Privacy Policy

Effective Date: June 24, 2026  |  Last Updated: June 24, 2026

This Privacy Policy describes how we collect, use, disclose, and protect your personal information when you visit our website at modhouse.rest, use our online ordering platform, visit our restaurant locations, or otherwise interact with our services. Please read this policy carefully to understand our practices regarding your personal data and how we will treat it.

By accessing or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms described herein, please discontinue your use of our services immediately.

1. Who We Are

We operate the website modhouse.rest and provide food services to customers across the United States. For all privacy-related matters, we serve as the data controller responsible for your personal information collected through our platforms and physical locations.

You may contact us regarding privacy concerns at:

2. Scope of This Privacy Policy

This Privacy Policy applies to:

  • Visitors to our website at modhouse.rest
  • Customers who place orders online or through our mobile platforms
  • Guests who dine at our restaurant locations
  • Individuals who sign up for our loyalty programs, newsletters, or promotional communications
  • Job applicants who submit applications through our website or in person
  • Any individual whose personal data we process in connection with our business operations

This policy does not apply to third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party services you access through links on our platform.

3. Information We Collect

We collect various categories of personal information depending on how you interact with us. Below is a comprehensive breakdown of the types of data we may collect:

3.1 Personal Identification Information

  • Name: First and last name provided during account registration or order placement
  • Email Address: Used for order confirmations, account management, and marketing communications
  • Phone Number: Used for order updates, customer service, and optional SMS marketing
  • Mailing Address: Collected for delivery orders and billing purposes
  • Date of Birth: Collected where applicable for age verification or promotional offers
  • Username and Password: For securing your online account with us

3.2 Payment and Financial Information

  • Credit and debit card information (processed securely through PCI-DSS compliant payment processors)
  • Digital wallet identifiers (such as Apple Pay or Google Pay transaction tokens)
  • Billing address and payment history
  • Gift card numbers and balances

Please note that we do not store full payment card numbers on our servers. Payment processing is handled by certified third-party payment processors.

3.3 Order and Transaction Data

  • Your food order history, including items ordered, customizations, and frequency of purchases
  • Order timestamps, order values, and fulfillment method (dine-in, carry-out, delivery)
  • Loyalty points earned and redeemed
  • Promotional codes or discounts applied to orders
  • Special dietary preferences or instructions submitted with your orders

3.4 Usage and Behavioral Data

When you visit our website or use our digital services, we automatically collect certain technical and behavioral data, including:

  • IP address and approximate geographic location derived from IP
  • Browser type and version
  • Operating system and device type
  • Pages visited, time spent on each page, and navigation paths
  • Referring URL (the website that directed you to ours)
  • Search queries entered on our website
  • Links clicked and buttons interacted with
  • Scroll depth and session duration

3.5 Device Information

  • Device identifiers such as IDFA (Identifier for Advertisers) or Android Advertising ID
  • Mobile network information
  • Screen resolution and display settings
  • Language and locale preferences set on your device
  • App version if using a mobile application

3.6 Location Data

  • Precise geolocation data (only when you grant explicit permission through your device settings)
  • General location data inferred from your IP address
  • Location used to identify nearby restaurant locations and estimate delivery ranges

3.7 Communications Data

  • Messages you send us through contact forms, email, or customer service channels
  • Records of phone calls with our customer service team
  • Social media interactions and messages sent to our business accounts
  • Survey responses and feedback submissions
  • Reviews and ratings you submit for our food or services

3.8 Information Collected In-Restaurant

  • Video surveillance footage from our restaurant locations (for security purposes)
  • Point-of-sale transaction data when paying in-person
  • Loyalty card swipes or scans

3.9 Information from Third Parties

We may receive personal information about you from third-party sources, including:

  • Food delivery platform partners (such as DoorDash, Uber Eats, or Grubhub)
  • Social media platforms when you interact with our content or use social login features
  • Marketing partners and data brokers who provide demographic and interest-based data
  • Public sources such as business directories
  • Analytics providers who help us understand website traffic patterns

4. How We Use Your Information

We use the personal information we collect for the following purposes:

4.1 Providing and Managing Our Services

  • Processing and fulfilling your food orders accurately and efficiently
  • Creating and maintaining your customer account
  • Facilitating loyalty program enrollment and reward redemption
  • Processing payments and issuing receipts or invoices
  • Coordinating delivery through our platform or third-party delivery partners
  • Managing catering orders and large-group reservations

4.2 Customer Communications

  • Sending order confirmations, updates, and receipts via email or SMS
  • Responding to your inquiries, complaints, or feedback
  • Notifying you of changes to our menu, hours, or locations
  • Sending important service-related announcements

4.3 Marketing and Promotional Activities

  • Sending you newsletters, special offers, and promotional emails (where you have opted in or where permitted by law)
  • Displaying personalized advertisements on our website and on third-party platforms
  • Conducting marketing campaigns and loyalty promotions
  • Retargeting campaigns based on your browsing and order history

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at [email protected].

4.4 Analytics and Business Improvement

  • Analyzing website traffic, user behavior, and ordering patterns to improve our services
  • Conducting market research and customer satisfaction surveys
  • Testing new features, menu items, or website designs
  • Generating aggregated, anonymized reports for internal business purposes
  • Improving the performance and functionality of our digital platforms

4.5 Legal and Compliance Purposes

  • Complying with applicable federal, state, and local laws and regulations
  • Responding to lawful requests from law enforcement or government authorities
  • Enforcing our Terms of Service and other legal agreements
  • Detecting, preventing, and investigating fraud or security incidents
  • Protecting the rights, property, and safety of our customers, employees, and the public

4.6 Personalization

  • Remembering your preferences and previous orders to streamline future ordering
  • Recommending menu items based on your order history and stated preferences
  • Customizing your website experience based on your location and browsing history

5. Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to enhance your experience on our website and to gather data for analytics and marketing purposes.

5.1 Types of Cookies We Use

Cookie Type Purpose Duration
Strictly Necessary Essential for the website to function, including shopping cart, login sessions, and security features Session to 1 year
Performance / Analytics Track how visitors use our website, which pages are most visited, and help us improve performance Up to 2 years
Functional Remember your preferences such as language, location, and previous orders Up to 1 year
Marketing / Targeting Used to deliver relevant advertisements and track ad campaign effectiveness Up to 2 years

You can control cookie settings through your browser preferences. Please note that disabling certain cookies may affect the functionality of our website. For detailed information about our cookie practices, please refer to our Cookie Policy, available on our website.

6. Sharing Your Information with Third Parties

We do not sell your personal information for monetary consideration. However, we may share your data with trusted third parties in the following circumstances:

6.1 Service Providers and Business Partners

We engage carefully vetted third-party service providers who assist us in operating our business. These providers are contractually obligated to use your data only as directed by us and in accordance with this Privacy Policy. Categories of service providers include:

  • Payment Processors: To securely handle payment card transactions
  • Delivery Partners: DoorDash, Uber Eats, Grubhub, and similar platforms who fulfill delivery orders
  • Email and SMS Marketing Platforms: To send communications on our behalf
  • Analytics Providers: Such as Google Analytics, to analyze website usage
  • Customer Support Platforms: To manage and respond to customer inquiries
  • Cloud Hosting Providers: Who store and manage our digital infrastructure
  • Loyalty Program Administrators: Who manage reward tracking and redemption

6.2 Advertising Partners

We may share hashed or anonymized identifiers with digital advertising partners for the purpose of displaying targeted advertisements on third-party platforms such as Google, Facebook, Instagram, and similar networks. These partners operate under their own privacy policies.

6.3 Legal Requirements and Law Enforcement

We may disclose your personal information when we believe in good faith that disclosure is necessary to:

  • Comply with a legal obligation, court order, subpoena, or government investigation
  • Enforce our Terms of Service or other agreements
  • Protect and defend the rights or property of our business
  • Prevent or investigate possible wrongdoing in connection with our services
  • Protect the personal safety of our customers, employees, or the public

6.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website prior to any such transfer if your data becomes subject to a materially different privacy policy.

6.5 With Your Consent

We may share your information with other third parties with your explicit consent or at your direction, such as when you participate in a co-branded promotion or third-party sweepstakes.

7. Data Security

We take the security of your personal information seriously and implement a comprehensive set of administrative, technical, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, or destruction.

7.1 Security Measures We Employ

  • Encryption: All data transmitted between your browser and our servers is encrypted using Transport Layer Security (TLS) protocol
  • PCI-DSS Compliance: Our payment processing systems adhere to Payment Card Industry Data Security Standards
  • Access Controls: Personal data is accessible only to authorized personnel who require it to perform their job duties
  • Secure Data Storage: Personal data is stored on secured servers with firewalls and intrusion detection systems
  • Employee Training: All staff with access to personal data receive regular training on data privacy and security practices
  • Vulnerability Testing: We conduct regular security assessments and penetration testing of our digital systems
  • Incident Response: We maintain a formal data breach response plan in compliance with applicable breach notification laws

While we employ industry-standard security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to protecting your information using commercially reasonable means.

In the event of a data breach that affects your personal information, we will notify you in accordance with applicable state data breach notification laws, including relevant requirements under state-specific statutes across the United States.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting obligations. The following general retention periods apply:

Data Category Retention Period
Account information Duration of account plus 3 years after account closure
Order and transaction history 7 years (for tax and accounting purposes)
Payment records 7 years
Marketing preferences and opt-outs Indefinitely (to honor your preferences)
Customer service communications 3 years
Website usage and analytics data 26 months
CCTV/Security footage 30 to 90 days depending on location
Legal hold data Duration of legal proceedings plus applicable statute of limitations

When your personal data is no longer required, we will securely delete or anonymize it so it can no longer be associated with you.

9. Your Rights and Choices

Depending on your state of residence within the United States, you may have certain rights regarding your personal information. We honor these rights in accordance with applicable federal and state privacy laws.

9.1 Rights Under the California Consumer Privacy Act (CCPA) / California Privacy Rights Act (CPRA)

If you are a resident of California, you have the following rights under the CCPA/CPRA:

  • Right to Know: You may request information about the categories and specific pieces of personal information we have collected about you, the sources, the purposes of collection, and the categories of third parties with whom we share it.
  • Right to Delete: You may request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: You may request correction of inaccurate personal information we maintain about you.
  • Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
  • Right to Limit Use of Sensitive Personal Information: You may request that we limit use of sensitive personal information to what is necessary for providing our services.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights.

9.2 Rights Available to All U.S. Customers

Regardless of your state of residence, we honor the following rights where technically feasible:

  • Right to Access: Request a copy of the personal information we hold about you
  • Right to Correction: Request that we correct inaccurate or incomplete personal information
  • Right to Deletion: Request that we delete your personal information, subject to legal retention requirements
  • Right to Data Portability: Request your personal information in a structured, commonly used, and machine-readable format
  • Right to Opt-Out of Marketing: Unsubscribe from marketing emails at any time
  • Right to Withdraw Consent: Where processing is based on consent, withdraw that consent at any time

9.3 How to Exercise Your Rights

To exercise any of the rights described above, please submit a verifiable consumer request by:

  • Email: [email protected]
  • Website: modhouse.rest (via our privacy request form, where available)

We will respond to your request within 45 days of receipt. In certain circumstances, we may require an additional 45 days to respond, in which case we will notify you of the extension. We may need to verify your identity before processing your request by asking you to confirm certain account information.

You may designate an authorized agent to submit a request on your behalf. We will require proof of the agent's authorization and may verify your identity directly.

10. Children's Privacy

Important Notice: Our online services are intended for individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13 without verifiable parental consent, in compliance with the Children's Online Privacy Protection Act (COPPA).

If you are a parent or guardian and believe that your child under the age of 13 has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to investigate and delete such information from our records.

If you are between the ages of 13 and 17, you may use our in-restaurant services with parental supervision, but we encourage parents or guardians to supervise any online account creation or digital ordering activities.

