Privacy Policy

Your privacy is our priority. Learn how we protect and handle your personal information.

Last Updated: January 15, 2026

1. Introduction

At Lou Malnati's, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, share, and protect your information when you use our website, mobile applications, and food services.

This policy applies to all interactions you have with Lou Malnati's, including online ordering, restaurant visits, catering services, loyalty programs, and communications with our team. By using our services, you agree to the terms outlined in this Privacy Policy.

Important: We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of privacy protection.

2. Information We Collect

2.1 Information You Provide

  • Personal Identification: Name, email address, phone number, postal address, date of birth
  • Account Information: Username, password, order history, purchase preferences, saved payment methods
  • Payment Information: Credit/debit card details, billing address (encrypted and securely stored)
  • Food Preferences: Dietary restrictions, allergen information, favorite menu items, special requests
  • Delivery Information: Delivery addresses, special delivery instructions, preferred delivery times
  • Loyalty Program Data: Reward points, membership tier, program participation history
  • Reservation Details: Table booking information, party size, special occasion notes
  • Catering Information: Event details, guest count, menu selections, venue information
  • Communications: Contact form submissions, customer reviews, feedback, support inquiries
  • Marketing Preferences: Newsletter subscriptions, promotional email preferences, communication choices

2.2 Automatically Collected Information

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on site, click patterns, search queries, referral sources
  • Location Data: Approximate location based on IP address, GPS location (with permission)
  • Cookie Data: Session identifiers, user preferences, shopping cart contents, authentication tokens
  • Performance Metrics: Page load times, error reports, site functionality usage

2.3 Information from Third Parties

  • Social Media: Profile information when you connect social media accounts
  • Payment Processors: Transaction verification and fraud prevention data
  • Delivery Partners: Delivery status updates and location tracking
  • Marketing Partners: Campaign performance data and audience insights
  • Review Platforms: Customer reviews and ratings from third-party sites

3. How We Use Your Information

3.1 Service Provision

  • Processing and fulfilling food orders and delivery requests
  • Managing your account and providing customer authentication
  • Processing payments and managing billing
  • Coordinating restaurant reservations and seating arrangements
  • Planning and executing catering events
  • Managing loyalty program benefits and rewards
  • Providing customer support and resolving issues
  • Improving our menu offerings and service quality

3.2 Communication

  • Sending order confirmations and delivery status updates
  • Providing customer support and responding to inquiries
  • Notifying you about important account or policy changes
  • Sending marketing emails and promotional offers (with your consent)
  • Sharing loyalty program updates and exclusive offers
  • Requesting feedback and reviews about your experience

3.3 Marketing and Analytics

  • Creating personalized menu recommendations and offers
  • Analyzing website traffic and user behavior patterns
  • Measuring the effectiveness of marketing campaigns
  • Conducting market research for new products and services
  • Segmenting customers for targeted promotions
  • Improving website functionality and user experience

3.4 Legal Compliance

  • Responding to legal requests and court orders
  • Preventing fraud and ensuring payment security
  • Protecting our rights, property, and safety
  • Complying with food safety regulations
  • Resolving disputes and enforcing agreements
  • Meeting tax and accounting obligations

4. Information Sharing and Disclosure

4.1 Service Providers

  • Payment Processors: Secure processing of credit card and payment transactions
  • Delivery Services: Third-party delivery partners for order fulfillment
  • Cloud Storage Providers: Secure data storage and backup services
  • Email Marketing Services: Newsletter delivery and marketing campaigns
  • Analytics Tools: Website performance and usage analysis
  • Customer Support Platforms: Help desk and support ticket management
  • Reservation Systems: Table booking and restaurant management

4.2 Legal Requirements

  • Court orders, subpoenas, and legal process requirements
  • Regulatory compliance and government investigations
  • Protection of our legal rights and property
  • Public safety emergencies and health department requests
  • Prevention and investigation of fraud or illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets, customer information may be transferred to the new owner. We will notify you before your personal information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as promotional partnerships or special events.

5. Data Security

5.1 Technical Measures

  • SSL/TLS Encryption: All data transmission is encrypted using industry-standard protocols
  • Advanced Firewalls: Multi-layered firewall systems protect against unauthorized access
  • Access Control: Role-based access with minimum necessary permissions
  • 24/7 Monitoring: Continuous security monitoring and threat detection
  • Regular Backups: Automated, encrypted backups stored in secure locations
  • Penetration Testing: Regular security assessments by external experts
  • Data Encryption: Sensitive data encrypted at rest and in transit

5.2 Organizational Measures

  • Comprehensive employee security training programs
  • Strict personal data handling procedures and protocols
  • Confidentiality agreements with all third-party partners
  • Detailed security incident response and recovery plans
  • Regular internal and external security audits
  • Privacy by design in all new systems and processes

5.3 Your Responsibilities

  • Use strong, unique passwords for your account
  • Never share your login credentials with others
  • Log out of your account on shared or public computers
  • Be cautious of suspicious emails or phishing attempts
  • Report any unauthorized account access immediately
  • Keep your contact information updated in your account

Security Breach Notification: In the event of a security breach that affects your personal information, we will promptly notify you and relevant authorities as required by law, typically within 72 hours of discovery.

6. Cookies and Tracking Technologies

Cookie Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart Session only
Functional Cookies User preferences, language settings, remember me Up to 1 year
Analytics Cookies Usage analysis, performance monitoring, improvement Up to 2 years
Marketing Cookies Personalized advertising, campaign measurement Up to 1 year

Tracking Technologies Used

  • Google Analytics: Website traffic analysis and user behavior tracking
  • Facebook Pixel: Social media advertising effectiveness measurement
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Browser-based data storage for enhanced functionality
  • Session Storage: Temporary data storage during your visit

Cookie Management: You can control cookies through your browser settings to accept, reject, or delete cookies. Please note that disabling certain cookies may affect website functionality and your user experience.

7. Your Rights (GDPR/CCPA Compliance)

7.1 Right of Access

You have the right to request and receive a copy of the personal information we hold about you, including details about how it's processed.

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal information in our records.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal information, subject to certain legal exceptions such as record-keeping requirements.

7.4 Right to Restrict Processing

You can request limitations on how we use your personal information in certain circumstances.

7.5 Right to Data Portability

You can request your personal data in a machine-readable format to transfer to another service provider.

7.6 Right to Object

You can object to processing of your personal information, especially for marketing purposes or legitimate interests.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces legal effects.

How to Exercise Your Rights: Contact us using the information in Section 13. We will respond to your request within 30 days and verify your identity before processing any requests.

8. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we discover that we have collected personal information from a child under 16 without parental consent, we will promptly delete such information from our records.

Parents and guardians are encouraged to monitor their children's internet usage and help enforce this policy by instructing children never to provide personal information without permission.

9. International Data Transfers

9.1 Protection Measures

  • EU-Japan adequacy decisions for compliant jurisdictions
  • Standard Contractual Clauses (SCC) approved by regulatory authorities
  • Comprehensive data processing agreements with international partners
  • Appropriate technical and organizational security measures
  • Regular compliance audits and assessments

9.2 Transfer Destinations

  • United States (cloud storage and data processing services)
  • European Union (analytics and customer support services)
  • Other countries as necessary for service provision, always with adequate protection

10. Data Retention Periods

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order & Purchase History 7 years Tax and accounting requirements
Marketing Consent Records 3 months after withdrawal Consent record keeping compliance
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement
Payment Information As long as legally required Financial compliance, fraud prevention
Loyalty Program Data 2 years after program termination Program obligations, audit requirements

Safe Data Disposal

  • Complete electronic deletion using secure erasure methods (data is unrecoverable)
  • Physical destruction of paper records through certified shredding services
  • Secure deletion of backup data according to retention schedules
  • Maintenance of disposal records for compliance verification

11. Third-Party Links

Our website and communications may contain links to external websites, social media platforms, or other online services that are not operated by Lou Malnati's. We are not responsible for the privacy practices or content of these third-party sites.

We encourage you to review the privacy policies of any third-party sites before providing your personal information. Your interactions with these sites are governed by their respective privacy policies, not ours.

Third-party links are provided for convenience and informational purposes only. Their inclusion does not constitute an endorsement of the content or services offered.

12. Policy Changes

12.1 Change Notification Methods

  • Prominent notice on our website homepage
  • Direct email notification to all registered users
  • Pop-up notification upon account login
  • Social media announcements for significant changes
  • Explicit consent requests for material changes affecting your rights

12.2 Staying Informed

  • The latest version of our Privacy Policy is always available on our website
  • Check the "Last Updated" date at the top of this policy
  • Continued use of our services after changes constitutes acceptance
  • You may discontinue using our services if you disagree with changes

13. Contact Information

Lou Malnati's Privacy Team

Address: 1330 Maryland Ave SW, Washington, DC 20024, USA
Phone: +1 855-228-6325
Email: [email protected]
Business Hours: Monday - Friday, 9:00 AM - 6:00 PM EST

Response Commitment: We will respond to all privacy-related inquiries within 3 business days.

13.1 Filing Complaints

We encourage you to contact us first to resolve any privacy concerns. If you are not satisfied with our response, you may file a complaint with the relevant supervisory authority:

  • US Residents: Federal Trade Commission (FTC) - consumer.ftc.gov
  • EU Residents: Your local Data Protection Authority
  • California Residents: California Privacy Protection Agency

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

  • Unsubscribe links in all marketing emails
  • Account settings in your online profile
  • Contacting our customer support team
  • Calling our privacy hotline during business hours

14.2 Account Deletion Process

To delete your account and associated data:

  • Log into your account and visit Account Settings
  • Select "Delete Account" and follow the confirmation process
  • Contact customer support for assistance if needed
  • Note: Some information may be retained for legal compliance

15. Conclusion

At Lou Malnati's, protecting your privacy is not just a legal obligation—it's a fundamental part of our commitment to you as our valued customer. We believe that transparency, security, and respect for your personal information are essential to building and maintaining your trust.

We understand that your relationship with us goes beyond just ordering food; it's about creating memorable dining experiences while ensuring your personal information remains safe and secure. Our privacy practices reflect our dedication to maintaining the highest standards of data protection while delivering the exceptional service you expect from Lou Malnati's.

If you have any questions about this Privacy Policy or our data handling practices, please don't hesitate to contact us. We value your feedback and are always looking for ways to improve our privacy practices and better serve you.

Thank you for choosing Lou Malnati's and for trusting us with your personal information. We are committed to honoring that trust through responsible data stewardship and transparent privacy practices.

Remember: This Privacy Policy was last updated on January 15, 2026. Please check back regularly for any updates or changes.