Privacy Policy

This Privacy Policy describes how Primo Hoagies ("we," "us," "our," or the "Company") collects, uses, discloses, retains, and protects information about you when you visit our website at primohagiesgo.rest, place food orders, use our digital services, or otherwise interact with us. We are committed to protecting your personal information and your right to privacy in accordance with applicable United States federal and state laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission (FTC) Act.

Please read this Privacy Policy carefully. By accessing or using our website or services, you acknowledge that you have read, understood, and agree to the practices described in this document. If you do not agree with the terms of this Privacy Policy, please discontinue use of our website and services immediately.

For any questions about this Privacy Policy or our privacy practices, you may contact us at:

1. Scope of This Privacy Policy

This Privacy Policy applies to all personal information collected through:

• Our website located at primohagiesgo.rest and any associated subdomains;
• Online food ordering platforms, menus, and reservation systems linked to or operated by Primo Hoagies;
• Email communications, customer service inquiries, and feedback forms;
• Loyalty programs, promotional campaigns, and newsletter subscriptions;
• Social media interactions associated with our official business accounts;
• Any other digital or in-person touchpoint where we collect personal information from you.

This Privacy Policy does not govern the practices of third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of those third parties independently.

2. Information We Collect

We collect various categories of information depending on how you interact with Primo Hoagies. These categories are described below.

2.1 Personal Identification Information

When you create an account, place a food order, sign up for our newsletter, or contact us, we may collect:

• Full name;
• Email address;
• Phone number;
• Billing and delivery address (including street address, city, state, and ZIP code);
• Date of birth (where required for age verification or promotional purposes);
• Username and password for account access.

2.2 Payment and Transaction Information

When you place an order or make a payment through our website, we collect:

• Credit or debit card type and last four digits (full card numbers are processed by our third-party payment processors and are not stored on our servers);
• Transaction amount, date, and reference numbers;
• Order history and food preferences;
• Billing address associated with the payment method.

2.3 Usage and Behavioral Data

When you visit our website, we automatically collect certain technical and behavioral information, including:

• IP address and approximate geographic location;
• Browser type and version;
• Operating system and device type;
• Pages visited, time spent on each page, and navigation paths;
• Referring and exit URLs;
• Search queries entered on our website;
• Links clicked and buttons interacted with;
• Date and time of access.

2.4 Device Information

We may collect device-specific information to optimize your experience, including:

• Device identifiers (such as mobile advertising IDs where permitted);
• Screen resolution and display settings;
• Network connection type (Wi-Fi, cellular);
• Mobile carrier information;
• Hardware model and firmware version.

2.5 Cookie and Tracking Technology Data

We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your interactions with our website. For full details, please refer to Section 8 (Cookie Usage) of this Privacy Policy.

2.6 Communications and Customer Service Data

If you contact us via email, phone, or web form, we may collect:

• The content of your messages and correspondence;
• Your contact details as provided;
• Records of our responses and resolution history;
• Any attachments or images you share with us.

2.7 Marketing and Preference Data

If you subscribe to our email list, loyalty program, or promotional offers, we collect:

• Email opt-in preferences and communication frequency settings;
• Promotional codes redeemed;
• Food preferences and dietary restrictions (where voluntarily disclosed);
• Survey and feedback responses.

2.8 Information Collected from Third Parties

We may receive information about you from third-party sources, including:

• Social media platforms (when you interact with our social accounts or log in via social authentication);
• Third-party food delivery and ordering platforms;
• Analytics providers and advertising networks;
• Payment processors and fraud prevention services.

3. How We Use Your Information

We use the information we collect for the following purposes, each supported by a lawful basis under applicable U.S. law:

3.1 Order Processing and Service Delivery

• Processing, fulfilling, and delivering your food orders;
• Communicating order confirmations, status updates, and delivery notifications;
• Managing your account and providing customer support;
• Processing payments and refunds;
• Verifying your identity and preventing fraudulent transactions.

3.2 Website Operation and Improvement

• Maintaining and improving the functionality and security of our website;
• Personalizing your browsing and ordering experience;
• Diagnosing technical issues and resolving bugs;
• Conducting internal testing and quality assurance;
• Developing new features and menu offerings based on usage patterns.

3.3 Analytics and Performance Measurement

• Analyzing website traffic patterns and user behavior;
• Measuring the effectiveness of our marketing campaigns;
• Generating aggregated, anonymized reports for business planning;
• Understanding customer preferences and trends in food ordering.

3.4 Marketing and Promotions

• Sending promotional emails, newsletters, and special offers (with your consent where required);
• Displaying targeted advertising on our website and third-party platforms;
• Administering loyalty programs, contests, and promotional events;
• Notifying you of new menu items, seasonal specials, and limited-time offers.

