Privacy Policy

Effective Date: May 15, 2026 | Last Updated: May 15, 2026

This Privacy Policy describes how Marcos ("we," "us," or "our") collects, uses, discloses, and safeguards your personal information when you visit our website marcos-pizza.rest, place an order, interact with our services, or otherwise engage with us online or in person. Please read this policy carefully. By using our website or services, you acknowledge that you have read, understood, and agree to be bound by the terms described herein.

We are committed to protecting your privacy and handling your personal information with transparency, integrity, and care. This Privacy Policy is designed to comply with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable federal and state regulations governing data privacy and consumer protection.

1. About Us

Marcos is a food service business operating in the United States. Our contact details are as follows:

Company Name	Marcos
Website	marcos-pizza.rest
Email	[email protected]

For any privacy-related inquiries, questions, or requests, please contact us using the information provided above or through the dedicated privacy contact details listed in Section 14 of this policy.

2. Scope of This Privacy Policy

This Privacy Policy applies to all personal information collected by Marcos through the following channels:

Our website located at marcos-pizza.rest
Online food ordering platforms and tools we operate or use
Email, phone, and other electronic communications with us
In-person interactions at our physical locations
Third-party platforms and services where we maintain a presence or through which we process orders
Loyalty programs, promotional campaigns, and contests

This policy does not apply to the practices of third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party platforms you visit.

3. Information We Collect

We collect various categories of personal information depending on how you interact with us. The categories of data we collect include, but are not limited to, the following:

3.1 Personal Identification Information

Full name
Email address
Phone number
Billing and delivery address
Date of birth (where applicable, for age verification or loyalty programs)
Account username and password (for registered users)

3.2 Order and Transaction Information

Order history, including items ordered, quantities, and prices
Payment information (note: we do not store full credit/debit card numbers; this is handled by secure, third-party payment processors)
Delivery instructions and special requests
Gift card usage and loyalty point balances

3.3 Usage and Technical Data

IP address
Browser type and version
Operating system and device type
Pages visited, time spent on pages, and navigation paths
Referring URLs and exit pages
Date and time of your visit
Clickstream data and interaction data

3.4 Cookie and Tracking Technology Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect data about your browsing behavior on our website. This may include session identifiers, preference settings, and analytics data. Please refer to Section 9 of this policy for more information about our use of cookies.

3.5 Location Information

General geographic location derived from your IP address
Precise location data, if you grant permission through your device settings (used to suggest nearby locations or enable delivery services)

3.6 Communications and Feedback

Messages, emails, or inquiries you send to us
Customer service interaction records
Survey responses and reviews
Social media interactions where you tag or mention us

3.7 Information from Third Parties

We may receive information about you from third-party sources, including:

Food delivery platforms and aggregators through which you place an order
Payment processors confirming transaction status
Social media platforms if you use social login features or interact with our pages
Analytics and advertising partners who provide aggregated or individual-level data about website visitors

4. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes, including:

4.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders
Sending order confirmations, receipts, and delivery status updates
Managing your account, if you have registered with us
Handling payments and preventing fraudulent transactions
Coordinating delivery and pickup services

4.2 Customer Support and Communications

Responding to your inquiries, complaints, or requests
Notifying you of changes to our services, menu, or policies
Sending transactional messages such as order updates and refund notifications

4.3 Marketing and Promotions

Sending promotional emails, newsletters, and special offers (with your consent or where permitted by law)
Running loyalty programs and contests
Personalizing marketing content based on your order history and preferences
Delivering targeted advertisements through our website or third-party advertising networks

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us directly at [email protected].

4.4 Analytics and Service Improvement

Analyzing website traffic, user behavior, and ordering patterns to improve our services
Conducting market research and customer satisfaction surveys
Developing new menu items and features based on customer preferences
Troubleshooting technical issues with our website and ordering systems

4.5 Legal and Compliance Purposes

Complying with applicable laws, regulations, and legal processes
Enforcing our Terms of Service and other agreements
Protecting the rights, safety, and property of Marcos, our customers, and the public
Responding to law enforcement or regulatory requests where legally required

5. Legal Basis for Processing

In the United States, our processing of personal information is generally grounded in the following legal bases:

Contractual Necessity: Processing is necessary to fulfill orders and deliver our services to you.
Legitimate Interests: We process certain data to operate our business effectively, prevent fraud, and improve our offerings, provided these interests are not overridden by your privacy rights.
Consent: For marketing communications and the use of non-essential cookies, we rely on your explicit consent, which you may withdraw at any time.
Legal Obligation: We process data to comply with applicable laws and respond to legal processes.

