Browser type and version
• Operating system and platform
• Device type (desktop, mobile, tablet)
• Screen resolution
• Time zone and general geographic location (city/region level)
• Internet service provider (ISP)

3.5 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect data about your browsing behavior on our Website. This includes session identifiers, preference settings, and analytics data. For more detailed information, please see Section 9 of this Privacy Policy regarding Cookies.

3.6 Communications Data

If you contact us via email, phone, or a contact form on our Website, we may retain the contents of your communications, including your name, contact details, and the nature of your inquiry or complaint.

3.7 Marketing and Preference Data

We may collect information about your marketing preferences, including whether you have opted into receiving promotional emails, SMS messages, or loyalty program communications, as well as your responses to surveys or feedback forms.

4. How We Use Your Information

We use the information we collect for a variety of legitimate business purposes, including:

4.1 Order Fulfillment and Service Provision

• Processing and fulfilling your food orders, including delivery and pickup coordination
• Sending order confirmations, receipts, and status updates
• Managing your account and providing customer support
• Processing payments and preventing fraudulent transactions

4.2 Communication and Customer Support

• Responding to your inquiries, complaints, and feedback
• Sending service-related notifications and updates
• Providing information about changes to our menu, pricing, or policies

4.3 Marketing and Promotional Activities

• Sending promotional emails, newsletters, and special offers (with your consent where required)
• Personalizing marketing content and advertisements based on your preferences and order history
• Running loyalty programs, contests, and promotional campaigns
• Serving targeted advertisements on third-party platforms (subject to your preferences)

4.4 Analytics and Website Improvement

• Analyzing Website usage patterns to improve navigation, design, and functionality
• Conducting internal research and development to enhance our food offerings and digital services
• Measuring the effectiveness of marketing campaigns
• Generating aggregate, anonymized statistical reports

4.5 Legal Compliance and Safety

• Complying with applicable federal and state laws, including the Federal Trade Commission Act (FTC Act), California Consumer Privacy Act (CCPA/CPRA), and other applicable regulations
• Detecting, investigating, and preventing fraud, abuse, or security incidents
• Enforcing our Terms of Service and other agreements
• Responding to lawful requests from government authorities or law enforcement

5. Legal Basis for Processing Your Information

As a business operating in the United States, we process your personal information in accordance with applicable federal and state privacy laws, including the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive practices in connection with the collection and use of consumer data, and the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) for California residents.

We process your information based on the following lawful grounds:

• Contractual Necessity: Processing is necessary to fulfill your order, manage your account, or deliver services you have requested.
• Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our services, preventing fraud, and conducting marketing activities, provided these interests are not overridden by your rights.
• Legal Obligation: Processing is necessary to comply with applicable laws, regulations, or legal proceedings.
• Consent: Where required by law, we will obtain your explicit consent before processing certain categories of data, such as sending marketing communications.

6. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following limited circumstances:

6.1 Service Providers and Business Partners

We engage trusted third-party service providers to assist us in operating our business. These providers may access your personal information only to perform services on our behalf and are contractually obligated to maintain confidentiality. Categories of service providers include:

• Payment processors (e.g., Stripe, Square, or similar platforms) for secure payment handling
• Delivery and logistics partners to fulfill delivery orders
• Email marketing platforms (e.g., Mailchimp, Klaviyo) for sending newsletters and promotional communications
• Analytics providers (e.g., Google Analytics) for Website usage analysis
• Customer support tools for managing inquiries and support tickets
• Cloud hosting and IT service providers for Website infrastructure and data storage

6.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law or in response to valid requests by public authorities, including:

• Compliance with a court order, subpoena, or legal process
• Cooperation with law enforcement agencies or government investigations
• Protection of the rights, property, or safety of Primo Hoagies, our customers, or the public

6.3 Business Transfers

In the event that Primo Hoagies undergoes a merger, acquisition, sale of assets, restructuring, or other similar corporate transaction, your personal information may be transferred to the acquiring or successor entity. We will notify you of any such transfer through a prominent notice on our Website or via email.

6.4 With Your Consent

We may share your information with third parties for purposes not covered in this Privacy Policy when we have obtained your explicit consent to do so.

7. Your Privacy Rights

Depending on your state of residence, you may have specific rights regarding your personal information. We respect and honor these rights in accordance with applicable law.

7.1 Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

7.2 General Privacy Rights (All U.S. Residents)

Regardless of your state of residence, we provide all users with the ability to:

• Access the personal information we hold about you by submitting a written request
• Correct or update inaccurate or incomplete information in your account
• Request deletion of your personal information, subject to legal retention requirements
• Opt out of marketing communications at any time by clicking "unsubscribe" in any email or contacting us directly
• Withdraw consent where processing is based on consent

7.3 How to Exercise Your Rights

To exercise any of the rights described above, please submit your request to us using the following contact methods:

• Email: [email protected]

We will acknowledge your request within 10 business days and respond to your request within 45 calendar days as required under applicable law. In some cases, we may need to verify your identity before processing your request. We may extend the response period by an additional 45 days when reasonably necessary, provided we notify you of the extension within the initial 45-day period.

8. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction.

8.1 Security Measures We Employ

• SSL/TLS Encryption: All data transmitted between your browser and our Website is encrypted using industry-standard Secure Socket Layer (SSL) / Transport Layer Security (TLS) protocols.
• Payment Security: We use PCI DSS-compliant payment processors to handle all payment card transactions. We do not store complete credit card numbers on our servers.
• Access Controls: Access to personal data is restricted to authorized personnel only, on a need-to-know basis. All staff with access to personal data are trained in data privacy and security practices.
• Firewalls and Intrusion Detection: Our servers are protected by firewalls and intrusion detection systems to prevent unauthorized access.
• Regular Security Audits: We conduct periodic reviews of our security practices and systems to identify and address potential vulnerabilities.
• Data Minimization: We collect only the minimum amount of personal information necessary for the stated purposes.

8.2 Data Breach Response

In the event of a data security breach that is likely to result in a risk to your rights and freedoms or as required under applicable state and federal law, we will notify affected individuals and relevant authorities within the timeframes required by law. Notifications will be provided via email or prominent notice on our Website.

9. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze Website traffic, and support our marketing activities.

9.1 What Are Cookies?

Cookies are small text files placed on your device by a website when you visit it. They help the website remember information about your visit, such as your preferred settings, login status, and items in your cart.

9.2 Types of Cookies We Use

• Strictly Necessary Cookies: These cookies are essential for the operation of our Website, such as maintaining your session and enabling the shopping cart functionality. These cannot be disabled.
• Performance and Analytics Cookies: These cookies help us understand how visitors interact with our Website by collecting and reporting aggregate usage data. We use tools such as Google Analytics for this purpose.
• Functional Cookies: These cookies enable enhanced functionality, such as remembering your preferences, location, and previously viewed menu items.
• Marketing and Targeting Cookies: These cookies track your browsing activity to deliver relevant advertisements and promotions on our Website and third-party platforms.

9.3 Managing Your Cookie Preferences

You may control or disable cookies through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of our Website. You can also opt out of interest-based advertising by visiting the Network Advertising Initiative opt-out page or the Digital Advertising Alliance opt-out tool.

For a comprehensive description of our cookie practices, please refer to our full Cookie Policy available on our Website.

10. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements.

When your personal information is no longer required for these purposes, we will securely delete, anonymize, or aggregate it in accordance with our data disposal procedures.

11. Children's Privacy

Our Website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from children under the age of 13, as protected under the Children's Online Privacy Protection Act (COPPA), or from individuals under the age of 18 without verifiable parental consent.

If you are under the age of 18, please do not use our Website or submit any personal information to us. If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected] so that we can take appropriate steps to delete such information from our systems.

12. International Data Transfers

Primo Hoagies is a United States-based business and our primary data processing operations occur within the United States. However, some of our third-party service providers (such as cloud hosting providers or analytics platforms) may process data in other countries.

