Privacy Policy

1. Who We Are

DDBA Local Delivery is operated by the Davis Downtown Business Association (DDBA), a nonprofit business improvement district located at 604 3rd St, Davis, CA 95616. We run this platform to help downtown Davis restaurants connect with local customers at fair fees.

If you have any questions about this Privacy Policy, you can contact us at info@davisdowntown.org or by calling (530) 756-8763.

2. Information We Collect

We collect information you provide directly when placing an order, including:

• Contact information: Your name, email address, and phone number.
• Delivery address: The address you provide for delivery.
• Order details: The items you order and from which restaurants.
• Payment information: Credit card details processed securely through Stripe. We do not store your full card number on our servers.

We also automatically collect limited technical data, such as your browser type and IP address, to keep the platform running smoothly and to detect fraud.

3. How We Use Your Information

We use the information we collect to:

• Process and fulfill your orders, including routing them to the correct restaurant.
• Coordinate delivery with a local driver.
• Send you order confirmations and updates.
• Respond to your questions or support requests.
• Improve the platform and understand how it is being used.
• Comply with legal obligations and prevent fraudulent transactions.

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We share your information only in the following limited circumstances:

• Restaurants: We share your name, order details, and pickup/delivery notes with the restaurant preparing your food.
• Drivers: We share your delivery address and first name with the driver completing your delivery.
• Payment processor: Your payment information is transmitted directly to Stripe, our PCI-compliant payment processor. Their privacy policy is available at stripe.com/privacy.
• Legal requirements: We may disclose information if required by law or to protect the safety of our users or the public.

5. Data Security

We take reasonable steps to protect your information from unauthorized access, loss, or misuse. All data is transmitted over encrypted HTTPS connections. Payment processing is handled entirely by Stripe and is never stored on our servers in unencrypted form.

No system is completely secure. If you believe your information has been compromised, please contact us immediately at info@davisdowntown.org.

6. Data Retention

We retain order records for up to three years for accounting and tax compliance purposes. You may request deletion of your personal information by contacting us, subject to any legal retention obligations.

7. Your Rights (California Residents)

Under the California Consumer Privacy Act (CCPA), California residents have the right to:

• Know what personal information we collect and how it is used.
• Request deletion of your personal information.
• Opt out of the sale of your personal information (we do not sell your data).
• Non-discrimination for exercising your privacy rights.

To exercise any of these rights, contact us at info@davisdowntown.org.

8. Children's Privacy

Our platform is not directed to children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically.

10. Contact Us

If you have questions or concerns about this Privacy Policy, please reach out: