Privacy Policy

Yume Japanese Restaurant (“Yume,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit our website at yumejapaneserestaurant.com (the “Site”), dine at our restaurants, place online orders, or make reservations.

This policy is provided in compliance with the California Consumer Privacy Act of 2018 (CCPA) as amended by the California Privacy Rights Act of 2020 (CPRA), the California Online Privacy Protection Act (CalOPPA), and other applicable California and federal privacy laws.

By using our Site or services, you acknowledge that you have read and understood this Privacy Policy.

We may collect the following categories of personal information, as defined under the CCPA/CPRA:

We collect personal information through the following means:

• Directly from you: When you place orders, make reservations, contact us, sign up for newsletters, or interact with our Site.
• Automatically: Through cookies, web analytics (Vercel Analytics), server logs, and similar technologies when you browse our Site.
• From third parties: Delivery platforms (UberEats, DoorDash, Grubhub), reservation services (Yelp), and social media platforms when you interact with us through their services.

We use your personal information for the following business purposes:

• Processing and fulfilling your food orders and reservations
• Communicating with you about orders, reservations, and inquiries
• Improving our Site, menu offerings, and customer experience
• Analyzing website traffic and usage patterns
• Sending promotional communications (only with your consent)
• Maintaining the security and integrity of our Site
• Complying with legal obligations, including California food safety regulations, tax requirements, and alcohol service laws
• Detecting and preventing fraud or abuse

We do not sell your personal information. We may share your information with the following categories of third parties for legitimate business purposes:

• Service Providers: Third-party companies that perform services on our behalf, including payment processors, delivery platforms, reservation services, website hosting (Vercel), and analytics providers. These providers are contractually obligated to use your information only for the services they provide to us.
• Delivery Partners: UberEats, DoorDash, Grubhub, and other delivery services when you place orders through their platforms.
• Legal Requirements: When required by law, regulation, or legal process, including requests from California regulatory agencies, health departments, or law enforcement.
• Business Transfers: In connection with a merger, acquisition, or sale of all or a portion of our assets.

As a California resident, you have the following rights under the CCPA/CPRA:

• Right to Know / Access (Cal. Civ. Code § 1798.100): You may request that we disclose what personal information we have collected, used, disclosed, and sold about you in the preceding 12 months. You may request a copy of the specific pieces of personal information we have collected.
• Right to Delete (Cal. Civ. Code § 1798.105): You may request that we delete your personal information, subject to certain exceptions (e.g., legal compliance, completing a transaction, exercising free speech, security).
• Right to Correct (Cal. Civ. Code § 1798.106): You may request that we correct inaccurate personal information.
• Right to Opt-Out of Sale/Sharing (Cal. Civ. Code § 1798.120): We do not sell personal information. Certain uses of cookies may constitute “sharing” under CPRA. You can opt out via our Cookie Preferences page or by enabling Global Privacy Control (GPC) in your browser.
• Right to Limit Use of Sensitive Information (Cal. Civ. Code § 1798.121): We do not use or disclose sensitive personal information for purposes beyond what is necessary to perform our services.
• Right to Non-Discrimination (Cal. Civ. Code § 1798.125): We will not deny goods or services, charge different prices, or provide a different quality of service because you exercised your privacy rights.

How to Submit a Request: You or your authorized agent may submit a verifiable consumer request by contacting us at any of our restaurant locations (see Section 12). We will verify your identity using at least two pieces of personal information before fulfilling your request. We will respond within 45 calendar days, with one 45-day extension available if needed with prior notice.

Our Site uses cookies and similar tracking technologies. We categorize these into essential, analytics, and functional cookies. You may manage your preferences at any time through our Cookie Preferences page.

We honor the Global Privacy Control (GPC) browser signal as a valid opt-out request under the CCPA/CPRA. When we detect a GPC signal, we automatically limit non-essential cookie usage and treat it as a “Do Not Sell or Share” request.

For complete details about each cookie category, what data they collect, and how to manage them, please visit our Cookie Preferences page.

We implement reasonable and appropriate security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• SSL/TLS encryption for all data transmitted between your browser and our Site
• Secure hosting infrastructure with industry-standard protections
• Limiting access to personal information to authorized personnel
• Regular review and update of our security practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security. In the event of a data breach involving your personal information, we will notify you as required by California Civil Code § 1798.82 (California Data Breach Notification Law).

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. Specific retention periods include:

• Transaction records: Retained for a minimum of 4 years as required by California tax law (Cal. Rev. & Tax. Code § 19530).
• Reservation records: Retained for 2 years for service improvement and dispute resolution.
• Website analytics data: Retained in anonymized or aggregated form.
• Cookie consent preferences: Stored locally on your device until you clear your browser data.