Privacy Policy
This Privacy Policy explains how Fleet Feast collects, uses, protects, and shares your personal information when you use our food truck marketplace platform.
Introduction
Fleet Feast, Inc. ("Fleet Feast," "we," "us," or "our") operates a food truck marketplace platform connecting event planners (customers) with food truck operators (vendors). We are committed to protecting your privacy and handling your personal information with care and transparency.
This Privacy Policy applies to all users of our platform, including website visitors, customers, vendors, and anyone who interacts with our services. By using Fleet Feast, you agree to the collection, use, and disclosure of your information as described in this policy.
Information We Collect
From Customers (Event Planners)
- Account Information: Name, email address, phone number, password (encrypted)
- Event Details: Event date, location, guest count, food preferences, special requirements
- Payment Information: Processed securely via Stripe (we do not store full credit card numbers)
- Communication History: Messages with vendors, customer support inquiries
- Reviews and Ratings: Feedback provided about vendor services
From Vendors (Food Truck Operators)
- Business Information: Business name, EIN/tax ID, business address, contact details
- Verification Documents: Insurance certificates, health permits, business licenses, vehicle registration
- Bank Account Information: For payout processing via Stripe Connect
- Menu and Photos: Food offerings, pricing, truck images
- Availability Calendar: Booking schedule and service areas
- Communication Records: Messages with customers, proposals, booking confirmations
Automatically Collected Information
- Usage Data: Pages visited, search queries, click patterns, time spent on site
- Device Information: IP address, browser type, operating system, device identifiers
- Location Data: Approximate location based on IP address (for search results)
- Cookies and Tracking: See our Cookie Policy for details
How We Use Your Information
- Provide Services: Facilitate bookings, process payments, enable communication between customers and vendors
- Account Management: Create and maintain user accounts, authenticate users, manage preferences
- Payment Processing: Process payments through Stripe, manage escrow holds, distribute vendor payouts
- Communication: Send booking confirmations, payment receipts, service updates, customer support responses
- Platform Improvement: Analyze usage patterns, improve search algorithms, enhance user experience
- Safety and Security: Detect and prevent fraud, verify vendor credentials, enforce terms of service
- Marketing (with consent): Send promotional emails about new features, special offers (you can opt out anytime)
- Legal Compliance: Comply with applicable laws, respond to legal requests, protect our rights
How We Share Your Information
We share your information only in the following limited circumstances:
- Between Customers and Vendors: When you request a booking, vendors see your event details and contact information. When you accept a booking, customers see your business information.
- Payment Processors: Stripe processes all payments and has access to necessary payment information.
- Email Service Providers: We use email services (e.g., SendGrid) to send transactional and marketing emails.
- Cloud Storage: We use secure cloud services (AWS, Vercel) to store and process data.
- Analytics Providers: We use analytics tools to understand platform usage (anonymized when possible).
- Legal Requirements: We may disclose information if required by law, court order, or to protect rights and safety.
- Business Transfers: If Fleet Feast is acquired or merged, your information may be transferred to the new owner.
We NEVER sell your personal information to third parties for marketing purposes.
Data Retention
We retain your information for as long as necessary to provide services and comply with legal obligations:
User Account Data
Retained until account deletion, plus 30 days for backup recovery
Booking and Payment Records
7 years (tax and accounting requirements)
Messages and Communication
3 years (dispute resolution and support)
Reviews and Ratings
Indefinitely (platform integrity, may be anonymized upon account deletion)
Vendor Verification Documents
Duration of vendor relationship plus 1 year
Legal/Dispute Records
5 years or until resolution, whichever is longer
Data Security
We implement industry-standard security measures to protect your data:
- Encryption in Transit: All data transmitted to and from our servers uses TLS 1.3 encryption
- Encryption at Rest: Sensitive data stored on our servers is encrypted using AES-256
- Password Security: Passwords are hashed using bcrypt with salt
- Payment Security: PCI DSS compliant through Stripe (we never store full credit card numbers)
- Access Controls: Strict employee access controls, role-based permissions, audit logs
- Regular Security Audits: Periodic security assessments and vulnerability testing
- Incident Response: Procedures in place to detect and respond to security breaches
While we implement strong security measures, no system is 100% secure. Please use a strong, unique password and enable two-factor authentication when available.
Your Privacy Rights (GDPR & CCPA)
Depending on your location, you may have the following rights:
Right to Access
Request a copy of all personal data we hold about you
Right to Rectification
Correct inaccurate or incomplete information
Right to Erasure ("Right to be Forgotten")
Request deletion of your personal data (subject to legal retention requirements)
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Restrict Processing
Limit how we use your data in certain circumstances
Right to Opt-Out of Marketing
Unsubscribe from promotional emails at any time (transactional emails still required)
Right to Object
Object to processing based on legitimate interests
To Exercise Your Rights:
Contact us at privacy@fleetfeast.com or use your account settings. We will respond within 30 days.
Children's Privacy
Fleet Feast is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.
If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@fleetfeast.com and we will delete the information.
International Data Transfers
Fleet Feast is based in the United States. Your information may be transferred to and processed in the United States or other countries where our service providers operate.
When transferring data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the EU
- Data Processing Agreements with service providers
- Compliance with applicable data protection regulations
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform features.
When we make significant changes, we will:
- Update the "Last Updated" date at the top of this policy
- Notify you via email if the changes are material
- Display a notice on our platform
Your continued use of Fleet Feast after changes take effect constitutes acceptance of the updated policy.
Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Mailing Address
Fleet Feast, Inc.
Privacy Department
123 Food Truck Lane
San Francisco, CA 94102
United States
Data Protection Officer (DPO)
For GDPR-related inquiries, contact our DPO at dpo@fleetfeast.com
Response Time
We aim to respond to all privacy inquiries within 30 days. For urgent matters, please mark your email as "Urgent Privacy Request."
Your Privacy is Our Priority
We're committed to protecting your personal information and giving you control over your data. If you have any questions or concerns, we're here to help.