Privacy Policy

This Privacy Policy describes how Via 313 ("we," "us," "our," or "the Company") collects, uses, discloses, and protects your personal information when you visit our website at meal-via313.digital, place orders through our platform, subscribe to our communications, or otherwise interact with our food services. Please read this policy carefully before using our website or services.

By accessing or using our website, submitting an order, creating an account, or otherwise providing us with your personal information, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with the practices described herein, please discontinue use of our website and services immediately.

We are committed to protecting your privacy in compliance with applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), the CAN-SPAM Act, and other applicable federal and state consumer protection statutes.

1. About Us

Via 313 is a food service business operating through the website meal-via313.digital. We provide customers with access to our menu, online ordering capabilities, promotions, and related food service offerings. For all privacy-related matters, you may contact us using the details provided in the Contact Information section of this policy.

2. Information We Collect

We collect several categories of information to provide, maintain, and improve our services. The type of information we collect depends on how you interact with us.

2.1 Personal Identification Information

When you register for an account, place an order, sign up for newsletters, or contact us directly, we may collect:

• Full name
• Email address
• Phone number
• Billing address and delivery address
• Username and password (stored in encrypted form)
• Date of birth (where required for age verification purposes)
• Dietary preferences or food allergy information you voluntarily provide

2.2 Payment and Transaction Information

When you make a purchase through our platform, we collect the information necessary to process your payment. Please note that full payment card details (card numbers, CVV codes) are handled directly by our PCI-DSS compliant third-party payment processors and are not stored on our servers. However, we may retain:

• Order history and transaction records
• Partial payment card information (last four digits) for reference purposes
• Billing address associated with your payment method
• Refund and dispute records

2.3 Usage Data and Behavioral Information

We automatically collect certain information about how you interact with our website, including:

• Pages visited and time spent on each page
• Links clicked and features used
• Items added to cart or wishlisted
• Search queries made within the website
• Frequency and recurrence of visits
• Referring URLs (the website that directed you to ours)
• Navigation paths and session flow

2.4 Device and Technical Information

To ensure our website functions correctly and securely across different devices, we may collect:

• IP address
• Browser type and version
• Operating system and device type (desktop, mobile, tablet)
• Screen resolution
• Language settings
• Time zone
• Unique device identifiers
• Internet service provider (ISP)

2.5 Location Data

To facilitate accurate delivery services and to show you relevant local promotions or nearby store locations, we may collect:

• Approximate location based on your IP address
• Precise geolocation data if you grant permission through your browser or mobile device
• Delivery address information you provide manually

2.6 Communications and Customer Support Data

When you contact our customer support team or communicate with us via email, phone, or online forms, we collect and retain:

• The content of your messages and inquiries
• Feedback, reviews, and ratings you submit
• Records of complaints and resolutions
• Any attachments or photos you send us

2.7 Cookies and Tracking Technologies

We use cookies, pixel tags, web beacons, local storage, and similar tracking technologies to collect information about your browsing behavior. A more detailed explanation of our cookie use can be found in Section 7 of this policy.

2.8 Information from Third Parties

We may receive information about you from third-party sources, such as:

• Social media platforms if you choose to connect your account or log in via a social sign-on feature
• Third-party food delivery aggregators or ordering platforms that may direct orders to us
• Analytics and advertising partners
• Fraud prevention and identity verification services

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Service Provision and Order Fulfillment

• Processing and fulfilling your food orders, including delivery or pick-up arrangements
• Managing your account and providing access to order history
• Communicating order confirmations, updates, and delivery status notifications
• Responding to your customer service requests and resolving issues
• Accommodating dietary preferences and allergy information you have provided

3.2 Payment Processing

• Facilitating secure payment transactions through our authorized processors
• Verifying billing information and preventing fraudulent transactions
• Issuing refunds and processing adjustments where applicable

3.3 Analytics and Service Improvement

• Analyzing website traffic, user behavior, and ordering patterns to improve our menu, website design, and user experience
• Conducting internal research and product development
• Testing new features and functionality
• Monitoring and diagnosing technical issues

3.4 Marketing and Promotional Communications

• Sending you promotional emails, newsletters, and special offers if you have opted in to receive marketing communications
• Displaying targeted advertisements based on your browsing history and preferences, both on our website and on third-party platforms
• Informing you about seasonal menus, loyalty programs, and upcoming events
• Conducting surveys and gathering feedback to improve our services

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any of our emails or by contacting us directly at [email protected]. Please note that even after opting out of marketing communications, you may still receive transactional emails related to your orders and account.

3.5 Legal Compliance and Safety

• Complying with applicable federal and state laws and regulations
• Responding to lawful requests from law enforcement agencies and regulatory authorities
• Enforcing our Terms of Service and other agreements
• Protecting the rights, property, and safety of Via 313, our customers, and the general public
• Detecting, investigating, and preventing fraudulent activity, unauthorized access, and other illegal conduct

3.6 Personalization

• Personalizing your experience on our website by remembering your preferences, order history, and saved addresses
• Recommending menu items based on your previous orders and browsing behavior

4. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information with trusted third parties in the following circumstances:

4.1 Service Providers and Business Partners

We engage third-party vendors and service providers who perform functions on our behalf, including:

• Payment processors: To securely process your financial transactions
• Delivery logistics partners: To fulfill and track your food deliveries
• Cloud hosting and IT infrastructure providers: To store and manage our data securely
• Email and SMS communication platforms: To send you order confirmations and marketing messages
• Analytics providers: Such as Google Analytics, to help us understand how our website is used
• Customer support software: To manage and respond to customer inquiries efficiently
• Advertising and marketing platforms: To serve targeted advertising campaigns

All such service providers are contractually obligated to use your information only as instructed by us, to implement appropriate data security measures, and to comply with applicable privacy laws.

4.2 Legal Obligations and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

• Comply with a legal obligation, court order, subpoena, or similar legal process
• Cooperate with law enforcement investigations
• Protect the rights, property, or safety of Via 313, our customers, employees, or others
• Detect, prevent, or address fraud, security breaches, or technical issues

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, sale of assets, or other business transition, your personal information may be transferred to the acquiring entity as part of the transaction. We will notify you via email and/or a prominent notice on our website prior to such a transfer and inform you of any choices you may have regarding your information.

4.4 With Your Consent

We may share your information with third parties in other circumstances where you have provided explicit consent for such sharing.

5. Data Security

The security of your personal information is a priority for us. We implement a comprehensive set of technical, administrative, and physical safeguards designed to protect your data against unauthorized access, disclosure, alteration, and destruction.

5.1 Technical Safeguards

• Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption for all data transmitted between your browser and our website
• Encryption of sensitive stored data, including account passwords (using industry-standard hashing algorithms)
• Firewalls, intrusion detection systems, and network monitoring
• Regular security vulnerability assessments and penetration testing
• Multi-factor authentication for administrative system access

5.2 Administrative Safeguards

• Restricting access to personal data to employees and contractors who need it to perform their job functions
• Mandatory data privacy and security training for all staff members
• Internal data handling policies and procedures
• Vendor due diligence and data processing agreements with all third-party service providers

5.3 Incident Response

In the event of a data security breach that is reasonably likely to result in harm to affected individuals, we will notify affected users in accordance with applicable state breach notification laws, including those of the state in which our business operates. Notifications will be provided in a timely manner and will include information about the nature of the breach, the data affected, and the steps you can take to protect yourself.

While we take all reasonable precautions, no method of data transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, and we encourage you to use strong, unique passwords for your account and to avoid sharing your login credentials with others.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and deliver relevant advertising.

6.1 What Are Cookies?

Cookies are small text files that are stored on your device when you visit a website. They help the website recognize your device on subsequent visits and remember your preferences and actions over time.

6.2 Types of Cookies We Use

6.3 Managing Your Cookie Preferences

You can manage or disable cookies through your browser settings at any time. Most modern browsers allow you to refuse some or all cookies, delete existing cookies, or be notified when cookies are set. Please note that disabling certain categories of cookies may affect the functionality of our website and your ability to place orders or use certain features.

For more detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy, available on our website.

7. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements. Our general retention guidelines are as follows:

When personal information is no longer needed, we will securely delete or anonymize it in accordance with our data destruction procedures. Anonymized data that cannot be linked back to any individual may be retained for statistical and research purposes indefinitely.

8. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information under applicable United States privacy laws. We are committed to honoring these rights and providing you with meaningful control over your data.

8.1 Rights Available to All Users

• Right to Access: You have the right to request a copy of the personal information we hold about you.
• Right to Correction: You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.
• Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions (e.g., where we are required to retain data to comply with legal obligations or complete pending transactions).
• Right to Opt Out of Marketing: You have the right to opt out of receiving marketing communications from us at any time.

8.2 California Residents — Rights Under CCPA/CPRA

If you are a resident of California, you are afforded additional rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA):

• Right to Know: The right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purposes for collecting it, and the categories of third parties with whom we share it.
• Right to Delete: The right to request deletion of personal information collected from you, subject to certain legal exceptions.
• Right to Correct: The right to request correction of inaccurate personal information we maintain about you.
• Right to Opt Out of Sale or Sharing: The right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell your personal information. However, our use of certain third-party advertising and analytics tools may constitute "sharing" under California law. You may opt out of such sharing by contacting us.
• Right to Limit Use of Sensitive Personal Information: Where applicable, the right to limit our use and disclosure of sensitive personal information (such as precise geolocation data).
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA privacy rights. We will not deny you services, charge you different prices, or provide you a lower quality of service for exercising your rights.
• Authorized Agent: You may designate an authorized agent to submit a request on your behalf. We may require verification of your identity or the agent's authorization.

8.3 How to Exercise Your Rights

To exercise any of your privacy rights, please contact us using the following methods:

• Email: [email protected]
• Website: meal-via313.digital

We will verify your identity before processing your request to protect your security and privacy. We will respond to verifiable consumer requests within 45 days of receipt. If necessary, we may extend this period by an additional 45 days (for a total of 90 days), and we will notify you of the extension and the reasons for it within the initial 45-day period. We do not charge a fee to process your requests unless they are excessive, repetitive, or manifestly unfounded.

9. Children's Privacy

Our website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, in compliance with the Children's Online Privacy Protection Act (COPPA).

If you are under 18, please do not use our website or provide any personal information to us. If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information, please contact us immediately at [email protected] and we will take prompt steps to delete such information from our records.

We do not knowingly market to or target individuals under the age of 18.

10. International Data Transfers

Via 313 is based in the United States and operates primarily within the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection and privacy laws may differ from those in your country of residence.

By using our website and services from outside the United States, you consent to the transfer of your information to the United States and its processing in accordance with this Privacy Policy. We take appropriate measures to ensure that such transfers are conducted securely and in compliance with applicable legal requirements.

11. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, and external services that are not operated by Via 313. This Privacy Policy does not apply to those third-party websites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party websites you visit before providing any personal information.

When you interact with social media features on our website (such as "Like" or "Share" buttons), those features may collect your IP address and other information and set cookies. Your interactions with those features are governed by the privacy policy of the respective social media provider.

12. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that sends a signal to websites requesting that your browsing activity not be tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. Our website does not currently respond to DNT browser signals. However, you can manage your tracking preferences through our cookie settings and the opt-out mechanisms described in this policy.

13. Your Choices and Opt-Out Options

We want to give you meaningful control over your personal information. In addition to exercising your formal privacy rights as described in Section 8, you have the following choices:

• Account Settings: You may update your account information, communication preferences, and saved addresses by logging into your account on our website.
• Email Marketing: You may unsubscribe from marketing emails at any time by clicking the "unsubscribe" link at the bottom of any marketing email or by contacting us at [email protected].
• SMS/Text Messages: If you have opted into SMS marketing, you may opt out by replying "STOP" to any text message from us or by contacting us directly.
• Push Notifications: You may disable push notifications through your device or browser settings.
• Interest-Based Advertising: You may opt out of interest-based advertising through industry opt-out tools such as the Network Advertising Initiative (NAI) Opt-Out Tool and the Digital Advertising Alliance (DAA) Opt-Out Tool.
• Google Analytics: You may opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

14. Filing Complaints

If you have concerns about our privacy practices and are not satisfied with our response to your inquiries, you have the right to file a complaint with relevant regulatory authorities.

14.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) is the primary federal consumer protection agency in the United States responsible for enforcing privacy-related consumer protection laws. You may file a complaint with the FTC at:

14.2 California Residents — California Privacy Protection Agency (CPPA)

California residents may file complaints regarding violations of their CCPA/CPRA rights with the California Privacy Protection Agency (CPPA):

14.3 State Attorneys General

You may also contact your state's Attorney General office to report privacy violations and seek assistance with consumer protection complaints.

15. Automated Decision-Making and Profiling

We may use automated systems to analyze your browsing behavior, order history, and preferences to personalize your experience and deliver targeted marketing. These systems may influence the recommendations and offers you receive on our website. We do not use fully automated decision-making processes that produce significant legal or similarly significant effects on you without human involvement. If you have concerns about automated processing of your data, please contact us using the details provided below.

16. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal obligations, or business operations. When we make material changes, we will:

• Update the "Last Updated" date at the top of this policy
• Post the revised policy on our website at meal-via313.digital
• Provide notice to registered users via email or a prominent notice on our website, where required by applicable law

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services following the posting of changes constitutes your acceptance of such changes. If you do not agree with the revised policy, please discontinue your use of our website and services.

17. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to contact us. We are committed to addressing your inquiries in a timely and transparent manner.

Please include "Privacy Request" or "Privacy Inquiry" in the subject line of your email to help us route your message to the appropriate team member. We aim to respond to all privacy-related inquiries within 30 business days of receipt.