Privacy Policy

Your privacy is important to us. This policy explains how PizzaPizza collects, uses, and protects your personal information when you use our pizza delivery services.

Last Updated: December 15, 2024

At PizzaPizza, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, place orders, or interact with our pizza delivery services. Please read this policy carefully to understand our practices regarding your personal data.

Information We Collect

Personal Information You Provide

When you use our pizza delivery services, we collect information that you voluntarily provide to us. This includes:

Account Registration Information

  • Name: Your full name for order identification and delivery purposes
  • Email Address: For order confirmations, promotional communications, and account management
  • Phone Number: To contact you regarding order status, delivery updates, and customer service
  • Password: Encrypted credentials for secure account access
  • Date of Birth: Optional information for birthday promotions and age verification
Illustration showing secure data collection process with encrypted connection symbols, shield icons, and user information being protected through multiple security layers at PizzaPizza

Order and Delivery Information

  • Delivery Address: Complete street address, apartment number, city, postal code for accurate delivery
  • Billing Address: If different from delivery address, for payment processing
  • Order Details: Pizza selections, toppings, sizes, special instructions, and preferences
  • Delivery Instructions: Gate codes, buzzer numbers, special delivery notes

Payment Information

We collect payment details necessary to process your orders:

  • Credit/Debit Card Information: Card number, expiration date, CVV (processed securely through encrypted payment gateways)
  • Billing Information: Name on card, billing address, postal code
  • Payment History: Transaction records, order totals, payment methods used

Payment Security Notice

PizzaPizza does not store complete credit card information on our servers. All payment data is processed through PCI-DSS compliant payment processors with industry-standard encryption. We only retain the last four digits of your card number for reference purposes.

Information Automatically Collected

When you visit our website or use our mobile application, we automatically collect certain information about your device and browsing behavior:

Device and Technical Information

  • IP Address: Your internet protocol address for location services and security
  • Browser Type and Version: To optimize website performance and compatibility
  • Operating System: Device operating system information
  • Device Identifiers: Unique device IDs for mobile app functionality
  • Screen Resolution: To provide optimal display formatting

Usage and Analytics Data

  • Pages Visited: Which pages you view on our website
  • Time Spent: Duration of visits and session information
  • Click Patterns: Links clicked and navigation paths
  • Referral Sources: How you arrived at our website
  • Search Queries: Terms you search for on our site
Modern analytics dashboard showing website usage statistics, user behavior patterns, and data visualization charts for PizzaPizza's privacy-compliant tracking systems

Location Information

With your permission, we collect location data to:

  • Determine delivery availability in your area
  • Calculate accurate delivery times and fees
  • Find the nearest PizzaPizza location
  • Provide location-based promotions and offers

Cookies and Tracking Technologies

We use cookies, web beacons, and similar technologies to enhance your experience:

Cookie Type Purpose Duration
Essential Cookies Required for website functionality, shopping cart, and checkout process Session/Persistent
Performance Cookies Analyze website performance and user behavior to improve services Up to 2 years
Functional Cookies Remember your preferences, language settings, and login information Up to 1 year
Marketing Cookies Deliver personalized advertisements and track campaign effectiveness Up to 1 year

How We Use Your Information

PizzaPizza uses the collected information for various purposes to provide and improve our pizza delivery services:

Order Processing and Fulfillment

  • Order Management: Process your pizza orders, manage delivery logistics, and ensure accurate fulfillment
  • Payment Processing: Securely process payments and prevent fraudulent transactions
  • Delivery Coordination: Communicate with delivery drivers and provide real-time order tracking
  • Order Confirmation: Send confirmation emails, SMS notifications, and delivery updates
  • Customer Support: Respond to inquiries, resolve issues, and provide assistance
Visualization of PizzaPizza's order processing workflow showing stages from order placement through payment, preparation, delivery coordination, and customer notification

Service Improvement and Personalization

  • Personalized Recommendations: Suggest pizzas and menu items based on your order history and preferences
  • User Experience Enhancement: Optimize website layout, navigation, and functionality
  • Menu Development: Analyze popular items and customer feedback to improve our offerings
  • Quality Assurance: Monitor service quality and identify areas for improvement
  • Saved Preferences: Remember your favorite orders, delivery addresses, and payment methods

Marketing and Communications

With your consent, we use your information to:

  • Promotional Offers: Send special deals, discounts, and exclusive promotions
  • Newsletter Distribution: Share news about new menu items, seasonal offerings, and company updates
  • Birthday Rewards: Provide special birthday offers and celebrations
  • Loyalty Programs: Manage rewards points, track benefits, and send program updates
  • Targeted Advertising: Display relevant ads on third-party websites and social media platforms

Marketing Opt-Out

You can opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails, adjusting your account preferences, or contacting us directly at info@pizzapizza.com. Please note that even if you opt out of marketing emails, we will still send transactional messages related to your orders.

Legal and Security Purposes

  • Fraud Prevention: Detect and prevent fraudulent activities, unauthorized access, and security threats
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes
  • Terms Enforcement: Enforce our Terms of Service and protect our rights and property
  • Dispute Resolution: Resolve disputes, investigate complaints, and address legal claims
  • Safety Protection: Protect the safety and security of our customers, employees, and delivery drivers

Analytics and Research

  • Business Analytics: Analyze trends, customer behavior, and market conditions
  • Performance Metrics: Measure website performance, delivery times, and service efficiency
  • Market Research: Conduct surveys and research to understand customer needs
  • Statistical Analysis: Create aggregated, anonymized data for business insights
Business intelligence dashboard displaying customer analytics, order trends, delivery performance metrics, and market research insights for PizzaPizza's data-driven decision making

Information Sharing and Disclosure

PizzaPizza respects your privacy and only shares your information in specific circumstances:

Service Providers and Business Partners

We share information with trusted third-party service providers who assist us in operating our business:

Payment Processors

  • Secure payment gateways that process credit card and debit card transactions
  • Payment service providers for alternative payment methods
  • Financial institutions for transaction verification and fraud prevention

Delivery and Logistics Partners

  • Third-party delivery services that fulfill orders on our behalf
  • GPS and mapping services for route optimization and tracking
  • Logistics platforms for delivery coordination and management

Technology and Infrastructure Providers

  • Cloud hosting services for data storage and website operations
  • Email service providers for transactional and marketing communications
  • SMS gateway providers for text message notifications
  • Analytics platforms for website performance and user behavior analysis
  • Customer relationship management (CRM) systems

Marketing and Advertising Partners

  • Digital advertising platforms for targeted ad campaigns
  • Social media platforms for promotional activities
  • Marketing automation tools for campaign management
  • Survey and feedback collection services

Third-Party Data Protection

All third-party service providers are contractually obligated to protect your information, use it only for specified purposes, and comply with applicable privacy laws. We carefully vet our partners and require them to maintain appropriate security measures.

Legal Requirements and Protection

We may disclose your information when required by law or to protect our rights:

  • Legal Obligations: Comply with court orders, subpoenas, or legal processes
  • Law Enforcement: Cooperate with government authorities and law enforcement agencies
  • Rights Protection: Enforce our Terms of Service and protect our legal rights
  • Safety Concerns: Prevent harm to individuals or property
  • Fraud Investigation: Investigate and prevent fraudulent or illegal activities

Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change and provide options regarding your information.

Aggregated and Anonymized Data

We may share aggregated, anonymized data that cannot identify you personally with:

  • Business partners for market analysis and trend identification
  • Researchers for industry studies and reports
  • Public audiences for transparency and insights
Network diagram illustrating PizzaPizza's secure data sharing ecosystem with service providers, payment processors, delivery partners, and security measures protecting customer information

Your Consent

We will not share your personal information with third parties for their own marketing purposes without your explicit consent. You have the right to withdraw consent at any time.

Data Security and Protection

PizzaPizza implements comprehensive security measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction:

Technical Security Measures

Encryption and Secure Transmission

  • SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols
  • Data Encryption at Rest: Sensitive information stored in our databases is encrypted using advanced encryption algorithms
  • Secure Payment Processing: Payment information is processed through PCI-DSS compliant systems with end-to-end encryption
  • Encrypted Backups: All backup data is encrypted and stored in secure, geographically distributed locations
Comprehensive security infrastructure diagram showing encryption layers, firewalls, secure servers, authentication systems, and multiple security protocols protecting PizzaPizza customer data

Access Controls and Authentication

  • Multi-Factor Authentication: Optional two-factor authentication for enhanced account security
  • Strong Password Requirements: Enforced password complexity standards
  • Role-Based Access: Employee access limited based on job responsibilities
  • Access Logging: Comprehensive logging of all data access and modifications
  • Regular Access Reviews: Periodic audits of user permissions and access rights

Network and Infrastructure Security

  • Firewalls: Advanced firewall systems protecting against unauthorized access
  • Intrusion Detection: Real-time monitoring for suspicious activities and security threats
  • DDoS Protection: Distributed denial-of-service attack prevention systems
  • Secure Hosting: Servers hosted in certified, secure data centers
  • Network Segmentation: Isolated network zones for different security levels

Organizational Security Measures

Employee Training and Policies

  • Security Training: Regular employee training on data protection and security best practices
  • Confidentiality Agreements: All employees sign confidentiality and data protection agreements
  • Background Checks: Comprehensive screening for employees with data access
  • Security Policies: Documented policies and procedures for data handling
  • Incident Response Plan: Established protocols for security breach response

Monitoring and Auditing

  • 24/7 Security Monitoring: Continuous monitoring of systems and networks
  • Regular Security Audits: Independent third-party security assessments
  • Vulnerability Scanning: Automated scanning for security vulnerabilities
  • Penetration Testing: Regular testing to identify potential security weaknesses
  • Compliance Audits: Verification of compliance with privacy regulations

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will notify you promptly in accordance with applicable laws. We will provide information about the breach, the data affected, and steps you can take to protect yourself. We maintain cyber insurance and incident response procedures to minimize impact.

Physical Security

  • Secure Facilities: Physical access controls at all office and data center locations
  • Surveillance Systems: Video monitoring of sensitive areas
  • Visitor Management: Strict protocols for visitor access and identification
  • Secure Disposal: Proper destruction of physical documents containing personal information

Your Role in Security

While we implement robust security measures, you also play a crucial role in protecting your information:

  • Use strong, unique passwords for your PizzaPizza account
  • Enable two-factor authentication when available
  • Keep your login credentials confidential
  • Log out of your account when using shared devices
  • Report suspicious activities or security concerns immediately
  • Keep your contact information up to date
  • Be cautious of phishing attempts and verify communications from PizzaPizza
Infographic showing user security best practices including strong passwords, two-factor authentication, secure browsing, phishing awareness, and account protection tips for PizzaPizza customers

Your Privacy Rights and Choices

PizzaPizza respects your rights regarding your personal information. Depending on your location, you may have the following rights:

Access and Portability Rights

Right to Access

You have the right to request access to the personal information we hold about you. This includes:

  • Confirmation of whether we process your personal data
  • Categories of personal information collected
  • Purposes for which your information is used
  • Third parties with whom your information is shared
  • Specific pieces of personal information we have collected

Right to Data Portability

You can request a copy of your personal information in a structured, commonly used, and machine-readable format. This allows you to:

  • Receive your data in a portable format (e.g., CSV, JSON)
  • Transfer your information to another service provider
  • Store your data for personal records

Correction and Update Rights

Right to Rectification

You have the right to correct inaccurate or incomplete personal information. You can:

