Privacy Policy
Welcome to Dions ("we," "us," or "our"). We operate the website located at dions.top and provide food-related products and services to our customers across the United States. Your privacy is of the utmost importance to us, and we are committed to being transparent about how we collect, use, share, and protect your personal information.
This Privacy Policy explains our practices regarding the personal information we collect from you when you visit our website, place an order, create an account, subscribe to our communications, or otherwise interact with our services. Please read this document carefully. By accessing or using our website or services, you acknowledge that you have read and understood this Privacy Policy.
If you do not agree with the terms set forth in this Privacy Policy, please discontinue use of our website and services immediately. If you have any questions or concerns, please contact us using the information provided at the end of this document.
1. About Us and Scope of This Policy
Dions is a food business operating in the United States. We are dedicated to delivering quality food experiences to our customers. This Privacy Policy applies to all personal information we collect through our website at dions.top, our online ordering platform, email communications, and any other services we offer (collectively, the "Services").
This policy governs data collected from all users who interact with our Services, including customers, website visitors, newsletter subscribers, and any other individuals whose personal information we process in connection with our business operations.
2. Applicable Legal Framework
As a business operating in the United States, our data practices are governed by several applicable federal and state laws. We comply with the following legal frameworks:
- Federal Trade Commission Act (FTC Act) — which prohibits unfair or deceptive practices in commerce, including deceptive privacy practices.
- California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA) — which grants California residents specific rights regarding their personal information.
- CAN-SPAM Act — governing commercial email communications.
- Children's Online Privacy Protection Act (COPPA) — which protects the privacy of children under the age of 13.
- Other applicable federal and state privacy, consumer protection, and data security laws in the United States.
Where California law grants residents additional rights, we describe those rights specifically in the relevant sections of this policy.
3. Information We Collect
We collect various categories of personal information depending on how you interact with our Services. The categories are detailed below.
3.1 Information You Provide Directly
When you voluntarily interact with our Services, you may provide us with the following types of information:
- Identification Information: Your full name, username, and password when you create an account.
- Contact Information: Email address, phone number, and mailing or delivery address.
- Payment Information: Credit or debit card numbers, billing address, and other payment details. Note that full payment card data is processed by our third-party payment processors and is not stored directly on our servers.
- Order Information: Details of the food products or services you order, including order history, special instructions, and preferences.
- Communications: Messages, inquiries, complaints, reviews, or feedback you send us through our website, email, or other channels.
- Marketing Preferences: Your preferences for receiving promotional communications and newsletters.
- Profile Information: Dietary preferences, favorite items, saved addresses, and other information you choose to add to your account profile.
3.2 Information Collected Automatically
When you visit our website or use our Services, we automatically collect certain technical and usage information, including:
- Device Information: IP address, device type, operating system and version, browser type and version, device identifiers, and mobile network information.
- Usage Data: Pages visited, time and date of your visit, time spent on pages, links clicked, search queries entered on our site, and other actions you take while using our Services.
- Log Data: Server logs that capture information about how you access and use our website, including error logs and access timestamps.
- Location Data: General geographic location derived from your IP address. With your permission, we may also collect more precise location information to provide delivery or location-based features.
- Referral Data: The URL of the website you were visiting before arriving at our site, and the URL you navigate to after leaving.
3.3 Cookies and Tracking Technologies
We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your interactions with our website. These technologies help us recognize you, remember your preferences, analyze site traffic, and deliver personalized content and advertising.
For a detailed explanation of the cookies we use and how to manage your cookie preferences, please refer to our Cookie Policy, which is available on our website. You may also manage cookies through your browser settings; however, disabling certain cookies may affect the functionality of our Services.
3.4 Information from Third Parties
We may also receive information about you from third-party sources, including:
- Social Media Platforms: If you connect your social media account to our Services or interact with our social media pages, we may receive certain information from those platforms.
- Payment Processors: Limited transaction confirmation data from our payment service providers.
- Analytics Providers: Aggregated and de-identified usage statistics from analytics tools such as Google Analytics.
- Delivery Partners: Delivery status and fulfillment information from any third-party delivery services we may use.
- Marketing Partners: Contact lists or campaign response data from our marketing service providers where permitted by applicable law.
4. How We Use Your Information
We use the personal information we collect for the following purposes:
4.1 Providing and Managing Our Services
- To process and fulfill your food orders, including coordinating delivery or pickup.
- To create and manage your customer account.
- To process payments and send transaction-related communications (order confirmations, receipts, and updates).
- To provide customer support and respond to your inquiries, complaints, or requests.
- To resolve disputes and troubleshoot problems with your orders or account.
4.2 Improving and Personalizing Our Services
- To understand how customers use our website and services so we can improve functionality, design, and user experience.
- To personalize your experience on our website, including recommending menu items based on your order history and preferences.
- To conduct research and analysis, including market research and customer satisfaction surveys.
- To test new features, products, and promotions before wider rollout.
4.3 Marketing and Communications
- To send you promotional emails, newsletters, special offers, and information about new menu items or services, where you have consented or where we have a legitimate interest in doing so.
- To display targeted advertisements on our website or on third-party platforms based on your interests and browsing behavior.
- To notify you about changes to our services, terms, or policies.
- To invite you to participate in loyalty programs, contests, surveys, or other promotions.
You may opt out of receiving marketing communications from us at any time by clicking the "unsubscribe" link in any marketing email or by contacting us directly at [email protected]. Please note that even after opting out of marketing communications, you may still receive transactional or service-related messages.
4.4 Legal, Safety, and Compliance Purposes
- To comply with applicable laws, regulations, legal processes, or governmental requests.
- To enforce our Terms of Service and other agreements.
- To protect the security and integrity of our website, systems, and data.
- To detect, prevent, and respond to fraud, abuse, security incidents, and other harmful activities.
- To protect the rights, property, and safety of Dions, our customers, and the public.
5. Sharing Your Information with Third Parties
We do not sell your personal information to third parties for monetary compensation. However, we may share your information in the following circumstances:
5.1 Service Providers
We share personal information with trusted third-party service providers who assist us in operating our business. These providers are contractually obligated to use your data only for the purposes we specify and to maintain appropriate security measures. Service providers may include:
- Payment processing companies (e.g., Stripe, Square, or similar processors)
- Cloud hosting and data storage providers
- Email marketing and communication platforms
- Analytics and website performance tools (e.g., Google Analytics)
- Delivery and logistics companies
- Customer relationship management (CRM) platforms
- Fraud detection and security service providers
5.2 Business Transfers
In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to the acquiring entity as part of the transaction. We will notify you of any such change via a prominent notice on our website or by email.
5.3 Legal Requirements
We may disclose your information when we believe disclosure is necessary or required by law, including in response to a court order, subpoena, or other legal process. We may also share information to protect our legal rights, enforce our policies, or protect the safety of our employees and customers.
5.4 With Your Consent
We may share your information with other third parties when you provide explicit consent. For example, if you agree to participate in a joint promotion with a partner company, we may share relevant information with that partner.
5.5 Aggregated and De-Identified Data
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other purposes.
6. Data Security
We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards to protect it from unauthorized access, use, disclosure, alteration, or destruction. Our security measures include:
- Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) technology to encrypt data transmitted between your browser and our servers.
- Access Controls: We restrict access to personal information to authorized employees and service providers who need it to perform their job functions.
- Secure Payment Processing: Payment card information is handled by PCI-DSS compliant payment processors and is not stored in full on our systems.
- Regular Security Assessments: We periodically review our information collection, storage, and processing practices to guard against unauthorized access.
- Employee Training: Our staff are trained on privacy and data security best practices.
- Incident Response: We maintain procedures for responding to data security incidents, including notifying affected individuals and authorities as required by law.
Despite our efforts, no security system is impenetrable, and we cannot guarantee the absolute security of your personal information. In the event of a data breach that is likely to harm your rights or interests, we will notify you as required by applicable law.
7. Your Privacy Rights
Depending on your location and applicable law, you may have certain rights regarding your personal information. We are committed to honoring these rights and responding to valid requests in a timely manner.
7.1 Rights Available to All Users
- Right to Access: You have the right to request a copy of the personal information we hold about you.
- Right to Correction: You have the right to request that we correct inaccurate or incomplete personal information.
- Right to Deletion: You have the right to request that we delete your personal information, subject to certain legal exceptions.
- Right to Opt Out of Marketing: You may opt out of receiving direct marketing communications from us at any time.
- Right to Lodge a Complaint: You have the right to file a complaint with the relevant data protection authority if you believe we have not handled your information lawfully.
7.2 Additional Rights for California Residents (CCPA/CPRA)
If you are a resident of California, you have the following additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):
| Right | Description |
|---|---|
| Right to Know | You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we share it. |
| Right to Delete | You may request deletion of personal information we have collected from you, subject to certain exceptions (e.g., where we need the information to complete a transaction or comply with a legal obligation). |
| Right to Correct | You may request correction of inaccurate personal information we maintain about you. |
| Right to Opt Out of Sale or Sharing | You have the right to opt out of the "sale" or "sharing" of your personal information as defined under CPRA, including sharing for cross-context behavioral advertising. |
| Right to Limit Use of Sensitive Personal Information | You may request that we limit our use of sensitive personal information (such as financial data or precise geolocation) to purposes necessary for providing our services. |
| Right to Non-Discrimination | We will not discriminate against you for exercising your CCPA/CPRA rights by denying services, charging different prices, or providing a different level of quality. |
| Right to Data Portability | You may request your personal information in a portable and, to the extent technically feasible, readily usable format. |
To exercise any of your California privacy rights, please contact us at [email protected] with the subject line "California Privacy Rights Request." We will respond to verified requests within 45 days, with the possibility of a 45-day extension where necessary, as permitted under the CCPA/CPRA.
7.3 How to Submit a Privacy Rights Request
To exercise any of the rights described in this section, please contact us using the following method:
- Email: [email protected] with the subject line "Privacy Rights Request"
We may need to verify your identity before processing your request. Verification may require you to provide information that matches the information we already hold on file. We will not use information submitted for identity verification for any purpose other than verifying your identity and processing your request. You may also designate an authorized agent to submit requests on your behalf, subject to our verification requirements.
8. Cookie Policy Summary
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and deliver relevant content and advertising. The main categories of cookies we use are:
- Essential Cookies: Necessary for the website to function properly, enabling features like shopping cart functionality and secure login. These cookies cannot be disabled.
- Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage data, such as page views and traffic sources.
- Functional Cookies: Allow our website to remember your preferences and settings (such as language and location) to provide a more personalized experience.
- Marketing and Advertising Cookies: Used to deliver targeted advertisements and track the effectiveness of our marketing campaigns. These may be set by us or by our advertising partners.
You can manage your cookie preferences at any time through our cookie consent tool or through your browser settings. Please note that disabling certain cookies may impair the functionality of our website. For complete details about the cookies we use, including a full list of cookies and their purposes, please see our full Cookie Policy available on our website at dions.top.
9. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to comply with our legal obligations, resolve disputes, and enforce our agreements. The specific retention periods we apply include:
| Category of Data | Retention Period |
|---|---|
| Account and Profile Information | For the duration of your account plus up to 3 years after account closure |
| Order and Transaction Records | Up to 7 years, as required for tax, legal, and accounting purposes |
| Payment Information | As required by our payment processors and applicable financial regulations |
| Marketing and Communication Preferences | Until you opt out, plus a reasonable period thereafter to process your request |
| Website Usage and Analytics Data | Up to 26 months from collection (in line with standard analytics tool defaults) |
| Customer Support Communications | Up to 3 years from the date of the interaction |
| Legal Compliance Records | As required by applicable law, which may be up to 7 years or longer |
When personal information is no longer required, we securely delete or anonymize it in accordance with our data retention procedures.
10. Children's Privacy
Dions does not knowingly collect, solicit, or maintain personal information from persons under the age of 18. Our website and services are not directed to children, and we do not knowingly market to minors. If you are under 18, please do not use our Services or provide any personal information to us.
In compliance with the Children's Online Privacy Protection Act (COPPA), if we become aware that we have inadvertently collected personal information from a child under the age of 13 without verifiable parental consent, we will take immediate steps to delete that information from our records.
If you are a parent or guardian and believe that your child under the age of 18 has provided personal information to us without your consent, please contact us immediately at [email protected] so that we can take appropriate action.
11. International Data Transfers
Dions is based in the United States, and our servers and operational infrastructure are primarily located within the United States. If you are accessing our Services from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where privacy laws may differ from those in your home country.
By using our Services, you consent to the transfer of your personal information to the United States. We take appropriate steps to ensure that any international transfer of personal information is conducted in a manner consistent with applicable data protection laws and that your information is afforded an adequate level of protection.
If you have questions about how we protect your information in connection with international transfers, please contact us at [email protected].
12. Third-Party Links and Services
Our website may contain links to third-party websites, services, social media platforms, or applications that are not operated or controlled by Dions. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you visit or use.
The inclusion of a link to a third-party website does not imply our endorsement of that website or its privacy practices.
13. Social Media and User-Generated Content
Our website may include features such as social media sharing buttons, review sections, or other tools that allow you to share content or interact with social media platforms. When you use these features, information may be collected by the social media platform and governed by their respective privacy policies.
If you submit reviews, comments, or other user-generated content to our website or social media pages, please be aware that such content may be visible to other users and the public. Do not include sensitive personal information in any content you publicly submit.
14. How to File a Complaint
If you have concerns about how we handle your personal information and you feel that we have not addressed your concerns satisfactorily, you have the right to file a complaint with the relevant data protection or consumer protection authority.
14.1 United States — Federal and State Agencies
- Federal Trade Commission (FTC): The FTC handles complaints about deceptive or unfair business practices, including privacy violations. You can file a complaint at reportfraud.ftc.gov or by calling 1-877-382-4357.
- California Attorney General (for California Residents): California residents who believe their CCPA/CPRA rights have been violated may file a complaint with the California Attorney General's Office at oag.ca.gov/privacy/ccpa.
- California Privacy Protection Agency (CPPA): The CPPA enforces the CPRA and handles privacy-related complaints from California residents. Visit cppa.ca.gov for more information.
- State Attorney General: Residents of other states may also have the right to file privacy complaints with their respective state attorney general's office.
Before filing a complaint with a regulatory authority, we encourage you to contact us first so that we have the opportunity to address your concerns directly.
15. Do Not Track Signals
Some web browsers include a "Do Not Track" (DNT) feature that allows you to signal your preference not to be tracked across websites. Currently, there is no uniform standard for how companies should respond to DNT signals, and our website does not currently respond to DNT signals. However, you may use our cookie management tools and the opt-out mechanisms described in this Privacy Policy to manage your privacy preferences.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or technology. When we make material changes to this policy, we will:
- Update the "Last Updated" date at the top of this page.
- Post a prominent notice on our website notifying you of the changes.
- Send you an email notification if the changes materially affect how we use your personal information (where we have your email address on file).
We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of our Services after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms.
17. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and thoroughly.
Privacy Inquiries — Dions
- Company Name: Dions
- Email: [email protected]
- Website: dions.top
When contacting us about a privacy matter, please include your name, contact information, and a clear description of your request or concern so that we can respond effectively.
Effective Date of This Privacy Policy: April 3, 2026
Last Reviewed: April 3, 2026
This Privacy Policy was prepared for Dions, operating at dions.top, in accordance with applicable United States federal and state privacy laws, including the FTC Act and the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA).