This explains what we do with your information when you order from therezefritay.com. Short version: we collect what we need to take your order, prepare it, and let you know when it's ready. We don't sell your data. We don't run ad trackers. If you want a copy of what we have on you, just ask.
1. What we collect
- When you place an order: your name, phone number, email address, pickup or delivery address, the items you ordered, and a reference to your payment (the Zelle/PayPal/Cash App memo or "cash at pickup").
- When you visit the site: standard server logs — IP address, browser type, pages viewed. We use these for security and basic troubleshooting.
- When you tell us: dietary notes, allergies, special instructions you write into the order form.
2. Why we collect it
- To fulfill your order — process payment, prepare your food, and message you with confirmations and ready-for-pickup updates.
- To recognize you when you come back, so you don't have to retype everything.
- To understand our service in aggregate — what dishes are popular, what days are busy. Never to target you individually.
- To meet legal requirements like tax record retention.
3. How we store it
- On our own servers in Minnesota — not on third-party cloud services like AWS or Azure.
- Backed up nightly, with a 7-day rolling backup window.
- All traffic to and from the site is encrypted in transit (HTTPS).
- Day-to-day access is limited to authorized Thereze's Fritay L.L.C. personnel.
4. Who we share it with
We share data only with the service providers we need to actually deliver your order:
- Resend (email delivery) — receives your name, email, and order details so it can send your receipt.
- Twilio (SMS delivery) — receives your name and phone number so it can send your order updates.
- Cloudflare (security and content delivery) — receives standard server log data (IP, request headers).
That's it. We do not sell your data. We do not enter marketing partnerships that share your information.
5. SMS-specific privacy
If you opted in to SMS, these are the rules we follow:
- Your phone number is used only for order-related messages.
- We never share phone numbers with third parties for marketing purposes.
- Typical message frequency: 1 to 3 messages per order (confirmation, ready notification, follow-up).
- Reply
STOPto opt out. We'll send one confirmation and then stop. To opt back in, replySTART. - Reply
HELPand we'll send our contact details. - Our SMS messages will never contain links to non-therezefritay.com sites.
6. Cookies
- We use only essential cookies — to remember your cart contents and your login session if you have one.
- We do not use tracking pixels, third-party analytics that fingerprint you, or advertising cookies.
7. Your rights
- You can request a copy of the data we have about you — email [email protected].
- You can request deletion of your data. Exception: order records we're legally required to keep for tax purposes — typically 7 years. We'll explain what's removable now versus what stays.
- You can opt out of email or SMS at any time without losing the ability to place orders (we'll just contact you by phone instead).
- You can correct inaccurate data by emailing us or fixing it on your next order.
8. Children
The site is intended for adults (18+). We don't knowingly collect data from minors. If you believe a minor has provided us data, email [email protected] and we'll delete it.
9. International users
The site operates from the United States. We don't currently support international orders.
10. Data breaches
If your data is affected by a breach, we'll notify you by email within 72 hours of discovery, tell you what was accessed, and explain what we're doing about it.
11. Changes
If we make material changes to this policy, we'll post them here with an updated "Last updated" date.