Privacy Policy

This Privacy Policy describes how Marcos ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website at marcos-food.rest, place orders, or otherwise interact with our food services. We are committed to protecting your privacy and ensuring transparency about how your data is handled. Please read this policy carefully before using our services.

By accessing or using our website, placing an order, subscribing to our communications, or otherwise engaging with our services, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein. If you do not agree with the terms of this policy, please discontinue use of our website and services immediately.

1. About Us and How to Contact Us

Marcos is a food service business operating in the United States. We take your privacy seriously and have appointed a designated point of contact for all privacy-related inquiries and requests.

For any privacy-related concerns, requests, or questions, please contact us at [email protected]. We will endeavor to respond to all inquiries within a reasonable timeframe, and no later than 45 days from receipt of your request, as required by applicable law.

2. Scope of This Privacy Policy

This Privacy Policy applies to all personal information collected by Marcos through the following channels:

• Our website located at marcos-food.rest
• Online ordering systems and food delivery platforms we operate or partner with
• Email, telephone, or other direct communications with our team
• In-person interactions at our food service locations
• Social media pages and profiles managed by Marcos
• Third-party platforms and applications that integrate with our services

This policy does not apply to third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party services you visit or use.

3. Information We Collect

We collect various categories of personal information depending on how you interact with our services. The types of information we collect are described below:

3.1 Personal Identification Information

When you place an order, create an account, or contact us directly, we may collect the following personal identification information:

• Full name — used to identify you and personalize your experience
• Email address — used for order confirmations, account management, and communications
• Phone number — used for order updates, delivery coordination, and customer support
• Billing and delivery address — used to process and fulfill your food orders
• Date of birth — collected in certain instances to verify eligibility for specific promotions or services
• Profile photo or avatar — if you choose to upload one to your account

3.2 Payment and Financial Information

When you make a purchase through our website, we collect payment information necessary to process your transaction. This includes:

• Credit or debit card details (card number, expiration date, CVV code)
• Billing address associated with your payment method
• Digital wallet information (such as PayPal, Apple Pay, or Google Pay)
• Transaction history and purchase records

3.3 Order and Dietary Information

As a food service business, we collect information related to your orders and food preferences, including:

• Food and menu items ordered
• Dietary restrictions or preferences you voluntarily provide (e.g., allergies, vegetarian, vegan)
• Order history and frequency
• Special instructions or customization requests
• Feedback and reviews about your dining or delivery experience

3.4 Usage and Technical Data

When you visit our website, we automatically collect certain technical and usage information through cookies, pixels, and similar tracking technologies, including:

• IP address — used to determine approximate geographic location and for security purposes
• Browser type and version
• Operating system and device type
• Pages visited and time spent on each page
• Referring URL — the website that directed you to ours
• Clickstream data — the sequence of clicks you make during a session
• Search queries entered on our website
• Date and time of your visits
• Error logs and crash reports

3.5 Device Information

We may collect information about the devices you use to access our services, including:

• Device identifiers (such as mobile advertising IDs)
• Hardware model and specifications
• Mobile network information
• Screen resolution and display settings
• Language preferences set on your device
• Time zone settings

3.6 Location Data

With your permission, we may collect precise or approximate location data from your device to facilitate food delivery services and to show you relevant menu options or promotions available in your area. You can disable location tracking through your device settings, though this may limit certain features of our service.

3.7 Communications Data

If you contact us through email, our contact form, live chat, social media, or telephone, we collect and retain records of those communications, including the content of your messages and any attachments you provide.

3.8 Marketing and Preference Data

We collect information about your preferences for receiving marketing communications from us, including your subscription status and communication channel preferences (email, SMS, push notifications).

3.9 Information from Third Parties

We may receive personal information about you from third-party sources, including:

• Social media platforms if you link your account or interact with our social media presence
• Third-party food delivery platforms that process orders on our behalf
• Analytics providers and advertising partners
• Payment processors and financial institutions
• Identity verification services

4. How We Use Your Information

We use the personal information we collect for the following purposes, each of which has a lawful basis under applicable United States law, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act):

4.1 Service Provision and Order Fulfillment

• Processing and fulfilling your food orders, including preparation and delivery coordination
• Managing your online account and profile
• Processing payments and refunds
• Coordinating with delivery partners and drivers
• Sending order confirmations, receipts, and status updates
• Providing customer support and resolving disputes
• Accommodating dietary restrictions and special requests

4.2 Business Operations and Improvement

• Analyzing how customers use our website and services to improve user experience
• Developing new menu items, features, and services based on customer preferences
• Conducting internal research and data analysis
• Managing our inventory and supply chain operations
• Training staff and improving service quality
• Monitoring and maintaining website performance and security

4.3 Marketing and Communications

• Sending promotional emails, newsletters, and special offers (with your consent where required)
• Displaying personalized advertisements on our website and third-party platforms
• Conducting loyalty programs and rewards initiatives
• Notifying you about new menu items, seasonal offerings, and events
• Sending satisfaction surveys and requesting reviews

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any of our emails or by contacting us at [email protected]. Please note that even if you opt out of marketing communications, we may still send you transactional and service-related messages.

4.4 Legal Compliance and Safety

• Complying with applicable federal, state, and local laws and regulations
• Responding to lawful requests from government authorities or law enforcement agencies
• Enforcing our Terms of Service and other agreements
• Protecting the rights, property, and safety of Marcos, our customers, and the public
• Preventing fraud, abuse, and other harmful activities
• Conducting identity verification where required

4.5 Analytics and Research

• Performing statistical analysis on usage patterns and customer behavior
• Generating aggregated, anonymized reports for business planning purposes
• Conducting A/B testing to improve our website design and functionality
• Measuring the effectiveness of our advertising campaigns

5. Cookies and Tracking Technologies

Our website uses cookies, web beacons, pixels, and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver targeted advertising. Cookies are small text files stored on your device when you visit our website.

5.1 Types of Cookies We Use

• Essential Cookies: Necessary for the operation of our website, including shopping cart functionality and account authentication. These cannot be disabled.
• Performance Cookies: Collect information about how visitors use our website, such as which pages are most frequently visited. All data collected is aggregated and anonymous.
• Functionality Cookies: Allow the website to remember your preferences, such as language settings, saved addresses, and menu favorites.
• Targeting/Advertising Cookies: Used to deliver advertisements relevant to you and your interests, both on our website and on third-party platforms.
• Analytics Cookies: Help us understand visitor behavior and improve our services (e.g., Google Analytics).

You can control and manage cookies through your browser settings. However, disabling certain cookies may affect the functionality of our website. For more detailed information about the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

6. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information with trusted partners and service providers as described below:

6.1 Service Providers and Business Partners

We engage third-party service providers who perform services on our behalf, including:

• Payment processors — to securely handle financial transactions
• Delivery and logistics partners — to fulfill and deliver your food orders
• Cloud hosting providers — to store and manage our data and website infrastructure
• Email and SMS marketing platforms — to send communications on our behalf
• Analytics providers — such as Google Analytics, to analyze website usage
• Customer support software providers — to manage and respond to inquiries
• Advertising networks — to display targeted advertisements

All service providers are contractually required to protect your personal information, use it only for the purposes for which it was disclosed, and comply with applicable privacy laws.

6.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law, or in good faith belief that such action is necessary to:

• Comply with a legal obligation, court order, subpoena, or government request
• Protect and defend the rights or property of Marcos
• Prevent or investigate possible wrongdoing in connection with our services
• Protect the personal safety of users of our services or the public
• Protect against legal liability

6.3 Business Transfers

In the event that Marcos undergoes a merger, acquisition, restructuring, sale of assets, or bankruptcy, your personal information may be transferred to the successor entity as part of that transaction. We will notify you via email or prominent notice on our website prior to your information being transferred and becoming subject to a different privacy policy.

6.4 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other purposes.

7. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards to protect it from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

• Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers.
• Secure Data Storage: Personal information is stored on secure servers with restricted access controls.
• Access Controls: Only authorized personnel who need access to your information to perform their job functions are granted access, and they are bound by confidentiality obligations.
• PCI-DSS Compliance: Our payment processing systems comply with Payment Card Industry Data Security Standards.
• Regular Security Audits: We conduct regular security assessments and vulnerability testing of our systems.
• Employee Training: Our staff receives regular training on data privacy and security best practices.
• Incident Response Plan: We maintain a data breach response plan and will notify affected users and relevant authorities as required by law in the event of a security incident.

8. Your Privacy Rights

Depending on your state of residence within the United States, you may have specific rights regarding your personal information. We honor applicable privacy rights as set forth by federal and state law, including the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) for California residents.

8.1 Rights Available to All Users

• Right to Know / Access: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared.
• Right to Correction: You have the right to request that we correct inaccurate personal information we hold about you.
• Right to Deletion: You have the right to request that we delete your personal information, subject to certain exceptions (such as when we need to retain information to comply with legal obligations or complete transactions).
• Right to Opt Out of Marketing: You may opt out of receiving marketing communications from us at any time.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. We will not deny you services, charge you different prices, or provide a different level of service because you exercised your privacy rights.

8.2 Additional Rights for California Residents (CCPA/CPRA)

California residents have additional rights under the CCPA as amended by the CPRA, including:

• Right to Know About Sale or Sharing of Personal Information: We do not sell your personal information. However, if we share your data with advertising partners in ways that qualify as "sharing" under CPRA, you have the right to opt out.
• Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information (such as precise geolocation data or financial information) to only that which is necessary to provide the services you request.
• Right to Data Portability: You may request a copy of your personal information in a portable and, to the extent technically feasible, readily usable format.
• Shine the Light Law (California Civil Code Section 1798.83): California residents may request information about our disclosure of personal information to third parties for direct marketing purposes.

