Privacy Policy

Effective Date: May 13, 2026  |  Last Updated: May 13, 2026

This Privacy Policy describes how Cafe Rio ("we," "us," "our," or the "Company") collects, uses, discloses, and protects your personal information when you visit our website at caferio-food.rest, place orders, interact with our services, or otherwise engage with us. Please read this policy carefully to understand our practices regarding your personal data and how we will treat it.

By accessing or using our website and services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices, please discontinue use of our website and services immediately.

Cafe Rio is committed to protecting your privacy and complying with all applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), the CAN-SPAM Act, and other relevant consumer protection statutes.

1. About Us and How to Contact Us

Cafe Rio is a food service business operating in the United States. We are dedicated to delivering exceptional dining experiences while maintaining the highest standards of privacy and data protection for our customers and website visitors.

Company Name Cafe Rio
Website caferio-food.rest
Email Address [email protected]
Privacy Inquiries [email protected]

For any privacy-related questions, concerns, requests, or complaints, please reach out to us using the contact details provided above. We are committed to responding to all privacy-related inquiries within a reasonable time frame, and in any event within the timeframes required by applicable law.

2. Information We Collect

We collect various types of information in connection with the operation of our website and the provision of our food services. The categories of personal information we collect are described in detail below.

2.1 Personal Information You Provide Directly

When you interact with Cafe Rio through our website or services, you may voluntarily provide us with the following personal information:

  • Contact Information: Your full name, email address, phone number, and mailing or delivery address.
  • Account Information: Username, password, and account preferences if you create an account on our website.
  • Order and Transaction Information: Details about the food items you order, your order history, special dietary requests, and delivery instructions.
  • Payment Information: Credit card numbers, debit card numbers, billing address, and other financial information necessary to process your payments. Note that payment card data is processed by our secure, PCI-DSS compliant third-party payment processors and is not stored directly on our servers.
  • Communication Records: Messages, emails, feedback, reviews, complaints, or other communications you send to us.
  • Marketing Preferences: Your preferences regarding receiving marketing communications from us and your choices about how we contact you.
  • Loyalty Program Information: Points, rewards, membership details, and preferences if you participate in any loyalty or rewards program we offer.

2.2 Information Collected Automatically

When you visit our website at caferio-food.rest, we automatically collect certain technical and usage information, including:

  • Device Information: The type of device you are using, operating system, device identifiers, browser type and version, screen resolution, and language settings.
  • Log Data: Internet Protocol (IP) address, access times and dates, pages viewed, links clicked, referring URLs, and the duration of your visit.
  • Location Information: General geographic location based on your IP address. If you grant permission, we may also collect more precise location data to facilitate delivery services or show you nearby locations.
  • Usage Data: Information about how you navigate and interact with our website, including search queries, items added to your cart, and features you use.
  • Cookie and Tracking Data: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies as described further in Section 7 of this Policy.

2.3 Information Collected from Third Parties

We may also receive personal information about you from third-party sources, including:

  • Social Media Platforms: If you connect your social media account to our services or log in through a social media provider, we may receive information such as your name, profile picture, email address, and friend list, depending on your social media privacy settings.
  • Third-Party Delivery Partners: Information shared by delivery service partners or aggregator platforms when you place an order through them.
  • Analytics Providers: Aggregated and anonymized data from analytics service providers that help us understand how users interact with our website.
  • Marketing Partners: Information from advertising partners and data brokers to help us reach potential customers and measure the effectiveness of our marketing campaigns.
  • Public Sources: Publicly available information from government records, social media platforms, and other public databases.

3. How We Use Your Information

Cafe Rio uses the personal information we collect for a variety of legitimate business purposes, all of which are aimed at providing you with the best possible food service experience. Specifically, we use your information for the following purposes:

3.1 Service Provision and Order Fulfillment

  • Processing and fulfilling your food orders, whether for dine-in, takeout, or delivery.
  • Managing your account and providing customer support.
  • Communicating with you about your orders, including confirmations, updates, and delivery status notifications.
  • Facilitating payment processing and preventing fraudulent transactions.
  • Handling returns, refunds, and complaints in accordance with our policies.

3.2 Analytics and Service Improvement

  • Analyzing how our website and services are used to identify opportunities for improvement.
  • Conducting research and development activities to enhance our menu offerings and service quality.
  • Monitoring and analyzing trends, usage patterns, and activities in connection with our services.
  • Testing new features, products, and promotions before wider rollout.
  • Generating aggregated, anonymized statistical reports about our business performance.

3.3 Marketing and Communications

  • Sending you promotional offers, discounts, newsletters, and marketing communications about Cafe Rio, subject to your opt-in preferences and applicable law.
  • Personalizing your experience on our website by displaying content, recommendations, and offers tailored to your preferences and order history.
  • Conducting surveys, contests, sweepstakes, and other promotional activities.
  • Administering our loyalty and rewards programs.
  • Serving targeted advertisements on our website and on third-party platforms, based on your interests and browsing behavior (where permitted by law).

3.4 Legal Compliance and Safety

  • Complying with applicable federal, state, and local laws, regulations, and legal obligations.
  • Responding to lawful requests from courts, law enforcement agencies, and regulatory authorities.
  • Enforcing our Terms of Service and other agreements.
  • Protecting the rights, property, and safety of Cafe Rio, our customers, and the public.
  • Detecting, investigating, and preventing fraudulent, unauthorized, or illegal activity.

3.5 Business Operations

  • Managing our internal business operations, including accounting, auditing, and record-keeping.
  • Evaluating and improving our customer service processes.
  • Facilitating corporate transactions such as mergers, acquisitions, or asset sales, as described in Section 4 below.

4. Sharing Your Information with Third Parties

Cafe Rio does not sell your personal information to third parties for their own independent marketing purposes. However, we do share your information in the following circumstances:

4.1 Service Providers and Business Partners

We work with a variety of trusted third-party service providers who assist us in operating our business and providing our services. These service providers are given access to your personal information only as necessary to perform their functions and are contractually obligated to protect your information and use it solely for the purposes we specify. Our service providers include:

  • Payment Processors: Companies that securely process credit card and debit card transactions on our behalf.
  • Delivery Service Partners: Third-party delivery companies and drivers who fulfill delivery orders.
  • Cloud Hosting Providers: Companies that provide the servers and infrastructure on which our website and databases operate.
  • Email and SMS Communication Providers: Platforms that help us send transactional emails, marketing newsletters, and text message notifications.
  • Analytics Providers: Companies such as Google Analytics that help us understand website traffic and user behavior.
  • Marketing and Advertising Partners: Companies that help us plan, deliver, and measure the effectiveness of our advertising campaigns.
  • Customer Support Tools: Software providers that power our helpdesk and customer service operations.
  • Loyalty Program Administrators: Companies that manage and operate our customer rewards and loyalty programs.

4.2 Legal Requirements

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

  • Comply with a legal obligation, court order, subpoena, or other legal process.
  • Respond to requests from law enforcement agencies, regulatory bodies, or government authorities.
  • Protect the rights, property, or safety of Cafe Rio, our customers, employees, or the general public.
  • Prevent or investigate fraud, security breaches, or other illegal activities.

4.3 Business Transfers

In the event that Cafe Rio is involved in a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred to the successor entity as part of that transaction. We will notify you of any such change in ownership or control of your personal information by posting a notice on our website or sending you an email notification.

4.4 With Your Consent

We may share your personal information with third parties for any other purpose with your explicit prior consent. You have the right to withdraw your consent at any time by contacting us at [email protected].

5. Data Security Measures

Cafe Rio takes the security of your personal information seriously and implements a range of technical, administrative, and physical safeguards designed to protect your data against unauthorized access, disclosure, alteration, loss, or destruction.

5.1 Technical Safeguards

  • Encryption: We use industry-standard Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our website.
  • Secure Payment Processing: All payment card information is processed through PCI-DSS compliant payment processors and is never stored in plain text on our servers.
  • Firewalls and Intrusion Detection: We maintain firewalls and intrusion detection systems to monitor and protect our network infrastructure.
  • Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis, and all access is logged and monitored.
  • Regular Security Assessments: We conduct periodic security audits and vulnerability assessments to identify and address potential weaknesses in our systems.

5.2 Administrative Safeguards

  • Employee training on data privacy and security best practices.
  • Background checks for employees who handle sensitive personal information.
  • Data minimization practices — we collect only the information necessary for the purposes described in this policy.
  • Vendor due diligence — we assess the security practices of third-party service providers before engaging them.

5.3 Breach Notification

In the event of a data breach that is reasonably likely to result in harm to affected individuals, we will notify affected users and, where required by law, the relevant regulatory authorities, within the timeframes mandated by applicable state and federal law. Notification will be provided via email or prominent notice on our website.

Important Notice: While we implement robust security measures, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee the absolute security of your personal information. You use our services and share your information at your own risk.

6. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information under applicable United States privacy laws. Cafe Rio is committed to honoring these rights and will respond to verified requests in a timely manner.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

  • Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the purposes for which it was used, and the categories of third parties with whom it was shared.
  • Right to Delete: You have the right to request that we delete personal information we have collected about you, subject to certain exceptions permitted by law (such as when the information is needed to complete a transaction or comply with a legal obligation).
  • Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
  • Right to Opt Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes. You may exercise this right by contacting us or by using the "Do Not Sell or Share My Personal Information" option available on our website.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of sensitive personal information to those uses necessary to provide the services you have requested.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide you with a lower quality of service because you exercised your privacy rights.

6.2 General Privacy Rights for All Users

Regardless of your state of residence, Cafe Rio provides all customers with the following rights:

  • Right to Access: You may request a copy of the personal information we hold about you.
  • Right to Correction: You may request that we update or correct inaccurate information about you.
  • Right to Deletion: You may request that we delete your personal information, subject to our legal and operational obligations to retain certain data.
  • Right to Data Portability: You may request that we provide your personal data in a structured, commonly used, and machine-readable format so you can transfer it to another service provider.
  • Right to Withdraw Consent: Where we process your data based on your consent, you may withdraw that consent at any time without affecting the lawfulness of prior processing.
  • Right to Opt Out of Marketing: You may opt out of receiving marketing communications from us at any time by clicking the unsubscribe link in any marketing email we send or by contacting us directly.

6.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a verifiable request to us by:

When submitting a request, please provide sufficient information for us to verify your identity, including your full name, email address associated with your account, and a description of your request. We may require additional verification steps to protect your information and prevent unauthorized access.

We will acknowledge receipt of your request within 10 business days and respond to your request within 45 calendar days of receipt. If we require additional time (up to 90 days), we will inform you of the extension and the reason for it.

You may designate an authorized agent to submit requests on your behalf. Authorized agents must provide written authorization from you and may be required to verify their identity and authority.

7. Cookie Policy and Tracking Technologies

Our website at caferio-food.rest uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertisements. This section provides a brief overview of our cookie practices.

7.1 What Are Cookies?

Cookies are small text files that are placed on your device (computer, tablet, or smartphone) when you visit a website. They are widely used to make websites work efficiently, remember your preferences, and provide information to website owners.

7.2 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the operation of our website. These include cookies that enable you to log in, add items to your cart, and complete orders. These cookies cannot be disabled without affecting website functionality.
  • Performance and Analytics Cookies: These cookies collect information about how visitors use our website, such as which pages are most visited and whether users receive error messages. This data helps us improve how our website works.
  • Functionality Cookies: These cookies allow our website to remember choices you make (such as your preferred language or location) and provide enhanced, more personalized features.
  • Marketing and Targeting Cookies: These cookies are used to deliver advertisements more relevant to your interests. They also limit the number of times you see an advertisement and help measure the effectiveness of advertising campaigns.

7.3 Managing Your Cookie Preferences

You can control and manage cookies in various ways. You may configure your browser settings to refuse cookies, delete existing cookies, or notify you when cookies are being sent. Please note that disabling certain cookies may affect the functionality of our website and your ability to place orders.

For more detailed information about the specific cookies we use and how to manage your preferences, please refer to our full Cookie Policy, which is available on our website. You may also opt out of interest-based advertising by visiting the Network Advertising Initiative opt-out page at www.networkadvertising.org or the Digital Advertising Alliance's opt-out page at www.aboutads.info/choices.

8. Data Retention

Cafe Rio retains your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. The criteria we use to determine retention periods include:

Category of Data Retention Period
Account Information For the duration of your account, plus 3 years after account closure.
Order and Transaction Records 7 years, to comply with tax and financial recordkeeping requirements.
Payment Processing Records As required by PCI-DSS standards and applicable financial regulations (typically 5-7 years).
Marketing Communication Records Until you opt out, plus 3 years thereafter to demonstrate compliance.
Customer Service Records 3 years from the date of the interaction.
Website Usage and Log Data 13 months from collection date.
Cookie and Tracking Data As specified in each cookie's settings, typically between 30 days and 2 years.
Legal Compliance Records As required by applicable law, which may be up to 10 years in some cases.

When personal information is no longer required, we will securely delete, anonymize, or destroy it in accordance with our internal data retention and disposal procedures. Anonymized or aggregated data that can no longer identify you may be retained indefinitely for statistical and research purposes.

9. Children's Privacy

Age Restriction: Our website and services are intended for use by individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from individuals under the age of 18.

Cafe Rio is committed to protecting the privacy of children. We do not intentionally market to or solicit personal information from children under 18 years of age. Our website is not designed or intended for use by minors, and we do not knowingly create accounts for or collect personal information from anyone under the age of 18.

If you are a parent or legal guardian and you believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will take prompt steps to delete the child's personal information from our records.

We comply with the Children's Online Privacy Protection Act (COPPA) and take all reasonable measures to ensure that personal information of minors is not collected through our website or services. If we become aware that we have inadvertently collected personal information from a child under 13, we will delete such information as quickly as possible.

10. International Data Transfers

Cafe Rio is based in the United States and primarily processes personal information within the United States. However, some of our third-party service providers and business partners may be located in, or operate servers in, countries outside of the United States. If your personal information is transferred to, stored, or processed in a country outside the United States, we take appropriate steps to ensure that your data is protected in accordance with this Privacy Policy and applicable law.

When we transfer personal data internationally, we rely on appropriate safeguards such as:

  • Standard contractual clauses approved by relevant data protection authorities.
  • Data processing agreements with third-party providers that require equivalent levels of data protection.
  • Vendor selection processes that prioritize providers with strong data security and privacy track records.

Please note that the privacy laws of other countries may differ from those in the United States and may offer more or less protection for your personal information. By using our services, you acknowledge and consent to the transfer of your personal information to countries outside your country of residence, including the United States, where data protection standards may differ.

11. Third-Party Websites and Links

Our website may contain links to third-party websites, applications, or services that are not owned or controlled by Cafe Rio. This Privacy Policy applies only to our website and services. We have no control over, and accept no responsibility for, the privacy practices or content of third-party websites or services.

We encourage you to review the privacy policies of any third-party websites you visit before providing them with your personal information. The inclusion of a link to a third-party website on our website does not constitute our endorsement of that website or its privacy practices.

12. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activities tracked. At this time, our website does not respond to DNT browser signals, as there is no universally accepted standard for how websites should respond to such signals.

California residents may exercise their rights regarding the sale or sharing of personal information for cross-context behavioral advertising as described in Section 6.1 above, regardless of DNT settings.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or the ways in which we collect and use your personal information. When we make material changes to this Policy, we will notify you by:

  • Updating the "Last Updated" date at the top of this page.
  • Posting a prominent notice on our website.
  • Sending you an email notification (if we have your email address and the changes are significant).

We encourage you to review this Privacy Policy periodically to stay informed about our data practices. Your continued use of our website and services after we post any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree to the revised policy, please discontinue your use of our services.

14. Filing Complaints with Data Protection Authorities

If you believe that Cafe Rio has violated your privacy rights or failed to comply with applicable privacy laws, we encourage you to first contact us directly so that we can attempt to resolve your concern. You may reach our privacy team at [email protected].

If you are not satisfied with our response, you have the right to file a complaint with the appropriate regulatory authority. In the United States, the following agencies may be relevant:

Authority Jurisdiction Contact
Federal Trade Commission (FTC) Federal — Consumer Protection www.ftc.gov/contact
California Privacy Protection Agency (CPPA) California Residents (CCPA/CPRA) cppa.ca.gov
State Attorney General Offices Your respective state Contact your state's Attorney General office for guidance.

We take all complaints seriously and are committed to working cooperatively with regulatory authorities to resolve any privacy concerns in a fair and transparent manner.

15. Legal Bases for Processing (FTC Act Compliance)

Under the Federal Trade Commission Act and other applicable United States federal laws, Cafe Rio ensures that all data processing activities are conducted in accordance with fair information practices and applicable consumer protection standards. Our legal bases for processing your personal information include:

  • Performance of a Contract: Processing necessary to fulfill your food orders and deliver the services you have requested from us.
  • Legitimate Business Interests: Processing for purposes such as fraud prevention, security, analytics, and business improvement, where such interests are not overridden by your privacy rights.
  • Legal Compliance: Processing required to meet our obligations under applicable federal and state laws.
  • Your Consent: Processing based on your voluntary, informed consent for activities such as marketing communications and personalized advertising, which you may withdraw at any time.

16. Contact Information for Privacy Inquiries

If you have any questions, concerns, or requests relating to this Privacy Policy or the way we handle your personal information, please do not hesitate to contact us. We are committed to addressing your privacy concerns promptly and transparently.

Privacy Contact Details

Company: Cafe Rio

Website: caferio-food.rest

Email: [email protected]

Please include "Privacy Request" in the subject line of your email to ensure your inquiry is directed to the appropriate team member.

We will make every effort to respond to your inquiry within 10 business days, and to fully resolve your request within 45 days as required by applicable law. For complex or high-volume requests, we may require up to 90 days to respond, and we will notify you of any such extension.

Effective Date: May 13, 2026

This Privacy Policy was last reviewed and updated on May 13, 2026. This policy supersedes all prior versions of Cafe Rio's Privacy Policy.