+1 855-228-6325 [email protected]
Mon-Fri 9AM-6PM

Privacy Policy

Your privacy is important to us. Learn how we protect your personal information when you order from Lou Malnati's.

Last Updated: December 28, 2024

1. Introduction

At Lou Malnati's, we are deeply committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, store, and protect your data when you visit our website, order food, dine at our restaurants, or use our services.

This policy covers all interactions with Lou Malnati's, including online ordering, in-restaurant dining, catering services, delivery, and marketing communications. By using our services, you agree to the terms outlined in this Privacy Policy.

Important: We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection.

2. Information We Collect

2.1 Information You Provide Directly

  • Personal Identification: Name, email address, phone number, billing and delivery addresses
  • Account Information: Username, password, order history, and account preferences
  • Payment Information: Credit card details, billing information (stored securely and encrypted)
  • Order Details: Food preferences, dietary restrictions, special instructions, allergen information
  • Dietary Preferences: Vegan, vegetarian, halal, kosher, gluten-free requirements
  • Allergen Information: Food allergies and sensitivities for safe food preparation
  • Loyalty Program Data: Rewards points, membership status, favorite orders
  • Reservation Information: Table booking details, party size, special occasions
  • Catering Requests: Event details, guest count, menu preferences, delivery information
  • Contact Forms: Customer service inquiries, feedback, reviews, and suggestions
  • Marketing Preferences: Communication preferences and consent for promotional emails

2.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on site, click patterns, search terms
  • Location Data: Approximate location from IP address for delivery services
  • Cookie Data: Session identifiers, user preferences, analytics information
  • Performance Data: Site loading times, error reports, technical diagnostics

2.3 Information from Third Parties

  • Social Media: Profile information if you connect social media accounts
  • Payment Processors: Transaction confirmations and fraud prevention data
  • Delivery Partners: Delivery status updates and location tracking
  • Marketing Partners: Campaign performance and audience insights
  • Review Platforms: Customer reviews and ratings from third-party sites

3. How We Use Your Information

3.1 Service Provision

  • Order Processing: Taking, preparing, and delivering your food orders
  • Account Management: Creating and maintaining your customer account
  • Payment Processing: Securely handling transactions and billing
  • Customer Support: Responding to inquiries and resolving issues
  • Quality Assurance: Monitoring service quality and food safety
  • Personalization: Customizing your experience based on preferences

3.2 Communication

  • Order Confirmations: Confirming orders and providing updates
  • Delivery Notifications: Real-time delivery tracking and arrival alerts
  • Customer Support: Responding to questions and feedback
  • Important Notices: Policy changes, security alerts, service updates
  • Marketing Communications: Promotional offers (only with your consent)

3.3 Marketing and Analytics

  • Personalized Advertising: Showing relevant promotions and menu items
  • Performance Analysis: Understanding website usage and customer behavior
  • Campaign Measurement: Evaluating marketing effectiveness
  • Menu Development: Using preferences to create new offerings
  • Market Research: Understanding customer needs and trends

3.4 Legal Compliance and Safety

  • Legal Requirements: Complying with applicable laws and regulations
  • Fraud Prevention: Detecting and preventing fraudulent activities
  • Food Safety: Managing allergen information and dietary restrictions
  • Dispute Resolution: Handling customer complaints and legal matters
  • Safety Protection: Protecting customers, employees, and property

4. Information Sharing and Disclosure

4.1 Service Providers

  • Payment Processors: Secure transaction processing (Stripe, PayPal)
  • Delivery Services: Third-party delivery companies for order fulfillment
  • Cloud Storage: Secure data hosting and backup services (AWS, Google Cloud)
  • Email Services: Marketing and transactional email platforms
  • Analytics Tools: Website performance and user behavior analysis
  • Customer Support: Help desk and communication platforms

4.2 Legal Requirements

  • Court Orders: When required by valid legal process
  • Law Enforcement: To assist in criminal investigations
  • Regulatory Compliance: Health department inspections and requirements
  • Emergency Situations: To protect health, safety, or prevent harm

4.3 Business Transfers

  • Mergers and Acquisitions: In case of business sale or merger
  • Asset Sales: Transfer of business assets including customer data
  • Customer Notification: We will inform you before any transfer
  • Policy Compliance: New owners must honor existing privacy commitments

4.4 With Your Consent

We may share information for other purposes only with your explicit consent, such as:

  • Marketing partnerships you specifically approve
  • Social media integration you authorize
  • Third-party services you request

5. Data Security

5.1 Technical Security Measures

  • SSL/TLS Encryption: All data transmission is encrypted using industry-standard protocols
  • Advanced Firewalls: Multi-layer network security to prevent unauthorized access
  • Access Controls: Strict employee access based on job requirements only
  • 24/7 Monitoring: Continuous security surveillance and threat detection
  • Secure Backups: Regular encrypted backups with secure off-site storage
  • Penetration Testing: Regular security assessments by external experts
  • Database Encryption: Customer data encrypted at rest and in transit

5.2 Organizational Security Measures

  • Employee Training: Regular security awareness and data protection training
  • Security Policies: Comprehensive data handling and protection procedures
  • Confidentiality Agreements: All staff and contractors sign strict NDAs
  • Incident Response: Detailed plan for handling security breaches
  • Regular Audits: Quarterly security assessments and compliance reviews
  • Vendor Management: Security requirements for all third-party partners

5.3 Your Security Responsibilities

  • Strong Passwords: Use unique, complex passwords for your account
  • Password Protection: Never share your login credentials
  • Secure Logout: Always log out when using public computers
  • Phishing Awareness: Be cautious of suspicious emails or links
  • Report Issues: Immediately report any unauthorized access
  • Software Updates: Keep your devices and browsers updated

Security Breach Notification: In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours via email and provide detailed information about the incident and steps we're taking to address it.

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze usage, and provide personalized services. Below is a detailed breakdown of our cookie usage:

Cookie Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart Session
Functional Cookies User preferences, language settings, location memory Up to 1 year
Analytics Cookies Usage analysis, performance monitoring, site improvement Up to 2 years
Marketing Cookies Personalized advertising, campaign measurement Up to 1 year

Tracking Technologies Used

  • Google Analytics: Website traffic analysis and user behavior insights
  • Facebook Pixel: Social media advertising measurement and optimization
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Browser-based data storage for improved functionality
  • Session Storage: Temporary data storage during your visit

Cookie Management

You can control cookies through your browser settings. Options include:

  • Accept all cookies
  • Reject all cookies
  • Delete existing cookies
  • Receive notifications before cookies are stored

Note: Disabling certain cookies may affect website functionality, including your ability to place orders or access account features.

7. Your Privacy Rights (GDPR/CCPA Compliance)

We respect your privacy rights and provide the following options to control your personal data:

7.1 Right of Access

You have the right to request and receive a copy of all personal data we hold about you, including order history, account information, and communication records.

7.2 Right to Rectification

You can request correction of any inaccurate or incomplete personal data, including updating contact information, preferences, and account details.

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data, subject to legal retention requirements for tax, accounting, and food safety purposes.

7.4 Right to Restrict Processing

You can request limitation of how we process your data while maintaining your account for essential services.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format for transfer to another service provider.

7.6 Right to Object

You may object to processing of your data for marketing purposes, analytics, or other non-essential activities.

7.7 Right Against Automated Decision-Making

You have the right to request human review of any automated decisions that significantly affect you.

How to Exercise Your Rights: Contact us using the information in Section 13. We will respond to your request within 30 days and provide clear information about actions taken.

8. Children's Privacy

Protecting children's privacy is extremely important to us. Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from minors.

  • Age Verification: We require users to confirm they are 16 or older when creating accounts
  • No Intentional Collection: We do not deliberately gather data from children under 16
  • Parental Rights: Parents may contact us if they believe we have collected their child's information
  • Immediate Deletion: We will promptly delete any child's data we discover in our systems
  • Educational Content: Any child-friendly content is general information only

For Parents: If you believe your child under 16 has provided personal information to us, please contact us immediately at [email protected], and we will delete their information from our systems.

9. International Data Transfers

As part of our operations, we may transfer your personal data to countries outside your home country. We ensure all transfers are protected by appropriate safeguards.

9.1 Protection Measures

  • Adequacy Decisions: We transfer data to countries with equivalent protection standards
  • Standard Contractual Clauses (SCC): EU-approved contract terms for data protection
  • Data Processing Agreements: Binding contracts with all international partners
  • Security Standards: Same level of protection regardless of location
  • Regular Audits: Ongoing compliance monitoring in all jurisdictions

9.2 Transfer Destinations

  • United States: Cloud storage and data processing services
  • European Union: Analytics and customer support services
  • Other Countries: Only with adequate protection measures in place

10. Data Retention Periods

We retain your personal data only as long as necessary for the purposes outlined in this policy and as required by law.

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order History 7 years Tax and accounting requirements
Payment Records 7 years Financial regulations and auditing
Marketing Consent 3 months after withdrawal Consent record keeping
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement
Allergen Information 3 years after last order Food safety and liability protection
Loyalty Program Data 5 years after last activity Program administration and benefits

Safe Data Disposal

  • Complete Electronic Deletion: Secure, unrecoverable deletion of digital records
  • Physical Record Destruction: Secure shredding of paper documents
  • Backup Data Removal: Deletion from all backup systems
  • Disposal Documentation: Records of all data destruction activities
  • Third-Party Certification: Verified destruction by certified vendors

11. Third-Party Links and Services

Our website may contain links to external websites, social media platforms, and third-party services that are not operated by Lou Malnati's. This Privacy Policy does not cover these external services.

  • External Links: Links to partner websites, supplier information, or related services
  • Social Media: Facebook, Instagram, Twitter, and other social platforms
  • Review Sites: Yelp, Google Reviews, TripAdvisor, and similar platforms
  • Payment Processors: External payment gateways with their own policies
  • Delivery Partners: Third-party delivery services with separate privacy practices

Important: We are not responsible for the privacy practices of third-party websites. We encourage you to read their privacy policies before providing any personal information.

When you interact with these third-party services, you are subject to their terms and privacy policies. We recommend reviewing these policies to understand how your information will be handled.

12. Policy Changes and Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations.

12.1 Change Notification Methods

  • Website Notice: Prominent banner on our homepage announcing changes
  • Email Notification: Direct notification to all registered users
  • Account Alert: In-app notification when you log in
  • Social Media: Announcements on our official social channels

12.2 Checking for Changes

  • Latest Version: Always available on our website
  • Last Updated Date: Check the date at the top of this policy
  • Continued Use: Ongoing use of our services indicates acceptance
  • Opt-Out Option: You may stop using our services if you disagree

For significant changes that affect how we use your personal data, we will obtain your explicit consent before implementing the changes.

13. Contact Information

Privacy Questions and Requests

If you have any questions about this Privacy Policy or want to exercise your privacy rights, please contact us using any of the methods below:

Lou Malnati's
1330 Maryland Ave SW, Washington, DC 20024, USA
+1 855-228-6325
[email protected]
Monday - Friday: 9:00 AM - 6:00 PM

Response Commitment: We will respond to your privacy requests within 3 business days and provide a complete response within 30 days.

13.1 Privacy Complaints Process

  1. Contact Us First: Please reach out to us directly for fastest resolution
  2. Detailed Information: Provide specific details about your concern
  3. Investigation: We will thoroughly investigate your complaint
  4. Resolution: We will work to resolve the issue and prevent recurrence

Supervisory Authority: If you are not satisfied with our response, you may contact your local data protection authority or privacy regulator.

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing at any time. Here's how you can manage your consent:

14.1 Marketing Consent Withdrawal

  • Email Unsubscribe: Click the unsubscribe link in any marketing email
  • Account Settings: Update your communication preferences in your account
  • Customer Support: Contact us directly to update preferences
  • Cookie Settings: Adjust marketing cookies through our cookie banner

14.2 Account Deletion Process

  1. Login: Access your customer account
  2. Account Settings: Navigate to account management section
  3. Delete Account: Select the account deletion option
  4. Confirmation: Follow the confirmation process
  5. Final Notice: We will send confirmation of account deletion

Important Note: Some information may be retained for legal compliance purposes even after account deletion, including order history for tax purposes and allergen information for safety reasons.

15. Conclusion

At Lou Malnati's, protecting your privacy is not just a legal obligation—it's a fundamental aspect of our commitment to you as our valued customer. We understand that your personal information is sensitive and important, and we treat it with the utmost care and respect.

This Privacy Policy represents our ongoing pledge to transparency, security, and responsible data handling. We believe that by being open about our practices, we can build stronger, more trusting relationships with our customers while continuing to provide exceptional Chicago-style deep-dish pizza and outstanding service.

We encourage you to review this policy periodically and contact us with any questions or concerns. Your feedback helps us improve our privacy practices and better serve your needs.

Thank You: Thank you for choosing Lou Malnati's and for trusting us with your personal information. We are committed to maintaining that trust through continued excellence in privacy protection and customer service.

Remember: This Privacy Policy was last updated on December 28, 2024. Please check back regularly for any updates or changes.