Privacy Policy

Your privacy matters to us. Learn how we collect, use, and protect your personal information.

Last Updated: February 12, 2026

1. Introduction

At Guzman y Gomez, we are deeply committed to protecting your privacy and maintaining your trust. This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you use our services, visit our website, order food online, dine at our restaurants, or interact with us through any other means.

This policy applies to all personal information we collect through our website (guzmanigomez.com), mobile applications, in-store interactions, phone orders, catering services, franchise operations, and any other touchpoints where you interact with Guzman y Gomez.

By using our services, creating an account, placing an order, or providing us with your personal information, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. We want to assure you that we never sell your personal data to third parties for their marketing purposes.

If you do not agree with the practices described in this policy, please do not use our services or provide us with your personal information. We encourage you to read this policy carefully and contact us if you have any questions or concerns.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

  • Create an Account: Name, email address, phone number, date of birth, username, and password
  • Place Orders: Delivery addresses, payment information (processed securely), order history, and dietary preferences
  • Allergen Information: Details about food allergies, intolerances, and dietary restrictions you provide for food safety
  • Special Dietary Requirements: Preferences for vegan, vegetarian, halal, kosher, gluten-free, or other dietary needs
  • Loyalty Program: Participation in rewards programs, points balance, favorite orders, and redemption history
  • Table Reservations: Party size, preferred seating, special occasions, and accessibility requirements
  • Catering Services: Event details, guest count, menu preferences, delivery information, and billing details
  • Contact Us: Messages, feedback, complaints, reviews, and customer service interactions
  • Marketing Preferences: Newsletter subscriptions, promotional offers, and communication preferences
  • Payment Information: Credit card details, billing addresses (encrypted and securely stored)

2.2 Information Collected Automatically

When you visit our website or use our mobile app, we automatically collect certain information:

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages viewed, time spent on site, clickstream data, search queries, and navigation patterns
  • Location Data: Approximate location based on IP address or precise location (with your permission) for delivery services
  • Cookie Data: Session IDs, user preferences, shopping cart contents, and analytics data
  • Technical Data: Screen resolution, time zone, language settings, and accessibility features used

2.3 Information from Third Parties

We may receive information about you from:

  • Social Media Platforms: If you connect your social media accounts or sign up through social login
  • Payment Processors: Transaction verification and fraud prevention information
  • Delivery Partners: Delivery status updates and location tracking for order fulfillment
  • Marketing Partners: Aggregated demographic data and advertising effectiveness metrics
  • Public Sources: Information available in public records or directories

3. How We Use Your Information

3.1 Service Provision

  • Order Processing: Fulfilling food orders, coordinating delivery or pickup, managing special requests
  • Account Management: Creating and maintaining your account, authentication, and security
  • Payment Processing: Securely processing transactions and managing billing
  • Customer Support: Responding to inquiries, resolving issues, and providing assistance
  • Food Safety: Ensuring allergen information is communicated to kitchen staff and delivery teams
  • Quality Improvement: Analyzing feedback to enhance our food quality, service, and user experience

3.2 Communication

  • Order Notifications: Confirmations, preparation updates, delivery tracking, and completion alerts
  • Customer Service: Responding to questions, concerns, and feedback
  • Account Updates: Important changes to your account, orders, or our services
  • Policy Changes: Notifications about updates to our terms, privacy policy, or other important notices
  • Marketing Communications: Promotional offers, new menu items, and special events (only with your consent)

3.3 Marketing and Analytics

  • Personalization: Customizing your experience based on order history and preferences
  • Targeted Advertising: Showing relevant ads on our website and other platforms
  • Analytics: Understanding website traffic, user behavior, and service performance
  • Market Research: Developing new menu items, services, and improving existing offerings
  • Campaign Measurement: Evaluating the effectiveness of our marketing efforts

3.4 Legal Compliance and Security

  • Legal Obligations: Complying with applicable laws, regulations, and government requests
  • Fraud Prevention: Detecting and preventing fraudulent transactions and account access
  • Safety Protection: Ensuring the safety of our customers, employees, and property
  • Dispute Resolution: Resolving conflicts and enforcing our terms of service
  • Record Keeping: Maintaining records required by law or for legitimate business purposes

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who help us operate our business:

  • Payment Processors: Secure handling of payment transactions and fraud prevention
  • Delivery Companies: Sharing delivery addresses and order details for fulfillment
  • Cloud Storage Providers: Secure data storage and backup services with appropriate safeguards
  • Email Marketing Services: Managing newsletter subscriptions and promotional campaigns
  • Analytics Providers: Website and app performance analysis to improve user experience
  • Customer Support Tools: Managing customer inquiries and support tickets

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

  • Legal Process: Responding to court orders, subpoenas, or other legal requests
  • Regulatory Compliance: Meeting food safety regulations and health department requirements
  • Rights Protection: Defending our legal rights, property, or the safety of others
  • Emergency Situations: Protecting against immediate threats to public safety

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Customer information may be transferred as part of the business assets
  • We will notify you before your information becomes subject to a different privacy policy
  • The new owner will be required to honor this privacy policy
  • You will have options regarding your information under the new ownership

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

  • Participating in third-party loyalty programs
  • Sharing testimonials or reviews publicly
  • Partnering with other brands for special promotions

5. Data Security

5.1 Technical Measures

We implement robust technical safeguards to protect your information:

  • Encryption: SSL/TLS encryption for all data transmission between your device and our servers
  • Secure Storage: Advanced encryption for data at rest, including payment information
  • Firewall Protection: Multi-layer firewall systems to prevent unauthorized access
  • Access Controls: Strict access controls ensuring only authorized personnel can access personal data
  • Monitoring: 24/7 security monitoring and intrusion detection systems
  • Regular Backups: Secure, encrypted backups to prevent data loss

5.2 Organizational Measures

  • Employee Training: Regular security awareness training for all staff handling personal data
  • Data Handling Procedures: Established protocols for collecting, processing, and storing personal information
  • Confidentiality Agreements: All employees and third-party service providers sign confidentiality agreements
  • Incident Response Plan: Comprehensive procedures for responding to security breaches
  • Regular Audits: Periodic security assessments and vulnerability testing

5.3 Your Security Responsibilities

Help us keep your information secure by:

  • Strong Passwords: Use unique, complex passwords for your account
  • Account Security: Never share your login credentials with others
  • Public Computers: Always log out when using shared or public computers
  • Phishing Awareness: Be cautious of suspicious emails requesting personal information
  • Report Issues: Immediately contact us if you suspect unauthorized account access
Security Breach Notification: In the unlikely event of a security breach that affects your personal information, we will promptly notify you and relevant authorities as required by law, and take immediate steps to secure your data.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website and mobile app. Here's what we use and why:

Cookie Type Purpose Duration
Essential Cookies Basic site functionality, login status, shopping cart contents Session (deleted when browser closes)
Functional Cookies User preferences, language settings, location preferences Up to 1 year
Analytics Cookies Website usage analysis, performance monitoring, user behavior insights Up to 2 years
Marketing Cookies Personalized advertising, campaign measurement, retargeting Up to 1 year

Additional Tracking Technologies

  • Google Analytics: Website traffic analysis and user behavior tracking
  • Facebook Pixel: Measuring advertising effectiveness and creating custom audiences
  • Web Beacons: Tracking email open rates and engagement
  • Local Storage: Storing user preferences and settings in your browser

Cookie Management

You can control cookies through your browser settings:

  • Accept or reject all cookies
  • Delete existing cookies
  • Set preferences for different types of cookies
  • Receive notifications when cookies are set

Note: Disabling certain cookies may affect website functionality, such as keeping items in your shopping cart or maintaining your login status.

7. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

7.1 Right of Access

You have the right to request access to the personal information we hold about you, including:

  • What personal data we collect
  • How we use your information
  • Who we share your data with
  • How long we retain your information

7.2 Right to Rectification

You can request that we correct any inaccurate or incomplete personal information we have about you.

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data when:

  • The information is no longer necessary for the original purpose
  • You withdraw consent and we have no other legal basis for processing
  • You object to processing and we have no overriding legitimate interests
  • Your data has been unlawfully processed

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information in certain circumstances.

7.5 Right to Data Portability

You have the right to receive your personal data in a structured, machine-readable format and transfer it to another service provider.

7.6 Right to Object

You can object to processing of your personal data, particularly for direct marketing purposes or when processing is based on legitimate interests.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to automated decision-making, including profiling, that produces significant legal effects.

How to Exercise Your Rights: Contact us at [email protected] or +61 3 9650 1445. We will respond to your request within 30 days and may need to verify your identity before processing your request.

8. Children's Privacy

Our services are not intended for children under the age of 16, and we do not knowingly collect personal information from children under 16 years old.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately at [email protected]. We will take steps to verify the information and, if confirmed, will promptly delete the child's personal information from our systems.

We encourage parents and guardians to monitor their children's internet usage and to teach them about online safety and privacy.

If we discover that we have inadvertently collected personal information from a child under 16, we will delete such information as quickly as possible and take steps to prevent future collection.

9. International Data Transfers

9.1 Protection Measures

When transferring your personal data internationally, we ensure appropriate protections:

  • Adequacy Decisions: Transfers to countries with adequate data protection laws recognized by Australia
  • Standard Contractual Clauses: Using approved contractual terms for international transfers
  • Data Processing Agreements: Binding agreements with international service providers
  • Security Measures: Additional technical and organizational safeguards
  • Regular Audits: Ongoing compliance monitoring and assessment

9.2 Transfer Destinations

Your personal information may be transferred to and processed in:

  • United States: For cloud storage and data processing services
  • European Union: For analytics and marketing platform services
  • Other Countries: As necessary for business operations, always with appropriate protections

All international transfers comply with applicable data protection laws and include appropriate safeguards to protect your privacy rights.

10. Data Retention Periods

We retain your personal information only as long as necessary for the purposes outlined in this policy or as required by law:

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order and Purchase History 7 years Tax and accounting requirements, warranty claims
Marketing Consent Records 3 months after withdrawal Consent record keeping, compliance
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement, issue resolution
Allergen Information 2 years after last order Food safety compliance, health regulations
Loyalty Program Data 2 years after account closure Points redemption, program integrity

Safe Data Disposal

When data retention periods expire, we ensure secure disposal:

  • Electronic Deletion: Complete, unrecoverable deletion from all systems
  • Physical Records: Secure shredding of any physical documents
  • Backup Systems: Removal from all backup and archive systems
  • Documentation: Maintaining records of data disposal for compliance

11. Third-Party Links and Services

Our website and mobile app may contain links to third-party websites, social media platforms, or other online services that are not owned or controlled by Guzman y Gomez.

Important: We are not responsible for the privacy practices or content of these third-party sites. When you click on links to external websites, you leave our service and this Privacy Policy no longer applies.

Your Responsibility

  • Review the privacy policies of third-party sites before providing any personal information
  • Understand that third parties may have different data collection and use practices
  • Be cautious about sharing personal information on external platforms
  • Contact third parties directly with questions about their privacy practices

We encourage you to be aware when you leave our site and to read the privacy policies of each website that collects personal information from you.

12. Privacy Policy Updates

12.1 Change Notification

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will notify you through:

  • Website Notice: Prominent banner notification on our homepage
  • Email Notification: Direct notification to registered users for significant changes
  • App Notification: Push notifications or in-app alerts
  • Account Dashboard: Updates visible when you log into your account

12.2 Staying Informed

To stay current with our privacy practices:

  • Check the "Last Updated" date at the top of this policy
  • Review the policy periodically for changes
  • Pay attention to our notifications about policy updates
  • Contact us with questions about any changes

Continued Use: Your continued use of our services after we post changes constitutes your acceptance of the updated Privacy Policy. If you disagree with any changes, you may stop using our services and close your account.

13. Contact Information

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Primary Contact

  • Company: Guzman y Gomez
  • Address: 45 Flinders Ln, Melbourne VIC 3000, Australia
  • Phone: +61 3 9650 1445
  • Email: [email protected]
  • Business Hours: Monday-Friday, 9:00 AM - 6:00 PM AEST

Privacy Inquiries

For privacy-specific questions or to exercise your rights:

  • Email: [email protected]
  • Subject Line: Please include "Privacy Inquiry" in your subject line
  • Response Time: We aim to respond within 3 business days

13.1 Complaint Process

If you have a privacy complaint:

  1. Contact Us First: We encourage you to contact us directly so we can address your concerns
  2. Investigation: We will investigate your complaint promptly and thoroughly
  3. Resolution: We will work with you to resolve the issue satisfactorily
  4. External Options: If you're not satisfied with our response, you may contact the Australian Privacy Commissioner at www.oaic.gov.au

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw your consent for marketing communications at any time through:

  • Email Unsubscribe: Click the unsubscribe link in any marketing email
  • Account Settings: Update your communication preferences in your online account
  • Customer Support: Contact us directly to opt out of marketing communications
  • Phone: Call +61 3 9650 1445 during business hours

14.2 Account Deletion Process

To permanently delete your account and associated data:

  1. Login: Sign into your Guzman y Gomez account
  2. Account Settings: Navigate to account settings or privacy preferences
  3. Request Deletion: Select the option to delete your account
  4. Confirmation: Confirm your request via email verification
  5. Processing: We will process your deletion request within 30 days

Important Note: Some information may be retained for legal compliance, fraud prevention, or legitimate business purposes as outlined in our data retention policy.

14.3 Partial Data Removal

You may also request removal of specific types of data while maintaining your account, such as:

  • Removing stored payment methods
  • Deleting order history (subject to legal requirements)
  • Clearing saved addresses or preferences
  • Removing loyalty program participation

15. Conclusion

At Guzman y Gomez, protecting your privacy is not just a legal obligation—it's fundamental to building and maintaining the trust you place in us when you choose our food and services. We are committed to transparency in our data practices and continuous improvement of our privacy protections.

We understand that your personal information is valuable and sensitive. That's why we've implemented comprehensive technical, organizational, and procedural safeguards to ensure your data remains secure and is used only for the purposes you've consented to or that are necessary for providing our services.

Your trust is the cornerstone of our relationship. We will never sell your personal data to third parties for their marketing purposes, and we will always strive to give you meaningful choices about how your information is collected and used.

If you have any questions about this Privacy Policy, our data practices, or how to exercise your privacy rights, please don't hesitate to contact us. We're here to help and ensure you feel confident about your privacy when enjoying Guzman y Gomez.

Thank you for choosing Guzman y Gomez and for trusting us with your personal information. We look forward to continuing to serve you with great food and exceptional service while keeping your privacy protected.

Last Updated: February 12, 2026
Please check this page regularly for updates to our Privacy Policy