Privacy Policy

Effective Date: March 28, 2026 | Last Updated: March 28, 2026

Welcome to Punch Pizza. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how Punch Pizza ("we," "us," or "our") collects, uses, discloses, and safeguards your information when you visit our website punchpizza.click, place orders, or otherwise interact with our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site and services immediately.

This Privacy Policy applies to all information collected through our website (punchpizza.click), as well as any related services, sales, marketing, or events (collectively referred to as the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.

1. About Us

Punch Pizza is a food service business operating in the United States. We provide customers with an online platform to browse our menu, place food orders, make reservations, and interact with our brand digitally and in person.

For privacy-related inquiries, you may contact us at:

Company Name: Punch Pizza
Website: punchpizza.click
Email: [email protected]

2. Information We Collect

We collect various types of information in connection with your use of our Services. The categories of information we collect are described below.

2.1 Personal Information You Provide Directly

When you interact with our Services — such as creating an account, placing an order, signing up for our newsletter, submitting a contact form, or participating in a promotion — you may voluntarily provide us with personal information, including but not limited to:

Identity Information: Your first and last name, username, or similar identifiers.
Contact Information: Email address, mailing address, billing address, delivery address, and phone number.
Account Credentials: Username and password used to access your account with us.
Payment Information: Credit card numbers, debit card numbers, billing addresses, and other financial information necessary to process your payments. Please note that payment data is handled by our secure, third-party payment processors and is not stored on our servers in full.
Order Information: Details of the food items you order, your food preferences, dietary restrictions or allergies you disclose to us, and delivery instructions.
Communications: The content of any messages, feedback, reviews, or other communications you send to us directly via email, contact forms, or social media.
Marketing Preferences: Your choices regarding whether you wish to receive promotional communications from us.

2.2 Information Collected Automatically

When you visit our website or use our digital Services, we automatically collect certain information about your device and browsing activity. This information may include:

Usage Data: Pages you visit on our site, links you click, the time and date of your visit, time spent on each page, referring URL, and other browsing statistics.
Device Information: Your IP address, browser type and version, operating system, device identifiers, screen resolution, language settings, and time zone.
Location Data: General geographic location data derived from your IP address. We may also collect more precise location data with your explicit consent (for example, to facilitate nearby delivery services).
Log Data: Server log files that record technical events related to your interaction with our website, including error reports and access timestamps.
Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies. Please see Section 8 (Cookie Usage) for more details.

2.3 Information from Third Parties

We may also receive information about you from third parties, including:

Social Media Platforms: If you connect to our Services through a social media account (such as Facebook or Google), we may receive profile information as permitted by your privacy settings on those platforms.
Analytics Partners: Information from analytics providers about how users interact with our website.
Delivery Partners: Information necessary to fulfill delivery orders placed through third-party delivery platforms that integrate with our Services.
Payment Processors: Confirmation and transaction data from payment service providers to verify successful transactions.

3. How We Use Your Information

We use the information we collect for a variety of business and operational purposes. Specifically, we use your information to:

3.1 Provide and Manage Our Services

Process and fulfill your food orders, including coordinating delivery or pickup.
Create, manage, and maintain your account with us.
Process payments and prevent fraudulent transactions.
Respond to your inquiries, customer service requests, and complaints.
Send you order confirmations, receipts, and service updates via email or SMS.
Accommodate dietary preferences, allergen disclosures, and special requests you provide.

3.2 Improve and Optimize Our Services

Analyze usage trends and customer preferences to improve our menu offerings and website functionality.
Conduct internal research, testing, and analytics to enhance user experience.
Monitor the technical performance of our website and fix bugs or errors.
Develop new features, products, and services based on customer feedback and behavior.

3.3 Marketing and Promotions

Send you promotional emails, newsletters, special offers, and information about new menu items — but only if you have opted in to receive such communications or where permitted by applicable law.
Deliver personalized content and advertisements based on your interests and browsing history.
Administer contests, sweepstakes, promotions, surveys, and other marketing events.
Measure the effectiveness of our marketing campaigns and advertising efforts.

You may opt out of receiving marketing communications from us at any time by clicking the "Unsubscribe" link in any promotional email or by contacting us at [email protected].

3.4 Legal Compliance and Safety

Comply with applicable federal, state, and local laws and regulations, including food safety regulations and consumer protection laws.
Enforce our Terms of Service and other agreements.
Protect the rights, property, and safety of Punch Pizza, our customers, and the public.
Detect, investigate, and prevent fraudulent transactions, security incidents, and other illegal activities.
Respond to lawful requests from public authorities, including law enforcement agencies.

4. Legal Basis for Processing (United States)

Punch Pizza operates in the United States and processes personal information in compliance with applicable U.S. privacy laws. Our legal basis for collecting and using your personal data depends on the specific information collected and the context in which it is collected:

Contractual Necessity: Processing is necessary to fulfill our contract with you — for example, to process your food orders and deliver them to you.
Legitimate Interests: We process certain data based on our legitimate business interests, such as improving our Services, preventing fraud, and conducting analytics, provided these interests are not overridden by your rights.
Consent: Where required by law, we will obtain your explicit consent before processing your information — for example, before sending marketing communications or using non-essential cookies.
Legal Obligation: We may process your information where it is necessary to comply with a legal obligation under U.S. federal or state law.

If you are a resident of California, your rights are additionally protected under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). Please refer to Section 9 for detailed information about your California-specific rights.

5. Sharing Your Information with Third Parties

We do not sell, rent, or trade your personal information for monetary consideration. However, we may share your information in the following limited circumstances:

5.1 Service Providers and Business Partners

We engage trusted third-party companies and individuals to perform services on our behalf and to assist us in operating our business. These service providers have access to your personal information only to the extent necessary to perform their functions and are obligated by contract to maintain its confidentiality and security. Categories of service providers include:

Payment processors and financial institutions (e.g., Stripe, Square, or similar)
Cloud hosting and data storage providers
Email and SMS communication platforms
Delivery and logistics partners
Website analytics and performance monitoring tools (e.g., Google Analytics)
Customer relationship management (CRM) software providers
Marketing automation and advertising platforms
Fraud detection and security service providers

5.2 Business Transfers

In the event that Punch Pizza undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity or successor. We will notify you via email and/or a prominent notice on our website of any such change in ownership and any resulting changes to the use of your personal information.

5.3 Legal Requirements

We may disclose your information if required to do so by law, regulation, or valid legal process, including subpoenas, court orders, or government demands. We may also disclose information when we believe in good faith that disclosure is necessary to:

Comply with applicable federal, state, or local law under the FTC Act or other consumer protection statutes.
Protect the safety of any person from death or serious bodily injury.
Prevent fraud or address security issues.
Protect the rights and property of Punch Pizza.

5.4 Aggregated and De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other business purposes.

6. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical safeguards designed to protect your information from unauthorized access, disclosure, alteration, and destruction. These measures include:

Encryption: We use industry-standard SSL/TLS encryption to protect data transmitted between your browser and our servers.
Secure Payment Processing: All payment transactions are processed through PCI-DSS-compliant payment processors. We do not store complete credit card numbers on our servers.
Access Controls: Access to personal information within our organization is restricted to employees and contractors who need it to perform their job functions. All such personnel are subject to confidentiality obligations.
Regular Security Audits: We conduct periodic reviews and assessments of our security practices and systems.
Incident Response: We maintain a data breach response plan and will notify affected individuals and relevant authorities in accordance with applicable U.S. state data breach notification laws in the event of a security incident.

Despite these measures, no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You use our Services at your own risk.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention guidelines are as follows:

Type of Data	Retention Period
Account information	Duration of account plus 3 years after account closure
Order and transaction records	7 years (for accounting and tax compliance purposes)
Marketing preferences and communications	Until you withdraw consent or opt out
Website usage and analytics data	Up to 26 months
Customer service correspondence	3 years from the date of resolution
Cookie and tracking data	As specified in our Cookie Policy (varies by cookie type)
Legal compliance records	As required by applicable federal or state law

When we no longer need your personal information, we will securely delete or anonymize it. If deletion is not immediately possible (for example, because data is stored in backup archives), we will securely isolate your information from further processing until deletion is possible.

8. Cookie Usage

Our website uses cookies and similar tracking technologies — such as web beacons, pixel tags, and local storage objects — to enhance your browsing experience, analyze website traffic, and deliver relevant advertising.

8.1 Types of Cookies We Use

Strictly Necessary Cookies: These cookies are essential for the operation of our website, such as enabling you to log in or complete an order. They cannot be disabled.
Performance and Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting anonymous usage information, enabling us to improve performance and user experience.
Functionality Cookies: These cookies remember your preferences (such as your location, language, or saved cart) to provide a more personalized experience.
Marketing and Advertising Cookies: These cookies track your browsing habits to deliver targeted advertisements that are relevant to your interests, both on and off our website.

8.2 Managing Cookies

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website and your ability to place orders. Most browsers allow you to refuse cookies or delete existing cookies. For more information, visit your browser's help documentation.

For more detailed information about the specific cookies we use, how long they are stored, and how to manage your preferences, please refer to our full Cookie Policy available on our website.

9. Your Privacy Rights

Depending on your state of residence, you may have certain rights with respect to your personal information. We are committed to honoring these rights and will respond to verified requests within the timeframes required by applicable law.

9.1 Rights Available to All U.S. Users

Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You may request that we correct any inaccurate or incomplete personal information we hold about you.
Right to Deletion: You may request that we delete your personal information, subject to certain exceptions (such as when retention is required by law or to fulfill ongoing contractual obligations).
Right to Opt Out of Marketing: You may opt out of receiving promotional communications from us at any time.

9.2 California Residents — CCPA/CPRA Rights

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with the following additional rights:

Right to Know: You have the right to request that we disclose what personal information we have collected about you, the categories of sources from which it was collected, the business purpose for collecting it, and the categories of third parties with whom it is shared.
Right to Delete: You have the right to request deletion of personal information we have collected from you, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
Right to Opt Out of Sale or Sharing: Although we do not sell your personal information for monetary consideration, we may share your data with advertising partners in ways that may qualify as "sharing" under CPRA. You may opt out of such sharing by contacting us or by using the "Do Not Sell or Share My Personal Information" link on our website.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information (such as payment card details and precise geolocation) to purposes necessary to perform the requested services.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level of quality of service because you exercised your privacy rights.

To submit a request to exercise any of your California privacy rights, please contact us at [email protected]. We will respond to verifiable consumer requests within 45 days, with a possible extension of an additional 45 days when reasonably necessary, as permitted by the CCPA/CPRA.

9.3 Rights Available Under Other State Laws

Residents of other U.S. states including, but not limited to, Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), and Texas (TDPSA) may also have privacy rights under their respective state laws. These rights may include access, correction, deletion, data portability, and the right to opt out of targeted advertising and profiling. We honor these rights to the fullest extent required by applicable law. Contact us at [email protected] to exercise your rights under applicable state law.

9.4 How to Submit a Privacy Request

To exercise any of your privacy rights, please:

Email us at [email protected] with the subject line "Privacy Rights Request."
Include your full name, email address associated with your account, your state of residence, and a description of the right you wish to exercise.
We may need to verify your identity before processing your request to ensure we are responding to the correct individual.

You may also designate an authorized agent to make a request on your behalf. To do so, the authorized agent must provide written proof of authorization, and we may require you to verify your identity directly with us.

10. Children's Privacy

Our Services are intended for individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from children under the age of 13 in violation of the Children's Online Privacy Protection Act (COPPA), or from individuals under the age of 18 without verified parental consent.

If you are under 18 years of age, please do not use our website or submit any personal information through our Services. If we become aware that we have collected personal information from a child under 13 (or under 18, where applicable) without appropriate consent, we will take steps to delete that information as quickly as possible.

If you believe that we may have collected personal information from or about a child in violation of this section, please contact us immediately at [email protected].

11. International Data Transfers

Punch Pizza is based in the United States, and the information we collect is governed by U.S. law. However, our service providers and technology partners may be located in, or operate from, countries other than the United States.

If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or in other countries where our service providers operate. Data protection laws in these countries may differ from those in your home country. By using our Services and providing us with your information, you consent to the transfer of your information to the United States and other applicable jurisdictions.

We take steps to ensure that our service providers and partners who process data internationally maintain adequate safeguards, including contractual data protection agreements where required.

12. Third-Party Websites and Links

Our website may contain links to third-party websites, services, or applications that are not operated by Punch Pizza. This Privacy Policy does not apply to those third-party platforms. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites. We encourage you to review the privacy policy of every site you visit.

13. Do Not Track Signals

Some browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As a result, we do not currently alter our data collection and use practices in response to DNT signals from your browser. However, you can manage your cookie preferences and opt out of certain types of tracking as described in Section 8 of this Privacy Policy.

14. Federal Trade Commission (FTC) Compliance

Our privacy practices are designed to comply with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive acts or practices in commerce. We are committed to transparency about our data collection and use practices, and we will not engage in any deceptive or misleading privacy representations. If you believe that our privacy practices are unfair or deceptive, you have the right to file a complaint with the FTC (see Section 16 for instructions).

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time and for any reason, at our sole discretion. When we make material changes to this Privacy Policy, we will notify you by:

Posting the updated Privacy Policy on this page with a revised "Last Updated" date at the top;
Sending you an email notification to the address associated with your account (where applicable); and/or
Displaying a prominent banner or notice on our website informing you of the update.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services following the posting of changes to this Privacy Policy will constitute your acknowledgment of the changes and your agreement to abide by the updated terms.

16. Filing a Complaint

If you have concerns about our privacy practices that we have not addressed to your satisfaction, you have the right to file a complaint with the appropriate regulatory authority. In the United States, you may file a complaint with:

16.1 Federal Trade Commission (FTC)

Federal Trade Commission
600 Pennsylvania Avenue, NW
Washington, D.C. 20580
Website: www.ftc.gov/complaint
Phone: 1-877-382-4357

16.2 California Residents — California Privacy Protection Agency (CPPA)

California residents who wish to file a complaint regarding our CCPA/CPRA compliance may contact the California Privacy Protection Agency:

California Privacy Protection Agency
2101 Arena Blvd, Sacramento, CA 95834
Website: cppa.ca.gov
Email: [email protected]

16.3 State Attorneys General

Residents of all U.S. states may also file complaints with their respective state Attorney General's office regarding violations of state consumer protection and privacy laws. Contact information for your state's Attorney General can typically be found on your state government's official website.

17. Contact Us

If you have any questions, concerns, comments, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to contact us. We are committed to addressing all privacy inquiries in a timely and transparent manner.

Punch Pizza — Privacy Inquiries

Company: Punch Pizza

Website: punchpizza.click

Email: [email protected]

When contacting us about a privacy matter, please include the following in your correspondence so that we can assist you efficiently:

Your full name and contact information
A description of your privacy concern or request
The state in which you reside (for state-specific rights requests)
Any relevant account information (such as your email address used to register with us)

We will acknowledge your inquiry promptly and aim to respond to all substantive privacy requests within 30 days of receipt, or within the timeframe required by applicable law.

Note: This Privacy Policy was last reviewed and updated on March 28, 2026. We encourage you to revisit this page regularly for any updates or changes to our privacy practices.