Privacy Policy

Effective Date: June 3, 2026 | Last Updated: June 3, 2026

This Privacy Policy explains how Dions ("we," "us," "our," or "the Company") collects, uses, discloses, and protects your personal information when you visit our website at meal-dions.digital, place food orders, use our services, or otherwise interact with us. We are committed to protecting your privacy and handling your personal data in a transparent, lawful, and responsible manner.

By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue your use of our website and services immediately.

This Privacy Policy is governed by applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable consumer protection regulations.

1. Company Information and Contact Details

The data controller responsible for your personal information is:

Company Name	Dions
Website	meal-dions.digital
Email Address	[email protected]
Location	United States

For all privacy-related inquiries, requests, or complaints, you may contact us directly at [email protected]. We are committed to responding to all legitimate privacy inquiries within a reasonable timeframe, and no longer than 45 days as required by applicable law.

2. Information We Collect

We collect various types of information in connection with your use of our website, food ordering services, and any other interactions you have with Dions. The categories of personal information we collect are outlined below.

2.1 Personal Identification Information

When you create an account, place a food order, make a reservation, or contact us, we may collect:

Full name
Email address
Phone number
Delivery address and billing address
Date of birth (where required for age verification)
Username and password (stored in encrypted form)
Profile photo (if provided voluntarily)

2.2 Payment and Financial Information

To process food orders and transactions, we collect payment-related information. We do not store your full credit or debit card numbers directly on our systems. Payment card data is processed through PCI-DSS-compliant third-party payment processors. However, we may retain:

Last four digits of your payment card
Payment method type (e.g., Visa, Mastercard, digital wallet)
Billing address associated with the payment method
Transaction history and order amounts

2.3 Order and Transaction Data

When you place food orders through our platform, we collect information about:

Items ordered, quantities, and special instructions
Order history and frequency
Delivery preferences and special delivery notes
Promotional codes and discounts applied
Customer feedback and ratings submitted after delivery

2.4 Usage Data and Technical Information

When you visit our website or use our digital services, we automatically collect certain technical and usage information, including:

IP address and approximate geolocation
Browser type and version
Operating system and device type
Pages visited, time spent on each page, and clickstream data
Referring URLs and exit pages
Date and time of your visit
Search queries entered on our website
Features used and interactions performed on our platform

2.5 Device Information

We may collect specific device-related information, including:

Device identifiers (such as mobile device ID or advertising ID)
Device model and manufacturer
Network information, including mobile carrier and connection type
App version (if you use our mobile application)
Language settings and time zone

2.6 Location Data

With your consent, we may collect precise or approximate location data to facilitate food delivery services, show nearby menu options, or estimate delivery times. You may disable location tracking through your device settings, though this may impact the functionality of certain features.

2.7 Communications and Customer Support Data

When you contact our customer support team or communicate with us, we may collect:

Content of messages, emails, or chat conversations
Call recordings (where permitted by law and disclosed at the start of the call)
Nature of the inquiry or complaint
Support ticket records and resolution history

2.8 Marketing and Preference Data

We collect information about your marketing preferences and interactions with our promotional materials, including:

Email open rates and click-through data
Subscription preferences and opt-in/opt-out records
Survey responses and feedback submitted
Food preferences and dietary restrictions (if voluntarily provided)

2.9 Cookies and Tracking Technologies

Our website uses cookies, web beacons, pixels, and similar tracking technologies to collect information about your browsing behavior. Please refer to Section 8 of this Privacy Policy for detailed information about our use of cookies.

2.10 Information from Third Parties

We may receive personal information about you from third-party sources, including:

Social media platforms (if you log in using social authentication such as Google or Facebook)
Marketing partners and data analytics providers
Delivery and logistics partners
Payment processing companies
Public databases (for fraud prevention and identity verification)

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Providing and Managing Our Services

Processing and fulfilling food orders placed through our website or app
Coordinating delivery services and communicating estimated delivery times
Managing your account and maintaining your order history
Processing payments and issuing receipts or refunds
Responding to customer inquiries and providing technical support
Sending transactional communications such as order confirmations and delivery updates

3.2 Personalization and User Experience

Personalizing your experience on our website based on your preferences and order history
Recommending menu items based on past orders and dietary preferences
Remembering your saved addresses, payment methods, and account settings
Tailoring promotional offers and loyalty program benefits to your profile

3.3 Analytics and Service Improvement

Analyzing website traffic, user behavior, and platform performance
Identifying and fixing technical errors or bugs
Conducting research to improve our menu offerings and service quality
Evaluating the effectiveness of marketing campaigns
Generating aggregated, anonymized statistical reports for internal business purposes

3.4 Marketing and Promotional Communications

Sending newsletters, promotional emails, and special offers (with your consent where required)
Delivering targeted advertisements through third-party advertising networks
Notifying you about new menu items, seasonal specials, and limited-time promotions
Running loyalty programs and sending rewards-related communications

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at [email protected].

3.5 Security, Fraud Prevention, and Legal Compliance

Detecting, preventing, and investigating fraudulent transactions and unauthorized access
Verifying your identity and authenticating account access
Complying with applicable laws, regulations, and court orders
Enforcing our Terms of Service and other legal agreements
Protecting the rights, property, and safety of Dions, our customers, and the public

3.6 Legal Basis for Processing

We process your personal information on the following legal bases:

Contract Performance: Processing necessary to fulfill your orders and provide the services you have requested.
Legitimate Interests: Processing necessary for our legitimate business interests, such as fraud prevention, security, and service improvement, provided these interests are not overridden by your rights.
Consent: Where you have given explicit consent, such as for marketing communications or the use of certain cookies.
Legal Obligation: Processing required to comply with applicable federal and state laws.

4. Sharing Your Information with Third Parties

We do not sell, rent, or trade your personal information to unaffiliated third parties for their own marketing purposes without your explicit consent. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party service providers who assist us in operating our business. These service providers are contractually bound to use your information only as directed by us and in accordance with this Privacy Policy. They include:

Payment Processors: Companies that handle payment card transactions and fraud detection
Delivery Partners: Third-party delivery drivers or courier services that fulfill your food orders
Cloud Hosting Providers: Services that host and maintain our website and data infrastructure
Email and SMS Service Providers: Platforms used to deliver transactional and marketing communications
Analytics Providers: Services such as Google Analytics that help us understand website usage patterns
Customer Support Platforms: Tools used to manage and respond to customer inquiries
Marketing and Advertising Networks: Platforms used to deliver targeted promotional content

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information to government authorities, law enforcement agencies, or other third parties when required to do so by law, including:

In response to a valid subpoena, court order, or legal process
To comply with applicable federal, state, or local laws and regulations
To investigate and respond to claims of illegal activity or violations of our terms
To protect the rights, safety, or property of Dions, our employees, customers, or the public

4.3 Business Transfers

In the event that Dions undergoes a merger, acquisition, asset sale, reorganization, or similar corporate transaction, your personal information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our website before your information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your personal information with other parties when you have given us your explicit consent to do so, such as when you participate in co-branded promotions or third-party loyalty programs.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized data that does not identify any individual person with third parties for research, analytics, marketing, or other business purposes. This type of data sharing does not constitute sharing of personal information.

5. Data Security

Dions takes the security of your personal information seriously and implements a comprehensive set of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, disclosure, alteration, or destruction.

5.1 Technical Security Measures

Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption for all data transmitted between your browser and our servers
Encryption of sensitive data at rest, including passwords (stored using industry-standard hashing algorithms)
Firewalls and intrusion detection systems to monitor and protect our network
Regular security vulnerability scans and penetration testing
Multi-factor authentication options for user accounts
PCI-DSS compliance for payment card data handling

5.2 Administrative Security Measures

Access controls ensuring that only authorized personnel can access personal data
Employee training on data protection practices and security awareness
Confidentiality agreements with employees, contractors, and service providers
Regular review and audit of data access logs
Documented incident response procedures

5.3 Data Breach Notification

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected users and relevant authorities as required by applicable law. Notification will be provided without undue delay and, where feasible, within the timeframes mandated by applicable state and federal laws.

Important: While we take every reasonable precaution to protect your personal information, no method of data transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your account credentials and should notify us immediately if you suspect any unauthorized use of your account.

6. Your Privacy Rights

Depending on your location and applicable law, you may have various rights regarding your personal information. Dions is committed to honoring these rights. We describe them in detail below.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, our business purpose for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request the deletion of personal information we have collected about you, subject to certain exceptions.
Right to Correct: You have the right to request the correction of inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information with third parties for cross-context behavioral advertising purposes.
Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of your sensitive personal information to purposes necessary for providing our services.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. We will not deny you services, charge different prices, or provide a lesser quality of service because you exercised your privacy rights.

6.2 General Privacy Rights (All Users)

Regardless of your location, we extend the following rights to all users of our services:

Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You may request that we correct inaccurate or incomplete personal information.
Right to Deletion: You may request the deletion of your personal information, subject to legal retention requirements.
Right to Data Portability: You may request that we provide your personal data in a structured, commonly used, machine-readable format.
Right to Withdraw Consent: Where processing is based on consent, you may withdraw your consent at any time without affecting the lawfulness of prior processing.
Right to Object to Marketing: You may opt out of direct marketing communications at any time.

6.3 How to Exercise Your Rights

To exercise any of your privacy rights, please contact us by:

Email: [email protected]

We may need to verify your identity before processing your request to prevent unauthorized access to your information. Verification may require you to provide identifying information that matches our records. We will respond to your request within 45 days. If we require additional time, we will notify you of the extension and the reason for the delay.

Authorized agents may submit requests on behalf of California residents. We may require written authorization from the California resident before honoring such requests.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, resolve disputes, and enforce our agreements. The following retention periods generally apply:

Type of Data	Retention Period
Account and profile information	Duration of account plus 3 years after account closure
Order history and transaction records	7 years (for tax and accounting compliance)
Payment processing data	As required by PCI-DSS standards (typically 1 year for full records)
Customer support communications	3 years from last interaction
Marketing preferences and consent records	Duration of business relationship plus 3 years
Website usage and analytics data	26 months (anonymized after initial processing)
Cookie and tracking data	Varies by cookie type (see Section 8)
Fraud prevention and security logs	Up to 5 years

When your personal information is no longer required, we will securely delete or anonymize it in accordance with our data retention schedules. If deletion is not immediately possible (for example, because data is stored in backup systems), we will securely isolate the data and protect it from further processing until deletion is possible.

8. Cookie Policy

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content. This section provides a brief overview of our cookie practices.

8.1 What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They allow the website to remember your actions and preferences over time, so you do not have to re-enter information every time you return.

8.2 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the website to function properly. They enable core features such as shopping cart functionality, user authentication, and security. These cannot be disabled.
Performance and Analytics Cookies: Used to collect information about how visitors use our website, such as which pages are visited most often. This helps us improve the website's performance and user experience.
Functionality Cookies: Allow the website to remember choices you make (such as your preferred language or delivery address) to provide enhanced, personalized features.
Targeting and Advertising Cookies: Used to deliver advertisements that are relevant to you and your interests. They also limit how many times you see an advertisement and help us measure the effectiveness of marketing campaigns.
Third-Party Cookies: Placed by third-party services such as Google Analytics, social media platforms, and advertising networks that appear on our website.

8.3 Managing Your Cookie Preferences

You can control and manage cookie settings through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or receive notification when a cookie is placed. Please note that disabling certain cookies may affect the functionality of our website.

For detailed information about the specific cookies we use, their purposes, and how to manage them, please review our full Cookie Policy available on our website. You may also update your cookie preferences at any time through the cookie consent banner displayed on our website.

9. Children's Privacy

Age Requirement: Our website and services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under the age of 18.

Dions does not knowingly solicit, collect, or store personal information from children under the age of 18. Our food ordering platform is designed for adult users and we do not create accounts for or market our services directly to minors.

If we become aware that we have inadvertently collected personal information from a child under the age of 18 without appropriate parental consent, we will take prompt steps to delete that information from our systems. If you believe that we may have collected information from a child under 18, please contact us immediately at [email protected].

Parents and guardians who believe their child has provided personal information to us without their consent are encouraged to contact us so that we can take appropriate action. We comply with the Children's Online Privacy Protection Act (COPPA) and related federal regulations.

10. International Data Transfers

Dions operates primarily within the United States, and our primary data processing activities occur within the United States. However, some of our third-party service providers, including cloud hosting, analytics, and marketing platforms, may process data in countries outside the United States.

When we transfer personal information internationally, we take appropriate safeguards to ensure that your data receives the same level of protection as it would within the United States. These safeguards may include:

Contractual clauses that require third parties to protect personal data in accordance with applicable law
Data processing agreements with service providers that incorporate appropriate data protection standards
Use of service providers that maintain certifications or frameworks recognized for cross-border data protection adequacy

By using our services, you acknowledge and consent to the transfer of your personal information to the United States and, where applicable, to other countries in which our service providers operate. We will always take steps to ensure your information is protected in accordance with this Privacy Policy.

11. Third-Party Links and Services

Our website may contain links to third-party websites, platforms, or services that are not operated by Dions. These include social media platforms, delivery tracking services, and payment gateways. This Privacy Policy does not apply to those third-party services.

We encourage you to review the privacy policies of any third-party services you visit or use. We have no control over and assume no responsibility for the content, privacy practices, or data handling of third-party websites or services linked from our platform.

12. California-Specific Privacy Disclosures

12.1 Categories of Personal Information Collected (California)

Under the CCPA/CPRA, we are required to disclose the categories of personal information we collect. In the preceding 12 months, we have collected the following categories:

Category	Collected	Purpose
Identifiers (name, email, IP address)	Yes	Account management, order processing, security
Commercial information (purchase history)	Yes	Order fulfillment, customer service, personalization
Internet or electronic network activity	Yes	Analytics, security, service improvement
Geolocation data	Yes (with consent)	Delivery services, location-based features
Audio/visual information (call recordings)	Yes (where disclosed)	Customer support quality assurance
Inferences (preferences, dietary habits)	Yes	Personalization and recommendations
Financial information (payment data)	Yes (partial)	Payment processing

12.2 Do Not Sell or Share My Personal Information

California residents have the right to opt out of the sale or sharing of their personal information. While Dions does not sell personal information for monetary consideration, certain data sharing with advertising partners for targeted advertising purposes may be considered "sharing" under California law.

To opt out, please contact us at [email protected] with the subject line "Do Not Sell or Share My Personal Information."

12.3 Shine the Light Law

California Civil Code Section 1798.83 (the "Shine the Light" law) permits California residents to request information about personal information disclosed to third parties for their direct marketing purposes. To make such a request, please contact us at [email protected].

13. FTC Act Compliance

Dions is committed to complying with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive practices in commerce. Our data collection and privacy practices are designed to be transparent, fair, and consistent with what we represent to our users. We do not engage in deceptive data collection practices, and we honor the representations made in this Privacy Policy.

If you believe we have engaged in any unfair or deceptive practice regarding your personal information, you have the right to file a complaint with the Federal Trade Commission (FTC) at ftc.gov/complaint or by calling 1-877-FTC-HELP (1-877-382-4357).

14. How to File a Privacy Complaint

14.1 Internal Complaint Process

If you have a concern or complaint about how Dions handles your personal information, we encourage you to contact us first so that we can attempt to resolve the matter directly:

Email: [email protected]
Website: meal-dions.digital

Please include your name, contact information, a description of your concern, and any supporting documentation. We will acknowledge receipt of your complaint within 5 business days and will use reasonable efforts to resolve the matter within 30 days.

14.2 Complaints to Regulatory Authorities

If you are not satisfied with our response, you have the right to file a complaint with the appropriate regulatory authority. Relevant authorities include:

Federal Trade Commission (FTC):
Website: www.ftc.gov/complaint
Phone: 1-877-382-4357
California Privacy Protection Agency (CPPA): (for California residents)
Website: cppa.ca.gov
State Attorney General Office: You may also contact the Attorney General of your state for consumer protection matters related to privacy.

15. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes to this Privacy Policy, we will notify you by:

Posting the updated Privacy Policy on this page with a new "Last Updated" date
Sending a notification email to the email address associated with your account (for significant changes)
Displaying a prominent notice on our website for a reasonable period

Your continued use of our website and services after we post an updated Privacy Policy constitutes your acceptance of the changes, to the extent permitted by applicable law. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us:

Company	Dions
Website	meal-dions.digital
Email	[email protected]

We are dedicated to protecting your privacy and will make every effort to address your inquiries promptly and thoroughly. Thank you for trusting Dions with your personal information.

Last Updated: June 3, 2026. This Privacy Policy supersedes all previous versions and constitutes the entire policy governing the collection, use, and sharing of your personal information by Dions in connection with the website meal-dions.digital and related services.