Privacy Policy
This Privacy Policy describes how Zupas ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website at zupas-cafe.click, place orders, use our services, or otherwise interact with us. Please read this policy carefully before using our website or submitting any personal information to us.
By accessing or using our website and services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms described herein, please discontinue use of our website and services immediately.
We are committed to protecting your privacy and handling your personal data in an open and transparent manner in full compliance with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and all other applicable state and federal regulations governing data privacy and consumer protection.
1. About Us
Zupas is a food service business operating in the United States. We operate the website located at zupas-cafe.click and provide food-related products and services to consumers across the country.
| Company Name | Zupas |
|---|---|
| Website | zupas-cafe.click |
| Email Address | [email protected] |
For any privacy-related questions, concerns, or requests, please contact us using the information provided above or refer to the Contact Us section at the end of this policy.
2. Information We Collect
We collect various types of information in connection with your use of our website, services, and products. The categories of personal information we collect include, but are not limited to, the following:
2.1 Personal Identification Information
When you create an account, place an order, sign up for our newsletter, or contact us, we may collect personal identification information, including:
- Full name
- Email address
- Phone number
- Billing and shipping address
- Date of birth (where required for age verification purposes)
- Username and password for account creation
- Profile photo or avatar (if provided)
2.2 Payment and Transaction Information
When you make a purchase through our website, we collect information necessary to process your payment and fulfill your order:
- Credit or debit card information (processed securely through third-party payment processors)
- Billing address
- Order history and transaction records
- Purchase preferences and dietary restrictions you voluntarily provide
- Gift card or promotional code usage
Please note that we do not store complete credit card numbers on our servers. All payment data is encrypted and processed through PCI-DSS-compliant payment processors.
2.3 Usage Data and Analytics
We automatically collect certain information about how you interact with our website and services, including:
- Pages visited and content viewed
- Time and date of your visit
- Time spent on individual pages
- Links clicked within our website
- Referring website or source through which you found us
- Search queries entered on our website
- Scroll depth and interaction patterns
- Error reports and crash data
2.4 Device and Technical Information
We collect technical information about the device and software you use to access our website:
- IP address
- Browser type and version
- Operating system and version
- Device type (mobile, tablet, desktop)
- Device identifiers
- Screen resolution
- Language settings
- Internet service provider (ISP)
- Geographic location (city/state level, derived from IP address)
2.5 Cookie and Tracking Technology Data
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing behavior on our website. For detailed information about our use of cookies, please refer to Section 8: Cookie Policy of this document.
2.6 Communications and Customer Support Data
When you communicate with us through email, phone, contact forms, or other channels, we may collect:
- Content of your messages or inquiries
- Correspondence history
- Customer support tickets and resolutions
- Feedback, reviews, and survey responses
- Social media interactions and mentions
2.7 User-Generated Content
If you post reviews, comments, photos, or other content on our website or social media pages, we may collect and store that content along with your associated account information.
2.8 Information from Third Parties
We may receive information about you from third-party sources, including:
- Social media platforms when you connect your account or interact with our social media presence
- Marketing and analytics partners
- Publicly available data sources
- Third-party food delivery platforms and aggregators
- Loyalty program partners
3. How We Use Your Information
We use the personal information we collect for a variety of legitimate business purposes, all in compliance with applicable law. These purposes include:
3.1 Service Provision and Order Fulfillment
- Processing and fulfilling your food orders
- Managing your account and preferences
- Sending order confirmations, receipts, and delivery updates
- Providing customer support and responding to inquiries
- Resolving disputes and enforcing our agreements
- Personalizing your experience on our website
3.2 Communications and Marketing
- Sending promotional emails, newsletters, and special offers (with your consent where required)
- Informing you about new menu items, seasonal specials, and promotions
- Conducting surveys and gathering feedback to improve our services
- Sending important notices about changes to our terms, policies, or services
- Administering loyalty programs, contests, and sweepstakes
3.3 Analytics and Service Improvement
- Analyzing usage patterns to improve website performance and user experience
- Understanding customer preferences and behaviors to enhance our menu and services
- Conducting internal research and business analytics
- Monitoring and improving the security and integrity of our systems
- Testing new features and functionalities
3.4 Legal Compliance and Safety
- Complying with applicable federal and state laws and regulations
- Responding to legal requests, court orders, and subpoenas
- Protecting the rights, property, and safety of our customers, employees, and the public
- Detecting, preventing, and investigating fraud and other illegal activities
- Enforcing our Terms of Service and other policies
3.5 Advertising and Retargeting
- Displaying targeted advertisements based on your interests and browsing behavior
- Retargeting users who have previously visited our website
- Measuring the effectiveness of our advertising campaigns
- Sharing anonymized or aggregated data with advertising partners
4. How We Share Your Information
We respect your privacy and do not sell, rent, or lease your personal information to third parties for their own marketing purposes without your explicit consent. However, we may share your information with trusted parties in the following circumstances:
4.1 Service Providers and Business Partners
We engage third-party service providers to assist us in operating our business and delivering services to you. These providers may have access to your personal information solely for the purpose of performing services on our behalf and are contractually obligated to maintain the confidentiality and security of your data. Service providers include:
- Payment processing companies (e.g., Stripe, Square, PayPal)
- Food delivery and logistics partners
- Cloud hosting and data storage providers
- Email marketing and communication platforms
- Analytics and website performance tools (e.g., Google Analytics)
- Customer relationship management (CRM) software providers
- Fraud detection and security services
- Accounting and legal service providers
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information if we are required to do so by law or in response to valid requests by public authorities, including:
- Court orders, subpoenas, or other legal processes
- Requests from federal, state, or local government agencies
- Regulatory inquiries or investigations
- To protect against fraud, security breaches, or illegal activity
- To enforce our rights under applicable agreements and policies
4.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.