8.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a request by:

• Emailing us at: [email protected]
• Visiting our website at: marcos-food.rest

We will verify your identity before processing your request to protect the security of your personal information. We may ask you to provide certain information to confirm your identity, such as your name, email address, and account details. We will respond to your request within 45 days, and may extend this period by an additional 45 days if reasonably necessary, with prior notice.

You may also designate an authorized agent to submit requests on your behalf. The authorized agent must provide written authorization signed by you, and we may still require you to verify your identity directly with us.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general retention guidelines are as follows:

When personal information is no longer required, we will securely delete or anonymize it in accordance with our data retention schedules and applicable legal requirements.

10. Children's Privacy

Marcos is a food service platform and our website, ordering systems, and services are not directed toward children under the age of 18. We do not knowingly collect personal information from minors. If you are under 18 years of age, please do not use our services or provide any personal information to us.

If we become aware that we have inadvertently collected personal information from a child under the age of 18, we will take prompt steps to delete such information from our records. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at [email protected] so that we can investigate and take appropriate action.

We comply with the Children's Online Privacy Protection Act (COPPA) and take all appropriate measures to ensure our services are not used by or marketed to minors.

11. International Data Transfers

Marcos is based in the United States, and the personal information we collect is primarily processed and stored on servers located within the United States. If you access our services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.

By using our services from outside the United States, you acknowledge and consent to the transfer of your information to the United States. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy regardless of where it is processed, including implementing standard contractual clauses and other legally recognized transfer mechanisms where applicable.

If you are located in a jurisdiction with specific data transfer regulations and have concerns about the transfer of your data to the United States, please contact us at [email protected].

12. Third-Party Links and Services

Our website may contain links to third-party websites, applications, and services that are not operated by Marcos. These may include social media platforms, payment gateways, food delivery aggregators, and review websites. When you click on a third-party link, you will be directed away from our website, and this Privacy Policy will no longer apply.

We have no control over the privacy practices of third-party websites and are not responsible for their content or privacy policies. We strongly encourage you to review the privacy policy of every third-party site you visit. The inclusion of a link on our website does not imply our endorsement of that site or its privacy practices.

13. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. As there is currently no uniform standard for recognizing and implementing DNT signals, our website does not currently respond to DNT browser signals. However, you can manage your tracking preferences through our cookie settings and by adjusting your browser settings to limit cookies and tracking technologies.

14. California-Specific Disclosures

If you are a California resident, the following additional disclosures apply to you under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

14.1 Categories of Personal Information Collected

In the past 12 months, we have collected the following categories of personal information as defined under CCPA/CPRA:

• Identifiers (name, email address, IP address, phone number)
• Commercial information (order history, purchasing records)
• Internet or other electronic network activity information (browsing history, website interactions)
• Geolocation data (approximate location based on IP address; precise location with your consent)
• Inferences drawn from the above to create a profile about your preferences and behavior
• Sensitive personal information (such as financial account information for payment processing; dietary restrictions voluntarily provided)

14.2 Business Purposes for Collection

We collect the above categories of personal information for the business purposes described in Section 4 of this Privacy Policy.

14.3 No Sale of Personal Information

We do not sell your personal information to third parties for monetary or other valuable consideration, as defined under the CCPA/CPRA.

15. Filing a Complaint with a Data Protection Authority

If you believe that we have not handled your personal information in accordance with applicable privacy laws, you have the right to file a complaint with the appropriate regulatory authority.

15.1 For California Residents

California residents may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

• California Privacy Protection Agency (CPPA): cppa.ca.gov
• California Attorney General: oag.ca.gov/privacy/ccpa

15.2 For All United States Residents

You may also file a complaint with the Federal Trade Commission (FTC) regarding unfair or deceptive privacy practices:

• Federal Trade Commission: ftc.gov/complaint
• FTC Consumer Helpline: 1-877-FTC-HELP (1-877-382-4357)

We encourage you to contact us first at [email protected] before filing a complaint with a regulatory authority, so that we have the opportunity to resolve your concern directly.

16. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or the services we offer. When we make significant changes, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our website
• Send an email notification to registered users where the changes are material

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our services after the posting of any changes constitutes your acceptance of the updated Privacy Policy.

17. Automated Decision-Making and Profiling

We may use automated processes and profiling to personalize your experience on our website, including recommending menu items based on your order history and browsing behavior, and targeting you with relevant promotional offers. These automated processes do not make decisions that produce legal effects or similarly significant effects about you without human review. If you have questions about how automated decision-making affects you, please contact us at [email protected].

18. Contact Us for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal information, please do not hesitate to reach out to us through the following channels:

When contacting us regarding a privacy request, please include your full name, email address associated with your account, and a clear description of your request or concern. This will help us process your request more efficiently.

We are committed to working with you to resolve any privacy concerns in a fair and transparent manner. If you are not satisfied with our response, you have the right to escalate your complaint to the appropriate regulatory authority as described in Section 15 of this policy.