Privacy Policy

1. Introduction

At Wing Snob, we are deeply committed to protecting your privacy and safeguarding your personal information. This comprehensive Privacy Policy explains how we collect, use, share, and protect your information when you use our food delivery services, visit our website at wingssnob.digital, place orders, or interact with us in any way.

This policy applies to all our services including online ordering, delivery services, catering, loyalty programs, and customer support. By using our services, creating an account, or providing us with your information, you agree to the terms outlined in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using our services:

• Personal Identification Information: Name, email address, phone number, delivery address, billing address
• Account Information: Username, password, order history, saved payment methods, delivery preferences
• Food Service Information: Dietary preferences, allergen information, special dietary requirements (vegan, halal, kosher, gluten-free), favorite orders, portion preferences
• Payment Information: Credit/debit card details, billing information (stored securely with encryption)
• Delivery Information: Delivery instructions, preferred delivery times, location access permissions
• Loyalty Program Data: Reward points, membership tier, redemption history, promotional preferences
• Reservation Information: Table booking details, party size, special occasion notes
• Catering Details: Event information, guest count, menu selections, dietary restrictions for groups
• Communication Data: Contact form submissions, customer reviews, feedback, support ticket information
• Marketing Preferences: Communication preferences, newsletter subscriptions, promotional interests

2.2 Automatically Collected Information

We automatically collect certain information when you use our services:

• Device Information: IP address, browser type and version, operating system, device identifiers, screen resolution
• Usage Data: Pages visited, time spent on site, clicks, search queries, menu items viewed, order patterns
• Location Data: Approximate location from IP address, precise location (with permission) for delivery services
• Cookie Data: Session identifiers, user preferences, analytics data, marketing attribution
• Performance Data: Page load times, error reports, feature usage statistics

2.3 Information from Third Parties

We may receive information from trusted third-party sources:

• Social Media Platforms: Profile information when you connect social accounts
• Payment Processors: Transaction confirmations, fraud prevention data
• Delivery Partners: Delivery status updates, driver location, delivery confirmations
• Marketing Partners: Campaign performance data, audience insights (anonymized)
• Data Verification Services: Address validation, identity verification for security purposes

3. How We Use Your Information

3.1 Service Provision

• Order Processing: Processing food orders, coordinating preparation, managing delivery logistics
• Account Management: Creating and maintaining user accounts, authentication, password resets
• Customer Support: Responding to inquiries, resolving issues, providing technical assistance
• Quality Improvement: Analyzing order patterns, improving menu offerings, optimizing delivery routes
• Personalization: Customizing menu recommendations based on dietary preferences and order history
• Loyalty Programs: Managing reward points, processing redemptions, tier-based benefits

3.2 Communication

• Order Updates: Order confirmations, preparation status, delivery notifications, receipt delivery
• Customer Service: Responding to support requests, feedback acknowledgments, resolution updates
• Important Notices: Service changes, policy updates, security alerts, account notifications
• Marketing Communications: Promotional offers, new menu items, special events (with your explicit consent)
• Surveys and Feedback: Service quality surveys, menu feedback requests, experience improvements

3.3 Marketing and Analytics

• Personalized Advertising: Relevant promotions based on preferences and order history
• Website Analytics: Traffic analysis, user behavior patterns, conversion optimization
• Campaign Measurement: Effectiveness of marketing campaigns, ROI analysis
• Market Research: Understanding customer preferences for new product development
• Competitive Analysis: Market positioning, pricing strategies, service improvements

3.4 Legal Compliance and Security

• Legal Obligations: Compliance with food safety regulations, tax requirements, health department mandates
• Fraud Prevention: Detecting and preventing fraudulent orders, protecting payment systems
• Safety and Security: Protecting customer and employee safety, preventing unauthorized access
• Dispute Resolution: Resolving customer complaints, handling chargebacks, legal proceedings
• Regulatory Compliance: Meeting data protection laws, consumer protection requirements

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted service providers who help us operate our business:

• Payment Processors: Secure payment processing, fraud detection, PCI compliance (Stripe, PayPal, Square)
• Delivery Services: Order fulfillment, driver coordination, delivery tracking (DoorDash, Uber Eats, internal drivers)
• Cloud Storage Providers: Secure data storage, backup services, disaster recovery (AWS, Google Cloud)
• Email Marketing Services: Newsletter delivery, promotional campaigns, automated messaging (Mailchimp, Constant Contact)
• Analytics Providers: Website analytics, user behavior analysis, performance monitoring (Google Analytics)
• Customer Support Tools: Help desk software, live chat services, ticket management systems

4.2 Legal Requirements

We may disclose your information when legally required:

• Legal Process: Court orders, subpoenas, legal investigations, regulatory inquiries
• Law Enforcement: Criminal investigations, public safety emergencies, national security requests
• Regulatory Compliance: Health department inspections, food safety investigations, tax audits
• Protection of Rights: Defending against legal claims, protecting intellectual property, enforcing terms of service

4.3 Business Transfers

In the event of a business transaction:

• Mergers and Acquisitions: Transfer of customer data as part of business assets
• Asset Sales: Sale of business units, franchise transfers, partnership agreements
• Customer Notification: Advance notice of ownership changes and privacy policy updates
• Continuity of Service: Ensuring uninterrupted service during transition periods

4.4 With Your Consent

We may share information for other purposes with your explicit consent, such as:

• Sharing reviews and feedback publicly (with permission)
• Participating in marketing case studies or testimonials
• Integration with third-party apps you authorize
• Special promotions or contests requiring data sharing

5. Data Security

5.1 Technical Security Measures

• Encryption: All data transmission protected by SSL/TLS encryption, payment data encrypted at rest using AES-256
• Firewall Protection: Advanced firewall systems protecting against unauthorized access and cyber attacks
• Access Controls: Role-based access limiting data access to authorized personnel only, multi-factor authentication required
• Network Security: Intrusion detection systems, real-time threat monitoring, automated security response protocols
• Regular Backups: Automated daily backups stored in geographically separate secure locations
• Vulnerability Testing: Regular penetration testing, security audits, and system updates

5.2 Organizational Security Measures

• Employee Training: Comprehensive security awareness training, regular privacy education updates
• Data Handling Procedures: Strict protocols for data access, processing, and disposal
• Confidentiality Agreements: All employees and contractors sign confidentiality agreements
• Incident Response Plan: Detailed procedures for identifying, containing, and responding to security breaches
• Regular Security Audits: Independent security assessments, compliance reviews, system monitoring
• Vendor Management: Security requirements for all third-party service providers

5.3 Your Security Responsibilities

To help protect your information, please:

• Strong Passwords: Use complex passwords with letters, numbers, and special characters
• Account Security: Never share login credentials, log out on shared devices
• Device Security: Keep devices updated, use screen locks, avoid public Wi-Fi for sensitive transactions
• Phishing Awareness: Be cautious of suspicious emails, verify communications before providing information
• Report Suspicious Activity: Immediately report unauthorized account access or suspicious communications

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. Below is a detailed breakdown of the types of cookies we use:

Cookie Type	Purpose	Duration
Essential Cookies	Basic site functions, login state, shopping cart contents, security features	Session (deleted when browser closes)
Functional Cookies	User preferences, language settings, location preferences, accessibility options	Up to 1 year
Analytics Cookies	Usage analysis, performance monitoring, website improvement, error tracking	Up to 2 years
Marketing Cookies	Personalized advertising, campaign tracking, social media integration	Up to 1 year
Third-Party Cookies	Social media widgets, embedded content, payment processing, delivery tracking	Varies by provider

Tracking Technologies Used

• Google Analytics: Website traffic analysis, user behavior tracking, conversion measurement
• Facebook Pixel: Ad performance measurement, custom audience creation, conversion tracking
• Email Tracking: Open rates, click-through rates, email engagement metrics
• Web Beacons: Page view tracking, email delivery confirmation, user interaction monitoring
• Local Storage: Storing user preferences, form data, application state
• Session Storage: Temporary data storage for current browsing session

Cookie Management

You can control cookies through your browser settings:

• Accept All Cookies: Allow all cookies for full website functionality
• Block All Cookies: Prevent all cookies (may affect site functionality)
• Selective Blocking: Choose specific cookie categories to allow or block
• Delete Existing Cookies: Remove previously stored cookies from your device

Important Note: Disabling certain cookies may affect website functionality, including your ability to place orders, save preferences, or access personalized features.

7. Your Privacy Rights

Under applicable privacy laws including GDPR and CCPA, you have the following rights regarding your personal information:

7.1 Right of Access

You have the right to know what personal information we have about you and how we use it. You can request:

• A copy of all personal data we hold about you
• Information about how we collect, use, and share your data
• Details about third parties we share your information with
• The source of your personal information if not collected directly from you

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information:

• Update contact information, delivery addresses, dietary preferences
• Correct errors in order history or account details
• Modify payment information or billing addresses
• Update marketing preferences and communication settings

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data in certain circumstances:

• When the data is no longer necessary for the original purpose
• If you withdraw consent and there's no other legal basis for processing
• If your data has been unlawfully processed
• For compliance with legal obligations

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information when:

• You contest the accuracy of the data
• Processing is unlawful but you don't want erasure
• We no longer need the data but you need it for legal claims
• You've objected to processing pending verification of our legitimate interests

7.5 Right to Data Portability

You can receive your personal data in a machine-readable format and transfer it to another service:

• Export your order history and preferences
• Download account information and settings
• Transfer loyalty program data to compatible services
• Receive data in common formats (CSV, JSON, XML)

7.6 Right to Object

You can object to certain types of data processing:

• Direct marketing communications and targeted advertising
• Processing based on legitimate interests
• Automated decision-making including profiling
• Research and analytics that don't directly benefit service provision

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing that significantly affects you, including:

• Automated order approvals or rejections
• Algorithmic pricing or promotional targeting
• Automated customer scoring or profiling
• AI-based service recommendations that limit choices

8. Children's Privacy

Wing Snob is committed to protecting the privacy of children. Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children without appropriate parental consent.

Age Verification

• Account creation requires users to confirm they are 16 or older
• Age verification during the registration process
• Parental consent required for users under 16
• Regular audits to identify underage accounts

If We Discover Children's Information

If we become aware that we have collected personal information from a child under 16 without parental consent:

• We will immediately cease processing the information
• The data will be securely deleted from our systems
• Parents will be notified if contact information is available
• Account access will be restricted until proper consent is obtained

Parental Rights

Parents and guardians have the right to:

• Review their child's personal information
• Request deletion of their child's data
• Refuse further collection of their child's information
• Contact us with questions about their child's privacy

9. International Data Transfers

Wing Snob operates primarily in the United States, but we may transfer your personal information to other countries for processing and storage. We ensure appropriate safeguards are in place for all international transfers.

9.1 Protection Measures

• Adequacy Decisions: Transfers to countries with adequate data protection levels as determined by relevant authorities
• Standard Contractual Clauses (SCCs): EU-approved contract terms ensuring proper data protection
• Data Processing Agreements: Contractual obligations with all international service providers
• Security Measures: Encryption, access controls, and monitoring for all transferred data
• Regular Audits: Ongoing compliance monitoring and verification of protection measures
• Certification Programs: Service providers must maintain relevant data protection certifications

9.2 Transfer Destinations

Your data may be transferred to and processed in the following locations:

• United States: Primary data processing, cloud storage, customer support operations
• European Union: Analytics services, backup storage, compliance operations
• Canada: Customer support, data processing for Canadian customers
• Other Countries: As needed for service provision with appropriate safeguards

Legal Basis for Transfers

We rely on the following legal mechanisms for international transfers:

• Your explicit consent for specific transfers
• Performance of contracts requiring international processing
• Legitimate interests with appropriate safeguards
• Legal obligations requiring cross-border data sharing

10. Data Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy and as required by law.

Information Type	Retention Period	Reason for Retention
Account Information	6 months after account deletion	Legal obligations, dispute resolution, fraud prevention
Order History & Payment Records	7 years	Tax requirements, accounting obligations, warranty claims
Marketing Consent Records	3 months after withdrawal	Proof of consent, compliance documentation
Website Usage Logs	Up to 2 years	Security monitoring, analytics, performance optimization
Customer Support Records	3 years	Service quality improvement, training, dispute resolution
Dietary Preferences & Allergen Info	2 years after last order	Food safety compliance, personalized service
Loyalty Program Data	2 years after account closure	Point redemption, program administration, tax reporting
Delivery & Location Data	1 year	Route optimization, service improvement, dispute resolution
Email Marketing Data	Until unsubscribe + 30 days	Compliance with unsubscribe requests, list management
CCTV & Security Footage	30 days	Security monitoring, incident investigation

Secure Data Disposal

When retention periods expire, we ensure secure deletion:

• Electronic Data: Secure deletion using industry-standard methods, overwriting data multiple times to ensure it cannot be recovered
• Physical Records: Professional shredding and destruction services for paper documents
• Backup Systems: Coordinated deletion from all backup and archive systems
• Third-Party Systems: Ensuring service providers also delete data according to our retention schedules
• Disposal Documentation: Maintaining records of data disposal for compliance auditing

Extended Retention

We may retain data beyond standard periods when:

• Legal proceedings are ongoing or anticipated
• Regulatory investigations require data preservation
• You have specifically consented to extended retention
• Technical limitations prevent immediate deletion (resolved as soon as possible)

11. Third-Party Links and Services

Our website and services may contain links to third-party websites, applications, and services. This Privacy Policy does not apply to these external sites, and we are not responsible for their privacy practices.

Types of Third-Party Links

• Social Media Platforms: Links to Facebook, Instagram, Twitter pages
• Review Sites: Yelp, Google Reviews, TripAdvisor
• Payment Processors: External payment gateways and digital wallets
• Delivery Partners: Third-party delivery service tracking pages
• Promotional Partners: Coupon sites, deals aggregators, affiliate partners
• Suppliers and Vendors: Ingredient sourcing information, sustainability reports

Your Responsibilities

When using third-party services:

• Review Privacy Policies: Read the privacy policy of each website before providing information
• Understand Data Collection: Be aware of what information third parties collect and how they use it
• Check Security: Verify that third-party sites use appropriate security measures
• Control Sharing: Manage your privacy settings on social media and other platforms
• Report Issues: Contact us if you encounter problems with linked services

Integrated Third-Party Services

Some third-party services are integrated into our platform:

• Payment Processing: Handled by secure payment processors with their own privacy policies
• Analytics Tools: Google Analytics and similar services track usage with their own data collection
• Customer Support: Live chat and help desk tools may have separate privacy practices
• Marketing Tools: Email platforms and advertising services operate under their own policies

12. Policy Changes and Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

12.1 How We Notify You of Changes

• Website Notice: Prominent notice on our homepage and privacy policy page
• Email Notification: Direct email to registered users about significant changes
• In-App Notifications: Pop-up notifications when you next visit or use our services
• Account Dashboard: Notifications in your account settings and order history
• Social Media: Announcements on our official social media channels

12.2 Types of Changes

• Minor Updates: Clarifications, contact information changes, administrative updates
• Material Changes: New data collection practices, expanded sharing, significant policy modifications
• Legal Compliance: Updates required by new laws, regulations, or court decisions
• Business Changes: Service expansions, new features, corporate transactions

12.3 Your Consent Options

• Continued Use: Ongoing use of our services indicates acceptance of policy changes
• Explicit Consent: Some changes may require active consent before continuing service
• Opt-Out Options: You may decline certain changes by modifying your account settings
• Account Closure: You may close your account if you disagree with policy changes

12.4 Checking for Updates

To stay informed about privacy policy changes:

• Regular Review: Check this page periodically for updates
• Last Updated Date: Note the "Last Updated" date at the top of this policy
• Version History: Significant changes are documented and available upon request
• Email Subscriptions: Subscribe to policy update notifications in your account settings

13. Contact Information

13.1 Privacy Complaints and Concerns

If you have concerns about our privacy practices:

• Contact Us First: We encourage you to contact us directly for the fastest resolution
• Detailed Description: Provide specific details about your privacy concern
• Supporting Documentation: Include any relevant screenshots, emails, or reference numbers
• Preferred Resolution: Let us know how you'd like us to address the issue

13.2 Supervisory Authority Contact

If you are not satisfied with our response to your privacy concern, you may contact:

• California Attorney General's Office: For California residents under CCPA
• Federal Trade Commission (FTC): For federal privacy law violations
• Your Local Data Protection Authority: If you are located in the EU/EEA
• State Attorney General: For residents of other U.S. states

13.3 Data Protection Officer

For European Union residents and GDPR-related inquiries, you may contact our Data Protection Officer:

• Email: [email protected]
• Mailing Address: Wing Snob DPO, 6640 Washington St, Yountville, CA 94599, USA
• Response Time: Maximum 30 days for GDPR-related requests

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.

14.1 Marketing Consent Withdrawal

To stop receiving marketing communications:

• Unsubscribe Links: Click the unsubscribe link at the bottom of any marketing email
• Account Settings: Log into your account and update communication preferences
• Customer Support: Contact our support team by phone or email
• Text STOP: Reply "STOP" to any promotional text messages
• Postal Mail: Send a written request to our mailing address

14.2 Cookie Consent Withdrawal

To withdraw consent for cookies and tracking:

• Cookie Settings: Use our cookie preference center on the website
• Browser Settings: Adjust your browser's cookie settings
• Do Not Track: Enable Do Not Track settings in your browser
• Ad Blockers: Use browser extensions to block tracking cookies

14.3 Account Deletion Process

To completely delete your account and associated data:

• Step 1: Log into your account and go to account settings
• Step 2: Select "Delete Account" and confirm your identity
• Step 3: Review what data will be deleted and what may be retained
• Step 4: Confirm deletion - this action cannot be undone
• Alternative: Contact customer support for assistance with account deletion

14.4 Data Retained After Withdrawal

Some data may be retained even after consent withdrawal for:

• Legal Compliance: Records required by law (tax, food safety, etc.)
• Legitimate Interests: Fraud prevention, security, dispute resolution
• Contract Performance: Warranty claims, payment processing, order fulfillment
• Anonymized Data: Data that cannot identify you personally

15. Conclusion

At Wing Snob, protecting your privacy is fundamental to our relationship with you. We are committed to maintaining the highest standards of data protection and transparency in all our operations. This Privacy Policy represents our dedication to safeguarding your personal information while providing exceptional food delivery services.

Our Privacy Commitments

• Transparency: Clear, honest communication about our data practices
• Security: State-of-the-art protection for your personal information
• Control: Meaningful choices about how your data is used
• Accountability: Regular audits and continuous improvement of our privacy practices
• Respect: Honoring your privacy preferences and rights at all times

Building Trust Through Privacy

We understand that trust is earned through consistent actions, not just words. Our privacy practices are designed to:

• Protect your personal information with the same care we use for our own
• Provide value through personalized services while respecting your privacy
• Maintain compliance with all applicable privacy laws and regulations
• Continuously evolve our practices based on new technologies and best practices

Your Privacy Partner

We see ourselves as your partner in privacy protection. This means:

• Education: Helping you understand your privacy rights and options
• Support: Providing responsive assistance with any privacy questions or concerns
• Innovation: Developing new ways to enhance privacy while improving services
• Advocacy: Supporting strong privacy laws and industry standards