Privacy Policy

Effective Date: June 4, 2026 | Last Updated: June 4, 2026

Important Notice: This Privacy Policy explains how Taco Time collects, uses, discloses, and safeguards your personal information when you visit our website meal-tacotime.digital, place orders, or otherwise interact with our services. Please read this document carefully before using our platform.

1. Introduction and Who We Are

Welcome to Taco Time. We are a food service business operating in the United States, committed to providing exceptional dining experiences while respecting and protecting your personal privacy. This Privacy Policy applies to all users of our website located at meal-tacotime.digital and any associated digital platforms, mobile services, or online ordering systems we operate.

Throughout this document, references to "Taco Time," "we," "us," or "our" refer to the business entity operating under the Taco Time brand. References to "you," "your," or "user" refer to any individual who accesses, browses, or uses our website or services.

We take your privacy seriously. As a business operating in the United States, we comply with applicable federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) for California residents, the Federal Trade Commission Act (FTC Act), and other applicable federal and state consumer protection laws.

By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our services immediately.

2. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us using the information below:

Privacy Contact Details

Business Name	Taco Time
Address	United States
Phone	Not provided
Email	[email protected]
Website	meal-tacotime.digital

We aim to respond to all privacy-related inquiries within 30 business days of receipt. For urgent matters, please indicate the urgency in your subject line when contacting us via email.

3. Information We Collect

We collect various categories of personal information depending on how you interact with our website and services. The following sections describe the types of data we collect in detail.

3.1 Personal Information You Provide Directly

When you voluntarily interact with our website, create an account, place an order, or contact us, you may provide us with the following categories of personal information:

Identity Information: Your full name, username, or similar identifiers.
Contact Information: Email address, telephone number, billing address, delivery address, and postal code.
Account Credentials: Username and encrypted password if you create an account on our platform.
Order Information: Details about the food items you order, special dietary requests, order history, and preferences.
Payment Information: Credit card numbers, debit card information, billing details, and other financial data necessary to process transactions. Note: we do not store full payment card numbers on our servers; this information is handled by our PCI-DSS compliant payment processors.
Communications Data: Messages, feedback, reviews, complaints, or other communications you send to us via email, contact forms, or customer service channels.
Marketing Preferences: Your preferences for receiving marketing communications and promotional offers from us.

3.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical and usage data through cookies, web beacons, and similar tracking technologies. This information includes:

Device Information: IP address, device type, operating system, browser type and version, screen resolution, and hardware configuration.
Usage Data: Pages you visit on our website, time spent on each page, links you click, search queries entered, features you use, and your navigation path through our site.
Location Data: General geographic location derived from your IP address (city and state level). With your explicit consent, we may collect more precise location data to facilitate delivery services.
Log Data: Server logs that record your requests to our website, including timestamps, referring URLs, and error reports.
Cookie and Tracking Data: Information collected through cookies, pixel tags, web beacons, and similar technologies as described further in Section 8 of this policy.

3.3 Information from Third Parties

We may receive personal information about you from third-party sources, including:

Social Media Platforms: If you log in using a social media account (such as Facebook, Google, or Apple), we receive certain profile information as permitted by that platform and your privacy settings.
Analytics Providers: Third-party analytics services that provide aggregated and de-identified insights about website traffic and user behavior.
Delivery Partners: If we use third-party delivery services, those partners may share relevant order fulfillment information with us.
Review Platforms: If you leave reviews about our food or services on third-party review platforms, that information may become available to us.
Advertising Networks: Partners who help us deliver targeted advertising may share certain demographic and behavioral data with us in compliance with applicable laws.

4. How We Use Your Information

We use the personal information we collect for specific, legitimate purposes. We will not use your data in ways that are incompatible with the purposes described in this section without providing you with additional notice.

4.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders, including delivery and pickup arrangements.
Creating and managing your user account on our platform.
Processing payments and issuing receipts or order confirmations.
Communicating with you about your orders, including status updates and delivery notifications.
Providing customer support and resolving complaints or disputes.
Personalizing your ordering experience based on your past orders and stated preferences.

4.2 Analytics and Service Improvement

Analyzing website traffic patterns, user behavior, and engagement metrics to improve our platform.
Conducting market research and gathering insights to develop new menu items or features.
Monitoring and improving the performance, security, and reliability of our website and systems.
Testing new features or services in a limited capacity before broader rollout.
Generating anonymized, aggregated statistical reports for internal business purposes.

4.3 Marketing and Promotional Communications

Sending you promotional emails, newsletters, special offers, and discount codes if you have opted in to receive such communications.
Displaying personalized advertisements on our website and on third-party platforms based on your interests and browsing behavior.
Notifying you about new menu items, seasonal offerings, events, or loyalty program updates.
Conducting surveys or requesting feedback about your experience with our food and services.

You have the right to opt out of marketing communications at any time. Each promotional email we send includes an unsubscribe link. You may also opt out by contacting us directly at [email protected].

4.4 Legal Compliance and Safety

Complying with applicable federal and state laws, regulations, and legal obligations.
Responding to lawful requests from law enforcement agencies, courts, or government authorities.
Enforcing our Terms of Service and other applicable policies.
Detecting, investigating, and preventing fraudulent transactions, unauthorized access, and other illegal activities.
Protecting the rights, property, and safety of Taco Time, our users, and the general public.

5. How We Share Your Information

We do not sell your personal information to third parties for their own marketing purposes. However, we do share your data with certain trusted partners and service providers as described below.

5.1 Service Providers and Business Partners

We engage third-party companies and individuals to perform services on our behalf. These service providers have access to your personal data only as necessary to perform their services and are contractually obligated to maintain appropriate confidentiality and security standards. Categories of service providers include:

Payment Processors: Companies that handle credit card and payment transactions on our behalf (e.g., Stripe, Square, or similar PCI-DSS compliant processors).
Delivery Services: Third-party delivery partners who fulfill your food delivery orders.
Cloud Hosting Providers: Companies that host our website, databases, and digital infrastructure.
Email Marketing Platforms: Services that help us send promotional and transactional emails to you.
Analytics Providers: Companies such as Google Analytics that help us understand how users interact with our website.
Customer Support Tools: Platforms that facilitate our customer service operations.
Advertising Networks: Partners that help us deliver targeted advertising campaigns.

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

Comply with a legal obligation, court order, subpoena, or governmental request.
Enforce our Terms of Service or other applicable agreements.
Protect and defend the rights or property of Taco Time.
Prevent or investigate possible wrongdoing in connection with our services.
Protect the personal safety of users of our services or the public.
Protect against legal liability.

5.3 Business Transfers

In the event that Taco Time undergoes a merger, acquisition, reorganization, bankruptcy, sale of assets, or similar business transaction, your personal information may be transferred as part of that transaction. We will notify you via email or prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

5.4 With Your Consent

We may share your personal information with third parties for purposes not described in this Privacy Policy when we have obtained your explicit consent to do so.

California Residents – CCPA/CPRA Notice: Under the California Consumer Privacy Act, California residents have specific rights regarding the sharing of their personal information. We do not "sell" or "share" personal information as those terms are defined under California law for cross-context behavioral advertising without providing the required opt-out mechanism. Please see Section 10 for details on your California-specific rights.

6. Data Security

We take the security of your personal information seriously and implement a comprehensive range of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, use, disclosure, alteration, or destruction.

6.1 Technical Security Measures

Encryption: All data transmitted between your browser and our servers is protected using industry-standard SSL/TLS encryption (HTTPS protocol). Sensitive data such as payment information is encrypted both in transit and at rest.
Access Controls: We implement strict role-based access controls ensuring that only authorized personnel can access personal data, and only to the extent necessary for their job functions.
Firewalls and Intrusion Detection: We deploy firewalls, intrusion detection systems, and network monitoring tools to protect our infrastructure from unauthorized access.
Secure Password Storage: User passwords are stored using strong cryptographic hashing algorithms and are never stored in plain text.
Regular Security Assessments: We conduct periodic security reviews, vulnerability assessments, and penetration testing to identify and address potential weaknesses.

6.2 Administrative and Organizational Measures

Employee training on data privacy and security best practices.
Data minimization practices — we only collect information that is necessary for stated purposes.
Vendor due diligence to ensure third-party partners maintain adequate security standards.
Incident response procedures to address and notify affected users in the event of a data breach as required by applicable law.

Despite our best efforts, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your personal data. In the event of a data breach that affects your rights and freedoms, we will notify you as required under applicable state breach notification laws.

7. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements.

Data Category	Retention Period	Reason
Account Information	Duration of account + 3 years after closure	Service provision, legal compliance
Order History	7 years	Tax and accounting obligations
Payment Records	7 years	Financial regulatory requirements
Marketing Data	Until opt-out + 1 year	Marketing purposes, suppression lists
Customer Support Records	3 years from last interaction	Service quality, dispute resolution
Website Usage / Analytics	26 months	Performance analysis and improvement
Cookie Data	Session to 24 months (depending on type)	Functionality and analytics
Legal Hold Data	Duration of legal proceedings + applicable statute of limitations	Legal compliance and defense

When personal data is no longer required, we securely delete or anonymize it in accordance with industry best practices.

8. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your user experience, analyze site traffic, and deliver relevant advertising. This section provides a brief overview; for comprehensive details, please refer to our dedicated Cookie Policy.

8.1 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the website to function properly. These cannot be disabled without affecting your ability to use our services (e.g., session management, shopping cart functionality).
Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting and reporting anonymous information (e.g., Google Analytics cookies).
Functionality Cookies: Allow us to remember your preferences and settings to personalize your experience (e.g., language settings, saved order preferences).
Targeting and Advertising Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns.

8.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling certain cookies may impact the functionality of our website. You may also use tools such as the Network Advertising Initiative (NAI) opt-out tool or the Digital Advertising Alliance (DAA) opt-out to control interest-based advertising.

For full details on the specific cookies we use and how to manage them, please review our Cookie Policy.

9. Your Privacy Rights

Depending on your location within the United States, you may have specific rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.

9.1 General Rights Available to All Users

Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You may request that we correct any inaccurate or incomplete personal information we hold about you.
Right to Deletion: You may request that we delete your personal information, subject to certain exceptions (e.g., data we are required to retain for legal reasons).
Right to Opt-Out of Marketing: You may opt out of receiving marketing communications from us at any time.
Right to Data Portability: Where technically feasible, you may request that we provide your personal data in a structured, machine-readable format.

9.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with the following additional rights:

Right to Know: You have the right to know what categories of personal information we collect, the purposes for which it is used, the sources from which it is collected, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request deletion of personal information we have collected about you, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to direct us not to sell or share your personal information. To exercise this right, please contact us at [email protected].
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of sensitive personal information to those uses necessary to perform the services you request.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level of quality because you exercised your privacy rights.

To submit a verifiable consumer request under the CCPA/CPRA, please contact us at [email protected]. We will acknowledge receipt of your request within 10 business days and respond within 45 calendar days (extendable by an additional 45 days where reasonably necessary).

9.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a request by:

Email: [email protected]
Website: meal-tacotime.digital

We may need to verify your identity before processing your request. We will ask you to provide information that we can reasonably verify relates to data we hold about you. This verification process is necessary to protect your information and prevent fraudulent requests.

10. Children's Privacy

Age Restriction: Our website and services are intended exclusively for individuals who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 18.

In compliance with the Children's Online Privacy Protection Act (COPPA) and applicable state laws, we do not knowingly collect, solicit, or retain personal information from individuals under 18 years of age. Our website is not directed at children, and we do not market our online services to minors.

If you are a parent or legal guardian and you believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon receiving such a report, we will take prompt steps to delete the information from our records.

If we learn that we have inadvertently collected personal information from a child under 18, we will delete that information as quickly as practicable. We also reserve the right to terminate any account that we discover belongs to a person under 18 years of age.

11. International Data Transfers

Taco Time is based in the United States. If you are accessing our website from outside the United States, please be aware that your personal information will be transferred to, stored, and processed in the United States. The data protection laws of the United States may differ from those of your home country.

By using our services, you consent to the transfer of your personal information to the United States. We take steps to ensure that any international transfers of personal information are conducted in accordance with applicable law and that appropriate safeguards are in place to protect your data.

Our service providers and business partners may also process your personal information in jurisdictions outside the United States. In such cases, we require these partners to adhere to data protection standards consistent with this Privacy Policy and applicable law.

If you have questions about international data transfers or wish to obtain information about the safeguards in place, please contact us at [email protected].

12. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not operated or controlled by Taco Time. These may include social media platforms, delivery partner websites, review platforms, or payment processors. This Privacy Policy does not apply to those third-party services.

We strongly encourage you to review the privacy policies of any third-party websites or services you visit. We are not responsible for the privacy practices, content, or security measures of third-party platforms, and we have no control over how they collect, use, or protect your information.

The inclusion of a link on our website does not imply our endorsement of the linked site or its privacy practices.

13. Your Choices and Opt-Out Options

We respect your right to make choices about your personal information. Below are the key ways you can manage your data and communication preferences:

13.1 Email Marketing Opt-Out

If you no longer wish to receive promotional emails from us, you can:

Click the "Unsubscribe" link found at the bottom of any marketing email we send you.
Email us at [email protected] with the subject line "Unsubscribe."
Manage your communication preferences through your account settings on our website.

Please note that even after opting out of marketing emails, you will continue to receive transactional and service-related emails such as order confirmations and account notifications, as these are necessary for the provision of our services.

13.2 Account Management

If you have created an account on our website, you may access, update, or delete your account information at any time through your account settings. You may also request account deletion by contacting us directly.

13.3 Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. Currently, our website does not respond to DNT signals because there is no universal technical standard for DNT compliance. We will update this policy if a universal standard is established.

14. FTC Act Compliance and Consumer Protection

As a United States-based business, Taco Time operates in compliance with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive acts or practices in commerce. We are committed to:

Being transparent about our data collection and use practices.
Honoring the privacy promises we make to consumers in this Privacy Policy.
Implementing reasonable security measures to protect consumer data.
Not engaging in deceptive marketing or data practices.

The FTC has authority to enforce consumer privacy protections under Section 5 of the FTC Act. If you believe we have violated any consumer protection law, you have the right to file a complaint with the FTC as described in Section 16 below.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this policy, we will:

Update the "Last Updated" date at the top of this page.
Post a prominent notice on our website notifying users of the changes.
Send an email notification to registered users where the changes materially affect their rights (where we hold your email address).

Your continued use of our website and services after the effective date of any updated Privacy Policy constitutes your acknowledgment of and agreement to the revised terms. If you disagree with any changes, please discontinue use of our services and contact us to close your account.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

16. How to File a Complaint

If you have concerns about how we handle your personal information and are not satisfied with our response to your inquiry, you have the right to file a complaint with relevant authorities.

16.1 Contacting Us First

We ask that you first contact us directly to give us an opportunity to resolve your concern:

Email: [email protected]

We will investigate and respond to all complaints within 30 days of receipt.

16.2 Federal Trade Commission (FTC)

If you believe we have violated the FTC Act or other federal consumer protection laws, you may file a complaint with the Federal Trade Commission:

Federal Trade Commission

600 Pennsylvania Avenue, NW, Washington, DC 20580

Phone: 1-877-382-4357

Website: www.ftc.gov/tcomplaint

16.3 California Residents – California Privacy Protection Agency

California residents who have concerns about our compliance with the CCPA/CPRA may file a complaint with the California Privacy Protection Agency (CPPA):

California Privacy Protection Agency

2101 Arena Blvd., Sacramento, CA 95834

Website: cppa.ca.gov

16.4 State Attorneys General

Depending on your state of residence, you may also file a complaint with your state's Attorney General office regarding alleged violations of applicable state privacy or consumer protection laws. Contact information for your state Attorney General can typically be found through your state's official government website.

17. Definitions

For clarity and consistency, the following definitions apply throughout this Privacy Policy:

"Personal Information" or "Personal Data": Any information that identifies or can reasonably be used to identify an individual, directly or indirectly.
"Processing": Any operation performed on personal information, including collection, recording, storage, use, disclosure, or deletion.
"Third Party": Any natural or legal person, authority, agency, or body other than Taco Time and you.
"Service Providers": Companies or individuals that process personal data on behalf of Taco Time under contractual obligations.
"Cookies": Small text files stored on your device by our website to remember preferences and track activity.
"Sensitive Personal Information": Categories of data that warrant heightened protection, including financial information, health information, precise geolocation, racial or ethnic origin, and similar categories as defined under applicable law.

Summary of Key Privacy Commitments

We collect only the data necessary to provide our food ordering services and improve your experience.
We do not sell your personal information to third parties for their independent use.
We implement strong technical and administrative security measures to protect your data.
We honor your rights to access, correct, delete, and port your personal information.
We comply with applicable United States federal and state privacy laws, including CCPA/CPRA and the FTC Act.
Our services are for users aged 18 and older only.
For any privacy questions or concerns, contact us at [email protected].

This Privacy Policy was last reviewed and updated on June 4, 2026. If you have any questions about this policy, please do not hesitate to reach out to us at [email protected].