Privacy Choices

Effective Date: 3/1/2026
Last Updated: 3/1/2026

This Privacy Policy describes how PantryCrate (“Company,” “we,” “us,” or “our”) collects, uses, discloses, and protects personal information when you visit or make a purchase from www.pantrycrate.com (the “Site”) or otherwise use our online grocery ecommerce services (collectively, the “Services”).

This Policy complies with applicable United States laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the California Online Privacy Protection Act (CalOPPA), CAN-SPAM Act, and COPPA.

1. INFORMATION WE COLLECT

We collect personal information that identifies, relates to, describes, or could reasonably be associated with you or your household.

In the preceding 12 months, we have collected the following categories:

A. Identifiers

Name

Postal address

Email address

Telephone number

IP address

Account username

Online identifiers

B. Customer Records Information (Cal. Civ. Code §1798.80(e))

Billing and shipping address

Payment information (processed by secure third-party processors; we do not store full card numbers)

C. Commercial Information

Products purchased or viewed

Order history

Shopping cart contents

Preferences

D. Internet / Network Activity

Browsing behavior

Device information

Pages visited

Referring URLs

Interaction with advertisements

E. Geolocation Data

Approximate location based on IP

Delivery-related location information

F. Audio / Visual Information

Customer service call recordings (if applicable)

Images uploaded in reviews or communications

G. Inferences

Preferences and purchasing behavior used for personalization

Sensitive Personal Information (as defined by CPRA)

We may process limited sensitive personal information such as:

Account login credentials

Precise location when required for delivery

Payment processing data (via third parties)

We use sensitive personal information only as reasonably necessary to provide Services and do not use it for profiling beyond permitted purposes.

We collect only personal information that is reasonably necessary and proportionate to achieve disclosed business purposes.

2. SOURCES OF INFORMATION

We collect information:

Directly from you (account creation, orders, support requests)

Automatically via cookies and tracking technologies

From service providers (payment processors, delivery partners)

From advertising and analytics providers

From public sources (e.g., social media interactions)

3. PURPOSES FOR COLLECTION AND USE

We use personal information to:

Process and fulfill orders

Provide delivery services

Manage accounts

Communicate transactional updates

Provide customer support

Improve and optimize our Site

Conduct analytics

Prevent fraud and ensure security

Comply with legal obligations

Conduct marketing and advertising (subject to opt-out rights)

We do not use personal information for materially different, unrelated, or incompatible purposes without notice.

4. DISCLOSURE OF PERSONAL INFORMATION

We may disclose personal information to:

Service Providers & Contractors

Hosting providers, payment processors, shipping carriers, analytics providers, email platforms, fraud prevention vendors.

Advertising & Analytics Partners

If we use advertising pixels or cross-context behavioral advertising tools, certain Internet activity data and identifiers may be disclosed for advertising purposes.

Under California law, this may constitute “sharing” for cross-context behavioral advertising.

We do not sell personal information for monetary compensation.

Legal Compliance

To comply with subpoenas, court orders, or legal obligations.

Business Transfers

In connection with mergers, acquisitions, or asset sales.

5. COOKIES & TRACKING TECHNOLOGIES

We use cookies, pixels, and similar technologies to:

Maintain shopping cart functionality

Authenticate users

Analyze traffic and performance

Improve user experience

Deliver advertising (if enabled)

We may use:

Essential Cookies

Functional Cookies

Analytics Cookies

Advertising Cookies

You may manage cookie preferences through browser settings or our cookie consent tool (if implemented).

Global Privacy Control (GPC)

We recognize and honor Global Privacy Control browser signals as a valid request to opt out of sale or sharing of personal information under California law.

6. RETENTION OF PERSONAL INFORMATION

We retain personal information only for as long as reasonably necessary to:

Fulfill orders and provide services

Maintain required business and tax records

Detect and prevent fraud

Comply with legal obligations

Resolve disputes

Retention periods are determined based on:

Legal and regulatory requirements

Nature of the data

Business necessity

Risk of harm from unauthorized use

When no longer needed, information is securely deleted or anonymized.

7. YOUR PRIVACY RIGHTS

A. California Residents (CCPA/CPRA)

You have the right to:

Know the categories and specific pieces of personal information collected

Delete personal information (subject to exceptions)

Correct inaccurate personal information

Opt out of sale or sharing

Limit use of sensitive personal information

Not be discriminated against for exercising rights

You may submit a verifiable consumer request:

Email: info@pantrycrate.com

Web Form: www.pantrycrate.com/pages/contact-us

We respond within 45 days (extendable to 90 days).

You may designate an authorized agent to submit requests on your behalf.

B. Right to Opt-Out of Sale/Sharing

If we engage in cross-context behavioral advertising, California residents may opt out via:

“Do Not Sell or Share My Personal Information” link in the footer.

We honor Global Privacy Control signals.

C. Financial Incentives

If we offer discounts, coupons, or rewards in exchange for personal information (e.g., email signup), such programs may be considered financial incentives under California law.

Participation is voluntary, and you may withdraw at any time.

8. DATA SECURITY

We implement reasonable administrative, technical, and physical safeguards including:

SSL encryption

Role-based access controls

Secure payment tokenization

Monitoring for unauthorized access

No internet transmission is completely secure.

9. CHILDREN’S PRIVACY

Our Services are not directed to children under 13.

We do not knowingly sell or share personal information of consumers under 16 without affirmative authorization.

If we learn we have collected information from a child under 13, we will delete it promptly.

10. DO NOT TRACK

We do not respond to traditional “Do Not Track” browser signals.
However, we recognize and honor Global Privacy Control signals.

11. POLICY UPDATES

We review this Policy at least annually.
Material changes will be posted with a new effective date.

12. CONTACT INFORMATION

PantryCrate
713 West Duarte Road
Unit G-148
Arcadia, California
Email: info@pantrycrate.com