11. International Data Transfers

We are a United States-based business, and our primary data processing activities occur within the United States. However, some of our third-party service providers may process your personal data in other countries, which may have different data protection laws than those of your jurisdiction.

When we transfer personal data internationally, we take appropriate steps to ensure that your information is protected in accordance with applicable law and this Privacy Policy. Such steps may include:

  • Executing data processing agreements with international service providers
  • Implementing standard contractual clauses where applicable
  • Ensuring recipients maintain appropriate technical and organizational security measures

By using our services from outside the United States, you understand that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your home country.

12. Third-Party Links and Services

Our website and communications may contain links to third-party websites, applications, or services, including food delivery platforms, social media networks, and payment processors. These third-party services operate independently and are governed by their own privacy policies. We are not responsible for the privacy practices of third-party websites and encourage you to review their policies before providing any personal information.

When you use third-party delivery platforms such as DoorDash, Uber Eats, or Grubhub to place an order with us, your personal information is also subject to those platforms' privacy policies.

13. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites. Because there is currently no universally accepted standard for responding to DNT signals, our website does not alter its behavior in response to DNT signals at this time. However, you can control certain tracking through your browser settings and our cookie preference center.

We do honor Global Privacy Control (GPC) signals where required by applicable law, including the California Privacy Rights Act (CPRA), and will treat GPC signals as a valid opt-out of the sale or sharing of personal information from California residents.

14. FTC Act Compliance and Consumer Protection

We operate in compliance with the Federal Trade Commission Act and applicable FTC guidelines on privacy and data security. We do not engage in unfair or deceptive practices in connection with the collection, use, or sharing of your personal information. Our privacy practices are designed to be transparent, fair, and consistent with consumer expectations.

We adhere to applicable FTC guidance on behavioral advertising, including providing consumers with the ability to opt out of interest-based advertising and clearly disclosing our data practices in this policy.

15. State-Specific Privacy Rights

In addition to California rights described above, residents of certain other states may have similar privacy rights under their respective state laws:

15.1 Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Other State Laws

Residents of states with applicable consumer privacy laws may have the right to:

  • Confirm whether we are processing their personal data and access such data
  • Correct inaccuracies in their personal data
  • Delete personal data provided by or obtained about them
  • Obtain a portable copy of their personal data in a readily usable format
  • Opt out of the processing of personal data for targeted advertising, sale, or profiling
  • Appeal our decision regarding a privacy request

To exercise these rights, please contact us using the information provided in Section 16 of this policy. We will respond to your request in accordance with the timelines and requirements of applicable state law.

16. How to File a Complaint

If you believe we have violated your privacy rights, we encourage you to first contact us directly so we can address your concerns:

Email: [email protected]

Website: modhouse.rest

If you are not satisfied with our response, you may file a complaint with the appropriate data protection or consumer protection authority:

16.1 United States

  • Federal Trade Commission (FTC): You may file a complaint at reportfraud.ftc.gov or by calling 1-877-FTC-HELP (1-877-382-4357)
  • California residents: May contact the California Privacy Protection Agency (CPPA) at cppa.ca.gov or the California Attorney General's Office
  • Other states: Contact your state's Attorney General office or applicable consumer protection agency

17. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or business operations. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Post a prominent notice on our website at modhouse.rest
  • Send you an email notification if you have an account with us and the changes are significant

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information. Your continued use of our services after the effective date of any changes constitutes your acknowledgment of the updated policy.

18. Contact Us for Privacy Inquiries

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out to us. We are committed to addressing your privacy concerns promptly and transparently.

Privacy Contact Information
  • Email: [email protected]
  • Website: modhouse.rest
  • Response Time: We aim to respond to all privacy inquiries within 5 to 10 business days. For formal consumer rights requests, we will respond within the legally required timeframe (typically 45 days).

Effective Date of this Privacy Policy: June 24, 2026. This policy was drafted in compliance with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Children's Online Privacy Protection Act (COPPA), the Federal Trade Commission Act (FTC Act), and applicable state consumer privacy statutes.