Privacy Policy

Effective Date: March 25, 2026  |  Last Updated: March 25, 2026

1. Introduction and Who We Are

Welcome to Dions ("we," "us," "our," or "the Company"). We operate the website located at pizzasdions.digital and provide food and restaurant-related services to customers across the United States. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy applies to all information collected through our website, mobile applications, online ordering platforms, loyalty programs, email communications, and any related services, sales, marketing, or events (collectively referred to as the "Services").

If you have any questions or concerns about this policy, or our practices with regard to your personal information, please contact us using the details provided below:

2. Scope of This Privacy Policy

This Privacy Policy covers all personal data that Dions processes in connection with the use of our website and services. It applies to:

• Visitors who browse our website at pizzasdions.digital
• Customers who place food orders online or through affiliated platforms
• Users who create accounts or register on our platform
• Individuals who sign up for our newsletter, promotional emails, or loyalty programs
• Anyone who contacts us via email, phone, or web-based contact forms
• Individuals who participate in surveys, promotions, or contests we host

This policy does not apply to third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party platforms you visit through links on our site.

3. Information We Collect

We collect various types of information in connection with the Services we provide. The categories of information we may collect include the following:

3.1 Personal Information You Provide Directly

When you interact with our website or services, you may voluntarily provide us with certain personal information, including but not limited to:

• Identity Data: Full name, username or similar identifier
• Contact Data: Email address, mailing address, telephone number
• Account Data: Username, password, account preferences, and order history
• Order and Transaction Data: Details about food purchases, delivery addresses, special instructions, dietary preferences, and payment references
• Payment Data: Credit or debit card information, billing address (note: we do not store full card numbers — payments are processed by PCI-compliant third-party processors)
• Communications Data: Any messages, feedback, reviews, or support requests you send us via email or contact forms
• Marketing Preferences: Your preferences for receiving marketing communications from us

3.2 Automatically Collected Information

When you access our website, certain information is collected automatically through cookies, web beacons, and similar tracking technologies. This includes:

• Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution, and language settings
• Usage Data: Pages visited, links clicked, time and date of visit, time spent on pages, referring URL, and exit pages
• Location Data: Approximate geographic location derived from your IP address; precise location if you grant permission through your device settings
• Cookie Data: Information stored in cookies and similar tracking technologies (see our Cookie section below for more detail)
• Log Data: Server logs that capture interactions with our website infrastructure

3.3 Information from Third Parties

We may receive information about you from third parties, including:

• Analytics providers such as Google Analytics
• Advertising networks and social media platforms
• Food delivery aggregator platforms that facilitate orders on our behalf
• Payment processors who confirm transaction status
• Review platforms that aggregate customer feedback

3.4 Sensitive Information

We do not intentionally collect sensitive personal information such as Social Security numbers, financial account numbers beyond payment processing, health information, or similar sensitive data. If you voluntarily share dietary restrictions or food allergy information, we will treat this with heightened care and use it only to fulfill your order requests safely.

4. How We Use Your Information

We use the information we collect for the following purposes, each grounded in a lawful basis as recognized under applicable U.S. law:

4.1 Service Provision and Order Fulfillment

• To process and fulfill your food orders, including delivery coordination
• To create and manage your customer account
• To process payments and send you order confirmations and receipts
• To communicate with you about order status, delivery updates, and customer support issues
• To accommodate special dietary requests or allergen notifications

4.2 Business Operations and Service Improvement

• To analyze usage patterns and understand how customers interact with our website
• To improve the functionality, performance, and user experience of our Services
• To conduct internal audits, data analysis, and research
• To detect and prevent fraud, unauthorized transactions, and other illegal activities
• To comply with legal obligations and enforce our Terms of Service
• To resolve disputes and troubleshoot technical problems

4.3 Marketing and Promotional Communications

• To send you promotional offers, coupons, discount codes, and news about Dions
• To personalize your experience and present content or product offerings relevant to your interests
• To administer contests, sweepstakes, surveys, and other promotional activities
• To measure the effectiveness of our marketing campaigns

You may opt out of receiving marketing communications at any time by clicking the "unsubscribe" link in any marketing email, or by contacting us directly at [email protected]. Please note that even after opting out of marketing messages, you may still receive transactional communications related to your orders.

4.4 Legal and Compliance Purposes

• To comply with applicable federal, state, and local laws and regulations
• To respond to lawful requests from governmental authorities
• To exercise or defend our legal rights
• To enforce our agreements and policies

5. Legal Basis for Processing (U.S. Law Framework)

While the United States does not have a single, comprehensive federal privacy law equivalent to the EU's GDPR, Dions is committed to responsible data stewardship in compliance with all applicable U.S. regulations, including:

• Federal Trade Commission Act (FTC Act): We adhere to the FTC's standards for fair and transparent data practices and consumer protection.
• California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA): If you are a California resident, you have specific rights under the CCPA/CPRA, which are described in detail in Section 10 below.
• CAN-SPAM Act: All marketing emails comply with CAN-SPAM requirements, including clear sender identification and opt-out mechanisms.
• Children's Online Privacy Protection Act (COPPA): We do not knowingly collect information from children under 13.
• Other applicable state privacy laws, including but not limited to the Virginia Consumer Data Protection Act (VCDPA), Colorado Privacy Act (CPA), and Connecticut Data Privacy Act (CTDPA), where applicable.

6. Sharing Your Information with Third Parties

We respect your privacy and do not sell your personal information for monetary compensation. However, we may share your information with third parties in the following circumstances:

6.1 Service Providers and Business Partners

We engage trusted third-party companies and individuals to assist in delivering our Services. These parties may have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose. Examples include:

• Payment processors and financial institutions (e.g., Stripe, Square)
• Food delivery logistics and courier services
• Cloud hosting and IT infrastructure providers
• Email marketing platforms (e.g., Mailchimp, Klaviyo)
• Customer relationship management (CRM) software providers
• Analytics and advertising platforms (e.g., Google Analytics, Meta Pixel)
• Online ordering aggregator platforms

6.2 Legal Requirements and Law Enforcement

We may disclose your information if required to do so by law or in response to valid requests by public authorities, including:

• Compliance with a subpoena, court order, or other legal process
• Cooperation with law enforcement investigations
• Responding to lawful requests from government agencies
• Protection of the rights, property, or safety of Dions, our customers, or others

6.3 Business Transfers

If Dions undergoes a merger, acquisition, reorganization, asset sale, or similar corporate transaction, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website prior to such transfer and any change in how your information is handled.

6.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as when you choose to participate in co-branded promotions or refer-a-friend programs.

6.5 Aggregated or De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with partners, advertisers, and other third parties for research, marketing, analytics, and other legitimate business purposes.

7. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies such as web beacons, pixel tags, and local storage to enhance your experience, analyze site usage, and deliver targeted advertising.

7.1 Types of Cookies We Use

7.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies. However, if you disable certain cookies, portions of our website may not function properly. You can also opt out of interest-based advertising through industry tools such as the Network Advertising Initiative (NAI) or the Digital Advertising Alliance (DAA).

For more detailed information about the cookies we use, please refer to our Cookie Policy, available on our website at pizzasdions.digital.

8. Data Security

Protecting your personal information is a top priority for Dions. We implement a variety of technical, administrative, and physical security measures designed to safeguard your data against unauthorized access, disclosure, alteration, or destruction.

8.1 Security Measures We Employ

• Encryption: All data transmitted between your browser and our servers is encrypted using Secure Socket Layer (SSL) / Transport Layer Security (TLS) technology
• Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis
• Secure Payment Processing: We use PCI-DSS compliant payment processors; we do not store full credit card numbers on our servers
• Regular Security Audits: We conduct periodic reviews of our data collection, storage, and processing practices
• Employee Training: Our staff receives regular training on data privacy and security best practices
• Firewalls and Intrusion Detection: We maintain network security systems to detect and prevent unauthorized access

8.2 Data Breach Response

In the event of a data breach that affects your personal information, we will notify you in accordance with applicable state data breach notification laws. We will take prompt action to investigate the breach, mitigate harm, and notify affected individuals and regulatory authorities as required by law.

9. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.

9.1 Retention Periods

When personal information is no longer needed, we will securely delete or anonymize it. If deletion is not immediately possible (for example, because data is stored in backup archives), we will securely isolate and protect it from further processing until deletion is possible.

10. Your Privacy Rights

Depending on your state of residence, you may have various rights regarding your personal information. We are committed to honoring these rights and will respond to verifiable requests within the timeframes required by applicable law.

