Last Updated: January 15, 2026
1. Introduction
At Dions, we are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, protect, and share information about you when you use our food delivery services, visit our website, or interact with us in any way.
This policy applies to all information collected through our website, mobile applications, phone orders, in-store visits, and any other digital or physical touchpoints. By using our services, you agree to the collection and use of information in accordance with this policy.
Important Note: We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection.
2. Information We Collect
2.1 Information You Provide Directly
- Personal Identification: Name, email address, phone number, delivery address
- Account Information: Username, password, order history, purchase preferences
- Payment Information: Credit card details (securely encrypted), billing address, payment history
- Food Preferences: Dietary restrictions, allergen information, favorite menu items
- Special Requirements: Dietary needs (vegan, halal, kosher, gluten-free), accessibility requirements
- Loyalty Program Data: Points earned, rewards redeemed, membership tier
- Reservation Information: Table bookings, party size, special occasions
- Catering Details: Event information, guest count, menu selections
- Communication Preferences: Marketing email consent, SMS notifications, promotional offers
- Feedback and Reviews: Comments, ratings, suggestions, customer service interactions
2.2 Automatically Collected Information
- Device Information: IP address, browser type, operating system, device identifiers
- Usage Data: Pages viewed, time spent on site, click patterns, search queries
- Location Data: Approximate location from IP address, GPS location (with permission)
- Cookie Data: Session IDs, user preferences, shopping cart contents, login status
- Analytics Information: Traffic sources, conversion rates, user journey mapping
2.3 Information from Third Parties
- Social Media: Profile information if you connect social media accounts
- Payment Processors: Transaction verification, fraud detection data
- Delivery Partners: Delivery status, driver location, completion confirmations
- Marketing Partners: Campaign effectiveness, demographic insights (anonymized)
3. How We Use Your Information
3.1 Service Provision
- Processing and fulfilling your food orders efficiently
- Managing delivery logistics and tracking order status
- Providing customer support and resolving issues
- Managing your account and maintaining order history
- Processing payments and handling refunds securely
- Personalizing menu recommendations based on preferences
3.2 Communication
- Sending order confirmations and delivery updates
- Responding to customer inquiries and support requests
- Notifying you of important policy changes or service updates
- Sending promotional emails and special offers (with consent only)
- SMS notifications for order status and delivery alerts
3.3 Marketing and Analytics
- Creating personalized advertising and promotions
- Analyzing website traffic and user behavior patterns
- Measuring marketing campaign effectiveness
- Conducting market research for new menu items and services
- Improving our website, mobile app, and overall user experience
3.4 Legal Compliance and Security
- Responding to legal requests and court orders
- Preventing fraud and unauthorized account access
- Protecting our rights, property, and customer safety
- Resolving disputes and enforcing our terms of service
- Complying with food safety and health regulations
4. Information Sharing and Disclosure
4.1 Service Providers
- Payment Processors: Secure transaction processing and fraud prevention
- Delivery Companies: Order fulfillment and delivery tracking
- Cloud Storage Providers: Secure data storage and backup services
- Email Marketing Services: Newsletter and promotional campaign management
- Analytics Tools: Website performance analysis and user behavior insights
- Customer Support Platforms: Help desk and ticketing systems
4.2 Legal Requirements
- Court orders, subpoenas, and other legal processes
- Compliance with applicable laws and regulations
- Protection of our legal rights and property
- Public safety emergencies and health crises
- Investigation of potential fraudulent or illegal activities
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, customer information may be transferred to the new entity. We will notify you before your personal information becomes subject to a different privacy policy and provide you with choices regarding the transfer.
4.4 With Your Consent
We may share your information for other purposes with your explicit consent, such as featured customer reviews or participation in marketing campaigns.
5. Data Security
5.1 Technical Measures
- SSL/TLS Encryption: All data transmission is protected with industry-standard encryption
- Advanced Firewall Systems: Multi-layered protection against cyber threats
- Access Control: Strict limitation of data access to authorized personnel only
- 24/7 Security Monitoring: Continuous surveillance for suspicious activities
- Regular Data Backups: Automated backups to prevent data loss
- Penetration Testing: Regular security assessments by third-party experts
5.2 Organizational Measures
- Comprehensive employee security training programs
- Detailed personal data handling procedures and protocols
- Confidentiality agreements with all staff and third parties
- Incident response plan for potential security breaches
- Regular internal security audits and compliance reviews
5.3 Your Security Responsibilities
- Create strong, unique passwords for your account
- Never share your login credentials with others
- Always log out when using public or shared computers
- Be cautious of phishing emails and suspicious links
- Report unauthorized account access immediately
Security Breach Notification: In the unlikely event of a data breach affecting your personal information, we will promptly notify you and relevant authorities within 72 hours of discovery, in accordance with applicable laws.
6. Cookies and Tracking Technologies
| Cookie Type |
Purpose |
Duration |
| Essential Cookies |
Basic site functions, login state, shopping cart |
Session |
| Functional Cookies |
User preferences, language settings, location |
Up to 1 year |
| Analytics Cookies |
Usage analysis, performance monitoring |
Up to 2 years |
| Marketing Cookies |
Personalized advertising, campaign tracking |
Up to 1 year |
Tracking Technologies Used
- Google Analytics: Website traffic analysis and user behavior tracking
- Facebook Pixel: Social media advertising effectiveness measurement
- Web Beacons: Email open rates and engagement tracking
- Local Storage: Browser-based data storage for preferences
Cookie Management: You can manage cookies through your browser settings to accept, reject, or delete cookies. Please note that disabling certain cookies may affect website functionality and your user experience.
7. Your Rights (GDPR/CCPA Compliance)
7.1 Right of Access
Request to view all personal data we hold about you, including how it's processed and shared.
7.2 Right to Rectification
Request correction of inaccurate or incomplete personal information in your account.
7.3 Right to Erasure
Request deletion of your personal data (Right to be Forgotten), subject to legal obligations.
7.4 Right to Restrict Processing
Limit how we use your data while maintaining your account and order history.
7.5 Right to Data Portability
Receive your data in a machine-readable format to transfer to another service.
7.6 Right to Object
Object to processing of your data, especially for marketing purposes.
7.7 Right Against Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing, including profiling, that produces legal effects or similarly affects you.
How to Exercise Your Rights: Contact us using the information provided in Section 13. We commit to responding to your request within 30 days and will verify your identity before processing any requests.
8. Children's Privacy
Our services are not intended for children under the age of 16. We do not knowingly collect personal information from children under 16 years of age. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.
If we discover that a child under 16 has provided us with personal information, we will promptly delete such information from our systems and terminate any associated accounts.
Parents are encouraged to monitor their children's internet activity and to help us protect their children's privacy by instructing them never to provide personal information through our services without parental permission.
9. International Data Transfers
9.1 Protection Measures
- EU-Japan adequacy decisions for countries with equivalent protection
- Standard Contractual Clauses (SCC) approved by the European Commission
- Comprehensive data processing agreements with international partners
- Implementation of appropriate technical and organizational security measures
- Regular compliance audits and assessments of transfer mechanisms
9.2 Transfer Destinations
- United States: Cloud storage and data analytics services
- European Union: Data processing and customer support
- Other Countries: As necessary for service delivery with adequate protection measures
10. Data Retention Periods
| Information Type |
Retention Period |
Reason |
| Account Information |
6 months after account deletion |
Legal obligations, dispute resolution |
| Order History |
7 years |
Tax and accounting requirements |
| Payment Records |
7 years |
Financial compliance, fraud prevention |
| Marketing Consent |
3 months after withdrawal |
Consent record keeping |
| Website Logs |
Up to 2 years |
Security monitoring, analytics |
| Customer Support Records |
3 years |
Service quality improvement |
| Loyalty Program Data |
5 years after program exit |
Program compliance, tax reporting |
Safe Data Disposal
- Complete electronic deletion ensuring data is unrecoverable
- Physical document shredding using cross-cut shredders
- Secure deletion from all backup systems and archives
- Maintenance of disposal records for audit purposes
- Third-party certification of data destruction when applicable
11. Third-Party Links
Our website may contain links to external websites, social media platforms, and third-party services that are not operated by us. We are not responsible for the privacy practices or content of these external sites.
We encourage you to review the privacy policies of any third-party websites you visit before providing them with your personal information. Your interactions with third-party sites are governed by their respective privacy policies, not ours.
When you click on third-party links, you do so at your own risk and subject to the terms and conditions of those external websites.
12. Policy Changes
12.1 Change Notification Methods
- Prominent website notice on our homepage and privacy page
- Email notification to all registered users with active accounts
- Pop-up notification displayed upon login to your account
- Explicit consent request for significant changes affecting your rights
- Social media announcements for major policy updates
12.2 Staying Informed
- The latest version of this policy is always available on our website
- Check the "Last Updated" date at the top of this page
- Continued use of our services constitutes acceptance of policy changes
- You may discontinue using our services if you disagree with changes
13. Contact Information
Response Commitment: We commit to responding to all privacy-related inquiries within 3 business days.
13.1 Privacy Complaints
If you have concerns about how we handle your personal information, please contact us first so we can work to resolve your issue. If you are not satisfied with our response, you may contact your local supervisory authority:
- Canada: Office of the Privacy Commissioner of Canada (www.priv.gc.ca)
- EU: Your local Data Protection Authority
- US: Your state's Attorney General's office
14. Withdrawal of Consent
14.1 Marketing Consent Withdrawal
- Click the "Unsubscribe" link in any marketing email
- Update your preferences in your account settings
- Contact our customer support team directly
- Send an email to [email protected] with "Unsubscribe" in the subject line
14.2 Account Deletion Process
- Log into your account and navigate to Account Settings
- Select "Delete Account" from the privacy section
- Confirm your identity with password verification
- Review what data will be deleted and what may be retained
- Confirm deletion - this action cannot be undone
Note: Some information may be retained for legal compliance, fraud prevention, or legitimate business interests as outlined in our retention policy.
15. Conclusion
At Dions, protecting your privacy is not just a legal obligation—it's fundamental to our values and our relationship with you. We are committed to maintaining the highest standards of data protection and transparency in all our practices.
Your trust enables us to continue providing exceptional food services and continuously improve your experience with us. We understand that privacy is not a one-time concern but an ongoing commitment that requires constant attention and improvement.
If you have any questions, concerns, or suggestions regarding this Privacy Policy or our privacy practices, we encourage you to contact us. We value your feedback and are always working to enhance our privacy protection measures.
Thank you for choosing Dions and for taking the time to understand how we protect your privacy. We look forward to continuing to serve you with the same dedication to quality and privacy that defines our brand.
Remember to check this page periodically for updates, as indicated by the "Last Updated" date at the top of this policy.