If your personal information is transferred outside of the United States to a third-party service provider, we take appropriate steps to ensure that such transfers comply with applicable privacy laws and that your information is afforded adequate protection. These steps may include entering into data processing agreements with service providers that incorporate standard contractual clauses or other legally recognized transfer mechanisms.

By using our Website and services from locations outside the United States, you acknowledge that your information may be transferred to and processed in the United States, where data protection laws may differ from those in your country of residence.

13. Third-Party Links and Services

Our Website may contain links to third-party websites, social media platforms, or external services (such as food delivery apps, review platforms, or payment processors). These third parties operate independently of Primo Hoagies and have their own privacy policies. We are not responsible for the privacy practices, content, or security of any third-party websites or services.

We encourage you to review the privacy policies of any third-party platforms before providing them with your personal information. The inclusion of a link to a third-party website does not imply our endorsement of that website or its privacy practices.

14. California-Specific Disclosures

In addition to the rights described in Section 7 above, California residents are entitled to the following disclosures under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), effective January 1, 2023:

14.1 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information as defined by the CCPA:

• Identifiers (name, email address, IP address, phone number)
• Commercial information (purchase history, ordering preferences)
• Internet or electronic network activity (browsing history on our Website)
• Geolocation data (general location based on IP address)
• Inferences drawn from the above to create a customer profile

14.2 Business Purposes for Collection

We collect the above categories of personal information for the business purposes described in Section 4 of this Privacy Policy, including order fulfillment, customer service, analytics, and marketing.

14.3 "Shine the Light" Law

California Civil Code Section 1798.83 (the "Shine the Light" law) permits California residents to request information about disclosure of personal information to third parties for direct marketing purposes. As noted in this Privacy Policy, we do not sell or share your personal information with third parties for their direct marketing purposes without your consent.

15. Do Not Track Signals

Some web browsers and devices allow users to send "Do Not Track" (DNT) signals to indicate that they do not wish to be tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As a result, our Website does not currently respond to DNT browser signals in a standardized way. We will continue to monitor developments in this area and update our practices accordingly.

You may opt out of interest-based advertising and analytics tracking using the tools described in Section 9.3 of this Privacy Policy.

16. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our Website or notify you via email (where applicable)
• In some cases, seek your renewed consent if required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

17. Opt-Out of Marketing Communications

You have the right to opt out of receiving marketing and promotional communications from us at any time. You may do so by:

• Clicking the "Unsubscribe" link found at the bottom of any promotional email we send you
• Contacting us directly at [email protected] with the subject line "Opt-Out Request"
• Updating your communication preferences in your account settings (if applicable)

Please note that even if you opt out of marketing communications, we may still send you transactional or service-related messages, such as order confirmations, delivery updates, and important account notifications, as these are necessary for the operation of our services.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and transparently.

We aim to acknowledge all privacy-related requests within 10 business days and to provide a full response within the timeframes required under applicable law (generally within 45 days, with a possible 45-day extension).

19. Filing a Complaint with a Data Protection Authority

If you believe that we have not handled your personal information in accordance with applicable privacy laws and you are not satisfied with our response to your privacy inquiry, you have the right to file a complaint with the appropriate regulatory authority.

19.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) enforces federal consumer protection laws, including laws prohibiting unfair or deceptive practices related to privacy and data security. You may file a complaint with the FTC at:

• Website: www.ftc.gov/complaint
• Phone: 1-877-FTC-HELP (1-877-382-4357)

19.2 California Attorney General (for California Residents)

California residents who wish to report violations of the CCPA/CPRA may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

• California Privacy Protection Agency: cppa.ca.gov
• California Attorney General: oag.ca.gov/privacy/ccpa

19.3 Your State Attorney General

Residents of other states may also have the right to file privacy-related complaints with their respective state attorney general's office or applicable consumer protection authority. We encourage you to consult the relevant authority in your state of residence for guidance.