Sweetz Wholesale — Privacy Notice 

Effective date: October 29, 2025 

This Privacy Notice explains how Sweetz Cheesecake (“Sweetz,” “we,” “us”) collects, uses, and shares information when you use the Sweetz Wholesale Portal (the “Portal”). 

1) What We Collect 

Account & Profile 

  • Email; first/last name; restaurant group and location; role 

  • Phone number (E.164 format) if provided 

  • Password hash + salt and password version (never raw passwords) 

  • Verification and password-reset tokens + timestamps; 2-step codes + expiry (when used) 

  • Notification preferences (e.g., order/update emails, delivery status, reminders) 

  • Terms/Privacy acceptance flags + timestamps; consent IP (when enabled) 

  • Created/updated timestamps and related account metadata 

Ordering & Operations 

  • Order IDs, items, quantities, totals, requested delivery dates, “placed by” user 

  • Delivery status events (e.g., In-Transit / Delivered) tied to a specific Restaurant | Location 

  • Operational/audit logs needed to troubleshoot, secure the Portal, and ensure service integrity 

Technical 

  • Device/browser basics, language, user-agent; session/local-storage keys 

  • Network info such as IP addresses captured by our infrastructure (e.g., Cloudflare edge, server logs) 

  • Cookies or similar technologies used for security, session continuity, and basic functionality 

We do not intentionally collect sensitive personal data (e.g., government IDs). The Portal is for business use. 

2) How We Use Information 

  • Create and manage accounts; authenticate and secure the Portal (including 2-step verification) 

  • Process and fulfill orders; send transactional emails (receipts, updates, delivery status) 

  • Provide optional weekly reminder emails and/or SMS 

  • Operate, maintain, and improve reliability; debug, prevent fraud or misuse 

  • Comply with legal obligations and enforce our Terms 

3) Legal Bases (where applicable) 

  • Contract: to provide the Portal and fulfill orders 

  • Legitimate interests: security, fraud prevention, improving services, business operations 

  • Consent: reminders and SMS; where required for certain communications 

4) How We Share Information 

We do not sell your personal information. We share only with: 

  • Service providers processing data on our behalf under written contracts, such as: Google Workspace; Cloudflare (security, caching, and edge routing); Email/SMS providers to send communications you request or allow 

  • Professional advisors (accountants, auditors, legal counsel) as required 

  • Authorities when legally required or to protect rights, safety, or the service 

Providers must process data only per our instructions and implement appropriate safeguards. 

5) Cookies, Local Storage & Similar Tech 

We use strictly necessary cookies or equivalents and local/session storage for authentication, session continuity, security, and core functionality. You can control cookies via your browser; blocking them may affect Portal operation. 

6) Data Location & Retention 

Data is generally processed in the United States. We retain information only as long as reasonably necessary to operate the Portal, fulfill orders, comply with legal obligations, resolve disputes, and enforce agreements. One-time codes and short-lived tokens are retained only for their security flow or related audit windows. 

7) Your Choices & Rights 

  • Notification preferences. Manage order/update and delivery-status emails in your profile. 

  • Access/Update/Delete. Contact us to access or correct your information, or to request deletion where applicable. We will verify your request and respond as required by law. 

  • Do Not Track. We do not respond to DNT signals. 

  • California Residents (CPRA). You may have rights to know/access, correct, delete, and to limit use/disclosure of certain sensitive personal information. Sweetz does not sell or share personal information for cross-context behavioral advertising. Submit requests via info@sweetzcheesecake.com. We will verify your identity and respond within required timelines. 

8) Security 

We implement administrative, technical, and physical safeguards appropriate to the nature of the data (including salted, hashed passwords and optional 2-step verification). No method of transmission or storage is 100% secure. We encourage strong, unique passwords and responsible account practices. 

9) Children 

The Portal is for authorized business personnel and is not directed to children under 13, and we do not knowingly collect personal information from them. 

10) International Users 

If you access the Portal from outside the U.S., your information may be transferred to and processed in the U.S., which may have different data protection laws than your jurisdiction. Where required, we use appropriate transfer mechanisms. 

11) Changes to This Notice 

We may update this Privacy Notice. If changes are material, we will notify you (e.g., email or in-Portal notice). Your continued use after the effective date constitutes acknowledgment of the updated Notice. 

Privacy Contact: info@sweetzcheesecake.com