Privacy Policy

Welcome to Marcos Meals. We are deeply committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website marcosmeals.click, place food orders, interact with our services, or otherwise engage with us. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

This Privacy Policy applies to all users of marcosmeals.click and any related services, features, or content offered by Marcos Meals (collectively, "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.

1. Company Information

The data controller responsible for your personal information is:

For all privacy-related questions, requests, or concerns, please contact us using the information provided in Section 14 of this policy.

2. Applicable Laws and Legal Framework

Marcos Meals operates in the United States and complies with applicable federal and state privacy laws, including but not limited to:

• The Federal Trade Commission Act (FTC Act) – which governs unfair or deceptive acts and practices in commerce, including data privacy and security practices.
• The California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) – which provides specific rights to California residents regarding their personal information.
• The CAN-SPAM Act – governing commercial electronic communications and email marketing.
• The Children's Online Privacy Protection Act (COPPA) – protecting the privacy of children under the age of 13.
• Applicable state consumer protection and data privacy laws across jurisdictions where our users reside, including but not limited to Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Texas (TDPSA).

We are committed to maintaining compliance with all relevant regulations and continuously updating our practices as laws evolve.

3. Information We Collect

We collect information about you in various ways when you interact with our Services. The categories of information we collect include:

3.1 Personal Identification Information

When you create an account, place a food order, sign up for our newsletter, or contact us, we may collect:

• Full name
• Email address
• Mailing and delivery address
• Phone number
• Username and password (stored in encrypted form)
• Profile picture (if provided)
• Date of birth (to verify age eligibility)

3.2 Payment and Transaction Information

When you make a purchase through our platform, we collect transaction-related information, which may include:

• Payment card type and last four digits
• Billing address
• Transaction amount and date
• Order history and food preferences
• Refund and dispute history

Full payment card numbers are processed directly by our third-party payment processors and are not stored on our servers. We use industry-standard tokenization to protect payment data.

3.3 Usage and Behavioral Data

We automatically collect certain information when you visit, use, or navigate our website, including:

• Pages viewed and content accessed
• Links clicked and features used
• Search queries entered on our platform
• Time spent on particular pages
• Referring and exit URLs
• Frequency and recurrence of visits
• Menu browsing and ordering patterns

3.4 Device and Technical Information

We collect technical information about the devices you use to access our Services, including:

• IP address
• Browser type and version
• Operating system and version
• Device type (desktop, mobile, tablet)
• Screen resolution
• Unique device identifiers
• Mobile carrier information (where applicable)
• Language settings

3.5 Location Data

To facilitate food delivery services, we may collect:

• Precise geolocation data (with your permission)
• Delivery address information
• General location inferred from IP address
• Location history associated with past deliveries

3.6 Communications and Feedback

When you interact with our customer support team or submit feedback, we may collect:

• Content of your messages and correspondence
• Food reviews and ratings
• Survey responses
• Social media mentions and interactions
• Chat logs and support tickets

3.7 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your interactions with our website. For more details on our use of cookies, please refer to Section 10 of this policy and our full Cookie Policy.

3.8 Information from Third Parties

We may receive information about you from third parties, including:

• Social media platforms (if you connect your social accounts)
• Marketing and analytics partners
• Public databases and data brokers (where permitted by law)
• Payment processors and fraud prevention services
• Business partners and referral sources

4. How We Use Your Information

We use the information we collect for a variety of legitimate business purposes. Specifically, we use your information to:

4.1 Provide and Operate Our Services

• Process and fulfill your food orders
• Manage your account and user profile
• Facilitate delivery logistics and coordinate with delivery personnel
• Provide customer support and resolve disputes
• Send order confirmations, updates, and delivery notifications
• Process payments and manage billing

4.2 Improve and Personalize Services

• Analyze usage patterns to improve our website and menu offerings
• Personalize your experience based on your preferences and order history
• Develop new features, products, and services
• Conduct internal research, testing, and quality assurance
• Optimize website performance and user interface

4.3 Marketing and Promotional Communications

• Send promotional emails and newsletters (with your consent where required)
• Display personalized advertisements on our platform and third-party sites
• Notify you of special offers, discounts, and new menu items
• Conduct loyalty programs and referral campaigns
• Re-engage users who have shown interest in our Services

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email or by contacting us at [email protected].

4.4 Safety, Security, and Fraud Prevention

• Detect, investigate, and prevent fraudulent transactions and abuse
• Verify your identity and authenticate your account
• Protect the rights, property, and safety of our users and business
• Monitor for security threats and unauthorized access

4.5 Legal Compliance and Enforcement

• Comply with applicable laws, regulations, and legal obligations
• Respond to lawful requests from government authorities
• Enforce our Terms of Service and other agreements
• Establish, exercise, or defend legal claims

4.6 Analytics and Research

• Understand how users interact with our platform
• Measure the effectiveness of our marketing campaigns
• Conduct market research and consumer trend analysis
• Generate aggregated, anonymized reports for business insights

5. Sharing Your Information with Third Parties

We do not sell your personal information to third parties for monetary compensation. However, we may share your information with certain trusted partners and in specific circumstances as described below:

5.1 Service Providers and Vendors

We engage third-party companies and individuals to perform services on our behalf. These service providers are given access only to the information necessary to perform their functions and are contractually obligated to protect your data. Categories of service providers include:

• Payment processing companies (e.g., Stripe, PayPal)
• Delivery and logistics partners
• Cloud hosting and infrastructure providers (e.g., AWS, Google Cloud)
• Email and SMS communication platforms
• Analytics providers (e.g., Google Analytics)
• Customer relationship management (CRM) tools
• Fraud detection and identity verification services
• Legal, accounting, and consulting professionals

5.2 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to the acquiring entity. We will notify you via email or a prominent notice on our website if such a transfer occurs and your data becomes subject to a different privacy policy.

5.3 Legal Requirements and Law Enforcement

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court, government agency, or law enforcement). This includes situations where we believe disclosure is necessary to:

• Comply with a legal obligation or court order
• Protect and defend the rights or property of Marcos Meals
• Prevent or investigate possible wrongdoing in connection with our Services
• Protect the personal safety of users or the public

5.4 With Your Consent

We may share your information with additional third parties when you have explicitly provided your consent to do so.

5.5 Aggregated and Anonymized Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you with partners, advertisers, or other third parties for research, marketing, analytics, and other business purposes.

6. Data Security Measures

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical security measures to protect your data from unauthorized access, use, alteration, and disclosure. Our security measures include:

6.1 Technical Safeguards

• SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard Secure Sockets Layer (SSL) / Transport Layer Security (TLS) protocols.
• Data Encryption at Rest: Sensitive data stored in our databases is encrypted using AES-256 encryption standards.
• Secure Payment Processing: Payment card data is handled through PCI DSS-compliant payment processors. We do not store full card numbers on our systems.
• Firewalls and Intrusion Detection: We employ network firewalls, intrusion detection systems, and continuous monitoring to identify and respond to threats.
• Access Controls: Access to personal data is restricted to authorized personnel who need it to perform their job functions, using role-based access control (RBAC).

6.2 Administrative Safeguards

• Regular employee training on data privacy and security best practices
• Background checks for employees with access to sensitive data
• Data processing agreements with all third-party service providers
• Incident response plan for data breach scenarios
• Regular privacy impact assessments and security audits

6.3 Physical Safeguards

• Secure data centers with restricted physical access
• Locked offices and workstations for staff handling personal data
• Secure disposal of physical records containing personal information

7. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information. We are committed to honoring these rights and providing mechanisms for you to exercise them.

7.1 Rights Under Federal and State Laws (U.S. Residents)

Under applicable U.S. privacy laws, including the CCPA/CPRA for California residents and similar state privacy laws, you may have the following rights:

• Right to Know / Access: You have the right to request that we disclose what categories and specific pieces of personal information we have collected about you, the sources of that information, our business purposes for collecting it, and the categories of third parties with whom we share it.
• Right to Deletion: You have the right to request that we delete the personal information we have collected from you, subject to certain exceptions (e.g., where retention is required to complete a transaction, comply with a legal obligation, or for certain security purposes).
• Right to Correction / Rectification: You have the right to request that we correct inaccurate personal information we maintain about you.
• Right to Data Portability: You have the right to receive your personal information in a structured, commonly used, machine-readable format and, where technically feasible, to have it transmitted to another service provider.
• Right to Opt Out of Sale or Sharing: Under the CCPA/CPRA, California residents have the right to opt out of the sale or sharing of their personal information for cross-context behavioral advertising. We do not sell personal information in the traditional sense, but we do engage in practices that may constitute "sharing" under California law. You may exercise this right by contacting us.
• Right to Limit Use of Sensitive Personal Information: California residents have the right to limit our use and disclosure of sensitive personal information to that which is necessary to perform the services requested.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. We will not deny you services, charge you different prices, or provide a different level of quality because you exercised your rights under applicable privacy law.

7.2 How to Submit a Privacy Request

To exercise any of the rights described above, please submit a verifiable consumer request by:

• Emailing us at: [email protected]
• Visiting our website: marcosmeals.click

We will respond to verifiable consumer requests within 45 days of receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. We do not charge a fee for a reasonable request; however, if requests are repetitive or excessive, we reserve the right to charge a reasonable fee or refuse the request.

7.3 Authorized Agents

California residents may designate an authorized agent to submit privacy requests on their behalf. We may require the authorized agent to provide proof of authorization and may require you to verify your identity directly with us before fulfilling the request.

8. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or as required by law. Our general data retention practices are as follows:

Upon expiration of the applicable retention period, we will securely delete or anonymize your personal information in accordance with industry best practices.

9. Children's Privacy

Marcos Meals is a food service platform that may include content, products, or services not appropriate for minors. We do not knowingly solicit data from or market to children under the age of 18. In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under the age of 13 without verifiable parental consent.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. If we become aware that we have collected personal information from a child under the age of 13 without verification of parental consent, we will take immediate steps to remove that information from our servers.

Users between the ages of 13 and 17 are also encouraged to use our Services only with parental or guardian supervision and consent. We reserve the right to restrict access to our platform for individuals who do not meet our minimum age requirements.

10. Cookie Policy Summary

Marcos Meals uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and deliver personalized content. Below is a brief overview:

10.1 Types of Cookies We Use

• Essential / Strictly Necessary Cookies: These cookies are required for the website to function and cannot be disabled. They include session management, security tokens, and shopping cart functionality.
• Performance and Analytics Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting anonymous information. We use tools like Google Analytics for this purpose.
• Functional Cookies: These cookies enable the website to provide enhanced functionality and personalization, such as remembering your login information and food preferences.
• Marketing and Advertising Cookies: These cookies track your online activity to help advertisers deliver more relevant advertising or limit how many times you see an advertisement. They may be set by us or by third-party advertising partners.

10.2 Managing Your Cookie Preferences

You can manage your cookie preferences through:

• Our cookie consent banner displayed when you first visit our website
• Your browser settings (most browsers allow you to block or delete cookies)
• Third-party opt-out tools such as the NAI Opt-Out and DAA Opt-Out

Please note that disabling certain cookies may affect the functionality of our website and your ability to place orders or use certain features.

For a comprehensive explanation of our cookie practices, please review our full Cookie Policy.

11. International Data Transfers

Marcos Meals is based in the United States and primarily processes personal data within the United States. However, some of our third-party service providers and partners may be located in other countries, and your data may be transferred to, stored in, and processed in locations outside of your home jurisdiction.

If you are located outside the United States and choose to use our Services, please be aware that your information will be transferred to and processed in the United States, where data protection laws may differ from those in your country of residence.

When we transfer personal data internationally, we take steps to ensure that appropriate safeguards are in place to protect your information, including:

• Executing data processing agreements with international service providers
• Implementing Standard Contractual Clauses (SCCs) where applicable
• Ensuring that recipient countries provide an adequate level of data protection
• Using Privacy Shield frameworks or equivalent mechanisms where applicable

By using our Services, you consent to the transfer of your personal information to the United States and to countries where our service providers operate, subject to appropriate safeguards.

12. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not operated by us. If you click on a third-party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. Our Privacy Policy applies only to information collected by marcosmeals.click and our Services. We are not responsible for any data collected by third parties linked from or integrated with our platform.

Common third-party integrations on our platform may include:

• Social media platforms (Facebook, Instagram, Twitter/X)
• Payment gateways (Stripe, PayPal, Apple Pay)
• Analytics tools (Google Analytics, Hotjar)
• Mapping services (Google Maps)
• Customer support platforms (Zendesk, Intercom)

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time. When we make changes, we will:

• Update the "Last Updated" date at the top of this page
• Post the revised policy on our website at marcosmeals.click/privacy-policy
• Send an email notification to registered users for material changes (where we have your contact information)
• Display a prominent notice on our website for significant policy changes

We encourage you to periodically review this Privacy Policy to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of those changes.

If we materially change how we use your personal information, we will provide you with an opportunity to opt out of or consent to the new use before it takes effect, where required by applicable law.

14. Contact Us About Privacy

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to resolving privacy concerns promptly and transparently.

When contacting us about a privacy matter, please include:

• Your full name and email address associated with your account
• A clear description of your request or concern
• Any relevant order numbers or account identifiers

15. Filing Complaints with Regulatory Authorities

If you believe your privacy rights have been violated and are dissatisfied with our response, you have the right to file a complaint with the appropriate regulatory authority. Below are relevant authorities based on your location:

15.1 Federal Trade Commission (FTC) – United States

For consumer privacy complaints at the federal level, you may contact the Federal Trade Commission (FTC):

• Website: www.ftc.gov/complaint
• Phone: 1-877-FTC-HELP (1-877-382-4357)
• Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

15.2 California Privacy Protection Agency (CPPA) – California Residents

California residents who wish to file a complaint regarding violations of the CCPA/CPRA may contact the California Privacy Protection Agency:

• Website: cppa.ca.gov
• Address: 2101 Arena Boulevard, Sacramento, CA 95834

15.3 State Attorneys General

Residents of other states may also file complaints with their state's Attorney General office regarding violations of applicable state privacy laws. You can find your state's Attorney General office at www.naag.org/find-my-ag.

15.4 Internal Escalation Process

We encourage you to contact us first before filing an external complaint. Many privacy concerns can be resolved quickly through direct communication. If you are unsatisfied with the initial response from our team, you may request that your complaint be escalated to our Privacy Officer for further review. We are committed to working in good faith to address all legitimate privacy concerns.

Marcos Meals Privacy Policy | Effective Date: June 12, 2026 | Website: marcosmeals.click | Email: [email protected]