4.4 Aggregated and De-Identified Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other purposes. This information does not constitute personal information under applicable law.
4.5 With Your Consent
We may share your information with third parties when you have provided explicit consent to do so, such as when you participate in joint promotions or partner programs.
5. Data Security
We take the security of your personal information seriously and implement industry-standard technical, administrative, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, or destruction.
5.1 Security Measures
Our security measures include, but are not limited to:
- Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers.
- Secure Storage: Personal data is stored on secure servers with access controls and authentication requirements.
- Payment Security: All payment transactions are processed through PCI-DSS compliant payment processors.
- Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis.
- Regular Audits: We conduct regular security audits and vulnerability assessments.
- Employee Training: Our staff receives regular training on data privacy and security practices.
- Incident Response: We have established procedures for detecting and responding to data security incidents.
5.2 Data Breach Notification
In the event of a data breach that affects your personal information, we will notify you in accordance with applicable state and federal breach notification laws, including the requirements of your state's data breach notification statute. We will provide timely notice to affected individuals and relevant regulatory authorities as required by law.
6. Your Privacy Rights
Depending on your state of residence, you may have certain rights with respect to your personal information. We are committed to honoring these rights in accordance with applicable law.
6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)
If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:
- Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for which it was collected, and the categories of third parties with whom we share it.
- Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions provided by law.
- Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
- Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information with third parties for cross-context behavioral advertising.
- Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information to purposes necessary for providing our services.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.
- Right to Data Portability: You have the right to receive your personal information in a portable, readily usable format.
6.2 General Privacy Rights (All U.S. Residents)
Regardless of your state of residence, we provide the following rights to all users:
- Access: You may request access to the personal information we hold about you by contacting us at [email protected].
- Correction: You may request that we update or correct inaccurate or incomplete information about you.
- Deletion: You may request the deletion of your personal information, subject to legal retention requirements.
- Opt-Out of Marketing: You may opt out of receiving promotional communications from us at any time by clicking the "unsubscribe" link in any marketing email or by contacting us directly.
- Withdraw Consent: Where we rely on your consent to process your data, you may withdraw that consent at any time.
6.3 How to Exercise Your Rights
To exercise any of your privacy rights, please submit a verifiable consumer request by:
- Emailing us at [email protected] with the subject line "Privacy Rights Request"
- Visiting our website at zupas-cafe.click and using our contact form
We will respond to your request within 45 days of receipt. If we require additional time, we will notify you of the extension within the initial 45-day period. We may need to verify your identity before processing your request to ensure the security of your personal information.
7. Data Retention
We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods we apply include:
| Category of Data | Retention Period |
|---|---|
| Account and registration information | Duration of account plus 3 years after account closure |
| Order and transaction records | 7 years (for tax and financial compliance) |
| Customer support communications | 3 years from the date of last interaction |
| Marketing and communication preferences | Until opt-out plus 1 year |
| Usage and analytics data | 26 months from collection |
| Device and technical information | 13 months from collection |
| Legal compliance records | As required by applicable law (typically 5-7 years) |
When personal information is no longer needed, we will securely delete, destroy, or anonymize it in accordance with our data destruction procedures and applicable legal requirements.
8. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience on our website, analyze usage patterns, and deliver personalized content and advertising. This section provides a brief overview of our cookie practices.
8.1 Types of Cookies We Use
- Essential Cookies: These cookies are strictly necessary for the operation of our website and cannot be disabled. They enable core functionality such as shopping cart management and secure login.
- Performance and Analytics Cookies: These cookies collect information about how visitors use our website, including which pages are most frequently visited and any error messages encountered. We use tools such as Google Analytics for this purpose.
- Functionality Cookies: These cookies allow our website to remember choices you make, such as your language preference or saved items, to provide a more personalized experience.
- Marketing and Advertising Cookies: These cookies are used to deliver advertisements that are relevant to you and your interests. They may also be used to limit the number of times you see an advertisement.
- Social Media Cookies: These cookies are set by social media platforms and allow you to share content from our website directly to social media networks.
