Privacy Policy

This Privacy Policy describes how Primo Hoagies ("we," "us," "our," or "the Company") collects, uses, discloses, and safeguards your personal information when you visit our website at primohoagies-eat.digital (the "Website"), place orders, interact with our digital services, or otherwise engage with us. Please read this policy carefully. By using our Website or services, you agree to the practices described herein.

We are committed to protecting your privacy and handling your data in an open and transparent manner. This Privacy Policy is designed to comply with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable state and federal regulations governing consumer data protection.

1. About Us

Primo Hoagies operates as a food service business in the United States, offering customers a convenient way to browse our menu, place orders, and engage with our brand digitally. All data collection and processing activities described in this Privacy Policy are carried out by Primo Hoagies in connection with the operation of its food service and digital platforms.

2. Information We Collect

We collect various types of information in connection with your use of our Website and services. The categories of personal information we may collect include the following:

2.1 Personal Identification Information

When you create an account, place an order, subscribe to our newsletter, or contact us directly, we may collect:

• Full name
• Email address
• Phone number
• Billing and delivery address (street address, city, state, ZIP code)
• Username and password (stored in encrypted form)
• Date of birth (where required for age verification purposes)
• Payment information (credit/debit card details processed through secure third-party processors; we do not store full card numbers)

2.2 Order and Transaction Information

When you place an order through our Website, we collect details related to your transaction, including:

• Items ordered, quantities, and customizations
• Order history and frequency
• Delivery preferences and special instructions
• Loyalty program participation data
• Coupon and promotional code usage

2.3 Usage and Technical Data

We automatically collect certain information when you visit and interact with our Website. This may include:

• IP address
• Browser type and version
• Operating system
• Referring URLs
• Pages visited and time spent on each page
• Links clicked and features accessed
• Time and date of your visit
• Error logs and diagnostic data

2.4 Device Information

We may collect information about the device you use to access our Website, including:

• Device type (desktop, mobile, tablet)
• Device identifiers and hardware model
• Mobile network information
• Screen resolution and language settings

2.5 Location Data

With your consent, we may collect precise or approximate geolocation data to help you find nearby Primo Hoagies locations, estimate delivery times, and provide location-based promotions. You may disable location access at any time through your device settings.

2.6 Communications Data

If you contact us via email, phone, live chat, or through any contact form on our Website, we will retain records of those communications, including the content of your messages and any attachments you provide.

2.7 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect data about how you use our Website. Please refer to Section 8 (Cookie Usage) of this Privacy Policy for more detailed information.

2.8 User-Generated Content

If you submit reviews, ratings, feedback, or any other content through our Website or associated platforms, we collect and store that content along with any associated account information.

3. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes, as described below:

3.1 Service Provision and Order Fulfillment

• Processing and confirming your food orders
• Coordinating delivery or pick-up arrangements
• Sending order confirmations, receipts, and status updates
• Managing your account and loyalty program membership
• Processing payments and preventing fraudulent transactions

3.2 Customer Support

• Responding to your questions, complaints, and requests
• Troubleshooting technical issues with our Website
• Processing refunds, replacements, or adjustments to your orders

3.3 Analytics and Website Improvement

• Analyzing user behavior and trends to improve our Website and services
• Monitoring the performance and security of our systems
• Conducting internal research and development
• Testing new features and functionality

3.4 Marketing and Promotional Communications

With your consent or where otherwise permitted by applicable law, we may use your personal information to:

• Send you promotional emails, newsletters, and special offers
• Notify you of new menu items, seasonal promotions, and loyalty rewards
• Deliver personalized content and advertisements based on your preferences and browsing behavior
• Conduct surveys, contests, or sweepstakes

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at [email protected].

3.5 Legal Compliance and Safety

• Complying with applicable federal, state, and local laws and regulations
• Enforcing our Terms of Service and other agreements
• Responding to lawful requests from government authorities or law enforcement
• Protecting the rights, property, and safety of Primo Hoagies, our customers, and the public
• Detecting, preventing, and addressing fraud, abuse, and security incidents

4. Sharing Your Information with Third Parties

We do not sell your personal information to third parties for monetary compensation. However, we may share your data with trusted third parties in the following circumstances:

4.1 Service Providers and Business Partners

We engage third-party companies and individuals to perform services on our behalf. These service providers are given access to your personal information only to the extent necessary to perform their functions and are contractually obligated to maintain its confidentiality. Categories of service providers include:

• Payment processors — to securely process your financial transactions
• Delivery and logistics partners — to fulfill your food orders
• Cloud hosting and data storage providers — to host our Website and store data
• Analytics providers — such as Google Analytics, to help us understand Website usage patterns
• Email marketing platforms — to manage promotional email campaigns
• Customer relationship management (CRM) systems — to manage customer accounts and communications
• Cybersecurity and fraud prevention services — to protect our systems and customers

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information when required to do so by law or in response to valid legal requests, including:

• Complying with a subpoena, court order, or similar legal obligation
• Responding to requests from government authorities, regulatory agencies, or law enforcement bodies
• Cooperating with investigations into illegal activities
• Exercising or defending legal rights or claims

4.3 Business Transfers

If Primo Hoagies undergoes a merger, acquisition, asset sale, restructuring, or bankruptcy proceeding, your personal information may be transferred to a successor entity. We will provide notice before your personal data is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with third parties for any other purpose with your explicit consent.

4.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with partners, advertisers, and other third parties for research, marketing, analytics, and other business purposes.

5. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

5.1 Technical Safeguards

• SSL/TLS Encryption: All data transmitted between your browser and our Website is encrypted using industry-standard Secure Sockets Layer (SSL) / Transport Layer Security (TLS) protocols.
• Password Hashing: Passwords are stored using strong cryptographic hashing algorithms and are never stored in plain text.
• Firewalls and Intrusion Detection: We deploy firewalls, intrusion detection systems, and security monitoring tools to protect our infrastructure.
• Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis.
• Regular Security Audits: We conduct periodic security assessments and vulnerability testing.

5.2 Administrative Safeguards

• Employee training on data privacy and security best practices
• Confidentiality agreements with staff and contractors who have access to personal data
• Incident response procedures for detecting and addressing data breaches

5.3 Physical Safeguards

• Secure server facilities with restricted physical access
• Environmental controls and backup systems to prevent data loss

6. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information under applicable United States law. We are committed to honoring these rights in accordance with the law.

6.1 California Residents — CCPA/CPRA Rights

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

To exercise your California privacy rights, please submit a verifiable consumer request to us by emailing [email protected]. We will respond to verified requests within 45 days as required by CCPA/CPRA, with the possibility of a 45-day extension where reasonably necessary.

6.2 Rights Available to All U.S. Residents

Regardless of your state of residence, we provide the following rights to all users of our Website:

• Right to Access: Request a copy of the personal information we hold about you.
• Right to Correction: Request that we correct or update any inaccurate or incomplete information.
• Right to Deletion: Request that we delete your account and personal data, subject to applicable legal obligations.
• Right to Opt-Out of Marketing: Unsubscribe from promotional communications at any time.
• Right to Withdraw Consent: Where we rely on your consent to process data, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

6.3 How to Submit a Privacy Request

To exercise any of the above rights, please contact us using the following methods:

• Email: [email protected]
• Website: primohoagies-eat.digital

We may need to verify your identity before processing your request. Verification may require you to confirm information associated with your account or provide additional documentation. We will not use information collected for verification purposes for any other purpose.

7. Cookie Usage

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and assist in our marketing efforts. Below is a brief overview of how we use cookies.

7.1 Types of Cookies We Use

• Strictly Necessary Cookies: These cookies are essential for the Website to function and cannot be disabled. They include session management and security cookies.
• Performance and Analytics Cookies: These cookies help us understand how visitors interact with our Website by collecting and reporting information anonymously (e.g., Google Analytics).
• Functional Cookies: These cookies enable the Website to remember your preferences and settings, such as your saved cart, language preference, and login status.
• Targeting and Advertising Cookies: These cookies are used to deliver relevant advertisements and track the effectiveness of our advertising campaigns. They may be set by us or third-party advertising partners.

7.2 Cookie Consent and Control

When you first visit our Website, you will be presented with a cookie consent banner. You may choose to accept all cookies, reject non-essential cookies, or manage your preferences individually. You may also control cookies through your browser settings at any time; however, disabling certain cookies may impact the functionality of our Website.

For full details about the cookies we use, how long they persist, and how to manage them, please refer to our Cookie Policy.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements. Our general data retention practices are as follows:

After the applicable retention period, personal information will be securely deleted, anonymized, or de-identified in accordance with our data disposal procedures. Where deletion is requested by a user, we will endeavor to fulfill the request within 45 days unless legal obligations require us to retain the data for a longer period.

9. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA) and other applicable laws, we do not knowingly collect, use, or disclose personal information from individuals under the age of 18. Our Website is not directed at children, and we do not market our services to minors.

If you are a parent or guardian and believe that your child under 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon receiving a verified request, we will promptly delete any such information from our records.

We reserve the right to verify the age of users who attempt to access age-restricted features of our Website. If we discover that a user under 18 has created an account, we will take steps to suspend and delete that account and any associated personal data.

10. International Data Transfers

Primo Hoagies is based in the United States, and the information we collect is governed by U.S. law. Our Website is designed for use within the United States, and we do not specifically target individuals outside the United States.

However, we may use third-party service providers that store or process data in data centers located outside the United States. When personal data is transferred internationally, we take steps to ensure that such transfers are carried out in accordance with applicable legal requirements and that appropriate safeguards are in place to protect the privacy and security of your data.

If you are accessing our Website from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those of your home country. By using our Website, you consent to such transfers.

We rely on the following mechanisms for international data transfers, where applicable:

• Standard Contractual Clauses (SCCs) approved by relevant data protection authorities
• Adequacy decisions recognizing the receiving country's data protection standards
• Your explicit consent for specific transfers

11. Third-Party Links and Websites

Our Website may contain links to third-party websites, services, social media platforms, or applications that are not owned or controlled by Primo Hoagies. These may include food delivery platforms, payment gateways, social media channels, or partner websites. This Privacy Policy does not apply to those third-party websites.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party websites you visit before providing any personal information.

12. Marketing Communications and Opt-Out

We may send you marketing communications via email, SMS, or push notifications about our products, promotions, and services. Where required by law, we will obtain your consent before sending marketing messages.

12.1 How to Opt Out

You may opt out of receiving marketing communications from us at any time using the following methods:

• Email: Click the "unsubscribe" or "manage preferences" link found in any marketing email we send you.
• Contact Us: Send an email to [email protected] with the subject line "Unsubscribe" and we will process your request within 10 business days.
• SMS: Reply "STOP" to any SMS marketing message you receive from us.

Please note that even after opting out of marketing communications, you will continue to receive transactional and account-related communications, such as order confirmations, receipts, and important service notifications.

13. Do Not Track Signals

Some web browsers include a "Do Not Track" (DNT) feature that sends a signal to websites requesting that your browsing activity not be tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As a result, our Website does not currently respond to DNT browser signals. However, you can manage your tracking preferences through our cookie consent tools and your browser settings.

14. Changes to This Privacy Policy

We reserve the right to modify this Privacy Policy at any time to reflect changes in our practices, legal obligations, or applicable law. When we make material changes to this Privacy Policy, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our Website
• Send an email notification to registered users where required or appropriate

Your continued use of our Website after any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

15. Filing Complaints

If you believe we have not adequately addressed your privacy concerns, you have the right to file a complaint with the appropriate authorities.

15.1 California Residents

California residents who have concerns about our privacy practices or our compliance with CCPA/CPRA may file a complaint with the California Privacy Protection Agency (CPPA):

• Website: https://cppa.ca.gov
• Address: 2101 Arena Blvd, Sacramento, CA 95834, United States

15.2 Federal Complaints

Consumers may also file complaints regarding unfair or deceptive trade practices, including privacy violations, with the Federal Trade Commission (FTC):

• Website: https://reportfraud.ftc.gov
• Phone: 1-877-FTC-HELP (1-877-382-4357)

15.3 State Attorney General Offices

Residents of other U.S. states may file privacy-related complaints with their respective state Attorney General offices. Contact information for each state's Attorney General can be found on the National Association of Attorneys General (NAAG) website at www.naag.org.

We encourage you to contact us first at [email protected] so that we may have the opportunity to resolve your concerns directly before you escalate to a regulatory authority.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team. We are committed to addressing your inquiries promptly and transparently.

We will respond to all privacy-related inquiries within 30 business days. For requests made under CCPA/CPRA or other state privacy laws, we will respond within the legally required timeframe.