  • Update your account information through your profile settings
  • Correct delivery addresses and contact details
  • Modify payment information
  • Request corrections by contacting customer support
User-friendly privacy rights dashboard interface showing options for accessing data, updating information, managing preferences, and exercising privacy rights at PizzaPizza

Deletion and Restriction Rights

Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information in certain circumstances:

  • When the information is no longer necessary for the purposes collected
  • When you withdraw consent and there is no other legal basis for processing
  • When you object to processing and there are no overriding legitimate grounds
  • When the information has been unlawfully processed
  • When deletion is required to comply with legal obligations

Deletion Limitations

We may retain certain information when required by law, for legitimate business purposes (such as fraud prevention), or to complete transactions you initiated. We will inform you if we cannot fully comply with a deletion request and explain the reasons.

Right to Restriction of Processing

You can request that we limit how we use your information when:

  • You contest the accuracy of your personal information
  • Processing is unlawful but you prefer restriction over deletion
  • We no longer need the data but you need it for legal claims
  • You have objected to processing pending verification of legitimate grounds

Objection and Consent Rights

Right to Object

You have the right to object to certain types of processing:

  • Direct Marketing: Opt out of marketing communications at any time
  • Profiling: Object to automated decision-making and profiling
  • Legitimate Interests: Object to processing based on legitimate interests

Right to Withdraw Consent

When processing is based on your consent, you can withdraw it at any time:

  • Withdrawal does not affect the lawfulness of processing before withdrawal
  • You can withdraw consent through account settings or by contacting us
  • We will stop processing your data for that purpose after withdrawal

Cookie and Tracking Preferences

You have control over cookies and tracking technologies:

  • Cookie Settings: Manage cookie preferences through our cookie consent tool
  • Browser Controls: Configure your browser to block or delete cookies
  • Do Not Track: We respect Do Not Track signals where applicable
  • Opt-Out Tools: Use industry opt-out tools for advertising cookies

Marketing Communication Preferences

Control how we communicate with you:

  • Email Preferences: Unsubscribe from marketing emails using the link in each message
  • SMS Opt-Out: Reply "STOP" to promotional text messages
  • Push Notifications: Disable app notifications in your device settings
  • Postal Mail: Request removal from mailing lists by contacting us
  • Phone Calls: Add your number to our do-not-call list
Communication preferences control panel showing options for email, SMS, push notifications, and marketing preferences with easy toggle switches for PizzaPizza customers

How to Exercise Your Rights

To exercise any of these rights, you can:

  • Online Account: Access and modify information through your account settings
  • Email Request: Send requests to info@pizzapizza.com
  • Phone Contact: Call us at 819-876-7801
  • Written Request: Mail requests to our address at 9090 Boulevard Leduc, Brossard, J4Y 0A5, Canada

Verification Process

To protect your privacy, we will verify your identity before processing requests:

  • We may ask for additional information to confirm your identity
  • Verification requirements depend on the sensitivity of the request
  • We will respond to verified requests within legally required timeframes
  • You will not be discriminated against for exercising your privacy rights

Authorized Agents

You may designate an authorized agent to make requests on your behalf. The agent must:

  • Provide written authorization signed by you
  • Verify their own identity
  • Provide proof of authorization to act on your behalf

Children's Privacy

PizzaPizza is committed to protecting the privacy of children and complying with applicable children's privacy laws.

Age Restrictions

Our services are not intended for children under the age of 13 (or the applicable age of digital consent in your jurisdiction). We do not knowingly collect personal information from children under 13.

Parental Consent Requirements

  • Users between 13 and 18 years old should use our services only with parental or guardian supervision
  • Parents or guardians may create accounts and place orders on behalf of minors
  • We encourage parents to monitor their children's online activities

Information Collection from Children

If we discover that we have inadvertently collected personal information from a child under 13:

  • We will delete the information as soon as possible
  • We will not use the information for any purpose
  • We will not disclose the information to third parties
  • We will notify parents or guardians if required by law

Parental Rights

If you are a parent or guardian and believe your child has provided personal information to us, please contact us immediately at info@pizzapizza.com. You have the right to review, delete, or refuse further collection of your child's information.

