Privacy Policy
Lunch Lady Catering (“we”, “us”, or “our”) is firmly committed to protecting the privacy and personal data of our website visitors, users, and customers. At Lunch Lady Catering, accessible via lunchladycatering.com, we prioritize a privacy-first approach and have implemented comprehensive measures to ensure that personal information is handled lawfully, transparently, and securely. This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal data in compliance with applicable data protection regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).
1. Scope of this Policy and Controller Responsibility
This Privacy Policy applies to all data collected through our website, lunchladycatering.com, as well as services, communications, and transactions that reference this Policy. Lunch Lady Catering is the data controller of the personal data processed in accordance with this Policy.
As the data controller, we determine the purposes and means of processing personal data and are responsible for ensuring compliance with applicable data protection laws.
2. Categories of Data We Process
We collect and process various categories of data, depending on your interaction with lunchladycatering.com:
a. Usage Data: Includes information about how you use our website, such as IP address, browser type and version, time zone settings, browser plug-in types, operating system, referral sources, session durations, and page interaction data.
b. Account Data: Includes personally identifiable information such as your full name, email address, mailing address, and phone number when you create an account or place an order on our site.
c. Profile Data: Includes information about your preferences, product selections, purchase history, feedback, and behavior across our services.
d. Communication Data: Includes records of your correspondence with us, including support inquiries, email communications, contact form submissions, and service interactions.
e. Technical Data: Includes device identifiers, browser configurations, network information, and system diagnostics automatically collected via our website and hosting infrastructure.
f. Transaction Data: Includes details relating to billing, payments, delivery addresses, order confirmations, and invoices processed through our systems.
g. Preference Data: Includes your marketing preferences, consent to communications, newsletter subscriptions, and product interest information as determined through site interactions or account settings.
3. Legal Bases for Processing
Under GDPR guidelines, we process your personal data based on one or more of the following lawful bases:
– Consent: Where you have given us valid, informed consent to process your data, particularly for marketing purposes.
– Contractual Necessity: Where processing is required for the performance of a contract with you or to take steps at your request prior to entering into a contract (such as placing a catering order).
– Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
– Legitimate Interests: Where processing is necessary to pursue our legitimate business interests, provided these are not outweighed by your rights and interests.
4. Your Rights
As provided under the GDPR and CCPA, you have the following rights in relation to your data:
– Right of Access: You may request access to your personal data we hold.
– Right to Rectification: You may request corrected or updated information if your data is inaccurate or incomplete.
– Right to Erasure: Also known as the “right to be forgotten”; you may request deletion of your data when no longer necessary or after withdrawal of consent.
– Right to Restrict Processing: You have the right to limit how we use your data under certain circumstances.
– Right to Data Portability: You can request your data be provided to you or to another data controller in a structured, commonly used, machine-readable format.
– Right to Object: You may object to processing carried out on the basis of legitimate interest or for direct marketing purposes.
To exercise any of these rights, please contact us at [email protected]. We may request verification of your identity to ensure the integrity and confidentiality of your data.
5. Security Measures
We maintain strict physical, electronic, and managerial safeguards to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These include:
– Encryption of sensitive data in transit and at rest.
– Access control protocols ensuring that only authorized personnel have access to data.
– Regular system backups to prevent data loss.
– Staff training and awareness programs focused on data protection and privacy practices.
6. International Data Transfers
If your personal data is transferred and processed outside of your country of residence (including transfers outside the European Economic Area), we ensure adequate safeguards are in place. These may include standard contractual clauses approved by the European Commission or reliance on adequacy decisions and other lawful mechanisms consistent with international data transfer regulations.
7. Data Retention
Your personal data is retained only for as long as it is required to fulfill the purposes for which it was collected, including compliance with legal obligations, resolution of disputes, and enforcement of agreements. Specific retention periods include:
– Transaction Data: Retained for up to 7 years for compliance with accounting and tax regulations.
– Profile and Communication Data: Retained for 3 years from last user interaction or until consent is withdrawn.
– Marketing and Preference Data: Retained until unsubscribed or consent is withdrawn.
– Technical and Usage Data: Retained for analytics and diagnostic purposes for up to 12 months.
8. Cookies and Similar Technologies
Lunchladycatering.com uses browser cookies and similar technologies to enhance user experience, provide site functionality, and collect analytical insights. Cookies we use include:
– Essential Cookies: Necessary for the proper functioning of the website (e.g., shopping cart, login session).
– Functional Cookies: Enable customization and preference storage (e.g., language, accessibility settings).
– Performance Cookies: Collect data on visitor interactions with the website to measure and improve performance.
– Analytical Cookies: Used to analyze trends and navigation patterns, enabling us to enhance website usability.
9. Cookie Management – GDPR & CCPA Compliance
Upon visiting lunchladycatering.com, you will be presented with a cookie consent banner allowing you to opt-in to non-essential cookies. You may modify your cookie preferences at any time through your browser settings or by re-accessing the consent management interface.
Residents of the European Union and California may also opt out of the sale or sharing of their personal data, in accordance with local regulations. For further cookie management requests or opt-outs, please contact [email protected].
10. Children’s Data Protection
Our website and services are not intended for children under the age of 13. We do not knowingly collect personal data from children under 13. If it comes to our attention that such data has been inadvertently collected, we will take prompt steps to delete the information and, where appropriate, notify parental guardians.
11. Policy Updates
We reserve the right to make changes to this Privacy Policy to ensure continued compliance with applicable laws or in response to operational changes. Users are advised to periodically review this page for updates. Where applicable, we may notify you of significant changes by email or via a notification banner on lunchladycatering.com.
12. Contact Us
For questions related to this Privacy Policy, your data, or to exercise your rights under applicable data protection laws, please contact us via:
Email: [email protected]
We are committed to responding to all verified requests in a timely and transparent manner.
—
At Lunch Lady Catering, we strive to fully comply with all applicable privacy and data protection requirements. Should you have any concerns about your information or our handling practices, we encourage you to reach out to us directly at the email address above.