Name: Costa Vida
Address: 828 Bantam Rd, Bantam, CT 06750, USA, United States
Telephone: +1 860-567-0043
Price range: $$

1. Introduction

At Costa Vida, we are deeply committed to protecting your privacy and maintaining the trust you place in us when you enjoy our delicious Mexican cuisine and use our services. This comprehensive Privacy Policy outlines how we collect, use, process, share, and protect your personal information across all our platforms and services.

This policy applies to all interactions you have with Costa Vida, whether you're dining in our restaurants, ordering online, using our mobile application, visiting our website at costavidas.click, or engaging with our catering and franchise services. By using any of our services, you agree to the terms outlined in this Privacy Policy.

Important Note: We never sell your personal data to third parties. Your trust is the most important ingredient in our recipe for success, and we're committed to keeping your information safe and secure.

2. Information We Collect

2.1 Information You Provide to Us

When you interact with Costa Vida, you may voluntarily provide us with the following information:

Personal Identification Information: Name, email address, phone number, mailing address, date of birth
Account Information: Username, password, order history, saved payment methods
Order and Dietary Information: Food preferences, allergen information, special dietary requirements (vegan, halal, kosher, gluten-free), favorite menu items
Delivery and Location Data: Delivery addresses, GPS location for delivery optimization
Payment Information: Credit card details, billing address (stored in encrypted format through secure payment processors)
Reservation and Catering Details: Table reservation preferences, party size, special occasion information, catering event requirements
Loyalty Program Data: Rewards account information, points balance, redemption history
Communication Preferences: Marketing opt-ins, notification settings, preferred communication channels
Feedback and Reviews: Restaurant reviews, survey responses, customer service feedback

2.2 Information Automatically Collected

When you use our digital services, we automatically collect certain technical information:

Device Information: IP address, browser type and version, operating system, device identifiers
Usage Data: Pages visited, time spent on site, click patterns, menu items viewed
Location Data: Approximate location based on IP address for restaurant recommendations
Cookie Data: Session identifiers, user preferences, analytics data
Performance Metrics: Page load times, error logs, system performance data

2.3 Information from Third Parties

We may receive information about you from other sources:

Social Media Platforms: Profile information when you connect your social accounts
Payment Processors: Transaction verification and fraud prevention data
Delivery Partners: Delivery status updates and customer satisfaction scores
Marketing Partners: Demographic and interest data for targeted advertising

3. How We Use Your Information

3.1 Service Provision and Enhancement

Order Processing: Preparing your food, coordinating delivery, managing pickup orders
Account Management: Creating and maintaining your customer account, authentication
Personalization: Recommending menu items based on your preferences and order history
Quality Improvement: Analyzing feedback to enhance our recipes and service quality
Loyalty Rewards: Managing your rewards points and exclusive member benefits

3.2 Communication and Customer Support

Order Updates: Sending confirmation emails, delivery notifications, receipt details
Customer Support: Responding to inquiries, resolving issues, processing refunds
Service Notifications: Important updates about menu changes, restaurant hours, policy updates
Marketing Communications: Promotional offers, new menu announcements (only with your consent)

3.3 Marketing and Analytics

Targeted Advertising: Showing relevant ads based on your preferences and dining history
Website Analytics: Understanding user behavior to improve our digital experience
Campaign Effectiveness: Measuring the success of marketing campaigns and promotions
Market Research: Developing new menu items and services based on customer preferences

3.4 Legal Compliance and Security

Legal Requirements: Complying with food safety regulations, tax obligations, legal requests
Fraud Prevention: Detecting and preventing fraudulent transactions and activities
Safety Protection: Ensuring the safety of our customers, employees, and property
Dispute Resolution: Handling customer complaints and legal disputes

4. Information Sharing and Disclosure

4.1 Service Providers

We share your information with trusted third-party service providers who help us operate our business:

Payment Processors: Secure transaction processing and fraud detection
Delivery Companies: Coordinating food delivery to your location
Cloud Storage Providers: Secure data storage and backup services
Email Marketing Services: Sending promotional communications (with your consent)
Analytics Tools: Website usage analysis and performance monitoring
Customer Support Platforms: Managing customer inquiries and support tickets

4.2 Legal Requirements

We may disclose your information when required by law or to protect our rights:

Legal Process: Responding to court orders, subpoenas, and legal proceedings
Regulatory Compliance: Meeting food safety, health department, and tax requirements
Rights Protection: Defending our legal rights, property, and business interests
Public Safety: Cooperating with law enforcement in emergency situations

4.3 Business Transfers

In the event of a merger, acquisition, or sale of business assets:

Customer information may be transferred to the new business entity
We will notify affected customers before the transfer occurs
The new owner will be required to honor this Privacy Policy
Customers will be informed of any changes to data handling practices

4.4 With Your Consent

We may share your information for other purposes with your explicit consent, such as:

Participating in joint marketing campaigns with partner brands
Sharing testimonials or reviews (with your permission)
Including you in case studies or success stories

5. Data Security

5.1 Technical Security Measures

Encryption: SSL/TLS encryption for all data transmission and storage
Firewall Protection: Advanced firewall systems protecting our servers
Access Control: Strict access limitations to authorized personnel only
24/7 Monitoring: Continuous security monitoring and threat detection
Regular Backups: Automated daily backups with secure off-site storage
Vulnerability Testing: Regular security audits and penetration testing

5.2 Organizational Security Measures

Employee Training: Regular cybersecurity and data protection training
Data Handling Procedures: Documented protocols for personal data processing
Confidentiality Agreements: All staff and contractors sign confidentiality agreements
Incident Response Plan: Established procedures for security breach response
Regular Security Audits: Annual security assessments by third-party experts

5.3 Your Security Responsibilities

To help protect your account, please:

Use Strong Passwords: Create unique, complex passwords for your account
Keep Passwords Private: Never share your login credentials with others
Logout from Public Computers: Always log out when using shared devices
Be Cautious of Phishing: Verify the authenticity of emails requesting personal information
Report Suspicious Activity: Contact us immediately if you notice unauthorized account access

5.4 Security Breach Notification

In the unlikely event of a security breach that affects your personal data, we will:

Notify you via email within 72 hours of discovery
Inform relevant regulatory authorities as required by law
Provide details about the nature and scope of the breach
Explain the steps we're taking to address the incident
Offer guidance on protecting yourself from potential harm

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience on our website and mobile applications:

Cookie Type	Purpose	Duration
Essential Cookies	Basic site functionality, shopping cart, login sessions	Session only
Functional Cookies	User preferences, language settings, location preferences	Up to 1 year
Analytics Cookies	Website usage analysis and performance improvement	Up to 2 years
Marketing Cookies	Personalized advertising and campaign measurement	Up to 1 year

Additional Tracking Technologies

Google Analytics: Website traffic analysis and user behavior insights
Facebook Pixel: Social media advertising effectiveness measurement
Web Beacons: Email open rates and engagement tracking
Local Storage: Storing user preferences and settings in your browser

Cookie Management

You can control cookies through your browser settings:

Accept or reject all cookies
Delete existing cookies
Set preferences for specific types of cookies
Receive notifications when cookies are set

Note: Disabling certain cookies may affect website functionality and your user experience.

7. Your Privacy Rights

Under various privacy laws including GDPR and CCPA, you have the following rights regarding your personal information:

7.1 Right of Access

You have the right to request and receive a copy of all personal information we hold about you, including order history, account details, and communication preferences.

7.2 Right to Rectification

You can request correction of any inaccurate or incomplete personal information in our records, including updating your contact details, dietary preferences, or account information.

7.3 Right to Erasure (Right to be Forgotten)

You can request deletion of your personal data when it's no longer necessary for our business purposes, subject to legal retention requirements.

7.4 Right to Restrict Processing

You can request that we limit how we use your personal information while we address your concerns about accuracy or processing purposes.

7.5 Right to Data Portability

You have the right to receive your personal data in a machine-readable format for transfer to another service provider.

7.6 Right to Object

You can object to processing of your personal information for marketing purposes, scientific research, or other legitimate business interests.

7.7 Right Against Automated Decision-Making

You can request human review of any automated decisions that significantly affect you, such as credit or fraud assessments.

How to Exercise Your Rights

To exercise any of these rights, please contact us using the information provided in Section 13. We will respond to your request within 30 days and may need to verify your identity before processing your request.

8. Children's Privacy

Costa Vida is committed to protecting the privacy of children. Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children.

No Intentional Collection: We do not actively seek to collect information from children under 16
Parent Notification: If you believe your child has provided us with personal information, please contact us immediately
Prompt Deletion: We will promptly delete any children's data that comes to our attention
Verification Process: We may require proof of guardianship before processing deletion requests

Parents and guardians who believe their child has provided personal information to Costa Vida should contact us immediately at [email protected] or +1 860-567-0043.

9. International Data Transfers

9.1 Protection Measures

When transferring your data internationally, we implement appropriate safeguards:

Adequacy Decisions: Transfers to countries deemed adequate by relevant authorities
Standard Contractual Clauses (SCCs): European Commission-approved contracts with data processors
Data Processing Agreements: Binding contracts ensuring data protection standards
Encryption and Security: End-to-end encryption for all international data transfers
Regular Audits: Ongoing compliance monitoring of international partners

9.2 Transfer Destinations

Your data may be transferred to and processed in:

United States: Cloud storage and data processing services
European Union: Analytics and marketing services
Canada: Customer support and backup services
Other jurisdictions: As necessary for service provision, always with appropriate protections

10. Data Retention Periods

We retain your personal information only as long as necessary for business, legal, and regulatory purposes:

Information Type	Retention Period	Reason for Retention
Account Information	6 months after account deletion	Legal obligations, dispute resolution
Order and Purchase History	7 years	Tax and accounting requirements, food safety traceability
Marketing Consent Records	3 years after consent withdrawal	Compliance documentation, consent proof
Website Usage Logs	Up to 2 years	Security monitoring, analytics
Customer Support Records	3 years	Service quality improvement, training
Dietary Restrictions/Allergies	Duration of account + 1 year	Food safety, liability protection

Safe Data Disposal

When data reaches the end of its retention period, we ensure secure disposal:

Electronic Data: Complete deletion using industry-standard methods that make recovery impossible
Physical Records: Secure shredding of any paper documents
Backup Systems: Deletion from all backup and archive systems
Disposal Documentation: Maintaining records of data destruction for audit purposes

11. Third-Party Links

Our website and services may contain links to external websites, social media platforms, and third-party services. Please note:

No Control: We do not control the privacy practices of third-party websites
Separate Policies: Each external site has its own privacy policy and terms
Your Responsibility: Please review third-party privacy policies before providing personal information
No Liability: Costa Vida is not responsible for third-party data practices

We encourage you to read the privacy policies of any third-party sites you visit to understand how they collect, use, and protect your personal information.

12. Policy Changes

12.1 Change Notification Process

When we update this Privacy Policy, we will notify you through multiple channels:

Website Notice: Prominent banner on our homepage and relevant pages
Email Notification: Direct email to all registered customers
In-App Notifications: Push notifications through our mobile application
Account Dashboard: Notification in your customer account portal

12.2 Staying Informed

To stay updated on policy changes:

Regular Checks: Visit this page periodically for the latest version
Last Updated Date: Check the "Last Updated" date at the top of this policy
Version History: Significant changes will be summarized in update notifications

Continued Use: Your continued use of our services after policy changes constitutes acceptance of the updated terms. If you disagree with changes, you may discontinue using our services.

13. Contact Information

Get in Touch

Costa Vida

828 Bantam Rd, Bantam, CT 06750, USA

Phone: +1 860-567-0043

Email: [email protected]

Business Hours: Monday - Friday: 9:00 AM - 6:00 PM EST

Response Commitment: We are committed to responding to all privacy-related inquiries within 3 business days. For urgent matters, please call our customer service line.

13.1 Filing Complaints

If you have concerns about our data practices that we cannot resolve:

Contact Us First: Please reach out to us directly for resolution
Supervisory Authority: You may file a complaint with your local privacy regulator
EU Residents: Contact your national Data Protection Authority
US Residents: Contact your state's Attorney General's office

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications at any time:

Email Unsubscribe: Click the unsubscribe link in any promotional email
Account Settings: Update your communication preferences in your online account
Customer Support: Call or email us to opt out of marketing communications
SMS Text Messages: Reply "STOP" to any promotional text message

14.2 Account Deletion Process

To delete your Costa Vida account and associated data:

Step 1: Log into your online account and navigate to account settings
Step 2: Select "Delete Account" and confirm your identity
Step 3: Confirm deletion via email verification
Step 4: Allow 30 days for complete data removal from active systems

Important Note: Some information may be retained as required by law for tax, accounting, or food safety purposes, but will not be used for marketing or service provision.

15. Conclusion

At Costa Vida, your privacy is as important to us as the quality of our food. We are committed to maintaining the highest standards of data protection while providing you with exceptional dining experiences and convenient services.

This Privacy Policy reflects our dedication to transparency, security, and respect for your personal information. We believe that trust is built through clear communication and consistent action, and we strive to earn and maintain your trust every day.

Your relationship with Costa Vida is built on more than just great Mexican food – it's built on mutual respect and trust. We take seriously our responsibility to protect your privacy and will continue to invest in the people, processes, and technology necessary to safeguard your personal information.

If you have any questions about this Privacy Policy, our data practices, or your privacy rights, please don't hesitate to contact us. Our customer service team is here to help and ensure you feel confident about how your information is handled.

Thank you for choosing Costa Vida for your dining needs. We look forward to serving you delicious food while keeping your personal information safe and secure.

Please remember to check this page periodically for updates, as indicated by the "Last Updated" date at the top of this policy.