Educational Programs and Promotions

Any programs, contests, or promotions directed at children will:

  • Require verifiable parental consent before participation
  • Collect only information necessary for participation
  • Provide clear notice to parents about information practices
  • Allow parents to review and delete their child's information
Illustration showing children's privacy protection measures including parental consent requirements, age verification systems, and safe online practices for family-friendly PizzaPizza services

International Data Transfers

PizzaPizza operates primarily in Canada, but we may transfer and process your information in other countries to provide our services.

Cross-Border Data Transfers

Your personal information may be transferred to and processed in countries other than your country of residence, including:

  • Countries where our service providers and partners are located
  • Countries where our servers and data centers are hosted
  • Countries necessary for payment processing and fraud prevention

Data Protection Standards

When transferring data internationally, we ensure appropriate safeguards:

  • Adequacy Decisions: Transfer to countries recognized as providing adequate data protection
  • Standard Contractual Clauses: Use of approved contractual terms for data transfers
  • Binding Corporate Rules: Internal policies ensuring consistent data protection
  • Certification Mechanisms: Participation in recognized privacy frameworks

Canadian Privacy Laws

As a Canadian company, we comply with:

  • PIPEDA: Personal Information Protection and Electronic Documents Act
  • Provincial Laws: Applicable provincial privacy legislation
  • Industry Standards: Canadian privacy best practices and guidelines

European Union and UK

For users in the EU and UK, we comply with:

  • GDPR: General Data Protection Regulation requirements
  • UK GDPR: United Kingdom data protection laws
  • Data Protection Rights: Enhanced rights for EU/UK residents
  • Legal Basis: Clear legal basis for all data processing activities

United States

For California residents and other US users:

  • CCPA/CPRA: California Consumer Privacy Act and amendments
  • State Privacy Laws: Compliance with applicable state privacy regulations
  • Consumer Rights: Rights to know, delete, and opt-out of data sales
World map showing PizzaPizza's international data protection framework with secure data transfer routes, compliance certifications, and regional privacy law adherence across different jurisdictions

Data Retention

PizzaPizza retains your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

Retention Periods

Account Information

  • Active Accounts: Retained while your account remains active
  • Inactive Accounts: Retained for 3 years after last activity, then deleted
  • Closed Accounts: Deleted within 90 days of account closure, except as required by law

Order and Transaction Data

  • Order History: Retained for 7 years for accounting and tax purposes
  • Payment Information: Tokenized data retained as long as account is active
  • Delivery Records: Retained for 2 years for customer service and quality assurance

Marketing and Communications

  • Email Lists: Retained until you unsubscribe or request deletion
  • Marketing Preferences: Retained for 5 years to honor opt-out requests
  • Communication History: Retained for 2 years for reference and quality improvement

Technical and Analytics Data

  • Website Logs: Retained for 12 months for security and performance analysis
  • Cookie Data: Retained according to cookie-specific retention periods (typically 1-2 years)
  • Analytics Data: Aggregated data retained indefinitely; individual data deleted after 26 months

Legal and Regulatory Requirements

We may retain information longer when required by:

  • Tax and accounting regulations (typically 7 years)
  • Consumer protection laws
  • Fraud prevention and security purposes
  • Ongoing legal proceedings or investigations
  • Contractual obligations

Secure Deletion

When information is no longer needed, we:

  • Permanently delete data from active systems
  • Remove data from backup systems within standard backup cycles
  • Use secure deletion methods to prevent data recovery
  • Anonymize data when deletion is not possible
  • Maintain records of deletion activities for compliance

Retention Policy Updates

We regularly review and update our data retention policies to ensure compliance with evolving legal requirements and business needs. You can request information about specific retention periods by contacting us.

Third-Party Links and Services

Our website and services may contain links to third-party websites, applications, and services that are not operated by PizzaPizza.

External Links

We may provide links to:

  • Social media platforms (Facebook, Instagram, Twitter)
  • Payment service providers
  • Review and rating websites
  • Partner businesses and affiliates
  • Third-party delivery platforms

Third-Party Privacy Practices

Important information about external links:

  • We are not responsible for the privacy practices of third-party websites
  • Third-party sites have their own privacy policies and terms of service
  • We encourage you to review privacy policies before providing information to third parties
  • Links do not imply endorsement of third-party privacy practices

Social Media Integration

Our website may include social media features and widgets:

  • Social Login: Option to sign in using social media accounts
  • Share Buttons: Ability to share content on social platforms
  • Social Feeds: Embedded social media content
  • Like and Follow Buttons: Interactive social media elements

Social Media Data Collection

When you interact with social media features:

  • Social media platforms may collect information about your visit
  • Your interactions may be governed by the privacy policy of the social media company
  • We may receive limited information from social platforms when you use social login
  • You can control social media data sharing through platform privacy settings
Diagram showing PizzaPizza's integration with third-party services including social media platforms, payment processors, and external partners with clear privacy boundaries and data flow indicators

Third-Party Analytics and Advertising

We use third-party services for analytics and advertising:

  • Google Analytics: Website traffic and user behavior analysis
  • Facebook Pixel: Advertising campaign measurement and optimization
  • Advertising Networks: Display of targeted advertisements
  • Conversion Tracking: Measurement of marketing effectiveness

Opt-Out Options

You can opt out of third-party tracking:

  • Use browser privacy settings and extensions
  • Visit opt-out pages provided by advertising networks
  • Enable "Do Not Track" in your browser
  • Use industry opt-out tools like NAI or DAA

Changes to This Privacy Policy

PizzaPizza may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

Policy Updates

We will update this policy when:

  • We introduce new services or features that affect data processing
  • Privacy laws or regulations change
  • We modify our data collection or usage practices
  • We implement new security measures or technologies
  • We change our third-party service providers

Notification of Changes

When we make significant changes to this Privacy Policy, we will:

  • Email Notification: Send notice to the email address associated with your account
  • Website Notice: Display a prominent notice on our website
  • In-App Notification: Show alerts in our mobile application
  • Updated Date: Revise the "Last Updated" date at the top of this policy

Material Changes

For material changes that significantly affect your rights or how we use your information:

  • We will provide at least 30 days' advance notice
  • We may require you to review and accept the updated policy
  • You will have the opportunity to opt out or close your account
  • We will clearly explain what has changed and how it affects you

Your Acceptance

By continuing to use our services after policy changes take effect, you acknowledge and accept the updated Privacy Policy. If you do not agree with the changes, you should:

  • Stop using our services
  • Close your account
  • Request deletion of your personal information
  • Contact us with questions or concerns

Policy Version History

We maintain a history of previous policy versions. You can request access to previous versions by contacting us at info@pizzapizza.com.

Timeline visualization showing PizzaPizza's privacy policy evolution with key updates, notification methods, and transparency measures ensuring customers stay informed about privacy changes

Contact Us About Privacy

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Pizzapizza - Pizzeria

9090 Boulevard Leduc
(Quartier DIX30 – Food Court, Central Dining Area)
Brossard, J4Y 0A5
Canada

Phone: 819-876-7801
Email: info@pizzapizza.com

We will respond to your privacy inquiries within 30 days. For urgent privacy concerns, please indicate "URGENT PRIVACY MATTER" in your communication.

Privacy Officer

For formal privacy complaints or data protection inquiries, you may contact our Privacy Officer directly at info@pizzapizza.com with "Attention: Privacy Officer" in the subject line.

Regulatory Authorities

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with the applicable data protection authority in your jurisdiction, including the Office of the Privacy Commissioner of Canada.