6. Sharing Your Information with Third Parties

We do not sell your personal information in the traditional sense. However, we may share your data with third parties in the following circumstances:

6.1 Service Providers

We engage trusted third-party service providers to assist in operating our business. These providers are permitted to access your personal information only to perform specific tasks on our behalf and are contractually obligated to protect your data. Service providers may include:

Payment processors (e.g., Stripe, Square, PayPal)
Delivery logistics partners and couriers
Cloud hosting and data storage providers
Email marketing and communications platforms
Customer relationship management (CRM) software providers
Website analytics providers (e.g., Google Analytics)
Advertising and retargeting platforms
IT support and cybersecurity service providers

6.2 Business Transfers

If Marcos is involved in a merger, acquisition, asset sale, financing, or other business transaction, your personal information may be transferred to the successor entity. We will notify you via email or a prominent notice on our website if such a transfer occurs, and we will inform you of any choices you have regarding your data.

6.3 Legal Requirements and Safety

We may disclose your personal information if required to do so by law or in good-faith belief that such action is necessary to:

Comply with a legal obligation, subpoena, court order, or government request
Protect and defend the legal rights or property of Marcos
Prevent or investigate possible wrongdoing in connection with our services
Protect the personal safety of users of our services or the public

6.4 With Your Consent

We may share your information with other third parties when you have given us explicit consent to do so, such as participating in a co-branded promotion or referral program.

6.5 Aggregated or De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with partners, researchers, or the public for industry analysis, marketing, or other purposes.

7. Data Security

We take the security of your personal information seriously and implement a range of technical, organizational, and administrative safeguards to protect it from unauthorized access, use, alteration, or disclosure. Our security measures include:

Encryption: We use SSL/TLS encryption for all data transmitted between your browser and our website. Payment card data is encrypted and processed by PCI-DSS compliant payment processors.
Access Controls: Access to personal data is restricted to authorized personnel who have a legitimate need to access it for business purposes.
Firewalls and Intrusion Detection: We employ firewalls, intrusion detection systems, and security monitoring to protect our infrastructure.
Data Minimization: We only collect and retain personal information that is necessary for the purposes described in this policy.
Regular Security Assessments: We conduct periodic security reviews and vulnerability assessments of our systems.
Employee Training: Our staff receive regular training on data protection principles and security practices.

Important Notice: While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and we encourage you to take precautions such as using strong passwords and keeping your account credentials confidential.

In the event of a data breach that affects your personal information, we will notify you and the appropriate authorities in accordance with applicable law, including relevant state breach notification statutes.

8. Your Rights and Choices

Depending on your state of residence, you may have specific legal rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.

8.1 Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you, including the categories and specific pieces of personal information collected.
Right to Delete: You have the right to request the deletion of personal information we have collected about you, subject to certain exceptions.
Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to direct us not to sell or share your personal information with third parties. To exercise this right, please contact us at [email protected].
Right to Limit Use of Sensitive Personal Information: Where applicable, you have the right to limit the use and disclosure of sensitive personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny goods or services, charge different prices, or provide a different level of service because you exercised your privacy rights.

To submit a verifiable consumer request, please contact us at [email protected]. We will respond to your request within 45 days, with the possibility of a 45-day extension where reasonably necessary, as permitted by the CCPA/CPRA.

8.2 General Rights for All Users

Regardless of your state of residence, we offer the following rights and choices to all users:

Access: You may request a copy of the personal information we hold about you.
Correction: You may request that we correct any inaccurate or incomplete personal information we hold about you.
Deletion: You may request that we delete your personal information, subject to legal and contractual retention requirements.
Portability: You may request a copy of your personal information in a structured, commonly used, and machine-readable format.
Opt-Out of Marketing: You may unsubscribe from marketing communications at any time using the unsubscribe link in our emails or by contacting us directly.
Account Management: If you have a registered account, you may access, update, or delete your profile information by logging into your account settings.

To exercise any of the rights listed above, please contact us at [email protected] with the subject line "Privacy Rights Request." We may need to verify your identity before processing your request.

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver relevant advertising. Cookies are small text files stored on your device when you visit a website.

9.1 Types of Cookies We Use

Cookie Type	Purpose
Essential Cookies	Required for the website to function properly, including maintaining your shopping cart and session.
Performance/Analytics Cookies	Help us understand how visitors interact with our website by collecting anonymous usage data.
Functional Cookies	Remember your preferences, such as language settings or previously selected items.
Marketing/Advertising Cookies	Used to deliver personalized advertisements and track the effectiveness of marketing campaigns.

9.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. Please note that disabling certain cookies may affect the functionality of our website and your ability to place orders. You may also opt out of interest-based advertising through tools such as the Network Advertising Initiative (NAI) opt-out page or the Digital Advertising Alliance (DAA) opt-out tool.

For more detailed information about our use of cookies, please refer to our Cookie Policy.

10. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. The following general retention guidelines apply:

Data Category	Retention Period
Account and registration information	Duration of account plus 3 years after account closure
Order and transaction records	7 years (for tax and accounting compliance)
Customer service communications	3 years from the date of last interaction
Marketing preferences and opt-out records	5 years or until you withdraw consent
Website usage and analytics data	Up to 26 months (per analytics platform settings)
Payment processing records	As required by PCI-DSS and applicable financial regulations

After the applicable retention period, we will securely delete, destroy, or anonymize your personal information in accordance with our data disposal procedures.

11. Children's Privacy

Age Restriction: Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18 years of age.

In compliance with the Children's Online Privacy Protection Act (COPPA) and related federal regulations, we do not knowingly collect, solicit, or use personal information from children under the age of 13. If you are between the ages of 13 and 17, you should use our services only with the knowledge and consent of a parent or legal guardian.

If we become aware that we have inadvertently collected personal information from a child under 18 without appropriate verification or parental consent, we will take immediate steps to delete that information from our records. If you believe we have collected information from a minor, please contact us immediately at [email protected].

Parents and guardians who wish to review, correct, or request deletion of their child's personal information may also contact us at the above email address.

12. International Data Transfers

Marcos is based in the United States, and your personal information is primarily stored and processed within the United States. However, some of our third-party service providers may operate in or transfer data to other countries. If such transfers occur, we take reasonable steps to ensure that appropriate safeguards are in place to protect your personal information in accordance with applicable law.

These safeguards may include:

Data processing agreements with service providers that incorporate standard contractual clauses or equivalent protections
Verification that receiving countries have adequate data protection frameworks in place
Technical and organizational security measures applied regardless of location

If you are accessing our services from outside the United States, please be aware that your information may be transferred to and processed in the United States, where privacy laws may differ from those in your home jurisdiction. By using our services, you consent to such transfers in accordance with this Privacy Policy.

13. Third-Party Links and Services

Our website may contain links to third-party websites, platforms, and services, including social media platforms, food delivery aggregators, and payment processors. This Privacy Policy does not apply to the practices of those third parties. We encourage you to review the privacy policies of any external websites or services you visit. Marcos is not responsible for the privacy practices or content of third-party sites.

14. Contact Information for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact our privacy team using the details below:

Company	Marcos
Email	[email protected]
Website	marcos-pizza.rest

When submitting a privacy request, please include your name, email address, a clear description of your request, and, if applicable, the state in which you reside so we can apply the appropriate legal standards.

15. How to File a Complaint with a Data Protection Authority

If you believe your privacy rights have been violated and you are not satisfied with our response, you have the right to file a complaint with the appropriate regulatory authority.

15.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) is the primary federal consumer protection agency in the United States. If you believe that our data practices violate the FTC Act or other consumer protection laws, you may file a complaint with the FTC at:

Website: www.ftc.gov/complaint
Phone: 1-877-382-4357
Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, D.C. 20580

15.2 California Privacy Protection Agency (CPPA)

California residents may file a complaint with the California Privacy Protection Agency (CPPA) regarding violations of the CCPA/CPRA:

Website: cppa.ca.gov
Address: California Privacy Protection Agency, 2101 Arena Blvd, Sacramento, CA 95834

15.3 California Attorney General

California residents may also report privacy violations to the California Attorney General's Office:

Website: oag.ca.gov/privacy
Phone: 1-800-952-5225

15.4 State Attorneys General

Residents of other states may contact their respective State Attorney General's office to report privacy-related complaints. Most states have a consumer protection division that handles data privacy issues.

16. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that signals to websites that you prefer not to be tracked. Currently, there is no universal standard for how websites should respond to DNT signals. Our website does not currently respond to DNT browser signals in a uniform way. However, you may manage your tracking preferences through our cookie settings and by opting out of marketing as described in this policy.

17. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this policy, we will:

Update the "Last Updated" date at the top of this page
Post a prominent notice on our website notifying you of the changes
Where required by law or where feasible, send you an email notification about significant changes

Your continued use of our website or services after the effective date of the revised Privacy Policy constitutes your acceptance of the updated terms. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

18. Acknowledgment and Consent

By using the Marcos website at marcos-pizza.rest, placing an order, creating an account, or otherwise engaging with our services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.

If you do not agree with the terms of this Privacy Policy, please do not use our website or services. For any questions or concerns, please reach out to us at [email protected].

Effective Date: May 15, 2026 | Document Version: 1.0 | Jurisdiction: United States