8.2 Managing Your Cookie Preferences
You may control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a cookie is set. Please note that disabling certain cookies may affect the functionality of our website. For more detailed information about the cookies we use and how to manage your preferences, please refer to our full Cookie Policy, which is available on our website at zupas-cafe.click.
You may also opt out of interest-based advertising through the Digital Advertising Alliance (DAA) at optout.aboutads.info or the Network Advertising Initiative (NAI) at optout.networkadvertising.org.
9. Children's Privacy
We are committed to protecting the privacy of children and complying with the Children's Online Privacy Protection Act (COPPA). Our website and services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. Furthermore, we strongly encourage users between the ages of 13 and 17 to obtain parental consent before using our website or submitting any personal information.
If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to remove the child's personal information from our systems and terminate any associated account.
We do not knowingly sell the personal information of minors under 16 years of age without affirmative authorization in accordance with the CCPA/CPRA.
10. International Data Transfers
Zupas is a United States-based business, and your personal information is primarily collected, processed, and stored within the United States. However, some of our third-party service providers may operate in other countries, which may require the transfer of your personal information to those countries.
If your personal information is transferred outside of the United States, we take appropriate safeguards to ensure that your information receives an adequate level of protection in accordance with applicable privacy laws. These safeguards may include:
- Ensuring that third-party recipients are bound by appropriate data protection agreements
- Implementing standard contractual clauses approved by relevant data protection authorities
- Relying on adequacy decisions where applicable
- Obtaining your explicit consent where required by law
Please be aware that data protection laws in other countries may differ from those in the United States. By using our services, you acknowledge that your personal information may be transferred to and processed in countries with different privacy protections than your country of residence.
11. Third-Party Links and Services
Our website may contain links to third-party websites, social media platforms, food delivery applications, and other external services. This Privacy Policy applies only to our website and services at zupas-cafe.click. We are not responsible for the privacy practices of third-party websites or services, and we encourage you to review the privacy policies of any third-party sites you visit.
We may integrate third-party services such as social media sharing buttons, embedded videos, and mapping tools. These third-party services may collect information about your interaction with our website independently of our data collection practices, governed by their respective privacy policies.
12. Do Not Track Signals
Some web browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activities tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. Our website does not currently respond to DNT signals from browsers. However, you may manage your tracking preferences through our cookie settings and the opt-out tools described in Section 8 of this policy.
13. California Privacy Rights — Additional Disclosures
In addition to the rights described in Section 6, California residents have the following additional rights and disclosures under the CCPA/CPRA:
13.1 Categories of Personal Information Disclosed for Business Purposes
In the preceding twelve (12) months, we may have disclosed the following categories of personal information to third-party service providers for legitimate business purposes:
- Identifiers (name, email address, IP address, account username)
- Customer records information (contact details, payment information)
- Commercial information (order history, purchase preferences)
- Internet or electronic network activity information (browsing behavior, click data)
- Geolocation data (city/state level)
- Inferences drawn from personal information (user preferences, behavioral profiles)
13.2 "Shine the Light" Law
Under California Civil Code Section 1798.83, California residents may request information about the categories of personal information we have shared with third parties for their direct marketing purposes during the preceding calendar year. To make such a request, please contact us at [email protected].
13.3 Authorized Agents
California residents may designate an authorized agent to submit privacy rights requests on their behalf. To use an authorized agent, we require written authorization signed by you confirming the agent's authority, and we may verify your identity directly. Authorized agent requests should be submitted to [email protected].
14. How to File a Complaint
If you have concerns about our privacy practices or believe that we have not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to contact us first so that we can address your concerns.
14.1 Contact Us Directly
Please submit your complaint or concern to:
- Email: [email protected]
- Website: zupas-cafe.click
We will acknowledge your complaint within 5 business days and work to resolve it within 30 days.
14.2 Filing a Complaint with Regulatory Authorities
If you are not satisfied with our response, you may have the right to file a complaint with a relevant regulatory authority. Depending on your state of residence, the appropriate authorities may include:
| Authority | Jurisdiction | Contact |
|---|---|---|
| Federal Trade Commission (FTC) | Federal (All U.S. States) | reportfraud.ftc.gov |
| California Privacy Protection Agency (CPPA) | California Residents | cppa.ca.gov |
| California Attorney General | California Residents | oag.ca.gov/privacy |
| State Attorney General (Other States) | Residents of all other states | Contact your state's Attorney General office |
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or technological developments. When we make material changes to this policy, we will:
- Update the "Last Updated" date at the top of this page
- Post a prominent notice on our website
- Send an email notification to registered users where required by law
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:
Zupas — Privacy Inquiries
| Company | Zupas |
|---|---|
| [email protected] | |
| Website | zupas-cafe.click |
When contacting us regarding a privacy matter, please include your full name, email address, the nature of your request or concern, and any relevant details to help us process your request efficiently. We are committed to responding to all legitimate privacy inquiries in a timely and thorough manner.