Privacy Policy

1. Introduction

Welcome to FiresSubsInHouse ("Company," "we," "us," or "our"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website firehhousesubb.live, use our mobile applications, visit our physical restaurant locations, place orders for delivery or pickup, or engage with us in other related ways, including any sales, marketing, or events.

At FiresSubsInHouse, we believe that privacy is a fundamental right. We have designed our data practices to be transparent, fair, and respectful of your personal information. We understand that when you share your information with us, you are trusting us to handle it responsibly and with care.

This Privacy Policy applies to all information collected through our services ("Services"), as well as any related services, sales, marketing, or events. Please read this Privacy Policy carefully, as it will help you understand what we do with the information that we collect.

By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

2. Information We Collect

We collect personal information that you voluntarily provide to us when you register on our website, express an interest in obtaining information about us or our products and services, when you participate in activities on the Services, or otherwise when you contact us. The personal information we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use.

2.1 Information You Provide to Us

We collect information that you voluntarily provide when using our Services:

• Personal Identification Information: Full name, email address, phone number, mailing address, delivery address, and billing address
• Account Information: Username, password (encrypted), profile picture, account preferences, and purchase history
• Payment Information: Credit card numbers, debit card numbers, and billing details (note: payment information is processed through secure, PCI-compliant payment processors and is not stored on our servers)
• Order Information: Food preferences, dietary restrictions, allergen information, special instructions, and order history
• Dietary Preferences: Vegetarian, vegan, halal, kosher, gluten-free, and other dietary requirements you provide
• Allergen Information: Food allergies and sensitivities you disclose to help us prepare your meals safely
• Loyalty Program Data: Points balance, reward redemptions, membership tier, and participation history
• Reservation Information: Table booking details, party size, special occasion notes, and seating preferences
• Catering Information: Event details, guest counts, menu selections, delivery logistics, and special requirements
• Communication Data: Contact form submissions, customer reviews, feedback, survey responses, and support inquiries
• Marketing Preferences: Email subscription status, communication preferences, and promotional opt-ins

2.2 Automatically Collected Information

When you visit, use, or navigate our Services, we automatically collect certain information. This information does not reveal your specific identity but may include:

• Device Information: IP address, browser type and version, operating system, device type, screen resolution, and unique device identifiers
• Usage Data: Pages viewed, time spent on pages, navigation paths, click patterns, search queries, and referring URLs
• Cookie Data: Session identifiers, user preferences, authentication tokens, and analytics information
• Location Information: Approximate geographic location derived from your IP address, and precise location if you enable location services for delivery purposes
• Log Data: Access times, error logs, and server performance data

2.3 Information from Third Parties

We may obtain information about you from other sources, including:

• Social Media Platforms: If you connect your social media accounts (Facebook, Instagram, Google), we may receive your name, email, profile picture, and friend lists (with your permission)
• Payment Processors: Transaction confirmations, fraud prevention data, and payment verification information from services like Stripe, PayPal, or Square
• Delivery Partners: Delivery confirmation, estimated arrival times, and delivery status updates from third-party delivery services
• Marketing Partners: Advertising campaign performance data, demographic information, and interest-based data from advertising networks
• Review Platforms: Public reviews and ratings from platforms like Google Reviews, Yelp, or TripAdvisor

3. How We Use Your Information

We use the information we collect or receive for various business purposes. We process your personal information for these purposes based on our legitimate business interests, to fulfill our contract with you, with your consent, and/or for compliance with our legal obligations.

3.1 Service Provision

We use your information to provide, maintain, and improve our Services:

• Order Processing: Accepting, preparing, and fulfilling your food orders accurately and efficiently
• Delivery Services: Coordinating delivery logistics, providing real-time order tracking, and ensuring timely delivery to your location
• Customer Support: Responding to inquiries, resolving complaints, and providing assistance with orders or account issues
• Account Management: Creating and maintaining your account, authenticating your identity, and managing your preferences
• Reservation Management: Processing table bookings, managing waitlists, and sending confirmation reminders
• Loyalty Program Administration: Tracking points, processing rewards, and managing membership benefits
• Quality Improvement: Analyzing feedback to improve our menu, service quality, and overall customer experience
• Food Safety: Using allergen and dietary information to prepare meals safely and appropriately

3.2 Communication

We use your contact information to communicate with you about:

• Order Updates: Confirmations, preparation status, delivery notifications, and pickup reminders
• Customer Support: Responses to your inquiries, feedback acknowledgments, and issue resolutions
• Important Notices: Service updates, policy changes, security alerts, and account notifications
• Marketing Communications: Promotional offers, new menu items, special events, and newsletters (only with your consent)
• Transactional Messages: Receipts, refund confirmations, and account activity summaries

3.3 Marketing and Analytics

With your consent, we may use your information for marketing and analytical purposes:

• Personalized Advertising: Showing you relevant ads based on your preferences and browsing behavior
• Traffic Analysis: Understanding how visitors use our website to improve navigation and user experience
• Campaign Effectiveness: Measuring the success of our marketing campaigns and promotional activities
• Market Research: Conducting surveys and research to develop new products and services
• Customer Segmentation: Creating customer profiles to deliver more relevant content and offers

3.4 Legal Compliance

We may use your information to comply with legal obligations:

• Legal Requests: Responding to court orders, subpoenas, and lawful requests from government authorities
• Fraud Prevention: Detecting, preventing, and investigating fraudulent transactions and suspicious activities
• Rights Protection: Protecting our rights, property, and the safety of our customers and the public
• Dispute Resolution: Addressing disputes, enforcing our agreements, and collecting debts owed to us
• Regulatory Compliance: Meeting food safety, health, and business licensing requirements

4. Information Sharing and Disclosure

We may share or disclose your information in the following situations. We only share your personal information with third parties in the ways described in this Privacy Policy.

4.1 Service Providers

We share your information with third-party service providers who perform services on our behalf:

• Payment Processors: Secure processing of credit card and digital payments through PCI-compliant providers
• Delivery Companies: Third-party delivery partners who transport your orders to your specified location
• Cloud Storage Providers: Secure data storage and backup services to protect your information
• Email Marketing Services: Sending promotional emails and newsletters to opted-in subscribers
• Analytics Tools: Website traffic analysis and user behavior tracking to improve our Services
• Customer Support Platforms: Managing support tickets and customer communications efficiently

4.2 Legal Requirements

We may disclose your information when required by law:

• In response to court orders, subpoenas, or legal process
• To comply with applicable laws and regulations
• To protect our rights, property, or safety
• In cases of public safety or emergency situations
• To cooperate with law enforcement investigations

4.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, or bankruptcy proceeding:

• Your information may be transferred as part of that transaction
• We will notify you via email and/or prominent notice on our website before your information is transferred
• The acquiring entity must honor the commitments made in this Privacy Policy
• You will have the opportunity to opt out of the transfer where legally required

4.4 With Your Consent

We may share your information in other situations with your explicit consent, such as:

• Sharing your review or testimonial on our marketing materials
• Participating in joint promotions with partner businesses
• Connecting your account with third-party applications you authorize

5. Data Security

We take the security of your personal information seriously and have implemented comprehensive measures to protect it from unauthorized access, alteration, disclosure, or destruction.

5.1 Technical Measures

We employ industry-standard technical safeguards:

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using 256-bit SSL/TLS encryption
• Advanced Firewall Systems: Enterprise-grade firewalls protect our infrastructure from external threats
• Access Control: Strict access controls ensure only authorized personnel can access personal data on a need-to-know basis
• 24/7 Security Monitoring: Continuous monitoring systems detect and respond to potential security threats in real-time
• Regular Data Backups: Automated backup systems ensure data recovery in case of system failures
• Intrusion Detection: Advanced systems monitor for unauthorized access attempts
• Vulnerability Scanning: Regular security scans identify and address potential weaknesses

5.2 Organizational Measures

We maintain strong organizational security practices:

• Employee Training: All staff receive regular training on data protection and privacy best practices
• Data Handling Procedures: Documented procedures govern how personal data is collected, processed, and stored
• Third-Party Agreements: Confidentiality and data protection agreements with all service providers
• Incident Response Plan: Comprehensive procedures for responding to security incidents quickly and effectively
• Security Audits: Regular internal and external security audits assess our protection measures
• Background Checks: Appropriate screening for employees with access to sensitive data

5.3 Your Responsibilities

You also play a role in protecting your information:

• Create strong, unique passwords and change them regularly
• Never share your login credentials with others
• Log out of your account when using public or shared computers
• Be cautious of phishing emails and suspicious links
• Report any unauthorized access to your account immediately
• Keep your contact information up to date

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information when you visit our website. Cookies are small text files placed on your device that help us provide a better user experience.

Cookie Type	Purpose	Duration
Essential Cookies	Enable basic website functionality, login state, shopping cart, and security features	Session
Functional Cookies	Remember user preferences, language settings, and personalization choices	Up to 1 year
Analytics Cookies	Track website usage, page views, and visitor behavior for improvement	Up to 2 years
Marketing Cookies	Deliver personalized advertisements and measure campaign effectiveness	Up to 1 year

Tracking Technologies We Use

• Google Analytics: Analyzes website traffic patterns and user behavior to improve our Services
• Facebook Pixel: Measures advertising effectiveness and enables retargeting campaigns
• Web Beacons: Small graphics that track email opens and click-through rates
• Local Storage: Stores data locally in your browser for faster loading and personalization
• Session Storage: Temporarily stores data during your browsing session

Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to:

• View what cookies are stored on your device
• Delete all or selected cookies
• Block third-party cookies
• Block all cookies from specific or all websites
• Receive alerts when cookies are being set

Please note: Disabling certain cookies may affect the functionality of our website and limit your ability to use some features.

7. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information under applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects on you. If we use automated decision-making, you may request human intervention, express your point of view, and contest the decision.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in Section 13. We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request. We do not charge a fee for most requests, but we may charge a reasonable fee for repetitive, excessive, or unfounded requests.

8. Children's Privacy

Our Services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately.

If we become aware that we have collected personal information from a child under 16 without verification of parental consent, we will take steps to delete that information from our servers as quickly as possible.

9. International Data Transfers

Your information may be transferred to and processed in countries other than the country in which you reside. These countries may have different data protection laws than your country.

9.1 Protection Measures

When we transfer your data internationally, we implement appropriate safeguards:

• Adequacy Decisions: We rely on adequacy decisions by relevant authorities where available
• Standard Contractual Clauses (SCCs): We use EU-approved standard contractual clauses with service providers in non-adequate countries
• Data Processing Agreements: Binding agreements with all processors outlining data protection requirements
• Security Measures: Appropriate technical and organizational security measures during transfer and storage
• Compliance Audits: Regular assessments of international data transfer practices

9.2 Transfer Destinations

Your data may be transferred to:

• Canada: Our primary data storage location
• United States: Cloud storage and certain service providers
• European Union: Data analytics and marketing services
• Other Countries: As needed for service delivery, with appropriate protections

10. Data Retention Periods

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements.

Information Type	Retention Period	Reason
Account Information	6 months after deletion request	Legal obligations, dispute resolution
Purchase History	7 years	Tax and accounting requirements
Marketing Consent Records	3 months after withdrawal	Proof of consent compliance
Website Usage Logs	Up to 2 years	Security and analytics
Customer Support Records	3 years	Service quality improvement
Loyalty Program Data	Duration of membership + 2 years	Program administration, auditing
Catering Event Details	3 years after event	Service records, liability protection

Safe Data Disposal

When data is no longer needed, we ensure its secure disposal through:

• Electronic Deletion: Complete and unrecoverable deletion from all systems
• Physical Records: Secure shredding of paper documents
• Backup Deletion: Removal from backup systems within standard rotation cycles
• Disposal Records: Documentation of data disposal for compliance purposes

11. Third-Party Links

Our website may contain links to third-party websites, applications, or services that are not operated by us. These third-party sites have their own privacy policies, which we encourage you to review.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. When you click on a link to a third-party website, you are leaving our site and should review the privacy policy of that site before providing any personal information.

The inclusion of any link does not imply endorsement, approval, or control by FiresSubsInHouse of the linked site. You access third-party sites at your own risk and should exercise caution when sharing personal information.

12. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We encourage you to periodically review this page for the latest information on our privacy practices.

12.1 Change Notification

When we make material changes to this Privacy Policy, we will notify you through:

• A prominent notice on our website homepage
• Email notification to registered users (for significant changes)
• A pop-up notification when you log into your account
• For substantial changes affecting your rights, we will seek your explicit consent

12.2 Checking for Changes

To stay informed about our privacy practices:

• The latest version of this Privacy Policy is always available on our website
• Check the "Last Updated" date at the top of this page
• Your continued use of our Services after changes constitutes acceptance of the updated policy
• If you disagree with any changes, you may stop using our Services and request deletion of your data

13. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Response Commitment: We strive to respond to all privacy-related inquiries within 3 business days. For formal data rights requests, we will respond within 30 days as required by applicable law.

13.1 Complaints

If you have a complaint about how we handle your personal information:

1. Contact Us First: Please reach out to us directly so we can address your concerns
2. Internal Review: We will investigate and respond to your complaint promptly
3. Supervisory Authority: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority:
   • Canada: Office of the Privacy Commissioner of Canada (OPC) - www.priv.gc.ca
   • EU Residents: Your local Data Protection Authority

14. Withdrawal of Consent

Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications through several methods:

• Unsubscribe Link: Click the "unsubscribe" link at the bottom of any marketing email
• Account Settings: Update your communication preferences in your account dashboard
• Contact Support: Email or call our customer support team to update your preferences

Please note that even after opting out of marketing communications, you will continue to receive transactional messages related to your orders and account.

14.2 Account Deletion

If you wish to delete your account and associated personal information:

1. Log into your account and navigate to Account Settings
2. Select "Delete Account" or "Request Account Deletion"
3. Confirm your request by following the verification steps
4. We will process your request within 30 days

Please note: Certain data may be retained as required by law for tax, accounting, or legal compliance purposes, even after account deletion. This retained data will be securely stored and only used for these specific purposes.

15. Conclusion

At FiresSubsInHouse, we are deeply committed to protecting your privacy and maintaining your trust. We understand that your personal information is valuable, and we take our responsibility to safeguard it seriously. This Privacy Policy reflects our dedication to transparency, accountability, and respect for your privacy rights.

Our relationship with you is built on trust. Every time you order from us, make a reservation, or interact with our Services, you are placing your confidence in us to handle your information responsibly. We honor that trust by implementing robust security measures, being transparent about our practices, and giving you control over your data.

We encourage you to contact us if you have any questions, concerns, or suggestions regarding this Privacy Policy or our data practices. Your feedback helps us continually improve our privacy protections and better serve you.

Remember: This Privacy Policy was last updated on January 15, 2025. Please check back periodically to stay informed about any changes to our privacy practices.