Privacy Policy

Welcome to Marcos ("we," "our," or "us"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website at marcosmeal.digital, place orders through our platform, interact with our digital services, or otherwise engage with us. Please read this policy carefully. If you do not agree with its terms, please discontinue use of our website and services immediately.

We are committed to protecting your privacy and handling your personal data with transparency and responsibility. As a food business operating in the United States, we comply with applicable federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and all other applicable consumer protection regulations.

1. About Us

Marcos operates as a food service business providing online ordering, delivery coordination, menu browsing, and related digital services through our website and associated platforms.

Company Name Marcos
Website marcosmeal.digital
Email Address [email protected]
Country of Operation United States

For all privacy-related inquiries, data access requests, or complaints, please contact us using the details listed above or as further described in Section 13 of this policy.

2. Information We Collect

We collect various categories of information to operate our food service, improve our platform, fulfill orders, and communicate with you effectively. The types of data we collect include the following:

2.1 Personal Identification Information

When you create an account, place an order, or contact us, we may collect:

  • Full name
  • Email address
  • Phone number
  • Delivery address and billing address
  • Date of birth (for age verification purposes, where applicable)
  • Username and password (stored in encrypted form)
  • Profile photo (if uploaded voluntarily)

2.2 Order and Transaction Data

To process your food orders and manage your history, we collect:

  • Items ordered, customizations, and preferences
  • Order history and frequency
  • Payment method type (e.g., credit card, debit card, digital wallet) — note: full payment card numbers are processed by our payment processors and are not stored on our servers
  • Transaction amounts, dates, and confirmation numbers
  • Delivery instructions and special requests

2.3 Usage and Behavioral Data

As you interact with our website, we automatically collect information such as:

  • Pages visited and content viewed
  • Time spent on pages and navigation paths
  • Search queries entered on our platform
  • Links clicked and features used
  • Timestamps of visits and session duration
  • Referral source (e.g., how you arrived at our website)

2.4 Device and Technical Information

We automatically collect technical data from your device, including:

  • IP address
  • Browser type and version
  • Operating system and device type (desktop, mobile, tablet)
  • Screen resolution
  • Device identifiers
  • Internet service provider (ISP)
  • Geographic location data (city/region level, derived from IP address)

2.5 Location Data

With your permission, we may collect precise geolocation data from your mobile device to facilitate delivery services, show nearby locations, or provide location-based features. You may disable location sharing through your device settings at any time, although this may affect certain features.

2.6 Communications Data

When you contact our customer support team or engage with us via email, chat, or phone, we may retain:

  • The content of your messages or inquiries
  • Records of your communications with us
  • Any attachments or images you send to us
  • Your feedback, reviews, or survey responses

2.7 Cookies and Tracking Technologies

We use cookies, web beacons, pixels, and similar tracking technologies to collect data about your browsing behavior and preferences. For more details, please refer to Section 9 of this Privacy Policy, which is dedicated to cookie usage.

2.8 Information From Third Parties

We may receive information about you from third-party sources, including:

  • Social media platforms (if you use social login features such as "Sign in with Google" or "Sign in with Facebook")
  • Payment processors and fraud prevention services
  • Delivery and logistics partners
  • Marketing and advertising partners
  • Analytics providers

3. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes. Below is a detailed explanation of why and how we process your data:

3.1 Service Provision and Order Fulfillment

  • Processing and confirming food orders placed through our website
  • Coordinating delivery to your specified address
  • Communicating order status, delays, or updates
  • Managing your account and preferences
  • Responding to customer service inquiries and complaints
  • Facilitating refunds, replacements, or dispute resolution

3.2 Analytics and Service Improvement

  • Analyzing usage patterns to understand how customers interact with our platform
  • Identifying areas of improvement in our menu, website design, or checkout process
  • Conducting internal research and market analysis
  • Developing new products, features, or services
  • Measuring the performance of our website and marketing campaigns

3.3 Marketing and Communications

  • Sending promotional emails, offers, and newsletters (with your consent where required)
  • Delivering personalized recommendations based on your order history and preferences
  • Running loyalty programs, discount campaigns, and seasonal promotions
  • Sending transactional communications such as order confirmations and receipts
  • Retargeting and advertising to you across third-party platforms based on your interests

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting us at [email protected].

3.4 Legal and Compliance Purposes

  • Complying with applicable federal, state, and local laws and regulations
  • Responding to lawful requests from government authorities or law enforcement
  • Enforcing our Terms of Service and other agreements
  • Protecting the rights, property, or safety of Marcos, our users, and the public
  • Detecting, preventing, and investigating fraud, security incidents, or unauthorized activity

3.5 Personalization

  • Tailoring the content, menu suggestions, and promotions displayed to you
  • Remembering your preferences (such as dietary restrictions or favorite items)
  • Enhancing your overall experience on our platform

4. Legal Bases for Processing

We process your personal information based on the following legal grounds, consistent with applicable U.S. law and best practices:

  • Performance of a Contract: Processing is necessary to fulfill your order, provide services you have requested, or manage your account.
  • Legitimate Interests: We process data for our legitimate business interests, such as improving our services, preventing fraud, and conducting marketing, provided such interests do not override your privacy rights.
  • Consent: Where required by law, we obtain your express consent before processing certain types of data, such as for direct marketing communications or precise location tracking.
  • Legal Obligation: We process data to comply with our legal obligations under applicable law.

5. How We Share Your Information

We do not sell your personal information to third parties. However, we may share your data in the following circumstances:

5.1 Service Providers and Business Partners

We engage trusted third-party vendors to perform services on our behalf, including:

  • Payment processors (e.g., Stripe, PayPal) — to securely process transactions
  • Delivery and logistics partners — to fulfill food orders and track deliveries
  • Cloud hosting and infrastructure providers — to store and manage our data and website
  • Customer support tools — to manage communications and tickets
  • Email and messaging platforms — to send transactional and marketing communications
  • Analytics providers (e.g., Google Analytics) — to analyze platform usage and performance
  • Marketing and advertising platforms — to run targeted campaigns

All third-party service providers are contractually required to handle your data securely, use it only for the specified purpose, and comply with applicable privacy laws.

5.2 Legal Requirements and Law Enforcement

We may disclose your information when required to do so by law, including:

  • In response to a court order, subpoena, or lawful government request
  • To comply with legal obligations under federal or state law
  • To protect the rights, property, or safety of Marcos, our employees, users, or others
  • In connection with investigations of fraud, abuse, or illegal activity

5.3 Business Transfers

If Marcos undergoes a merger, acquisition, asset sale, bankruptcy, or other business restructuring, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website if this occurs and inform you of any changes to this Privacy Policy that may result.

5.4 With Your Consent

In all other cases not described above, we will only share your personal information with your explicit consent.

6. Data Security

We take the security of your personal information seriously and have implemented a range of technical, administrative, and physical safeguards to protect your data from unauthorized access, use, disclosure, alteration, or destruction.

6.1 Technical Safeguards

  • All data transmitted between your browser and our website is encrypted using SSL/TLS (Secure Sockets Layer / Transport Layer Security) technology.
  • Payment information is handled by PCI-DSS compliant payment processors.
  • Passwords are stored using industry-standard one-way hashing algorithms.
  • We implement firewalls, intrusion detection systems, and access controls on our servers.
  • We conduct regular security audits and vulnerability assessments.

6.2 Administrative Safeguards

  • Access to personal data is restricted to employees and contractors who need it to perform their duties.
  • All staff are trained on data privacy and security best practices.
  • We maintain data processing agreements with all third-party vendors who handle personal data.

6.3 Limitations

Despite our best efforts, no security system is completely impenetrable. We cannot guarantee absolute security of your data. In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, including applicable state data breach notification laws.

7. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law, including the CCPA/CPRA for California residents.

7.1 Right to Know and Access

You have the right to request information about what personal data we have collected about you, including the categories of data, the purposes for which it was collected, the categories of third parties with whom it has been shared, and specific pieces of personal information we hold about you.

7.2 Right to Correction

You have the right to request that we correct inaccurate or incomplete personal information we hold about you. You may also update much of your account information directly through your account dashboard.

7.3 Right to Deletion

You have the right to request that we delete your personal information, subject to certain exceptions. For example, we may be required to retain data to fulfill legal obligations, complete pending transactions, or maintain security.

7.4 Right to Data Portability

You may request a copy of the personal information you have provided to us in a structured, commonly used, and machine-readable format, where technically feasible.

7.5 Right to Opt Out of Sale or Sharing

Under the CCPA/CPRA, California residents have the right to opt out of the "sale" or "sharing" of their personal information for cross-context behavioral advertising. We do not sell your personal information. However, if we engage in data sharing that may qualify under these definitions, we will provide a "Do Not Sell or Share My Personal Information" link on our website.

7.6 Right to Limit Use of Sensitive Personal Information

California residents have the right to limit our use of sensitive personal information (such as precise geolocation, payment card data, or health data) to purposes necessary to provide our services.

7.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you services, charge you different prices, or provide a lower level of service because you have exercised your rights under applicable privacy law.

7.8 How to Submit a Request

To exercise any of the rights listed above, please contact us by:

We will verify your identity before fulfilling any request to protect the security of your data. We will respond to your request within 45 days, and if we need additional time, we will notify you of the extension within the initial 45-day period.

You may designate an authorized agent to submit a request on your behalf. The agent must provide written authorization signed by you, and we may require you to verify your identity directly.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods we apply are as follows:

Data Category Retention Period
Account Information For the duration of your account, plus 3 years after account closure
Order and Transaction History 7 years (for tax, accounting, and legal compliance purposes)
Customer Support Communications 3 years from the date of the last communication
Marketing Preferences and Consent Records 3 years after the last interaction or opt-out
Website Usage and Analytics Data 2 years (aggregated or anonymized data may be retained longer)
Payment Records 7 years (as required for financial and tax records)
Security and Fraud Prevention Logs 2 years

After the applicable retention period expires, we will securely delete or anonymize your personal information in accordance with our internal data retention and disposal procedures.

9. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and support our marketing activities. This section provides a summary of our cookie practices.

9.1 What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They allow websites to recognize your device, remember your preferences, and collect information about your usage patterns.

9.2 Types of Cookies We Use

  • Essential Cookies: Required for the website to function properly (e.g., session management, shopping cart, login authentication). These cannot be disabled without affecting website functionality.
  • Performance and Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics). Data is collected in an aggregated, anonymized format where possible.
  • Functional Cookies: Remember your preferences (e.g., language settings, saved addresses, dietary preferences) to personalize your experience.
  • Marketing and Advertising Cookies: Used to deliver relevant advertisements to you on third-party platforms and to measure the effectiveness of our campaigns.

9.3 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. Please be aware that disabling certain cookies may impact the functionality of our website, including your ability to place orders or log into your account.

You may also opt out of interest-based advertising through industry opt-out tools such as the Digital Advertising Alliance (DAA) at optout.aboutads.info or the Network Advertising Initiative (NAI) at optout.networkadvertising.org.

For more detailed information about our cookie practices, please refer to our dedicated Cookie Policy, available on our website.

10. Children's Privacy

Our website and services are intended exclusively for individuals who are 18 years of age or older. We do not knowingly collect, solicit, or process personal information from children under the age of 13, as protected under the Children's Online Privacy Protection Act (COPPA), or from individuals under 18 in general.

If we become aware that we have inadvertently collected personal information from a child under the age of 13 without verifiable parental consent, we will take immediate steps to delete such information from our records. If you believe we may have collected information from a child, please contact us immediately at [email protected].

Parents or guardians who become aware that their child has provided us with personal information without their consent are encouraged to contact us so we can take appropriate action.

11. International Data Transfers

Marcos is based in the United States, and your personal information is primarily collected, stored, and processed within the United States. However, some of our third-party service providers, including analytics platforms, cloud hosting providers, and marketing tools, may operate in or transfer data to countries outside the United States.

If your data is transferred internationally, we take steps to ensure it receives an adequate level of protection, including through the use of contractual safeguards and data processing agreements with our vendors. By using our services, you acknowledge that your information may be transferred to and processed in countries other than your country of residence, where data protection laws may differ from those in your jurisdiction.

If you have questions about international data transfers or the safeguards we have in place, please contact us at [email protected].

12. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, or services that are not operated or controlled by Marcos. This Privacy Policy applies only to our website and services. When you click on a third-party link, you will be redirected to that third party's website, which is governed by its own privacy policy.

We are not responsible for the privacy practices of any third-party websites and strongly encourage you to review the privacy policies of any sites you visit. The inclusion of a link on our website does not imply our endorsement of the third party's privacy practices.

13. Contact Us for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please do not hesitate to contact our privacy team using the information below:

We take all privacy inquiries seriously and will endeavor to respond to your request within 45 days of receipt. If we require additional time to respond, we will notify you of the reason and the expected timeline.

14. Filing a Complaint With a Data Protection Authority

If you are a California resident and believe that we have violated your privacy rights under the CCPA/CPRA, you have the right to file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office.

  • California Privacy Protection Agency (CPPA):
    Website: cppa.ca.gov
    Address: 2101 Arena Blvd., Sacramento, CA 95834
  • California Attorney General's Office — Privacy Enforcement:
    Website: oag.ca.gov/privacy

For residents of other states, you may also have rights under applicable state privacy laws and may contact your state's Attorney General or relevant consumer protection authority for guidance.

For general consumer protection concerns at the federal level, you may contact the Federal Trade Commission (FTC):

  • Federal Trade Commission:
    Website: ftc.gov
    Phone: 1-877-382-4357

We encourage you to contact us directly first so that we have the opportunity to address your concerns before you escalate to a regulatory authority.

15. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals to websites that you do not want to be tracked across different websites. Currently, there is no universal standard for responding to DNT signals. Our website does not currently respond to DNT browser signals or other mechanisms that provide a choice regarding the collection of personally identifiable information. However, you may manage your cookie preferences as described in Section 9 of this policy.

16. Changes to This Privacy Policy

We reserve the right to update, modify, or revise this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or service offerings. When we make material changes to this policy, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email (if we have your email address on file)
  • Display a prominent notice on our website for a reasonable period following the update

Your continued use of our website and services after the effective date of any updated Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

If the changes materially affect the way we handle your personal information and we are required by law to obtain your consent, we will seek your consent before the new practices take effect.

17. Governing Law

This Privacy Policy is governed by the laws of the United States of America. Any disputes arising from or related to this Privacy Policy or our data practices shall be subject to applicable federal and state law. Where state-specific rights apply, including those under the CCPA/CPRA for California residents, those rights are hereby recognized and respected.

This Privacy Policy was last updated on June 12, 2026. © 2026 Marcos. All rights reserved.