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at [email protected].

3.5 Legal Compliance and Safety

• Complying with applicable federal, state, and local laws and regulations;
• Responding to lawful requests from government authorities and law enforcement;
• Protecting our legal rights, interests, and those of our employees and customers;
• Enforcing our Terms of Service and other applicable agreements;
• Detecting and preventing fraud, abuse, and other harmful activity.

4. Sharing of Your Information with Third Parties

We do not sell your personal information to third parties for monetary compensation. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party vendors and service providers who process personal information on our behalf for purposes including:

• Payment processing: Stripe, PayPal, or similar PCI-DSS compliant processors;
• Cloud hosting and infrastructure: Data storage and web hosting providers;
• Email and SMS communications: Marketing automation and notification platforms;
• Analytics: Google Analytics and similar web analytics services;
• Food delivery logistics: Third-party courier and delivery service operators;
• Customer relationship management (CRM): Platforms used to manage customer data and communications;
• Fraud detection: Security and identity verification services.

All service providers are contractually required to handle your data securely, use it only for the stated purposes, and comply with applicable privacy laws.

4.2 Legal and Regulatory Disclosures

We may disclose your personal information when required or permitted by law, including:

• In response to a court order, subpoena, or other valid legal process;
• To comply with a government or regulatory authority request;
• To protect the safety of any person or to prevent illegal activity;
• To enforce our Terms of Service or investigate potential violations;
• In connection with national security or public interest requirements as permitted by the FTC Act and applicable federal law.

4.3 Business Transfers

If Primo Hoagies undergoes a merger, acquisition, asset sale, reorganization, or insolvency proceeding, your personal information may be transferred as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.4 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data with third parties for research, marketing, or analytics purposes. Such data cannot reasonably be used to identify any individual person.

4.5 With Your Consent

We may share your information with additional third parties when you give us specific consent to do so.

5. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards designed to protect your data against unauthorized access, disclosure, alteration, and destruction.

5.1 Technical Security Measures

• Encryption: All data transmitted between your browser and our servers is encrypted using SSL/TLS technology. Sensitive information such as payment data is encrypted at rest.
• Firewalls and Intrusion Detection: We use firewalls and intrusion detection systems to monitor our network for suspicious activity.
• Secure Authentication: Account access requires secure passwords, and we support multi-factor authentication where available.
• Regular Security Audits: We conduct periodic security assessments and vulnerability scans of our systems.

5.2 Administrative and Organizational Measures

• Access to personal information is restricted to employees and contractors who need it to perform their job functions;
• All personnel with access to personal data are trained on privacy and security best practices;
• We maintain written data protection policies and incident response plans;
• Third-party vendors are vetted for security compliance before engagement.

5.3 Data Breach Response

In the event of a data breach that may affect your personal information, we will notify affected individuals and relevant authorities in accordance with applicable state breach notification laws, including those of the State of California and other applicable U.S. states. Notification will be provided as promptly as practicable and in accordance with the legally required timeframes.

Important: While we take significant measures to protect your data, no system can guarantee absolute security. We encourage you to use strong, unique passwords, log out of your account when not in use, and notify us immediately if you suspect unauthorized access.

6. Your Privacy Rights

Depending on your state of residence within the United States, you may have certain rights regarding your personal information. Customers residing in California are entitled to rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). Residents of other states may have similar rights under applicable state privacy laws.

6.1 Right to Know and Access

You have the right to request that we disclose:

• The categories and specific pieces of personal information we have collected about you;
• The categories of sources from which your personal information was collected;
• The business or commercial purposes for collecting or sharing your information;
• The categories of third parties with whom we share your personal information.

6.2 Right to Correction

You have the right to request that we correct inaccurate personal information we hold about you, taking into account the nature of the information and our purposes for processing it.

6.3 Right to Deletion

You have the right to request that we delete personal information we have collected about you, subject to certain exceptions such as when the information is necessary to:

• Complete a transaction or provide a service you requested;
• Comply with a legal obligation;
• Exercise free speech or another legal right;
• Detect and prevent security incidents or fraudulent activity.

6.4 Right to Data Portability

You have the right to receive a copy of the personal information you have provided to us in a structured, commonly used, and machine-readable format, where technically feasible.

6.5 Right to Opt Out of Sale or Sharing

Under the CCPA/CPRA, California residents have the right to opt out of the sale or sharing of their personal information for cross-context behavioral advertising. While we do not sell personal information for monetary consideration, we may engage in data sharing practices that qualify as "sharing" under California law. To exercise this right, please contact us at [email protected].

6.6 Right to Limit Use of Sensitive Personal Information

California residents have the right to limit the use and disclosure of sensitive personal information to what is necessary to perform the services requested.