10.1 Rights Available to All U.S. Residents

• Right to Know / Access: You may request information about the categories and specific pieces of personal data we have collected about you
• Right to Correction: You may request that we correct inaccurate personal information we hold about you
• Right to Deletion: You may request that we delete your personal information, subject to certain exceptions (e.g., legal compliance, order fulfillment)
• Right to Opt Out of Marketing: You may opt out of receiving promotional communications at any time
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights

10.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know About Sharing: You can request disclosure of whether we share your personal information with third parties and for what purposes
• Right to Opt Out of Sale or Sharing: You have the right to direct us not to sell or share your personal information with third parties for cross-context behavioral advertising. To exercise this right, visit our "Do Not Sell or Share My Personal Information" page or contact us at [email protected]
• Right to Limit Use of Sensitive Personal Information: Where applicable, you may direct us to limit our use of your sensitive personal information
• Right to Data Portability: You may request a copy of your personal information in a portable, readily usable format
• Authorized Agent: You may designate an authorized agent to submit requests on your behalf

To submit a verifiable consumer request under the CCPA/CPRA, please contact us at:

• Email: [email protected]
• Website: pizzasdions.digital

We will acknowledge your request within 10 business days and provide a substantive response within 45 calendar days. If we require more time, we will inform you of the reason and the extension period (up to an additional 45 days).

10.3 Rights for Residents of Other States

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas, Oregon, Montana, and other states with comprehensive privacy laws may also have rights to access, correct, delete, and port their personal data, and to opt out of targeted advertising and profiling. To exercise any such rights, please contact us using the information provided in this policy.

11. Children's Privacy

Our Services are intended for use by adults who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA). We also do not knowingly collect personal information from individuals between the ages of 13 and 17 without verifiable parental or guardian consent.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will take prompt steps to delete such information from our records.

If we become aware that we have inadvertently collected personal information from a minor under the applicable age threshold, we will take immediate action to delete that information from our systems.

12. International Data Transfers

Dions is based in the United States and our Services are primarily directed at U.S. residents. However, some of our third-party service providers and technology partners may be located in other countries. If your personal information is transferred outside of the United States, we take steps to ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable law.

By using our Services from outside the United States, you acknowledge that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your home country. We will handle your information in accordance with this Privacy Policy regardless of where it is processed.

13. Third-Party Links and Integrations

Our website may contain links to third-party websites, social media platforms, food delivery apps, and other external services that are not operated by us. If you click on a third-party link, you will be directed to that third party's website. We strongly advise you to review the privacy policy of every website you visit, as we have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services.

Our website may also integrate with social media platforms such as Facebook, Instagram, and others. When you interact with these integrations (such as clicking a "Like" or "Share" button), those platforms may collect information about your visit. Please review the privacy policies of those platforms for more information.

14. "Do Not Track" Signals

Some web browsers incorporate a "Do Not Track" (DNT) feature that signals to websites that you visit that you do not want your online activity tracked. Currently, there is no universally accepted standard for how to respond to DNT signals, and our website does not currently respond to DNT signals. However, we provide you with tools to manage your cookie preferences and opt out of targeted advertising as described in this policy.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post the revised policy on our website at pizzasdions.digital
• Notify you by email (if you have an account with us) or by displaying a prominent notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after the effective date of a revised policy constitutes your acceptance of the updated terms.

16. How to File a Privacy Complaint

If you have concerns about how we have handled your personal information, we encourage you to first contact us directly so we can address your concern:

• Email: [email protected]
• Website: pizzasdions.digital

We will respond to your complaint within 30 days of receipt. If you are not satisfied with our response, you may have the right to escalate your complaint to a regulatory authority, including:

16.1 Federal Regulatory Authorities

• Federal Trade Commission (FTC): The FTC oversees consumer protection and privacy practices for businesses operating in the United States. You may file a complaint at www.ftc.gov/complaint or by calling 1-877-FTC-HELP (1-877-382-4357).

16.2 State Regulatory Authorities

• California Residents: You may contact the California Privacy Protection Agency (CPPA) at cppa.ca.gov or the California Attorney General's Office at oag.ca.gov/privacy/ccpa
• Virginia Residents: You may contact the Virginia Attorney General's Office
• Colorado Residents: You may contact the Colorado Attorney General's Office
• Other States: Contact your respective state Attorney General's Office for privacy-related complaints

17. Contact Us

If you have any questions, comments, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out to us: