Privacy Policy

Effective Date: June 7, 2026 | Last Updated: June 7, 2026

This Privacy Policy describes how Marcos ("we," "us," "our," or "the Company") collects, uses, discloses, retains, and protects your personal information when you visit our website at foodmarcos.rest, place orders, interact with our services, or otherwise engage with us. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and care.

By accessing or using our website, services, or products, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our website and services immediately.

This Privacy Policy is governed by applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable consumer protection regulations.

1. About Us

Marcos is a food service business operating in the United States. We provide food-related products and services to consumers through our online platform and physical location(s).

Business Name	Marcos
Website	foodmarcos.rest
Email Address	[email protected]
Country of Operation	United States

For all privacy-related inquiries, requests, or complaints, please contact us at [email protected].

2. Information We Collect

We collect various categories of personal information to operate our business, fulfill your orders, improve our services, and communicate with you. Below is a detailed breakdown of the information we may collect:

2.1 Personal Identification Information

When you create an account, place an order, sign up for our newsletter, or contact us, we may collect:

Full name
Email address
Phone number
Mailing and delivery address
Billing address
Username and password (stored in encrypted form)
Date of birth (used to verify age eligibility, where applicable)
Profile photograph (if voluntarily submitted)

2.2 Payment and Financial Information

When you make a purchase, we collect payment-related information. Please note that we do not store full credit or debit card numbers on our servers. Payment processing is handled by secure, PCI-DSS-compliant third-party payment processors. The information we may collect or receive includes:

Partial payment card details (last four digits, expiration date, card type)
Billing name and billing address
Transaction identifiers and order history
Payment confirmation and receipt data

2.3 Order and Transaction Information

To process and deliver your food orders, we collect:

Items ordered, quantities, and customization preferences
Delivery instructions and special requests
Order history and purchase frequency
Loyalty program participation and rewards data (if applicable)
Refund and dispute records

2.4 Usage Data and Online Activity

When you browse our website, we automatically collect certain technical and behavioral data, including:

IP address
Browser type and version
Operating system and device type
Pages visited, time spent on each page, and navigation paths
Referring URLs (where you came from before visiting our site)
Search queries entered on our website
Click-through rates on links, banners, and promotions
Date and time of your visits
Error logs and crash reports

2.5 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to enhance your browsing experience, analyze website performance, and deliver personalized content. For detailed information about how we use cookies and how you can manage your cookie preferences, please refer to Section 9 of this Privacy Policy.

2.6 Device Information

If you access our website through a mobile device or application, we may collect:

Device model and manufacturer
Mobile operating system version
Unique device identifiers (e.g., device ID, advertising ID)
Mobile network information
Location data (only if you grant explicit permission)

2.7 Communications Data

If you contact us via email, phone, live chat, or through a contact form, we collect:

The content of your messages and inquiries
Your contact details as provided
Records of correspondence for quality assurance and dispute resolution
Customer feedback, reviews, and survey responses

2.8 Information from Third Parties

We may receive information about you from third-party sources, including:

Social media platforms (if you log in using a social account or interact with our social pages)
Third-party delivery partners and food aggregators
Analytics providers
Advertising networks
Fraud prevention services

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Service Provision and Order Fulfillment

Processing and delivering your food orders
Managing your account and user profile
Confirming transactions and sending order status updates
Coordinating with delivery drivers and logistics partners
Handling returns, refunds, and disputes
Providing customer support and resolving complaints

3.2 Communication and Marketing

Sending transactional emails (order confirmations, receipts, shipping updates)
Sending promotional emails, offers, and newsletters (where you have consented or where permitted by law)
Notifying you of new menu items, seasonal specials, and limited-time promotions
Administering loyalty programs, referral programs, and rewards
Conducting surveys and collecting feedback to improve our offerings
Responding to your inquiries and support requests

3.3 Analytics and Service Improvement

Analyzing website traffic and user behavior to improve site performance
Understanding customer preferences to refine menu offerings
Tracking conversion rates and marketing campaign effectiveness
Identifying and fixing technical bugs, errors, and vulnerabilities
Developing new features and improving existing functionalities

3.4 Personalization

Customizing your website experience based on your preferences and order history
Recommending food items and promotions relevant to your interests
Delivering targeted advertisements on our website and third-party platforms

3.5 Legal and Compliance Purposes

Complying with applicable federal, state, and local laws and regulations
Responding to lawful requests from government authorities, courts, or law enforcement
Enforcing our Terms of Service and other contractual agreements
Preventing fraud, unauthorized transactions, and other illegal activities
Protecting the rights, safety, and property of our customers, employees, and business

3.6 Business Operations

Managing internal business records and accounting
Evaluating potential business transactions (mergers, acquisitions, financing)
Training staff and maintaining service quality standards
Complying with food safety regulations and public health requirements

4. How We Share Your Information

We do not sell your personal information to third parties for monetary compensation. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party companies and individuals to assist us in operating our business and providing services to you. These service providers are contractually obligated to use your data only as directed by us and in accordance with this Privacy Policy. They may include:

Payment Processors: To handle secure payment transactions
Delivery Partners: To fulfill food delivery orders
Cloud Storage and Hosting Providers: To store and manage our data securely
Email and SMS Marketing Platforms: To send communications on our behalf
Analytics Providers: Such as Google Analytics, to analyze website traffic
Customer Support Tools: To manage support tickets and communications
Fraud Prevention Services: To detect and prevent fraudulent activity

4.2 Legal Requirements

We may disclose your personal information when required by law or in good-faith belief that such disclosure is necessary to:

Comply with a legal obligation, court order, subpoena, or governmental request
Protect and defend our legal rights or property
Prevent or investigate possible wrongdoing in connection with our services
Protect the personal safety of our users, customers, or the public
Comply with applicable tax, financial reporting, or regulatory obligations

4.3 Business Transfers

In the event that Marcos undergoes a merger, acquisition, sale of assets, reorganization, or bankruptcy proceedings, your personal information may be transferred as part of that business transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with third parties not described above when we have obtained your explicit consent to do so. You may revoke such consent at any time by contacting us at [email protected].

4.5 Aggregated and De-identified Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for research, analytics, marketing, or other business purposes.

5. Data Security

We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, or destruction.

5.1 Technical Safeguards

Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption for all data transmitted between your browser and our servers
Encryption of sensitive data at rest using industry-standard algorithms
Firewalls and intrusion detection/prevention systems
Regular security vulnerability assessments and penetration testing
Multi-factor authentication for administrative access to our systems
Automated monitoring for suspicious or anomalous activity

5.2 Administrative Safeguards

Access to personal data limited to employees and contractors who need it to perform their job functions
Regular privacy and security training for all staff members
Documented data handling policies and procedures
Vendor due diligence and contractual data protection agreements
Incident response procedures for handling potential data breaches

5.3 Data Breach Response

In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals and, where required, the appropriate regulatory authorities within the timeframes prescribed by applicable law. We will provide information about the nature of the breach, the data affected, and the steps we are taking to address it.

Important: While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

6. Your Privacy Rights

Depending on your state of residence within the United States, you may have various rights with respect to your personal information. We are committed to honoring these rights in accordance with applicable law.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights:

Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request the deletion of personal information we have collected about you, subject to certain exceptions permitted by law.
Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes. We do not sell your personal information for monetary consideration.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of sensitive personal information to purposes necessary to provide the services you request.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge different prices, or provide a different level of service as a result of you exercising your privacy rights.

6.2 Rights for All U.S. Residents

Regardless of your state of residence, we respect your right to:

Access: Request a copy of the personal information we hold about you.
Correction: Request that we update or correct inaccurate information.
Deletion: Request that we delete your personal information where we have no compelling reason to continue processing it.
Opt-Out of Marketing: Unsubscribe from promotional communications at any time by clicking the "unsubscribe" link in our emails or by contacting us directly.
Data Portability: Request a copy of your personal data in a structured, commonly used, and machine-readable format.
Withdraw Consent: Where processing is based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

6.3 How to Submit a Privacy Request

To exercise any of your rights, please contact us using the following methods:

Email: [email protected]
Website: foodmarcos.rest

We will respond to your request within 45 days of receipt. If we require additional time (up to 45 additional days), we will inform you of the reason and the extension period in writing. We may need to verify your identity before processing your request to protect against unauthorized access to your information.

6.4 Authorized Agents

California residents may designate an authorized agent to submit a privacy request on their behalf. The authorized agent must provide written proof of authorization, and we may require you to verify your identity directly with us.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention periods we apply are as follows:

Data Category	Retention Period
Account and profile information	Duration of your account, plus 3 years after account closure
Order and transaction records	7 years (for tax and accounting purposes)
Payment information	As required by payment processor and PCI-DSS standards
Customer communications and support records	3 years from the date of the last interaction
Marketing preferences and consent records	Until you opt out, plus 1 year thereafter
Website usage data and analytics	26 months (standard analytics retention period)
Cookie data	As specified in our Cookie Policy (typically 30 days to 2 years)
Legal and compliance records	As required by applicable law (typically 5-7 years)

When your personal information is no longer needed, we will securely delete or anonymize it in accordance with our data disposal procedures.

8. Children's Privacy

Age Restriction: Our website and services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 18.

We are committed to complying with the Children's Online Privacy Protection Act (COPPA) and other applicable laws protecting the privacy of minors. Our food ordering and related services are not directed at children, and we do not knowingly solicit or collect personal data from anyone under 18 years of age.

If you are a parent or guardian and you believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will take prompt steps to delete such information from our records.

If we discover that we have inadvertently collected personal information from a child under 18, we will delete that information as quickly as reasonably possible and without undue delay.

9. Cookie Policy

Our website uses cookies and similar tracking technologies to provide you with a better browsing experience, analyze site traffic, personalize content, and serve relevant advertisements.

9.1 What Are Cookies?

Cookies are small text files placed on your device by a website when you visit it. They are widely used to make websites work more efficiently and to provide information to website owners about how users interact with their site.

9.2 Types of Cookies We Use

Essential Cookies: Necessary for the website to function properly. These cannot be disabled without affecting site functionality (e.g., shopping cart, session management).
Performance and Analytics Cookies: These help us understand how visitors interact with our website by collecting information anonymously (e.g., Google Analytics).
Functional Cookies: These allow the website to remember your preferences and provide enhanced, personalized features (e.g., saved address, language preference).
Marketing and Advertising Cookies: These track your browsing habits to enable us and our advertising partners to deliver targeted ads that are relevant to your interests.

9.3 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or to be alerted when cookies are being sent. Please note that disabling certain cookies may affect the functionality of our website.

For California residents, you may exercise your right to opt out of the use of cookies for cross-context behavioral advertising by contacting us at [email protected] or using our cookie preference tool available on our website.

10. International Data Transfers

Marcos is based in the United States, and the personal information we collect is primarily processed and stored on servers located within the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, processed, and stored in the United States, where data protection laws may differ from those in your country of residence.

We take appropriate measures to ensure that any international transfers of personal data are conducted in compliance with applicable law and that adequate protections are in place to safeguard your information. Where we transfer data internationally, we rely on appropriate legal mechanisms, such as standard contractual clauses, data transfer agreements, or other lawful transfer mechanisms as applicable.

By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and its processing in accordance with this Privacy Policy.

11. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, delivery apps, or other online services that are operated by entities other than Marcos. This Privacy Policy does not apply to those third-party websites, and we are not responsible for their privacy practices.

We encourage you to review the privacy policies of any third-party websites you visit. The inclusion of a link to a third-party website does not constitute our endorsement of that website or its privacy practices.

Third-party services that may appear on or integrate with our website include, but are not limited to:

Google Analytics (web analytics)
Meta Pixel / Facebook Ads (advertising)
Stripe, PayPal, or other payment processors
Third-party food delivery platforms
Social media sharing buttons (Facebook, Instagram, Twitter/X)

12. Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals to websites. Because there is currently no uniform standard for how websites should respond to these signals, our website does not currently respond to DNT browser signals. However, you may opt out of certain tracking activities as described in Section 9 (Cookie Policy) and Section 6 (Your Privacy Rights).

13. Marketing Communications

With your consent or where otherwise permitted by applicable law, we may send you promotional communications about our products, services, special offers, and events. You have the right to opt out of receiving these communications at any time.

13.1 How to Opt Out

Email Marketing: Click the "unsubscribe" or "opt-out" link included in any promotional email we send you.
SMS Marketing: Reply "STOP" to any marketing text message you receive from us.
Direct Request: Contact us at [email protected] and request removal from our marketing list.

Please note that even if you opt out of marketing communications, you will continue to receive transactional and operational communications necessary for the performance of your orders and account management (e.g., order confirmations, receipts, account notifications).

14. Your California Privacy Rights — Additional Disclosures

In addition to the rights described in Section 6, California residents are entitled to the following disclosures under the Shine the Light Law (California Civil Code Section 1798.83):

You have the right to request information about whether we have disclosed personal information to third parties for their direct marketing purposes in the preceding calendar year.
You have the right to request the categories of personal information shared and the names and addresses of those third parties.

To make such a request, please contact us at [email protected] with the subject line "California Shine the Light Request."

15. How to File a Complaint

If you believe that we have not adequately addressed your privacy concerns, you have the right to file a complaint with the appropriate regulatory authority.

15.1 Filing a Complaint with Us

We encourage you to contact us first so we can attempt to resolve your concern directly:

Email: [email protected]
Website: foodmarcos.rest

15.2 Filing a Complaint with a Regulatory Authority

If you are a California resident, you may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

California Privacy Protection Agency: cppa.ca.gov
California Attorney General: oag.ca.gov/privacy

For federal-level consumer protection concerns, you may contact the Federal Trade Commission (FTC):

FTC Consumer Information: consumer.ftc.gov
FTC Complaint Assistant: reportfraud.ftc.gov

Residents of other states may also have the right to file complaints with their respective state attorney general's office or consumer protection agency. We encourage you to seek information about the specific rights available in your state of residence.

16. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or regulatory developments. When we make changes, we will update the "Last Updated" date at the top of this page.

For significant changes, we will make reasonable efforts to notify you, which may include sending an email notification to the address associated with your account, displaying a prominent notice on our website, or requesting your renewed consent where required by law.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after any changes to this Privacy Policy constitutes your acceptance of the revised terms.

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and transparently.

Privacy Contact Information

Business Name	Marcos
Email	[email protected]
Website	foodmarcos.rest
Country	United States

We will make every effort to respond to your privacy-related requests within 45 days of receipt. Where we require additional time to process your request, we will inform you within the initial 45-day period and will not exceed an additional 45 days without further notice.

Effective Date: June 7, 2026. This Privacy Policy is provided for informational purposes and constitutes a legally binding agreement between you and Marcos regarding the collection, use, and protection of your personal information. This document was last reviewed and updated on June 7, 2026.