Mason’s Famous Lobster Rolls
188 Main Street
Annapolis, Maryland 21401
Owner Contact Email: admin@masonslobster.com
Mason’s Lobster Franchising LLC (“Owner” or “We”) respect your privacy and are committed to protecting it through our compliance with this policy.
This policy describes the types of information we may collect from you and our practices for collecting, using, maintaining, protecting, and disclosing that information.
This policy applies to information we collect (hereinafter referred to as the “Mason’s Digital Services”):
Please read this policy carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, your choice is not to use Mason’s Digital Services and to not submit your personal data to the Owner where requested outside of Mason’s Digital Services. By accessing or using Mason’s Digital Services, or submitting your personal information to the Owner through any means, you agree to this privacy policy. This policy may change from time to time, see Changes to Our Privacy Policy below. Your continued use of Mason’s Digital Services, and lack of action to opt-out as outlined in this policy, after we make Changes to Our Privacy Policy is deemed to be acceptance of those changes, including the consent to marketing communications, adherence to the Privacy Policy, and participation in the Loyalty Program.
Mason’s Digital Services is not intended for children under 16 years of age. No one under age 16 may provide any information to or on Mason’s Digital Services. We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information on Mason’s Digital Services or through any of its features, register on Mason’s Digital Services, make any purchases through Mason’s Digital Services, use any of the interactive or public comment features of Mason’s Digital Services, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 16, please contact us at Owner Contact Email.
Residents of certain states under 13, 16, or 18 years of age may have additional rights regarding the collection and sale of their personal information. Please see Your State Privacy Rights for more information.
Among the types of Personal Data that We collect, by itself or through third parties, there are: city; ZIP/Postal code; state; province; country; county; latitude (of city); longitude (of city); metro area; geography/region; demographic information, Transaction information; Usage Data; Trackers; IP address; device information; app information; device logs; operating systems; browser information; language; launches; number of sessions; session duration; scroll-to-page interactions; mouse movements; scroll position; keypress events; motion sensor events; touch events; video views; clicks; browsing history; search history; session statistics; page views; interaction events; page events; custom events; Application opens; number of Users; email address; phone number; first name; last name; physical address; birthday; data relating to the point of sale; Data communicated while using the service; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example).
Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanation texts displayed prior to the Data collection.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically. Unless specified otherwise, all Data requested by the Owner is mandatory and failure to provide this Data may make it impossible for the Owner to provide its services. In cases where the Owner specifically states that some Data is not mandatory, Users are free not to communicate this Data without consequences to the availability or the functioning of the Service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner.
Any use of Cookies – or of other tracking tools — by the Owner or by Third-Party Providers of services used by the Owner serves the purpose of providing the Service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy.
Users are responsible for any third-party Personal Data obtained, published or shared through Mason’s Digital Services.
By submitting your personal information to the Owner, you hereby expressly consent to receive promotional and marketing communications from the Company, including but not limited to email, text messages, and SMS (Short Message Service), in accordance with the terms outlined in this agreement and applicable law.
We may disclose aggregated information about our users, and information that does not identify any individual, without restriction.
We may disclose personal information that we collect or you provide as described in this privacy policy:
We may also disclose your personal information:
We strive to provide you with choices regarding the personal information you provide to us. The following mechanisms are available to you to control your information. All opt-out methods presented to the User and stated in this policy are solely developed, hosted, and maintained by Third-Party Providers with whom the Owner has established partnerships.
How to manage Marketing Preferences.
If you do not wish to have your contact information used by the Owner for marketing, you can opt-out at any time. Marketing services are used to promote our own or third parties’ products or services. This can include email, text, and SMS communications; promotional offers; loyalty programs; and similar direct marketing programs.
A marketing opt-out does not apply to information provided to the Owner, or communications from the Owner as a result of a product purchase, warranty registration, product service experience or other transactions.
How to Manage Tracking and Interest-Based Advertising Preferences
In addition to any opt-out feature provided by any of the services listed in this document, Users may learn more on how to generally opt out of Trackers and interest-based advertising within the dedicated section of the Cookie Policy.
The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data.
The Data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Owner, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of Mason’s Digital Services (administration, sales, marketing, legal, system administration) or Third-Party-Providers of technical services, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Owner at any time.
The Data is processed at the Owner’s operating offices and in any other places where the parties involved in the processing are located.
Depending on the User’s location, data transfers may involve transferring the User’s Data to a country other than their own. To find out more about the place of processing of such transferred Data, Users can check the section containing details about the processing of Personal Data.
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
The Data concerning the User is collected to allow the Owner to provide its Service, comply with its legal obligations, respond to enforcement requests, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activity, as well as the following: Traffic optimization and distribution, Spam and bots protection, Displaying content from external platforms, Analytics, Tag Management, User database management, Interaction with data collection platforms and other third parties, Platform services and hosting, Contacting the User, Advertising and Infrastructure monitoring.
For specific information about the Personal Data used for each purpose, the User may refer to the section “Detailed information on the processing of Personal Data”.
Personal Data is collected for the following purposes and using the following services:
This type of service allows User Data to be utilized for advertising communication purposes. These communications are displayed in the form of banners and other advertisements on Mason’s Digital Services, possibly based on User interests.
This does not mean that all Personal Data are used for this purpose. Information and conditions of use are shown below.
Some of the services listed below may use Trackers to identify Users or they may use the behavioral retargeting technique, i.e. displaying ads tailored to the User’s interests and behavior, including those detected outside Mason’s Digital Services. For more information, please check the privacy policies of the relevant services.
Services of this kind usually offer the possibility to opt out of such tracking. In addition to any opt-out feature offered by any of the services below, Users may learn more on how to generally opt out of interest-based advertising in our Cookie Policy.
Google Ad Manager is an advertising service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that allows the Owner to run advertising campaigns in conjunction with external advertising networks that the Owner, unless otherwise specified in this document, has no direct relationship with.
In order to understand Google’s use of Data, consult Google’s partner policy.
This service uses the “DoubleClick” Cookie, which tracks use of Mason’s Digital Services and User behavior concerning ads, products and services offered.
Users may decide to disable all the DoubleClick Cookies by going to: Google Ad Settings.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
Simpli.fi is an advertising service provided by SIMPLIFI HOLDINGS, INC.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.
Google Analytics 4 is a web analysis service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, (“Google”). Google utilizes the Data collected to track and examine the use of Mason’s Digital Services, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
In Google Analytics 4, IP addresses are used at collection time and then discarded before Data is logged in any data center or server. Users can learn more by consulting Google’s official documentation.
Personal Data processed: number of Users; session statistics; Trackers; Usage Data.
Place of processing: United States – Privacy Policy – Opt Out; Ireland – Privacy Policy – Opt Out.
Meta ads conversion tracking (Meta pixel) is an analytics service provided by Meta Platforms, Inc. or by Meta Platforms Ireland Limited, depending on how the Owner manages the Data processing, that connects data from the Meta Audience Network with actions performed on Mason’s Digital Services. The Meta pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Meta Audience Network.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy – Opt out; Ireland – Privacy Policy – Opt out.
Meta Events Manager is an analytics service provided by Meta Platforms Ireland Limited or by Meta Platforms, Inc., depending on how the Owner manages the Data processing. By integrating the Meta pixel, Meta Events Manager can give the Owner insights into the traffic and interactions on Mason’s Digital Services.
Personal Data processed: browsing history; Data communicated while using the service; data relating to the point of sale; email address; first name; last name; unique device identifiers for advertising (Google Advertiser ID or IDFA, for example).
Place of processing: Ireland – Privacy Policy – Opt out; United States – Privacy Policy – Opt out.
By filling in the contact form with their Data, the User authorizes Mason’s Digital Services to use these details to reply to requests for information, quotes or any other kind of request as indicated by the form’s header.
Personal Data processed: email address; first name; last name; phone number.
This type of service allows you to view content hosted on external platforms directly from the pages of Mason’s Digital Services and interact with them. Such services are often referred to as widgets, which are small elements placed on a website or app. They provide specific information or perform a particular function and often allow for user interaction.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.
Font Awesome is a typeface visualization service provided by Fonticons, Inc. that allows Mason’s Digital Services to incorporate content of this kind on its pages.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy.
Google Fonts is a typeface visualization service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing, that allows Mason’s Digital Services to incorporate content of this kind on its pages.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
This type of service allows Mason’s Digital Services to monitor the use and behavior of its components so its performance, operation, maintenance and troubleshooting can be improved.
Which Personal Data are processed depends on the characteristics and mode of implementation of these services, whose function is to filter the activities of Mason’s Digital Services.
New Relic is a monitoring service provided by New Relic Inc.
The way New Relic is integrated means that it filters all traffic of Mason’s Digital Services, i.e., communication between the Application and the User’s browser or device, while also allowing analytical data on Mason’s Digital Services to be collected.
Personal Data processed: Data communicated while using the service.
Place of processing: United States – Privacy Policy.
This type of service allows Users to interact with data collection platforms or other services directly from the pages of Mason’s Digital Services for the purpose of saving and reusing data.
If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service.
The Mailchimp widget is a service for interacting with the Mailchimp email address management and message sending service provided by Intuit Inc.
Personal Data processed: email address; first name; last name; phone number; Trackers; Usage Data.
Place of processing: United States – Privacy Policy.
These services have the purpose of hosting and running key components of Mason’s Digital Services, therefore allowing the provision of Mason’s Digital Services from within a unified platform. Such platforms provide a wide range of tools to the Owner – e.g. analytics, user registration, commenting, database management, e-commerce, payment processing – that imply the collection and handling of Personal Data.
Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored.
GoDaddy Web Hosting is a hosting service provided by GoDaddy.com, LLC.
Personal Data processed: Data communicated while using the service; Usage Data.
Place of processing: United States – Privacy Policy.
This type of service analyzes the traffic of Mason’s Digital Services, potentially containing Users’ Personal Data, with the purpose of filtering it from unwanted parts of traffic, messages and content that are recognized as spam or protecting it from malicious bots activities.
Cloudflare Bot Management is a malicious bot protection and management service provided by Cloudflare, Inc.
Personal Data processed: app information; Application opens; browser information; browsing history; city; clicks; country; county; custom events; device information; device logs; geography/region; interaction events; IP address; keypress events; language; latitude (of city); launches; longitude (of city); metro area; motion sensor events; mouse movements; number of sessions; operating systems; page events; page views; province; scroll position; scroll-to-page interactions; search history; session duration; session statistics; state; touch events; Trackers; Usage Data; video views; ZIP/Postal code.
Place of processing: United States – Privacy Policy.
This type of service helps the Owner to manage the tags or scripts needed on Mason’s Digital Services in a centralized fashion. This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data.
Google Tag Manager is a tag management service provided by Google LLC or by Google Ireland Limited, depending on how the Owner manages the Data processing.
Personal Data processed: Trackers; Usage Data.
Place of processing: United States – Privacy Policy; Ireland – Privacy Policy.
This type of service allows Mason’s Digital Services to distribute their content using servers located across different countries and to optimize their performance.
Which Personal Data are processed depends on the characteristics and the way these services are implemented. Their function is to filter communications between Mason’s Digital Services and the User’s browser.
Considering the widespread distribution of this system, it is difficult to determine the locations to which the contents that may contain Personal Information of the User are transferred.
Cloudflare is a traffic optimization and distribution service provided by Cloudflare Inc.
The way Cloudflare is integrated means that it filters all the traffic through Mason’s Digital Services, i.e., communication between Mason’s Digital Services and the User’s browser, while also allowing analytical data from Mason’s Digital Services to be collected.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
This type of service allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to Mason’s Digital Services, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks’ profiles) and used to build private profiles that the Owner can display and use for improving Mason’s Digital Services.
Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on Mason’s Digital Services.
HubSpot CRM is a User database management service provided by HubSpot, Inc.
Personal Data processed: email address; first name; last name; phone number; physical address; Trackers; various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy; Germany – Privacy Policy.
Mason’s Digital Services uses Trackers. To learn more, Users may consult the Cookie Policy.
The Owner may process Personal Data relating to Users if one of the following applies:
In any case, the Owner will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
Unless specified otherwise in this document, Personal Data shall be processed and stored for as long as required by the purpose they have been collected for and may be retained for longer due to applicable legal obligation or based on the Users’ consent.
Therefore:
The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to fulfil a legal obligation or upon order of an authority.
Once the retention period expires, Personal Data shall be deleted. Therefore, the right of access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Users may exercise certain rights regarding their Data processed by the Owner.
In particular, Users have the right to do the following, to the extent permitted by law:
Users are also entitled to learn about the legal basis for Data transfers abroad including to any international organization governed by public international law or set up by two or more countries, such as the UN, and about the security measures taken by the Owner to safeguard their Data.
Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.
Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time, free of charge and without providing any justification. Where the User objects to processing for direct marketing purposes, the Personal Data will no longer be processed for such purposes. To learn whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.
How to exercise these rights
You may complete this form to request access to, correct, or delete any personal information that you have provided to us. We may delete your personal information by also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
State consumer privacy laws may provide their residents with additional rights regarding our use of their personal information.
California, Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Montana, Oregon, Tennessee, Texas, Utah, and Virginia provide (now or in the future) their state residents with rights to:
The exact scope of these rights may vary by state. To exercise any of these rights please or to appeal a decision regarding a consumer rights request you may send us an email at Owner Contact Email
To learn more about California residents’ privacy rights, visit www.oag.ca.gov/privacy/ccpa. California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of Mason’s Digital Services/App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes.
Nevada provides its residents with a limited right to opt-out of certain personal information sales.
The User’s Personal Data may be used for legal purposes by the Owner in Court or in the stages leading to possible legal action arising from improper use of Mason’s Digital Services or the related Services.
The User declares to be aware that the Owner may be required to reveal personal data upon request of public authorities.
In addition to the information contained in this privacy policy, Mason’s Digital Services may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data upon request.
For operation and maintenance purposes, Mason’s Digital Services and any services by Third-Party Providers may collect files that record interaction with Mason’s Digital Services (System logs) or use other Personal Data (such as the IPAddress) for this purpose.
Scope of Clause: This clause pertains to all Third-Party Providers and their solutions, technology and services.
Exclusion of Owner Responsibility: The User acknowledges and agrees that the Owner is not involved in the development, hosting, or maintenance of the solutions, technology, or services, and as such, bears no responsibility for their technical functionality, performance, reliability, or opt-out practices.
Disclaimer of Liability: The Owner shall not be held liable for any failures, defects, or shortcomings in the solutions, technology, or services provided by Third-Party Providers, including but not limited to technical malfunctions, security vulnerabilities, data loss, or any other operational issues.
User’s Assumption of Risk: The User assumes all risks associated with the use of solutions, technology, or services developed by Third-Party Providers. The Owner disclaims any endorsements, warranties, or representations as to the effectiveness, security, or reliability of these solutions, technology, or services.
Indemnity: The User shall indemnify, defend, and hold the Owner harmless from any claims, liabilities, damages, losses, costs, and expenses, including reasonable attorney fees, arising from the use of or reliance upon the solutions, technology, or services developed by Third-Party Providers.
Limitation of Remedies: Under no circumstances shall the Owner be liable for any indirect, incidental, special, consequential, or punitive damages arising from or related to the User’s use of or reliance on the solutions, technology, or services provided by Third-Party Providers, regardless of the form of action.
Severability: Should any part of this clause be determined to be invalid or unenforceable, the remaining parts shall continue to be valid and enforceable to the fullest extent permitted by law.
User’s Acknowledgement: By utilizing the solutions, technology, or services outlined in this policy, the User confirms their understanding of, and agreement to, the terms outlined in this No-Liability Clause.We do not control third parties’ collection or use of your information to serve interest-based advertising.
It is our policy to post any changes we make to our privacy policy on the Privacy Policy page of Mason’s Digital Services. If we make material changes to how we treat our users’ personal information, we will notify you by email to the email address specified in your account and/or through a notice on Mason’s Digital Services. The date the privacy policy was last revised is identified at the top of the page. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting Mason’s Digital Services and this privacy policy to check for any changes.
More details concerning the collection or processing of Personal Data may be requested from the Owner at any time. Please see the contact information at the beginning of this document.
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Information collected automatically through Mason’s Digital Services (or Third-Party Providers of services employed in Mason’s Digital Services), which can include: the IP addresses or domain names of the computers utilized by the Users who use Mason’s Digital Services, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User’s IT environment.
The individual using Mason’s Digital Services who, unless otherwise specified, coincides with the Data Subject.
The natural person to whom the Personal Data refers.
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of Mason’s Digital Services. The Data Controller, unless otherwise specified, is the Owner of Mason’s Digital Services.
The means by which the Personal Data of the User is collected and processed.
The service provided by Mason’s Digital Services as described in the relative terms (if available) and on this site/application.
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Cookies are Trackers consisting of small sets of data stored in the User’s browser.
Tracker indicates any technology – e.g Cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting -that enables the tracking of Users, for example by accessing or storing information on the User’s device.
Interest-Based Advertising
Interest-Based Advertising: Interest-based advertising, also known as behavioral advertising, refers to the practice of delivering advertising tailored to the user’s apparent interests, based on data collected about a user’s online activities, across different websites and over time.
This privacy policy relates solely to Mason’s Digital Services, if not stated otherwise within this document.
Latest update: January 09, 2024
