PRIVACY POLICY
EL PATIO INTERNATIONAL’S PRIVACY POLICY
(LAST UPDATED JANUARY 21, 2022)
This Privacy Policy describes how El Patio International, Inc. (“El Patio International”, “El Patio”, “El Patio Restaurant”, "El Patio Argentine Restaurant", “we”, “our”, “us”, “EP”, “EPR”. "EPRewards") may collect, use, and disclose personal information of visitors who access or interact with our mobile application (“App”), if one is available, or our websites that link to this Privacy Policy, as well as other personal information about our customers. The App, those websites, our restaurants, and our related service offerings are referred to in this Privacy Policy as our “Services.”
By using our Services or otherwise providing personal information to us, you consent to the collection, use, disclosure and other handling of personal information described in this Privacy Policy, except for activities for which we first require your consent to be given through other means.
This Privacy Policy includes the following sections:
5. Security
7. Your Choices
8. Notice to California Residents
9. Links to Other Websites and Services and Social Logins
10. Changes to El Patio International’s Privacy Policy
11. Contact Us
1. COLLECTION OF INFORMATION
Information You Provide When you visit or interact with the Services, El Patio International may obtain certain personal information from you, such as:
-
Names, addresses, phone numbers, email addresses, and other identifiers;
-
Date of birth;
-
Records of your orders and other transactions with us;
-
Credit/debit/gift card number(s) and account information, including any associated billing address(es) and expiration date(s);
-
Information provided via surveys, focus groups, and/or other marketing research efforts;
-
Employer and/or other company affiliations (e.g., employer names, titles, work addresses, and other contact information);
-
Audio or visual information, such as CCTV images;
-
Precise location;
-
Other information described in the Information Collected Automatically section below (some of which is personal information); and
-
Any other information you provide to us, including user-generated content.
-
We may also create inferences from this information or from other personal information we hold.
-
If you submit someone else’s personal information to us (e.g., someone else’s contact information), you represent that you are authorized to provide this information to us.
Information Collected Automatically
We may collect certain information about you automatically when you visit or use our online Services, or when you interact with emails, advertisements, or other electronic messages we send to you through the Services. This information may include your IP address, device characteristics (including device identifiers), web browser characteristics, unique identifiers and other data stored in cookies, operating system details, language preference, referring URLs, length of visits, pages viewed, and other information that may be automatically accessible to us from your browser or device.
We may automatically collect this information using various tools and technologies such as cookies, web server logs, tags, SDKs, tracking pixels, local storage, JavaScript, APIs, session replay/screen capture (i.e., how you use and navigate the services, but not your keystroke data), and other similar technologies. Additional information on other technologies we may use is set forth below.
-
What is a cookie? A cookie is a piece of data that a website can send to your browser, which may then be stored on your device, sometimes with a code unique to your device. Cookies enable us and our vendors to (i) recognize your computer; (ii) store your preferences, settings, and other data; (iii) understand the web pages you have visited on our Services and elsewhere; (iv), enhance your user experience by delivering and measuring the effectiveness of content and advertising tailored to your interests; (v) perform searches and analytics; and (vi) assist with security and administrative functions.
-
What is a web server log? A web server log is a file where online activity is stored. It may be used for similar purposes.
-
What’s an SDK? An SDK is a set of tools and/or code that we embed in our applications and software to perform certain functions, such as allowing us or third parties to collect information about how users interact with our Services.
-
What are Tags or tracking pixels? Tags or tracking pixels (sometimes also referred to as web beacons or clear GIFs) are small code (sometimes containing, generating, or detecting a unique identifier) embedded in websites, online ads, and email, that can be used for purposes such as generating web server logs or reading or writing cookies for the purposes described above.
As we adopt additional technologies, we may also gather information through other methods.
We may also use certain third-party web and mobile app analytics services – including but not limited to Google Analytics, Adobe Analytics, Twitter Analytics, and Facebook Custom Audiences – to help us understand and analyze how visitors use the online Services and serve ads on our behalf across the Internet and in different channels (including on the web, in mobile apps, on out-of-home digital surfaces, and in connected TV apps. We’ve implemented Google Analytics Advertising features such as remarketing with analytics, interest-based advertising, demographics and interests reporting, user segment analysis, look-alike modeling and impression reporting. We and third-party vendors may use first-party cookies or other first-party identifiers as well as third-party cookies or other third-party identifiers to provide El Patio International with insight into behavior information relating to inferred visitor age range (e.g., GenZ, Millenial, GenX, etc.), your interests, and to deliver advertisements to you, create a profile of you, measure your interests, detect your demographics, detect your location, personalize content, and detect and associate online and offline behaviors such as site visitation, dwell time and actions taken.
Information Collected From Third Parties.
Our vendors and other third parties may share with us your personal information. For example, if you order food or catering, order gift cards, make a purchase for merchandise, make a payment, or provide feedback on your experiences, you may submit personal information to one or more third parties that may share your information with us.
In some circumstances, we also may collect information about you from publicly-available sources, including content about our Services that you make publicly available on third-party websites (e.g., social media platforms). We or vendors assisting us may also receive information from geolocation data providers to help us understand aggregate visit patterns in restaurant markets of interest, but these providers get the location data from sources other than our own App and websites.
Additionally, for certain features of the online Services, you may log in through your third-party social media account or share content from the online Services through third-party social media platforms. We may combine information that we have about you with information we obtain from third parties. When you submit information to a third party, you are subject to that third party’s terms of use and privacy policies, for which we are not responsible.
2. USE OF INFORMATION
We may use personal information we obtain about you to:
-
facilitate and personalize your user experience and improve the Services;
-
conduct statistical analysis of the content, layout, and features of the Services for our marketing purposes;
-
communicate with you regarding our restaurants and other Services;
-
respond to your requests or inquiries;
-
register you for accounts on the Services;
-
register you for our email and postal mailing lists or for promotions or offers conducted in connection with the Services;
-
process payment information for online food orders or online purchases through our merchandise or gift card store;
-
process your fundraiser applications;
-
send marketing information to you, such as promotional offers or information about new product offerings, programs, or restaurant openings;
-
advertise to you both on and off the Services, which may include tailoring ads to your inferred interests and measuring the performance of our ad campaigns;
-
make inferences about connections between different internet-connected devices used by you or members of your household;
-
provide location services;
-
manage health and safety in our restaurants;
-
address legal matters;
-
prevent, investigate, identify, stop, or take any other action with regard to suspected or actual fraudulent or illegal activity, claims or other liabilities, or any activity that violates our policies; or
-
for any other purpose, with your consent where appropriate.
We may also use any of the personal information we collect to (1) generate pseudonymous or other proprietary identifiers and use them for any of the purposes described in this Privacy Policy (for example, creating, using and sharing an encrypted hash of an email address you provided to us for our advertising purposes); and (2) generate anonymous or de-identified information and use it for any purpose.
3. SHARING OF INFORMATION
We may share your personal information with vendors who assist us with the uses and disclosures described in this Privacy Policy, such as delivery services, analytics providers, marketing and advertising services, providers of payment services, providers of of other support for our transactions (e.g., accounting services), providers of technical services (e.g., data storage and customer relationship management databases). We generally require our vendors to provide at least the same or equal protection of user data as stated in this Privacy Policy.
Some of the vendors who help us may view, edit, or set their own tracking technologies/cookies, some of which collect personal information.
We may also share, including by publicly posting on our online Services or other public online locations, certain content about us or our Services that you submit to us or otherwise make publicly available. For example, we may repost content that you post about us on social media.
In the event of a business transaction, such as if we sell or transfer all or a portion of our business or assets (e.g., further to a merger, reorganization, liquidation, or any other business transaction, including negotiations of such transactions), we reserve the right to disclose any information we obtain through the Services. You acknowledge that such transfers may occur and are permitted by this Privacy Policy. To the extent legally permitted, the acquiring party may use the information pursuant to their own privacy policy instead of this one.
We may also disclose personal information when required by subpoena, search warrant, or other legal processes, or in response to activities that are unlawful or a violation of El Patio International’s rules for use of the Services, or to protect and defend the rights or property of El Patio International or others. This may involve the disclosure of personal information to law enforcement, other governmental entities, or other third parties, depending on the circumstances.
4. RETENTION OF INFORMATION
We retain personal information to achieve the purposes for which the information was collected. In certain cases, we may need to retain personal information for purposes required under applicable law, for tax or audit purposes, or for other purposes permitted under law.
5. SECURITY
Although we use various security measures as part of an effort to protect your personal information from loss, theft, misuse, unauthorized access, disclosure, alteration, and destruction, these measures may fail or be insufficient. No collection, transmission, storage or other handling of personal information is completely secure (whether online or offline), and we cannot guarantee the security of your information.
6. CHILDREN’S PRIVACY
The online Services are not intended for, and are not intentionally targeted to, children under 13, and we do not knowingly request or collect personal information from any person under 13 years of age through the Services. If we learn that the online Services have received personal information directly from a child who is under the age of 13, we will delete the information in accordance with applicable law. If you are between the ages of 13 and 18, you may participate, use and/or visit our Online Services only with the permission and under the supervision of a parent or legal guardian who agrees to be bound by our EL PATIO REWARDS Terms of Use, our Privacy Policy, our Reservation and Seating Policy and our Terms of Use.
7. YOUR CHOICES
To update certain personal information we have about you, or if you wish to change certain preferences (including certain communication preferences), (1) log into your registered website or App account and change your account settings (including location tracking), (2) change your device’s settings for our Apps, or (e) contact us as described at the end of this Privacy Policy. If you no longer want us to collect information through the App, if one is available, please uninstall it. If you no longer want us receive marketing emails, please unsubscribed from our mailing list or get in contact with us, so we can delete your information from our mailing list (We may require you to provide us with your legal name, phone number, email address, home address, and/or El Patio Rewards account number in order to find you in our system)
Many web browsers are set to accept cookies by default, but you also may be able to set your browser to notify you before you receive a cookie, or to remove or reject cookies. Disabling all cookies completely may affect the availability and functionality of our online Services and other websites. If you would like to delete cookies or change the settings on your web browser to delete or refuse cookies,
To find out more about how some third-party services manage the privacy of information in conjunction with delivering ads online, and how to opt-out of certain collection or uses by of information by certain participating companies, at
http://www.aboutads.info/appchoices,
http://www.networkadvertising.org, or https://www.networkadvertising.org/mobile-choice.
We are not responsible for the opt-out process of third parties.
You should repeat the preference options described above from each device and browser that you use in connection with our Service, and repeat them again in a particular browser or device if you clear cookies or reset the browser.
Certain state residents have additional rights and choices, as described in the next section.
8. NOTICE TO CALIFORNIA RESIDENTS
The following section provides detailed information applicable to California residents under the California Consumer Privacy Act (CCPA).
Collection, Use, and Disclosure of California Personal Information
During the 12 months leading up to the effective date of this Privacy Policy, we have collected all of the types of personal information described in Section 1 (“Collection of Information”) of this Privacy Policy. During that period, we made the following disclosures of personal information about Californians for the purposes described in Section 2 (“Use of Information”) above:
Category of personal information
Categories of third parties to which it was disclosed
Names, addresses, phone numbers, and email addresses and other identifiers;
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers, providers of technical services, governmental entities
Date of birth (month and year)
Affiliates, marketing and advertising services, and providers of technical services.
Records of your orders and other transactions with us
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers, providers of technical services, governmental entities
Credit/debit/gift card number(s) and account information, including associated billing address(es) and expiration date(s)
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers, providers of technical services, governmental entities (though in some cases a portion of the card number is shared instead of the entire number).
Employer and/or other company affiliations (e.g., employer names, titles, work addresses, and other contact information)
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers, providers of technical services, governmental entities
Visual information
Affiliates, providers of technical services, and governmental entities.
Geolocation and restaurant location
Providers of technical services.
Other information described in the Information Collected Automatically section above (some of which is personal information)
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers.
Other information you provide to us, including user-generated content and information provided via surveys, focus groups, and/or other marketing research efforts
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers.
Inferences
Affiliates, delivery services, marketing and advertising services, providers of payment services, transactional support providers.
During the 12 months leading up to the effective date of this Privacy Policy, we “sold” (as that term is defined under the CCPA), commercial information (transaction data), payment card information, and internet or other network or device activity (like a record of a browser’s visit to our website) to market and advertise services to assist with such activities. We do not “sell” personal information if we have actual knowledge that the consumer is less than 16 years of age.
Your CCPA Information & Deletion Rights
The CCPA allows you to request us to:
-
Inform you about the categories of personal information we collect or disclose about you; the categories of sources of such information; the business or commercial purpose for collecting your personal information; and the categories of third parties with whom we share/disclose personal information.
-
Provide access to and/or a copy of certain personal information we hold about you.
-
Delete certain personal information we have about you.
If you would like to exercise any of these rights, you may submit your request by contacting us by phone at 301.231.9225
Please note that certain information may be exempt from such requests under California law. For example, we need certain information to provide our Services to you. We also will take reasonable steps verify your identity before responding to your request, which may include, at a minimum, depending on the sensitivity of the information you are requesting and the type of request you are making, verifying your name, email address, and other information regarding your use of the Services (e.g., date of last purchase or last 4 digits of a payment/gift card).
While you have the right to make a deletion request at any time, kindly note that processing this right would cause you may lose any promotional offers that would have been provided as a result of maintaining your deleted El Patio International Rewards account. This may include any benefit provided through the exclusive use of Rewards account, like any accrued points, prizes, and promotional coupons.
Your CCPA Right to Opt Out of “Sale” of Personal Information
Californians have a right to direct us not to “sell” certain personal information as that term is defined in under the CCPA. You can exercise that right by performing BOTH of the following steps:
-
contact us by phone at 301.231.9225 to make a general do-not-sell request. We may take reasonable steps to verify the validity of your request.
Requests Made by Agents If you are an agent making a request on behalf of a consumer, we reserve the right to take steps to verify that you are authorized to make that request, which may include requiring you to provide us with written proof such as a notarized authentication letter or a power of attorney, as stipulated applicable state law. As part of the process, we may additionally require the customer to verify their identity directly with us. For security and legal reasons, El Patio International will reject requests that require us to access third-party websites or services.
Because opt-out requests for sales made through cookies and related technology must be performed from each browser that is used to access our Services, it is easiest for the consumer to perform such opt-outs themselves. However, if a consumer wishes for an agent to perform browser-based requests on their behalf, the consumer may arrange for the agent to use the consumer’s browser to make such requests. We are not responsible for the security risks of this or any other arrangements that a consumer may have with an agent. For clarity, this is not permission for any user to share their login credentials with an agent or any third party. Such sharing is a violation of our Terms of Use and is not required for an agent to make requests under this Privacy Policy.
Nondiscrimination
You also have the right not to receive “discriminatory treatment” (within the meaning of the CCPA) for exercising CCPA rights.
Notice of Financial Incentives
The El Patio International Rewards Program lets participants earn or otherwise receive rewards (e.g., free entrees, drinks, discounts and/or promos) in return for registering and/or making purchases, including:
-
Spend-based incentives, where you earn credit based upon spend levels
-
Discounts and free products offered for frequent visitors
-
Periodic promotional discounts and offers
You can sign up for the Rewards Program by registering on our website at EL PATIO REWARDS or through the El Patio International app, if one is available. Registration requires you to provide your name, email address, telephone number, and (optionally) your day and month of birth. We will then associate that and other categories of personal information with your Rewards Program account, such as other unique identifiers, purchase history, geolocation data, preferences you provide (e.g., favorite El Patio International restaurants), and stored payment methods. Note that we also may collect all of this information outside the context of the Rewards Program.
Full terms for the Rewards Program are available El Patio Rewards Terms of Use.
You may withdraw from the Rewards Program at any time and forfeit any ongoing incentives by contacting us using our contact information found at the bottom of our homepage.
While we do not and cannot assign a monetary value to the personal information we collect through the Rewards Program, we do benefit financially from the Rewards Program. For example, although we may lose immediate revenue when a member uses a discount, the positive experience may lead to an overall increase in visits to our restaurants.
Calculating the actual value that El Patio International generates from those efforts (whether in aggregate or by individual) or a monetary value of the personal information involved is impossible. There are many reasons for this:
-
First, the information is of no monetary value by itself, as El Patio International achieves personal information-related benefits only when the information is used in combination with, and in the context of, other aspects of our business such as (1) high-quality marketing efforts, (2) the compelling financial components of our Rewards Program that do not require use of the personal information, such as the ability to earn discounts and rewards, (3) the high quality of our food and service, and (4) the proximity of our restaurants to Rewards Program members.
-
Second, we can’t precisely determine the motivating factors of any specific purchase, or the relative weights of each factor. Even if somebody redeems a coupon we sent to the contact information they supplied during Rewards Program registration, we can’t determine whether they would have made the same purchase on the same day even without the coupon.
-
Third, the level of engagement with our uses of personal information varies among Rewards Program members. For example, some members may read a lot of our marketing content, while others have unsubscribed and never see any. Some live next door to one of our restaurants, while others are out of delivery range.
-
Fourth, the dining habits of our Rewards Program members appear to vary significantly.
-
Fifth, not all members link their purchases to their Rewards Program membership, so we can’t identify all purchases by Rewards Program members, let alone which ones were influenced by their participation in the program.
For these reasons, we estimate that the value of the personal information collected for the Rewards Program would be less than the value the individual receives from their participation in the Reward Program.
Other California Law
Subject to certain limitations under California’s Shine the Light law, residents of the State of California may contact us as described at the end of this Privacy Policy to request a list of third parties to whom we disclosed certain personal information for those third parties’ direct marketing purposes during the preceding year. The information we will provide will describe our general practices in the prior calendar year and will not be specific to you.
Your request should indicate that you are a California resident, and you must provide your full current California address, to which we will send our response. Your inquiry must specify “Shine the Light Request” in the subject line of the email or the first line of the letter, and include your California address. We are only required to respond to one such request per individual each year. We may take reasonable steps to verify your identity and the authenticity of the request.
9. LINKS TO OTHER WEBSITES AND SERVICES AND SOCIAL LOGINS
The Services may offer links to websites and other services that are not maintained by El Patio International. By visiting one of these linked websites or services, you are subject to their privacy and other policies. We are not responsible for, or able to monitor or control, the policies and practices of other companies.
Our services offers you the ability to register and login using your third-party social media account details, such as Facebook, Google, or Twitter logins, if you choose to use any of these third-party companies you acknowledged that we do not and cannot control their privacy policies nor their terms and conditions or other policies/terms they implement on their platforms. You also acknowledged that we will receive certain profile information about you from your social media provider and that we can use that information for any commercial and/or marketing use as stated in our Privacy Policy. The profile information we receive may vary depending on the social media provider, but will often include your name, email address, friend list, profile picture as well as other information you choose to make public on such social media platform. Please note that we do not control, therefore, we are not responsible how your social media uses, maintain, stores, or shares your personal information or the information you choose to share.
10. CHANGES TO EL PATIO INTERNATIONAL’S PRIVACY POLICY
From time to time, we may change/update our Privacy Policy in our sole discretion. All changes are effective immediately when we post them, and apply to all use of the Website thereafter. Your continued use of the Website following the posting of the updated Privacy Policy means that you accept and agree to the changes. You are expected to check this page from time to time and when agreeing to any particular service or offer, so you are aware of any changes, as they are binding on you. Changes/updates to our Privacy Policy will be indicated by the “Last Updated” date at the top of this page.
11. CONTACT US
For questions or concerns about our Privacy Policy or our privacy practices, you may contact us via postal mail at:
El Patio International, Inc.
5240 Randolph Rd
Rockville, MD 20852