Privacy Policy

Effective Date: May 28, 2026  |  Last Updated: May 28, 2026

1. Introduction and About Us

Welcome to Taco Time. We are a food service business operating in the United States, committed to serving our customers with quality food and an exceptional dining experience. We understand that your privacy is critically important, and we take our responsibilities as a data steward seriously.

This Privacy Policy governs the collection, processing, storage, and sharing of personal information by Taco Time through our website meal-tacotime.click, our online ordering systems, mobile applications, in-store interactions, loyalty programs, marketing communications, and any other services we provide (collectively, the "Services").

This policy is drafted in compliance with applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission (FTC) Act, the CAN-SPAM Act, and the Children's Online Privacy Protection Act (COPPA).

1.1 Contact Information

Company Name Taco Time
Address United States
Phone Not provided
Email [email protected]
Website meal-tacotime.click

2. Information We Collect

We collect various types of information in connection with the Services we provide. This information falls into several broad categories, described in detail below.

2.1 Personal Identification Information

When you create an account, place an order, sign up for our loyalty program, or contact us, we may collect the following personal identification information:

  • Full name – used to personalize your experience and process orders.
  • Email address – used for order confirmations, receipts, and marketing communications.
  • Phone number – used for order updates, customer support, and promotional messages (with your consent).
  • Mailing address and delivery address – used for delivery orders and billing purposes.
  • Date of birth – used for age verification and loyalty program benefits.
  • Username and password – used to secure your account.
  • Profile photo (if voluntarily uploaded) – used to personalize your profile.

2.2 Payment and Financial Information

When you make a purchase through our website or app, we collect payment-related information necessary to process your transaction, including:

  • Credit or debit card details (processed through secure third-party payment processors; we do not store full card numbers).
  • Billing address.
  • Transaction history and purchase records.
  • Gift card and loyalty point balances.

2.3 Order and Food Preference Information

As a food business, we collect information about your ordering habits and preferences, including:

  • Menu items ordered, modifications requested, and dietary preferences.
  • Order frequency and time of orders.
  • Favorite items and saved orders.
  • Feedback, ratings, and reviews you submit about our food or services.
  • Allergy and dietary restriction information (if voluntarily provided).

2.4 Usage Data and Technical Information

When you visit our website or use our mobile application, we automatically collect certain technical and usage information, including:

  • IP address – used for security, fraud prevention, and geographic analytics.
  • Browser type and version – used to optimize our website's performance.
  • Operating system – used to ensure compatibility with our Services.
  • Device identifiers – including hardware model, unique device ID, and mobile network information.
  • Referring URLs – websites or links that directed you to our site.
  • Pages visited – used to understand user behavior and improve the website.
  • Time and date of access – used for analytics and security monitoring.
  • Clickstream data – the sequence of pages you visit on our website.
  • Session duration – how long you spend on various pages.

2.5 Location Data

With your permission, we may collect precise or approximate geolocation data from your device. Location data is used to:

  • Find the nearest Taco Time location to you.
  • Enable delivery services to your address.
  • Provide location-based promotional offers.
  • Improve our delivery logistics and operations.

You may disable location access at any time through your device settings. However, disabling location services may limit certain features of our app or website.

2.6 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your online activity. For a comprehensive description of our cookie practices, please refer to our Cookie Policy. In brief, we use:

  • Essential cookies – necessary for the website to function properly.
  • Analytical/performance cookies – to understand how visitors interact with our website.
  • Functional cookies – to remember your preferences and settings.
  • Targeting/advertising cookies – to deliver relevant advertisements and measure campaign effectiveness.

2.7 Communications and Customer Support Data

If you contact us via email, phone, live chat, or social media, we may collect:

  • The content of your messages, inquiries, and complaints.
  • Records of previous interactions with our customer support team.
  • Survey responses and feedback form submissions.

2.8 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Social media platforms (e.g., if you log in using a social media account).
  • Third-party food delivery platforms.
  • Marketing and analytics partners.
  • Fraud detection and identity verification services.

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Service Provision and Order Fulfillment

  • Processing and fulfilling your food orders, including delivery and pickup.
  • Managing your account and providing access to account features.
  • Processing payments and sending receipts and order confirmations.
  • Administering loyalty programs and rewards.
  • Providing customer support and responding to inquiries.
  • Facilitating in-store experiences and loyalty redemptions.

3.2 Analytics and Service Improvement

  • Analyzing usage patterns to improve our website, app, and menu offerings.
  • Conducting internal research and analytics to understand customer preferences.
  • Testing new features, menu items, and promotional offers.
  • Monitoring system performance and diagnosing technical issues.
  • Measuring the effectiveness of our advertising campaigns.

3.3 Marketing and Promotions

  • Sending promotional emails, newsletters, and special offers (with your consent where required).
  • Sending SMS marketing messages (with your explicit opt-in consent).
  • Displaying personalized advertisements on our website, app, and third-party platforms.
  • Notifying you about new menu items, seasonal specials, and events.
  • Administering contests, sweepstakes, and promotions.

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in our emails, texting "STOP" to our SMS messages, or contacting us at [email protected].

3.4 Legal Compliance and Safety

  • Complying with applicable federal and state laws and regulations.
  • Detecting, preventing, and investigating fraud, abuse, and security incidents.
  • Enforcing our Terms of Service and other agreements.
  • Responding to lawful requests from government authorities and law enforcement.
  • Protecting the rights, property, and safety of Taco Time, our customers, and the public.

3.5 Personalization

  • Personalizing your experience on our website and app based on your preferences and order history.
  • Recommending menu items and offers tailored to your tastes.
  • Saving your preferences and frequently ordered items for convenience.

4. How We Share Your Information

We do not sell your personal information to third parties for their own independent marketing purposes. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party service providers who perform functions on our behalf. These providers have access to your personal information only as necessary to perform their services and are contractually obligated to protect your data. Categories of service providers include:

  • Payment processors – to securely process credit and debit card transactions.
  • Delivery and logistics partners – to fulfill delivery orders.
  • Cloud hosting providers – to store and process data on secure servers.
  • Email and SMS marketing platforms – to send promotional communications.
  • Analytics providers – such as Google Analytics, to analyze website traffic.
  • Customer support software providers – to manage customer inquiries.
  • Fraud prevention and security services – to protect against unauthorized activities.
  • Advertising networks – to deliver relevant advertisements to our customers.

4.2 Legal Requirements

We may disclose your personal information when we believe disclosure is necessary to:

  • Comply with any applicable law, regulation, subpoena, court order, or legal process.
  • Respond to lawful requests by public authorities, including law enforcement agencies.
  • Enforce our Terms of Service, this Privacy Policy, or other agreements.
  • Investigate potential violations of our policies.
  • Protect against harm to the rights, property, or safety of Taco Time, our users, or the public.

4.3 Business Transfers

In the event of a merger, acquisition, asset sale, financing, restructuring, or bankruptcy involving Taco Time, your personal information may be transferred as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with additional third parties when we have obtained your explicit consent to do so.

4.5 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you with third parties for research, marketing, or analytics purposes. This does not constitute a "sale" of personal information under applicable law.

5. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, use, alteration, and disclosure.

5.1 Security Measures We Employ

  • SSL/TLS encryption – All data transmitted between your browser and our servers is encrypted using industry-standard Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols.
  • Data encryption at rest – Sensitive data stored on our servers is encrypted using AES-256 encryption or equivalent standards.
  • Access controls – We restrict access to personal information to authorized employees who need it to perform their job functions.
  • Multi-factor authentication (MFA) – Used for internal administrative access to sensitive systems.
  • Regular security audits – We conduct periodic security assessments and vulnerability testing.
  • PCI-DSS compliance – Our payment processing systems comply with Payment Card Industry Data Security Standards.
  • Incident response plan – We have procedures in place to identify, contain, and respond to data security incidents.
  • Employee training – All employees who handle personal data receive privacy and security training.

5.2 Limitations

Despite our best efforts, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

6. Your Privacy Rights

Depending on your state of residence within the United States, you may have various rights regarding your personal information. We are committed to honoring these rights in compliance with applicable law.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom we share your data.
  • Right to Delete: You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
  • Right to Opt-Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell your personal information; however, certain advertising practices may constitute "sharing" under the CPRA.
  • Right to Limit Use of Sensitive Personal Information: You may have the right to limit our use of your sensitive personal information to certain permitted purposes.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights, including by denying services, charging different prices, or providing a different level of service quality.
  • Right to Data Portability: You have the right to receive a copy of your personal information in a portable, readily usable format.

6.2 Rights Available to All U.S. Customers

Regardless of your state of residence, we voluntarily offer the following rights to all our customers:

  • Right to Access: You may request a copy of the personal information we hold about you.
  • Right to Correction: You may request that we correct inaccurate or incomplete personal information.
  • Right to Deletion: You may request that we delete your personal information, subject to legal obligations requiring us to retain certain data.
  • Right to Opt-Out of Marketing: You may opt out of promotional communications at any time.

6.3 How to Exercise Your Rights

To exercise any of the rights described above, please contact us using one of the following methods:

We will verify your identity before processing your request. We may ask you to provide certain information to confirm your identity, such as your email address, account information, or answers to security questions. We will respond to verified requests within 45 days of receipt. If we require additional time, we will notify you within the initial 45-day period.

You may designate an authorized agent to submit a request on your behalf. The authorized agent must provide written authorization from you, and we may require you to verify your identity directly with us.

7. Cookie Policy Summary

Cookies are small text files placed on your device when you visit our website. We use cookies and similar tracking technologies for various purposes, including to keep you logged in, remember your preferences, understand how you use our site, and deliver targeted advertising.

7.1 Types of Cookies We Use

Cookie Type Purpose Duration
Strictly Necessary Enable core website functionality such as login sessions and shopping cart. Session / Up to 1 year
Analytics Track website traffic and user behavior (e.g., Google Analytics). Up to 2 years
Functional Remember your preferences, language settings, and saved orders. Up to 1 year
Advertising/Targeting Deliver personalized ads and measure campaign performance. Up to 1 year

You can manage your cookie preferences through our cookie consent banner displayed when you first visit our website, or through your browser settings. Note that disabling certain cookies may affect the functionality of our website. For more details, please review our full Cookie Policy.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods vary depending on the type of data and the purpose for which it is collected.

8.1 Retention Schedule

Data Category Retention Period Reason
Account information Duration of account + 3 years after closure Legal obligations and dispute resolution
Order and transaction history 7 years Tax, accounting, and legal requirements
Payment records 7 years Financial regulations and tax law compliance
Marketing preferences Until opt-out + 1 year Compliance with opt-out requests
Usage and analytics data Up to 2 years Analytics and service improvement
Customer support records 3 years from last interaction Quality assurance and dispute resolution
Security and fraud logs Up to 5 years Security monitoring and legal defense

When your personal information is no longer needed, we will securely delete or anonymize it in accordance with our data disposal procedures.

9. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA) and applicable state laws, we do not intentionally collect personal information from children under 13. If we become aware that we have inadvertently collected personal information from a child under 13 without verified parental consent, we will take immediate steps to delete that information from our records.

If you are between the ages of 13 and 17, you must have parental or guardian consent before using our Services. Parents and guardians who believe that their child has provided us with personal information without their consent should contact us immediately at [email protected] so that we can take appropriate action.

We encourage parents and guardians to monitor their children's online activities and to help enforce this policy.

10. International Data Transfers

Taco Time is based in the United States, and all data collected through our Services is primarily processed and stored within the United States. Our servers and service providers may be located in various states across the country.

If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your home country. By using our Services, you acknowledge and consent to the transfer of your information to the United States.

When we transfer data internationally, we take appropriate safeguards to ensure that your personal information receives adequate protection, including:

  • Using service providers who are contractually bound to handle data in compliance with applicable laws.
  • Implementing appropriate technical and organizational security measures.
  • Limiting data transfers to what is strictly necessary for the provision of our Services.

11. Third-Party Links and Services

Our website and app may contain links to third-party websites, social media platforms, or other external services that are not operated by us. For example, you may be redirected to a third-party payment processor, a delivery platform, or a social media page.

This Privacy Policy does not apply to those third-party services. We encourage you to review the privacy policies of any third-party websites or services you visit. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party services.

12. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites requesting that your browsing activity not be tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. Our website does not currently respond to DNT browser signals. However, you may opt out of certain tracking activities through our cookie consent tool and the opt-out mechanisms described in this policy.

13. Your Choices and Opt-Out Options

We respect your right to control how your personal information is used. You have the following choices:

  • Marketing Emails: Click the "unsubscribe" link in any marketing email or contact us at [email protected].
  • SMS Messages: Reply "STOP" to any text message from us to opt out of SMS marketing.
  • Push Notifications: Disable push notifications through your device settings or within our app settings.
  • Cookies: Manage your cookie preferences through our cookie consent banner or browser settings.
  • Account Deletion: Request deletion of your account and associated personal information by contacting us at [email protected].
  • Interest-Based Advertising: Opt out of interest-based advertising through the Digital Advertising Alliance's opt-out tool at optout.aboutads.info.
  • Google Analytics: Opt out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

Please note that opting out of certain communications does not mean you will stop receiving transactional communications, such as order confirmations and receipts, which are necessary for us to provide our Services.

14. How to File a Complaint

If you believe that your privacy rights have been violated or that we have not handled your personal information in accordance with this Privacy Policy or applicable law, we encourage you to contact us first so that we have an opportunity to address your concerns.

14.1 Contact Us Directly

Please submit privacy-related complaints or inquiries to:

We will acknowledge receipt of your complaint within 10 business days and work to resolve it within 45 days.

14.2 Filing a Complaint with Regulatory Authorities

If you are not satisfied with our response, or if you believe your rights under applicable law have been violated, you may file a complaint with the relevant regulatory authority:

  • California residents may contact the California Privacy Protection Agency (CPPA):
    Website: cppa.ca.gov
    Email: [email protected]
  • All U.S. consumers may file a complaint with the Federal Trade Commission (FTC):
    Website: reportfraud.ftc.gov
    Phone: 1-877-FTC-HELP (1-877-382-4357)
  • Depending on your state of residence, you may also have the right to contact your state's Attorney General office for privacy-related complaints.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this policy, we will:

  • Update the "Last Updated" date at the top of this page.
  • Post a prominent notice on our website or send you an email notification (where appropriate).
  • For material changes that significantly affect your rights, obtain your consent where required by law.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

16. Legal Basis for Processing

While the United States does not currently have a comprehensive federal privacy law equivalent to the EU's GDPR, we process your personal data based on the following justifications under applicable U.S. law:

  • Contractual necessity: Processing required to fulfill your orders and deliver our Services.
  • Legitimate business interests: Processing for fraud prevention, security, analytics, and service improvement.
  • Legal compliance: Processing required to comply with applicable federal and state laws.
  • Consent: Processing for marketing communications and optional features, where you have given explicit consent.

17. Contact Information for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our privacy team using the information below. We are committed to addressing your privacy concerns promptly and transparently.

Privacy Contact Information

Company: Taco Time

Email: [email protected]

Website: meal-tacotime.click

Response Time: We aim to respond to all privacy inquiries within 10 business days.