Privacy Policy

1. Introduction

At Dions, we are deeply committed to protecting your privacy and safeguarding your personal information. This comprehensive Privacy Policy outlines how we collect, use, protect, and share information about you when you use our food delivery services, visit our restaurants, or interact with our website and mobile applications.

This policy applies to all interactions you have with Dions, including but not limited to placing orders, making reservations, participating in our loyalty programs, contacting customer support, and engaging with our marketing communications. By using our services, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide to Us

We collect information you voluntarily provide when using our services:

• Personal Identification Information: Name, email address, phone number, delivery and billing addresses
• Account Information: Username, password, order history, dietary preferences, allergen information
• Payment Information: Credit card details, billing information (stored encrypted through secure payment processors)
• Food Preferences: Favorite orders, special dietary requirements (vegan, vegetarian, halal, kosher, gluten-free), allergen restrictions
• Communication Data: Contact form submissions, customer reviews, feedback, support inquiries
• Reservation Details: Table booking information, party size, special occasion notes
• Catering Information: Event details, guest count, menu preferences, delivery instructions
• Marketing Preferences: Newsletter subscriptions, promotional communications consent
• Loyalty Program Data: Points balance, rewards history, membership tier information

2.2 Automatically Collected Information

When you interact with our digital platforms, we automatically collect certain technical information:

• Device Information: IP address, browser type and version, operating system, device identifiers
• Usage Data: Pages visited, time spent on site, click patterns, search queries, order completion rates
• Location Data: Approximate location derived from IP address, precise location (with permission) for delivery optimization
• Cookie Data: Session identifiers, user preferences, shopping cart contents, authentication tokens
• Analytics Information: Traffic sources, conversion rates, popular menu items, peak ordering times

2.3 Information from Third Parties

We may receive information about you from external sources:

• Social Media Platforms: Profile information if you connect your social accounts
• Payment Processors: Transaction verification and fraud prevention data
• Delivery Partners: Delivery status updates and location tracking information
• Marketing Partners: Campaign performance data and audience insights (anonymized)
• Review Platforms: Public reviews and ratings you post about our services

3. How We Use Your Information

3.1 Service Provision

We use your information to deliver our core food services:

• Order Processing: Preparing, confirming, and fulfilling your food orders accurately
• Delivery Management: Coordinating timely delivery to your specified address
• Account Management: Maintaining your user profile, order history, and preferences
• Customer Support: Responding to inquiries, resolving issues, and providing assistance
• Quality Improvement: Analyzing feedback to enhance our menu, service quality, and customer experience
• Personalization: Customizing menu recommendations based on your dietary preferences and order history

3.2 Communication

We communicate with you for various service-related purposes:

• Order Notifications: Confirmations, preparation updates, delivery tracking, and completion alerts
• Customer Support: Responses to your questions, concerns, and service requests
• Service Updates: Important notices about menu changes, policy updates, or system maintenance
• Marketing Communications: Promotional offers, new menu items, special events (only with your consent)
• Loyalty Program: Points balance updates, reward notifications, tier status changes

3.3 Marketing and Analytics

To improve our services and reach customers effectively:

• Personalized Marketing: Targeted offers based on your preferences and order history
• Website Analytics: Understanding user behavior to optimize our digital platforms
• Campaign Measurement: Evaluating the effectiveness of our marketing initiatives
• Market Research: Developing new menu items and services based on customer preferences
• Trend Analysis: Identifying popular dishes, peak ordering times, and seasonal preferences

3.4 Legal Compliance and Security

We may use your information to meet legal obligations and protect our business:

• Legal Compliance: Responding to court orders, subpoenas, and regulatory requirements
• Fraud Prevention: Detecting and preventing fraudulent transactions and account abuse
• Safety Protection: Ensuring the safety of our customers, employees, and business operations
• Dispute Resolution: Resolving conflicts related to orders, payments, or service issues
• Risk Management: Assessing and mitigating business and operational risks

4. Information Sharing and Disclosure

4.1 Service Providers

We work with trusted third-party service providers who help us deliver our services:

• Payment Processors: Secure handling of credit card transactions and payment verification
• Delivery Services: Third-party delivery partners for order fulfillment and tracking
• Cloud Storage Providers: Secure data storage and backup services with enterprise-grade security
• Marketing Services: Email campaign management and customer communication platforms
• Analytics Tools: Website performance monitoring and user behavior analysis
• Customer Support: Help desk software and communication management systems

4.2 Legal Requirements

We may disclose your information when required by law or to protect legitimate interests:

• Legal Process: Compliance with court orders, subpoenas, and search warrants
• Regulatory Compliance: Meeting requirements from government agencies and regulatory bodies
• Rights Protection: Defending our intellectual property, contracts, and business interests
• Safety Concerns: Addressing immediate threats to public safety or individual welfare
• Emergency Situations: Providing information to emergency responders when necessary

4.3 Business Transfers

In the event of a business transaction involving Dions:

• Merger or Acquisition: Transfer of customer data as part of business assets
• Asset Sale: Inclusion of customer information in the sale of business units
• Customer Notification: Advance notice to customers before any transfer occurs
• Policy Compliance: Ensuring new owners adhere to equivalent privacy protections

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

• Participation in joint marketing campaigns
• Sharing reviews and testimonials (with attribution)
• Integration with third-party applications you choose to connect

5. Data Security

5.1 Technical Measures

We implement comprehensive technical safeguards to protect your information:

• Encryption: SSL/TLS encryption for all data transmission and AES-256 encryption for data at rest
• Firewall Systems: Advanced network security with intrusion detection and prevention
• Access Controls: Multi-factor authentication and role-based access for employees
• Security Monitoring: 24/7 monitoring for suspicious activities and security threats
• Data Backup: Regular encrypted backups with geographic distribution for disaster recovery
• Vulnerability Management: Regular security assessments and prompt patching of systems

5.2 Organizational Measures

Our organizational practices ensure comprehensive data protection:

• Employee Training: Regular privacy and security training for all staff members
• Data Handling Procedures: Strict protocols for accessing, processing, and storing personal data
• Vendor Agreements: Contractual privacy and security requirements for all third parties
• Incident Response: Comprehensive plan for responding to potential security breaches
• Privacy Officers: Dedicated staff responsible for privacy compliance and oversight
• Regular Audits: Internal and external security assessments and compliance reviews

5.3 Your Security Responsibilities

Help us protect your account by following these security best practices:

• Strong Passwords: Use complex passwords with a combination of letters, numbers, and symbols
• Account Privacy: Never share your login credentials with others
• Secure Devices: Log out from shared or public computers after use
• Phishing Awareness: Be cautious of suspicious emails or messages asking for personal information
• Prompt Reporting: Immediately report any unauthorized access to your account

6. Cookies and Tracking Technologies

We use various technologies to enhance your experience and gather information about how our services are used:

Cookie Type	Purpose	Duration
Essential Cookies	Basic site functions, login state, shopping cart functionality	Session (deleted when browser closes)
Functional Cookies	User preferences, language settings, location memory	Up to 1 year
Analytics Cookies	Website usage analysis, performance optimization	Up to 2 years
Marketing Cookies	Personalized advertising, campaign measurement	Up to 1 year

Additional Tracking Technologies

• Google Analytics: Website traffic analysis and user behavior insights
• Facebook Pixel: Social media advertising effectiveness and audience building
• Web Beacons: Email open rates and engagement tracking
• Local Storage: Enhanced user experience through browser data storage
• Session Replay: Anonymous user interaction recording for UX improvement

Cookie Management

You have control over how cookies are used on our website:

• Use your browser settings to accept, reject, or delete cookies
• Access our cookie preferences center for granular control
• Note that disabling certain cookies may affect website functionality
• Marketing cookies can be disabled without affecting core services

7. Your Privacy Rights

Under applicable privacy laws (including GDPR and CCPA), you have several important rights regarding your personal information:

7.1 Right of Access

You can request a copy of all personal information we hold about you, including order history, preferences, and communication records. We will provide this information in a clear, accessible format.

7.2 Right to Rectification

If any of your personal information is inaccurate or incomplete, you can request corrections. This includes updating contact information, delivery addresses, and dietary preferences.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information, subject to legal retention requirements. Note that some information may be retained for legitimate business purposes such as fraud prevention or regulatory compliance.

7.4 Right to Restrict Processing

You can request that we limit how we process your data in certain circumstances, such as when you contest the accuracy of information or object to processing.

7.5 Right to Data Portability

You can request your personal information in a machine-readable format to transfer to another service provider. This includes order history, preferences, and account information.

7.6 Right to Object

You can object to processing of your personal information for direct marketing purposes or other legitimate interests. Marketing communications can be stopped immediately upon request.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that significantly affects you.

How to Exercise Your Rights

8. Children's Privacy

Protecting children's privacy is extremely important to us. Our services are not intended for individuals under 16 years of age, and we do not knowingly collect personal information from children under 16.

If we discover that we have collected information from a child under 16 without parental consent, we will promptly delete that information from our systems. Parents who believe their child has provided personal information to us should contact us immediately.

If you are a parent and become aware that your child has provided personal information to Dions, please contact us so we can take appropriate action to remove the information and prevent further collection.

9. International Data Transfers

9.1 Protection Measures

When we transfer your personal information internationally, we implement appropriate safeguards:

• Adequacy Decisions: Transfers to countries recognized by the European Commission as having adequate data protection
• Standard Contractual Clauses: EU-approved contract terms that provide privacy protections for international transfers
• Data Processing Agreements: Comprehensive contracts with international partners ensuring privacy compliance
• Security Measures: Technical and organizational safeguards equivalent to domestic protections
• Regular Audits: Ongoing compliance monitoring for all international data handling

9.2 Transfer Destinations

Your information may be transferred to and processed in the following regions:

• United States: Cloud storage and data processing services
• European Union: Analytics and customer support operations
• Other Countries: As necessary for service delivery, with appropriate protections in place

10. Data Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy:

Information Type	Retention Period	Reason for Retention
Account Information	6 months after account deletion	Legal obligations, fraud prevention, dispute resolution
Order History	7 years	Tax, accounting, and regulatory requirements
Payment Information	As required by payment processor	Transaction verification, chargeback protection
Marketing Consent	3 months after withdrawal	Consent record keeping, compliance documentation
Website Usage Logs	Up to 2 years	Security monitoring, performance analysis
Customer Support Records	3 years	Service quality improvement, training purposes
Location Data	30 days	Delivery optimization, service improvement

Safe Data Disposal

When retention periods expire, we ensure secure data disposal:

• Electronic Data: Complete deletion using industry-standard methods that make data unrecoverable
• Physical Records: Secure shredding and destruction of paper documents
• Backup Systems: Removal from all backup and archive systems
• Disposal Records: Maintenance of disposal logs for audit purposes

11. Third-Party Links

Our website and mobile applications may contain links to third-party websites, social media platforms, and services that are not operated by Dions. This Privacy Policy does not apply to these external sites.

We are not responsible for the privacy practices or content of third-party websites. These sites may collect information about you and use cookies according to their own privacy policies. We encourage you to review the privacy policies of any third-party sites you visit.

When you click on third-party links or interact with integrated services (such as social media buttons), you are subject to the terms and privacy policies of those third parties. Exercise caution when providing personal information to external sites.

12. Policy Changes

12.1 Change Notification

We may update this Privacy Policy periodically to reflect changes in our practices, services, or legal requirements. When we make changes, we will notify you through:

• Website Notice: Prominent banner notification on our homepage
• Email Notification: Direct communication to all registered users
• App Notification: Push notification through our mobile application
• Login Alert: Pop-up notification when you next access your account

12.2 Checking for Changes

We recommend regularly reviewing this Privacy Policy:

• The latest version is always available on our website
• Check the "Last Updated" date at the top of this policy
• Continued use of our services after changes constitutes acceptance
• You may discontinue using our services if you disagree with changes

For significant changes that materially affect how we use your personal information, we will seek your explicit consent before implementing the changes.

13. Contact Information

13.1 Filing Complaints

If you have concerns about our privacy practices that we cannot resolve, you may file a complaint with the relevant supervisory authority:

• US Residents: Federal Trade Commission (FTC) - consumer.ftc.gov
• EU Residents: Your local Data Protection Authority
• UK Residents: Information Commissioner's Office (ICO) - ico.org.uk

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time through:

• Email Unsubscribe: Click the unsubscribe link in any marketing email
• Account Settings: Update your communication preferences in your user account
• Customer Support: Contact our support team for immediate opt-out
• Text Messages: Reply "STOP" to any promotional text message

14.2 Account Deletion

To completely delete your account and associated personal information:

1. Log into your account and go to Account Settings
2. Select "Delete Account" option
3. Confirm deletion and provide reason (optional)
4. Receive confirmation email within 24 hours
5. Account data will be deleted within 30 days (subject to legal retention requirements)

Note: Some information may be retained for legitimate business purposes such as fraud prevention, legal compliance, or dispute resolution, as outlined in our retention schedule.

15. Conclusion

At Dions, protecting your privacy is not just a legal obligation—it's fundamental to building and maintaining your trust. We are committed to transparency in our data practices and continuously improving our privacy protections as technology and regulations evolve.

This Privacy Policy reflects our ongoing commitment to responsible data stewardship. We believe that respecting your privacy rights is essential to providing excellent service and building lasting relationships with our customers.

We appreciate the trust you place in us by sharing your personal information, and we take our responsibility to protect that information seriously. If you have any questions, concerns, or suggestions about our privacy practices, please don't hesitate to reach out to us.

Thank you for choosing Dions. We look forward to serving you with the highest standards of privacy protection and exceptional food service.