Privacy Policy

Welcome to Marcos. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website marcos-meal.click or engage with our food services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site.

This Privacy Policy applies to all information collected through our website, and any related services, sales, marketing, or events (collectively referred to as the "Services").

1. Who We Are

Marcos is a food service business operating in the United States. We are dedicated to providing quality food experiences to our customers. For all privacy-related matters, you may contact us using the details below:

2. Information We Collect

We collect information you voluntarily provide to us, information that is automatically collected when you visit our Services, and information from third parties. The categories of information we collect include:

2.1 Personal Information You Provide

When you interact with our website, place an order, register for an account, subscribe to our newsletter, or contact us for support, you may provide us with personally identifiable information, including but not limited to:

• Name: First and last name for account creation and order fulfillment.
• Contact Information: Email address, phone number, and mailing or delivery address.
• Payment Information: Credit card numbers, billing addresses, and related payment data (processed through secure third-party payment processors — we do not store full card details).
• Account Credentials: Username and password if you create an account on our platform.
• Order History: Details of food orders, preferences, dietary requirements, and special instructions.
• Communications: Any messages, feedback, reviews, complaints, or other content you submit to us directly.
• Promotional Preferences: Your marketing opt-in or opt-out preferences.

2.2 Automatically Collected Information (Usage Data)

When you access our website, certain information is automatically collected by our systems. This may include:

• Log Data: IP address, browser type and version, pages visited, time and date of visits, time spent on pages, and referring URLs.
• Device Information: Device type, operating system, unique device identifiers, and mobile network information.
• Location Data: General geographic location based on your IP address, and, with your permission, precise location data from your mobile device to enable delivery services.
• Clickstream Data: Information about how you navigate through our website, including clicks, scroll behavior, and session duration.
• Search Queries: Terms you search for within our website.

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect and store information about your interactions with our Services. Cookies are small text files stored on your browser or device. We use:

• Essential Cookies: Required for the website to function properly (e.g., shopping cart functionality, session management).
• Analytical/Performance Cookies: Help us understand how visitors use our site (e.g., Google Analytics).
• Functional Cookies: Remember your preferences and settings to improve your experience.
• Targeting/Advertising Cookies: Used to deliver relevant advertisements and track the effectiveness of campaigns.

For a full description of the cookies we use and how to manage your preferences, please refer to our Cookie Policy.

2.4 Information from Third Parties

We may receive information about you from third-party sources, including:

• Social media platforms (if you log in using a social media account or interact with our social media pages).
• Payment processors and financial institutions.
• Delivery and logistics partners.
• Analytics and advertising partners.
• Publicly available sources and databases.

3. How We Use Your Information

We use the information we collect for a variety of business and operational purposes. Specifically, we may use your data to:

3.1 Service Provision and Order Fulfillment

• Process and fulfill your food orders and deliver them to your specified location.
• Create and manage your customer account.
• Process payments and prevent fraudulent transactions.
• Respond to your inquiries, requests, and customer support needs.
• Send you order confirmations, receipts, and transactional communications.
• Notify you about changes to your order, service outages, or updates to our policies.

3.2 Analytics and Service Improvement

• Analyze usage trends and patterns to improve our website functionality and user experience.
• Monitor and analyze the effectiveness of our marketing campaigns and promotions.
• Conduct research and development to expand and improve our menu and services.
• Identify and fix technical problems and bugs within our platform.
• Generate anonymized or aggregated statistical data for internal reporting.

3.3 Marketing and Promotional Communications

• Send you promotional emails, newsletters, special offers, and updates about new menu items or events — but only with your consent or as otherwise permitted by law.
• Personalize your experience by displaying content and offers tailored to your preferences and order history.
• Deliver targeted advertisements on our website and third-party platforms.
• Administer contests, sweepstakes, surveys, and loyalty programs.

3.4 Legal and Compliance Purposes

• Comply with applicable federal, state, and local laws and regulations.
• Enforce our Terms of Service and other agreements.
• Protect the rights, property, and safety of Marcos, our customers, and the public.
• Respond to legal processes, court orders, and lawful requests from governmental authorities.
• Detect, investigate, and prevent fraudulent transactions, abuse, and other illegal activities.

4. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We may share your information with trusted third-party vendors and service providers who perform services on our behalf, including:

• Payment Processors: To securely process your financial transactions.
• Delivery Partners: To fulfill and deliver your food orders.
• Cloud Hosting Providers: To store and manage our data infrastructure.
• Email Marketing Platforms: To manage and distribute our marketing communications.
• Analytics Providers: Such as Google Analytics, to analyze website traffic and user behavior.
• Customer Support Tools: Platforms that help us manage customer inquiries.

These third parties are contractually obligated to use your information only as necessary to provide services to us and in accordance with applicable privacy laws.

4.2 Legal Requirements

We may disclose your information when we believe in good faith that disclosure is necessary to:

• Comply with a legal obligation, subpoena, court order, or governmental request.
• Protect and defend the rights or property of Marcos.
• Prevent or investigate possible wrongdoing in connection with our Services.
• Protect the personal safety of users of our Services or the public.

4.3 Business Transfers

In the event of a merger, acquisition, corporate restructuring, sale of assets, or bankruptcy, your information may be transferred to a successor entity. We will notify you via email and/or a prominent notice on our website prior to such a transfer and the effective change in privacy practices.

4.4 Aggregated or De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for marketing, research, analytics, and other lawful purposes.

5. Data Security

The security of your personal information is important to us. We implement a variety of administrative, technical, and physical security measures designed to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

• Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) technology to encrypt data transmitted between your browser and our servers.
• Access Controls: Access to personal data is restricted to authorized personnel who need it to perform their job functions.
• Secure Payment Processing: Payment card information is processed through PCI-DSS compliant third-party processors. We do not store full credit card numbers on our servers.
• Regular Security Audits: We conduct periodic reviews and assessments of our security practices and systems.
• Firewalls and Intrusion Detection: We deploy firewalls and monitoring systems to detect and prevent unauthorized access.
• Employee Training: Our staff receive regular training on data privacy and security best practices.

6. Your Privacy Rights

Depending on your state of residence in the United States, you may have certain rights regarding your personal information. We respect and honor these rights to the fullest extent required by applicable law.

6.1 Rights Under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

If you are a California resident, you have the following rights under the CCPA and CPRA:

• Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, the purposes for which we use it, and the third parties with whom we share it.
• Right to Delete: You have the right to request that we delete the personal information we have collected about you, subject to certain exceptions.
• Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
• Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell personal information; however, certain advertising cookie activities may constitute "sharing" under the CPRA.
• Right to Limit Use of Sensitive Personal Information: You may have the right to limit our use of sensitive personal information to what is necessary to perform the services you requested.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. We will not deny you goods or services, charge different prices, or provide a different quality of service because you exercised your rights.

6.2 General U.S. Consumer Rights

In accordance with the Federal Trade Commission (FTC) Act and applicable consumer protection principles, all users have the right to:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that we update or correct inaccurate information.
• Deletion: Request the deletion of your personal data, subject to our legal obligations and legitimate business needs.
• Data Portability: Where technically feasible, request that we transfer your personal data to you or a third party in a structured, commonly used, machine-readable format.
• Withdrawal of Consent: Where we rely on your consent to process your data, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before your withdrawal.

6.3 How to Exercise Your Rights

To submit a privacy rights request, you may contact us by:

• Email: [email protected]

We will respond to verified requests within 45 days of receipt. In some circumstances, we may require additional time (up to 90 days total) and will notify you if an extension is needed. We may need to verify your identity before processing your request to protect your personal information. We will not charge a fee to process your request unless it is excessive, repetitive, or manifestly unfounded.

7. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and deliver personalized content and advertising. By continuing to use our website, you consent to our use of cookies in accordance with this Privacy Policy.

7.1 Types of Cookies We Use

You can control and manage cookie settings through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. For more details, please review our Cookie Policy.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention practices are as follows:

When your information is no longer necessary for the purposes for which it was collected, we will securely delete, anonymize, or de-identify it in accordance with our internal data retention procedures.

9. Children's Privacy

We are committed to complying with the Children's Online Privacy Protection Act (COPPA) and all other applicable federal and state laws relating to the privacy of minors. If you are under 18 years of age, you are not permitted to use our Services or submit any personal information to us.

If we become aware that we have inadvertently collected personal information from a child under the age of 18 without appropriate parental consent, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at [email protected] so that we may take appropriate action.

10. International Data Transfers

Marcos is headquartered in the United States. If you access our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States and potentially in other countries where our service providers maintain facilities.

The data protection laws in the United States and these other countries may differ from those in your home jurisdiction. By using our Services, you consent to the transfer of your information to the United States and other jurisdictions as described in this Privacy Policy.

We take steps to ensure that any international transfer of personal data is conducted in accordance with applicable privacy laws. Where we transfer data to third-party service providers in other countries, we implement appropriate safeguards such as data processing agreements and standard contractual clauses where applicable.

11. Third-Party Websites and Links

Our website may contain links to third-party websites, applications, or services that are not owned or operated by Marcos. Once you leave our website by clicking on a third-party link, this Privacy Policy no longer applies. We encourage you to review the privacy policies of any third-party websites you visit. We are not responsible for the privacy practices, content, or security of any third-party sites.

Third-party services we may integrate with include, but are not limited to:

• Social media platforms (Facebook, Instagram, Twitter/X)
• Payment gateways (Stripe, PayPal, Square)
• Mapping and delivery services (Google Maps)
• Analytics services (Google Analytics)

12. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. Our website does not currently respond to DNT signals from browsers because a universally accepted standard for DNT compliance has not yet been established. However, you may opt out of certain types of tracking by managing your cookie preferences as described in Section 7 of this policy.

We will continue to monitor developments in DNT technology and standards and update our practices accordingly.

13. Your California Privacy Rights — Additional Disclosures

In addition to the rights described in Section 6, California residents may have additional rights under the California Privacy Rights Act (CPRA), effective January 1, 2023, as enforced by the California Privacy Protection Agency (CPPA). These include:

• The right to know whether we are collecting sensitive personal information about you.
• The right to limit the use and disclosure of your sensitive personal information.
• The right to request that we correct inaccurate personal information we hold about you.
• Enhanced protections relating to automated decision-making and profiling.

For California residents, we also note that under California Civil Code Section 1798.83 (the "Shine the Light" law), you may request information regarding the disclosure of your personal information to third parties for their direct marketing purposes. To make such a request, please contact us at [email protected].

14. Filing a Complaint with a Regulatory Authority

If you believe we have not adequately addressed your privacy concerns, you have the right to file a complaint with the appropriate regulatory authority.

14.1 For California Residents

California residents may file a complaint with the California Privacy Protection Agency (CPPA):

• Website: cppa.ca.gov
• Address: 2101 Arena Blvd, Sacramento, CA 95834

14.2 For All U.S. Consumers

Any U.S. consumer may file a complaint with the Federal Trade Commission (FTC), which enforces federal consumer protection and privacy laws, including the FTC Act:

• Website: ftc.gov/complaint
• Phone: 1-877-382-4357
• Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

14.3 State Attorney General Offices

Depending on your state of residence, you may also have the right to file a complaint with your state Attorney General's office regarding alleged violations of state privacy laws. We encourage you to first contact us directly to resolve any concerns before escalating to regulatory bodies.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time and for any reason. If we make material changes to this policy, we will notify you by:

• Updating the "Last Updated" date at the top of this page.
• Sending you an email notification to the address associated with your account (for material changes).
• Displaying a prominent notice on our website prior to the change becoming effective.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the revised terms.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team. We are committed to resolving your concerns promptly and transparently.

We will acknowledge your request within 10 business days and aim to provide a full response within 45 days in accordance with applicable law. If additional time is needed, we will notify you of the extension and the reason for the delay.

This Privacy Policy was last reviewed and updated on June 4, 2026.