6.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you goods or services, charge you different prices, or provide a different level or quality of service based on your exercise of these rights.

6.8 How to Submit a Privacy Rights Request

To exercise any of the rights described above, please submit a verifiable consumer request by:

• Emailing us at: [email protected]
• Using the contact form available on our website at: primohagiesgo.rest

We will respond to verified requests within 45 days of receipt. If additional time is needed (up to an additional 45 days), we will notify you of the extension and the reason for it. We may need to verify your identity before processing your request to prevent unauthorized disclosure or deletion of your personal information.

Authorized agents may submit requests on your behalf, provided you have given written permission and we can verify the agent's identity and authority.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law.

When personal information is no longer required, we will securely delete, anonymize, or destroy it in accordance with our internal data retention and destruction procedures.

8. Cookie Usage

Our website uses cookies and similar tracking technologies to enhance your user experience, analyze website performance, and deliver relevant advertising. A cookie is a small text file placed on your device when you visit our website.

8.1 Types of Cookies We Use

• Essential Cookies: Required for the website to function properly (e.g., shopping cart, login sessions). These cannot be disabled.
• Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous statistical data (e.g., Google Analytics).
• Functional Cookies: Remember your preferences (e.g., language settings, saved addresses) to improve your experience.
• Marketing and Advertising Cookies: Used to deliver personalized advertisements and measure campaign effectiveness across platforms.

8.2 Managing Your Cookie Preferences

You can control or disable cookies through your browser settings or by using our cookie consent tool when you first visit our website. Please note that disabling certain cookies may impact the functionality of the website and your ability to place orders.

For more detailed information about the specific cookies we use, their purpose, and how long they persist, please refer to our full Cookie Policy available on our website.

To opt out of Google Analytics tracking, you may use the Google Analytics Opt-Out Browser Add-On.

9. Children's Privacy

We do not knowingly collect, use, or disclose personal information from children under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA). We also do not knowingly collect personal information from individuals between the ages of 13 and 17 without verifiable parental consent.

Our food ordering platform is not directed toward minors, and we do not intentionally market our services to individuals under 18. If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will promptly delete the information from our records.

We reserve the right to request proof of age at any time and to restrict access to our website and services to individuals who cannot verify they are 18 years of age or older.

10. International Data Transfers

Primo Hoagies is based in the United States and our primary data processing activities take place within the United States. However, some of our third-party service providers may operate in other countries, which may mean your personal information is transferred to and processed in countries outside of your state or jurisdiction.

Where personal information is transferred internationally, we take steps to ensure that appropriate safeguards are in place, including:

• Ensuring our service providers are located in jurisdictions with adequate data protection frameworks;
• Executing appropriate data processing agreements with our vendors;
• Implementing contractual protections that require recipients to protect your information to a standard comparable to applicable U.S. law.

By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and, where applicable, to other countries as described in this section.

11. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, and embedded services (such as Google Maps or delivery partner portals). These third-party services have their own privacy policies and practices, which are independent of ours.

We are not responsible for the content or privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party websites you visit. The inclusion of a link on our website does not imply our endorsement of that website's privacy practices.

12. California Privacy Rights — Additional Disclosures

Under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), California residents have specific rights described in Section 6 of this Policy. The following additional disclosures apply specifically to California residents:

12.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:

12.2 "Shine the Light" Law

California Civil Code Section 1798.83, known as the "Shine the Light" law, permits California residents to request information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us at [email protected].

13. How to File a Complaint

If you have concerns about how we handle your personal information and are not satisfied with our response, you have the right to file a complaint with the appropriate data protection or consumer protection authority.

13.1 Federal Trade Commission (FTC)

The FTC is the primary federal agency overseeing consumer privacy and protection in the United States. You may file a complaint with the FTC at:

• Website: www.ftc.gov/complaint
• Phone: 1-877-FTC-HELP (1-877-382-4357)
• Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, D.C. 20580

13.2 California Privacy Protection Agency (CPPA)

California residents may also file complaints with the California Privacy Protection Agency regarding violations of the CCPA/CPRA:

• Website: cppa.ca.gov
• Email: [email protected]

13.3 State Attorney General Offices

Residents of other U.S. states may file complaints with their respective State Attorney General's offices, which often have consumer protection and privacy enforcement authority.

14. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or operational circumstances. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page;
• Post the revised Privacy Policy on our website at primohagiesgo.rest;
• Notify registered users via email where required by law or where changes are material.

Your continued use of our website and services following the posting of any updated Privacy Policy constitutes your acceptance of the revised terms. We encourage you to review this Policy periodically to stay informed about how we protect your information.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out to us: