Privacy Policy

This Privacy Policy describes how Via 313 ("Via 313," "we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website at via313.rest, place orders online, interact with our services, or otherwise engage with us. By accessing or using our website and services, you agree to the practices described in this Privacy Policy.

We are committed to protecting your privacy and handling your personal data with transparency and integrity. Please read this policy carefully. If you have any questions, you may contact us using the information provided at the end of this document.

1. Who We Are

Via 313 is a food service business operating in the United States. We provide restaurant and food-related services to customers through our physical locations and our online platform at via313.rest.

For all privacy-related matters, you may contact us at:

2. Scope of This Privacy Policy

This Privacy Policy applies to all personal information collected by Via 313 through the following channels:

• Our website located at via313.rest
• Online ordering platforms and third-party delivery services that partner with us
• Email, telephone, and other direct communications you initiate with us
• In-store interactions, loyalty programs, and promotional events
• Social media pages managed by Via 313

This policy does not apply to third-party websites, services, or applications, even if they are linked from our website. We encourage you to review the privacy policies of any third-party sites you visit.

3. Information We Collect

We collect several categories of personal information depending on how you interact with us. Below is a detailed breakdown of the types of data we may collect.

3.1 Personal Identification Information

When you create an account, place an order, or contact us, we may collect:

• Full name
• Email address
• Phone number
• Mailing or delivery address
• Date of birth (if required for age verification or loyalty programs)
• Username and password (for account holders)

3.2 Payment and Transaction Information

When you make a purchase through our website or in-store, we or our payment processors collect:

• Credit or debit card details (processed and stored by our PCI-DSS-compliant payment processors — we do not store full card numbers)
• Billing address
• Transaction history and order details
• Gift card or promotional code information

3.3 Usage and Technical Data

When you visit our website, we automatically collect certain technical information, including:

• IP address
• Browser type and version
• Operating system
• Device type (desktop, mobile, tablet)
• Referring URL (the website that brought you to ours)
• Pages visited and time spent on each page
• Clickstream data
• Date and time of access
• Search queries made on our website

3.4 Location Data

With your permission, we may collect your approximate or precise geographic location to help you find the nearest Via 313 location, estimate delivery times, or personalize your experience. You may disable location tracking through your device settings at any time.

3.5 Communication Data

If you contact us by email, telephone, or through our website's contact form, we may collect:

• The content of your message or inquiry
• Your contact details as provided
• Records of correspondence and customer service interactions

3.6 Marketing and Preference Data

We collect information about your preferences, such as:

• Marketing communication preferences (opt-in/opt-out status)
• Dietary preferences or food customizations you have saved
• Survey responses and feedback
• Loyalty program activity and reward redemption history

3.7 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar technologies to collect information about your browsing activity on our website. For more information, please see Section 9 (Cookie Policy) below.

3.8 Information from Third Parties

We may receive information about you from third parties, including:

• Third-party delivery platforms (e.g., DoorDash, Uber Eats, Grubhub)
• Social media platforms when you interact with our social pages or use social login features
• Analytics providers and advertising partners
• Fraud detection and identity verification services

4. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes, including:

4.1 Providing and Managing Our Services

• Processing and fulfilling your food orders (online or in-store)
• Managing your account and loyalty program membership
• Processing payments and sending order confirmations and receipts
• Facilitating delivery logistics and coordinating with delivery partners
• Responding to your customer service inquiries and resolving complaints

4.2 Improving Our Website and Services

• Analyzing usage patterns to enhance our website's functionality and user experience
• Conducting internal research, testing, and quality assurance
• Monitoring and improving the performance and security of our systems
• Developing new menu items, features, and promotions based on customer feedback

4.3 Marketing and Promotional Communications

• Sending you newsletters, special offers, promotions, and updates (only where you have opted in or where permitted by law)
• Personalizing your experience on our website and in our marketing materials
• Displaying targeted advertisements on our website and on third-party platforms
• Conducting contests, sweepstakes, or surveys

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send, or by contacting us at [email protected].

4.4 Legal Compliance and Safety

• Complying with applicable federal and state laws and regulations
• Responding to lawful requests from government agencies or law enforcement
• Enforcing our Terms of Service and other legal agreements
• Detecting and preventing fraud, unauthorized access, and other illegal activities
• Protecting the rights, property, and safety of Via 313, our customers, and the public

4.5 Business Operations

• Managing our day-to-day business operations and administrative functions
• Conducting due diligence in connection with potential business transactions such as mergers or acquisitions
• Maintaining accurate business records

5. Legal Basis for Processing

As a business operating in the United States, we process your personal information based on the following legal grounds, consistent with applicable federal and state law, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission (FTC) Act:

• Contractual Necessity: Processing is necessary to fulfill an order, provide a service, or carry out a contract with you.
• Legitimate Business Interest: We process certain data to operate, improve, and protect our business, where such interests are not overridden by your privacy rights.
• Consent: For marketing communications and certain cookies, we rely on your explicit opt-in consent.
• Legal Obligation: We process data where required by law, including tax, financial reporting, and food safety regulations.

6. Sharing Your Information with Third Parties

Via 313 does not sell your personal information to third parties for monetary compensation. However, we may share your data in the following circumstances:

6.1 Service Providers and Business Partners

We work with trusted third-party service providers who assist us in operating our business. These providers only receive data necessary for their specific tasks and are contractually required to protect your information. They include:

6.2 Legal Requirements

We may disclose your personal information if required to do so by law or in response to:

• Subpoenas, court orders, or other legal processes
• Requests from government authorities, law enforcement agencies, or regulatory bodies
• Situations where disclosure is necessary to protect the rights, property, or safety of Via 313, our customers, or others

6.3 Business Transfers

In the event that Via 313 undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or part of its assets, your personal information may be transferred to the acquiring entity as part of that transaction. We will notify you via email or a prominent notice on our website if such a transfer occurs, and you will be informed of any changes to this Privacy Policy.

6.4 Advertising and Analytics Partners

We may share aggregated or de-identified information with advertising networks and analytics providers for the purpose of improving our marketing campaigns and understanding user behavior. Such data cannot reasonably be used to identify you.

6.5 Social Media Platforms

If you interact with Via 313 through social media or use social login features, certain information may be shared with or received from those platforms in accordance with their own privacy policies.

7. Your Privacy Rights

Depending on your state of residence, you may have specific rights regarding your personal information. We respect and honor these rights as required under applicable law.

7.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights:

• Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, as well as the purposes for which it is used and the categories of third parties with whom it is shared.
• Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain legal exceptions.
• Right to Correct: You have the right to request that we correct inaccurate personal information we hold about you.
• Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. Via 313 does not sell personal information for monetary compensation; however, certain data shared with advertising partners may qualify as "sharing" under the CPRA.
• Right to Limit Use of Sensitive Personal Information: You may request that we limit the use of your sensitive personal information to purposes necessary for providing our services.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you services, charge different prices, or provide a different level of quality because you exercised your privacy rights.

7.2 General Privacy Rights Available to All U.S. Customers

Regardless of your state, you have the right to:

• Access: Request a copy of the personal information we hold about you.
• Correction: Ask us to update or correct inaccurate or incomplete information.
• Deletion: Request erasure of your personal information where we no longer have a legal or business reason to retain it.
• Portability: Receive your personal information in a structured, commonly used, and machine-readable format where technically feasible.
• Opt-Out of Marketing: Unsubscribe from marketing communications at any time.

7.3 How to Submit a Privacy Rights Request

To exercise any of the rights described above, please contact us by:

• Email: [email protected] (subject line: "Privacy Rights Request")
• Website: via313.rest

We will respond to your request within 45 days of receipt. If we require additional time, we will notify you within the initial 45-day period. We may need to verify your identity before processing your request to ensure we are protecting your data from unauthorized access.

You may designate an authorized agent to submit a request on your behalf. We will require written authorization and verification of the agent's identity before processing such requests.

8. Data Security

We take the security of your personal information seriously and implement a range of technical, organizational, and administrative safeguards to protect it from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption: Data transmitted between your browser and our website is encrypted using Transport Layer Security (TLS) technology.
• Access Controls: Access to personal information is restricted to authorized personnel who have a legitimate business need to access it.
• Payment Security: We use PCI-DSS-compliant payment processors and do not store full payment card numbers on our servers.
• Regular Security Audits: We conduct periodic reviews and assessments of our data security practices.
• Employee Training: Our staff are trained on data privacy and security best practices.
• Incident Response: We maintain a data breach response plan to ensure timely notification and remediation in the event of a security incident.

Despite our best efforts, no method of data transmission or storage is completely secure. If you believe your personal information has been compromised, please contact us immediately at [email protected].

9. Cookie Policy

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertising.

9.1 What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work more efficiently and to provide information to website owners.

9.2 Types of Cookies We Use

9.3 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or delete existing ones. Please note that disabling certain cookies may affect the functionality of our website. For more information about managing cookies, visit www.allaboutcookies.org.

10. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention schedules and applicable law.

11. Children's Privacy

If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to delete such information from our systems.

Individuals between the ages of 13 and 17 should use our website only with the supervision and consent of a parent or legal guardian.

12. International Data Transfers

Via 313 is based in the United States, and your personal information is primarily stored and processed within the United States. However, some of our third-party service providers may be located in other countries, which means your data could be transferred to, stored, and processed in countries outside the United States.

When we transfer personal information internationally, we take steps to ensure that appropriate safeguards are in place to protect your data in accordance with applicable law. These safeguards may include:

• Standard contractual clauses approved by relevant authorities
• Data processing agreements with our service providers that include privacy protections
• Ensuring the receiving country provides an adequate level of data protection

By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and, where applicable, to other countries as described in this section.

13. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services such as social media platforms, delivery partners, and review sites. These third parties have their own privacy policies, which we encourage you to review. Via 313 is not responsible for the privacy practices or the content of third-party websites, and this Privacy Policy does not apply to those sites.

When you click on a third-party link, you leave our website and interact with a separate entity. We recommend exercising caution and reviewing the applicable privacy policies of any third-party site you visit.

14. California-Specific Disclosures

In addition to the rights described in Section 7, California residents are entitled to additional disclosures under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

14.1 Categories of Personal Information Collected in the Past 12 Months

• Identifiers (name, email, phone number, IP address)
• Commercial information (order history, transaction records)
• Internet or other electronic network activity (browsing behavior, cookie data)
• Geolocation data (approximate or precise location, where permitted)
• Inferences drawn from the above to create a customer profile

14.2 Do Not Sell or Share My Personal Information

California residents have the right to opt out of the sale or sharing of their personal information. While Via 313 does not sell personal information for monetary consideration, we may share certain identifiers and browsing data with advertising partners, which may constitute "sharing" under the CPRA. To opt out, please email us at [email protected] with the subject line "Do Not Sell or Share My Personal Information."

14.3 Shine the Light Law

Under California Civil Code Section 1798.83, California residents may request information about the personal data we have shared with third parties for their direct marketing purposes during the preceding calendar year. To make such a request, please contact us at [email protected].

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal obligations, or the services we offer. When we make material changes, we will:

• Post the updated Privacy Policy on our website at via313.rest with a new "Last Updated" date
• Send a notification to registered account holders via email where required by law
• Display a prominent notice on our website homepage for a reasonable period

Your continued use of our website and services after any changes to this Privacy Policy constitutes your acceptance of those changes. We encourage you to review this page periodically to stay informed about how we are protecting your information.

16. How to File a Complaint

If you believe that Via 313 has not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to first contact us directly so that we can attempt to resolve your concern.

You may also have the right to file a complaint with a relevant regulatory authority. Depending on your location, the appropriate authority may include:

• California Residents: You may file a complaint with the California Privacy Protection Agency (CPPA) at cppa.ca.gov or the California Attorney General's Office at oag.ca.gov.
• All U.S. Consumers: You may file a complaint with the Federal Trade Commission (FTC) at reportfraud.ftc.gov regarding unfair or deceptive practices.
• State Attorneys General: Residents of other states with applicable privacy laws may contact their respective state attorney general's office for guidance.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please do not hesitate to reach out to us. We are committed to addressing your concerns promptly and transparently.