Privacy Policy
This Privacy Policy describes how Cafe Rio ("we," "us," "our," or the "Company") collects, uses, shares, and protects your personal information when you visit our website at eat-caferio.top, place orders, participate in loyalty programs, or otherwise interact with our services. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and respect for your rights under applicable United States law, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act).
Please read this Privacy Policy carefully before using our website or providing us with any personal information. By accessing or using our services, you acknowledge that you have read, understood, and agree to the practices described in this policy. If you do not agree with any part of this Privacy Policy, please discontinue use of our website and services immediately.
1. About Us and This Policy
Cafe Rio is a food service business operating in the United States, dedicated to providing customers with high-quality dining experiences, online ordering capabilities, and related food services. This Privacy Policy applies to all personal information collected through our website (eat-caferio.top), mobile-optimized pages, online ordering systems, email communications, marketing campaigns, customer loyalty programs, and any other digital or physical touchpoints where personal data may be gathered.
Our contact details for all privacy-related matters are as follows:
| Company Name | Cafe Rio |
|---|---|
| Website | eat-caferio.top |
| Email Address | [email protected] |
For all privacy inquiries, data subject requests, or complaints, please contact us using the email address listed above. We will make every effort to respond promptly and thoroughly to all legitimate inquiries.
2. Information We Collect
We collect various categories of personal information to provide, improve, and personalize our services. The types of information we collect depend on how you interact with us and what services you use.
2.1 Personal Identification Information
When you create an account, place an order, sign up for our newsletter, participate in a promotion, or contact us for customer support, we may collect the following personal identification information:
- Full name — used to personalize your experience and process your orders
- Email address — used for account authentication, order confirmations, and marketing communications
- Phone number — used for order notifications, customer support, and delivery coordination
- Mailing and delivery address — used for delivery services and location-based offerings
- Date of birth — used for age verification and birthday promotions where applicable
- Payment information — including credit/debit card details processed securely through our PCI-DSS-compliant payment processors; we do not store full card numbers on our servers
- Account credentials — username and encrypted password for registered accounts
2.2 Order and Transaction Data
When you place an order through our website or mobile interface, we collect detailed transaction information, including:
- Items ordered, quantities, and customizations
- Order history and frequency
- Special dietary preferences or allergen notes you provide
- Payment method type (not full card numbers)
- Order value, discounts applied, and promotional codes used
- Pickup or delivery preferences and associated timestamps
2.3 Usage Data and Website Analytics
When you browse our website, we automatically collect certain technical and behavioral data about your interaction with our digital properties, including:
- IP address and approximate geographic location derived from IP
- Browser type, version, and language settings
- Operating system and device type (desktop, mobile, tablet)
- Pages visited, time spent on each page, and navigation paths
- Referring URLs — the website or search engine that directed you to us
- Search queries entered within our website
- Click patterns, scroll depth, and interaction data
- Session duration and frequency of visits
- Error logs and performance metrics
2.4 Device Information
We collect information about the devices you use to access our services, including:
- Device identifiers (such as advertising IDs where permitted)
- Hardware model and specifications
- Mobile carrier information (where applicable)
- Network connection type (Wi-Fi, cellular, etc.)
- Screen resolution and display settings
2.5 Cookie and Tracking Technology Data
We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your browsing behavior and preferences. This data helps us improve website functionality, remember your preferences, and deliver relevant content. Please refer to Section 8 of this Privacy Policy for detailed information about our cookie practices, and our separate Cookie Policy available on our website for additional details.
2.6 Communications Data
If you contact us via email, contact forms, social media, or phone, we may retain records of those communications, including:
- The content of your messages or inquiries
- Your contact details as provided in the communication
- Our responses and any follow-up correspondence
- Timestamps and communication channel used
2.7 User-Generated Content
If you submit reviews, ratings, photographs, testimonials, or other content through our website or social media channels, we collect and may publish that content. Please be thoughtful about the personal information you include in any publicly submitted content.
2.8 Information from Third Parties
We may receive information about you from third-party sources, including:
- Social media platforms (if you connect your account or log in via a social media provider)
- Third-party delivery platforms that fulfill or facilitate your orders
- Marketing and analytics partners
- Public databases used for fraud prevention and identity verification
3. How We Use Your Information
We use the personal information we collect for a variety of legitimate business purposes. Below is a comprehensive overview of how your data is used:
3.1 Service Provision and Order Fulfillment
- Processing and confirming your food orders and reservations
- Coordinating delivery or pickup logistics
- Communicating order status updates and delivery tracking
- Processing payments and issuing refunds or credits where applicable
- Managing your account and loyalty program membership
- Providing customer support and resolving complaints or disputes
3.2 Website and Service Improvement
- Analyzing usage patterns to improve website navigation and functionality
- Testing new features and optimizing the user experience
- Monitoring website performance and resolving technical issues
- Conducting market research and customer satisfaction surveys
- Developing new menu items and service offerings based on customer preferences
3.3 Marketing and Promotional Communications
- Sending promotional emails, newsletters, and special offers (with your consent where required)
- Delivering personalized recommendations based on your order history and preferences
- Administering contests, sweepstakes, loyalty programs, and other promotions
- Displaying targeted advertising on our website and third-party platforms
- Retargeting campaigns to re-engage users who have previously visited our website
You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send, or by contacting us at [email protected]. Please note that even if you opt out of marketing emails, we may still send you transactional communications related to your orders and account.
3.4 Legal Compliance and Security
- Complying with applicable federal and state laws and regulations
- Responding to lawful requests from government authorities, courts, or law enforcement
- Preventing, detecting, and investigating fraud, unauthorized access, and other illegal activity
- Enforcing our Terms of Service and other applicable agreements
- Protecting the safety, rights, and property of our customers, employees, and business
3.5 Business Operations and Administration
- Maintaining business records and financial accounting
- Conducting internal audits and quality assurance reviews
- Facilitating business transactions such as mergers, acquisitions, or asset sales
- Training our staff and improving customer service standards
4. Sharing Your Information with Third Parties
We do not sell your personal information to third parties for monetary compensation. However, we may share your information with trusted partners and service providers in the following circumstances:
4.1 Service Providers and Business Partners
We engage third-party companies and individuals to perform services on our behalf. These service providers have access to personal information only as necessary to perform their functions and are contractually obligated not to disclose or use it for any other purpose. Our service providers include:
- Payment processors — to securely handle credit and debit card transactions
- Delivery logistics providers — to coordinate food delivery to your location
- Cloud hosting and IT infrastructure providers — to host and maintain our website and databases
- Email and marketing automation platforms — to send you communications and manage customer relationships
- Analytics providers — such as Google Analytics, to help us understand website traffic and user behavior
- Customer support software providers — to manage and respond to customer inquiries
- Fraud prevention and identity verification services
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information when we believe in good faith that disclosure is necessary to:
- Comply with a legal obligation, subpoena, court order, or governmental request
- Protect and defend our legal rights or property
- Prevent or investigate possible wrongdoing in connection with our services
- Protect the personal safety of users of our services or the general public
- Protect against legal liability
4.3 Business Transfers
In the event that Cafe Rio undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of its assets, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website if such a change occurs and if your information becomes subject to a different privacy policy.
4.4 With Your Consent
We may share your personal information with other third parties when you have given us your explicit consent to do so, such as when you participate in co-branded promotions or third-party loyalty programs.
4.5 Aggregated and De-identified Data
We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other business purposes. This type of data sharing does not constitute a "sale" of personal information under applicable privacy laws.
5. Data Security Measures
We take the security of your personal information seriously and implement a range of technical, administrative, and physical safeguards to protect it from unauthorized access, disclosure, alteration, or destruction.
5.1 Technical Safeguards
- SSL/TLS encryption — all data transmitted between your browser and our website is encrypted using industry-standard Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols
- PCI-DSS compliance — our payment processing infrastructure complies with Payment Card Industry Data Security Standards
- Firewalls and intrusion detection systems — we maintain network security controls to prevent unauthorized access
- Access controls — employee access to personal data is restricted on a need-to-know basis using role-based access controls
- Data encryption at rest — sensitive data stored in our databases is encrypted
- Regular security assessments — we conduct periodic vulnerability assessments and penetration testing
5.2 Administrative Safeguards
- Employee training on data privacy and security best practices
- Confidentiality agreements with all staff who handle personal data
- Vendor security assessments before engaging third-party service providers
- Data breach response plans and incident management procedures
5.3 Limitations
While we implement robust security measures, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your information. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the appropriate regulatory authorities as required by applicable law. We encourage you to use strong, unique passwords for your account and to notify us immediately if you suspect unauthorized access to your account.
6. Your Privacy Rights
Depending on your state of residence, you may have certain rights with respect to your personal information. We honor all legally applicable rights and will not discriminate against you for exercising any of the rights described below.
6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)
If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:
- Right to Know — You have the right to request that we disclose what personal information we have collected about you, including the categories of data, sources, purposes for collection, and any third parties with whom it has been shared.
- Right to Delete — You have the right to request that we delete personal information we have collected from you, subject to certain exceptions (such as information required to complete a transaction or comply with a legal obligation).
- Right to Correct — You have the right to request that we correct inaccurate personal information we maintain about you.
- Right to Opt-Out of Sale or Sharing — You have the right to opt out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertising. To exercise this right, visit our website or contact us at [email protected].
- Right to Limit Use of Sensitive Personal Information — Where we process sensitive personal information (such as precise geolocation or account login credentials), you have the right to direct us to limit its use to what is necessary to perform our services.
- Right to Non-Discrimination — We will not deny you services, charge you a different price, or provide a reduced quality of service because you exercised any of your privacy rights.
6.2 General Rights Available to All Users
Regardless of your state of residence, we provide all users with the following rights as a matter of company policy:
- Right to Access — You may request a copy of the personal information we hold about you.
- Right to Correction — You may request that we update or correct inaccurate or incomplete personal data.
- Right to Deletion — You may request that we delete your personal information, subject to applicable legal exceptions.
- Right to Portability — You may request that we provide your personal information in a structured, commonly used, and machine-readable format so you can transfer it to another service provider.
- Right to Withdraw Consent — Where we rely on your consent to process personal data, you may withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing carried out before withdrawal.
- Right to Object to Marketing — You may opt out of receiving direct marketing communications at any time.
6.3 How to Exercise Your Rights
To exercise any of the rights described above, please submit a verifiable request to us by:
- Emailing us at: [email protected]
- Using the contact form available at: eat-caferio.top
We will acknowledge your request within 10 business days and will respond fully within 45 days. If we need more time, we will notify you of the extension and the reason for the delay. We may need to verify your identity before processing your request. We will not require you to create an account solely to make a request.
You may also designate an authorized agent to submit a request on your behalf. If you use an authorized agent, we may require proof of authorization and verification of your identity directly.
7. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with our legal obligations, resolve disputes, and enforce our agreements. The following general retention guidelines apply:
| Category of Data | Retention Period |
|---|---|
| Account and registration data | Duration of account plus 3 years after last activity or account closure |
| Order and transaction records | 7 years (for tax and accounting compliance) |
| Marketing preferences and communications | Until you opt out, plus 1 year for record-keeping |
| Customer support communications | 3 years from the date of last communication |
| Website usage and analytics data | Up to 26 months (aggregated/anonymized after 14 months) |
| Cookie and tracking data | As specified in our Cookie Policy (typically 30 days to 2 years) |
| Legal compliance and fraud prevention data | Up to 7 years or as required by law |
When personal information is no longer needed, we will delete it securely or anonymize it so that it can no longer be associated with you. Some information may be retained longer if required by applicable law or if necessary to defend legal claims.
8. Cookie Policy Summary
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content and advertising. Below is a brief summary of our cookie practices. For full details, please review our dedicated Cookie Policy available on our website.
8.1 Types of Cookies We Use
- Strictly Necessary Cookies — Essential for the website to function properly. These cannot be disabled without affecting website functionality. They enable core features such as shopping cart functionality, account login, and security.
- Performance and Analytics Cookies — Help us understand how visitors interact with our website by collecting anonymized information about page views, traffic sources, and user behavior. We use tools such as Google Analytics for this purpose.
- Functional Cookies — Allow us to remember your preferences and settings (such as language preferences, saved addresses, and previous orders) to provide you with a personalized experience.
- Marketing and Targeting Cookies — Used to deliver relevant advertisements based on your browsing behavior and interests. These may be set by us or by third-party advertising partners.
8.2 Managing Your Cookie Preferences
You can manage your cookie preferences through:
- Our cookie consent banner displayed upon your first visit to our website
- Your browser settings — most browsers allow you to refuse or delete cookies
- Third-party opt-out tools such as the NAI Opt-Out Tool and Digital Advertising Alliance
- Google Analytics Opt-Out Browser Add-on for analytics cookies
Please note that disabling certain cookies may affect the functionality and user experience of our website.
9. Children's Privacy
Our website and services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 13, and we do not knowingly market to children under the age of 16.
Our practices are consistent with the Children's Online Privacy Protection Act (COPPA), which requires verifiable parental consent before collecting personal information from children under 13. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt action to delete such information from our systems.
If we discover that we have inadvertently collected personal information from a child under 13, we will delete that information as quickly as reasonably practicable. We encourage parents and guardians to monitor and supervise their children's online activities and to use parental control tools available from online services and technology manufacturers.
10. International Data Transfers
Cafe Rio is based in the United States, and your personal information is primarily collected, stored, and processed within the United States. If you are accessing our services from outside the United States, please be aware that your information may be transferred to, stored in, and processed in the United States, where data protection laws may differ from those in your jurisdiction.
By using our services and providing us with your personal information, you acknowledge and consent to the transfer of your data to the United States for the purposes described in this Privacy Policy. We take appropriate steps to ensure that any international data transfers are conducted in accordance with applicable laws and that adequate protections are in place to safeguard your personal information.
If you are a resident of a country with specific requirements for international data transfers (such as members of the European Economic Area), we will implement appropriate safeguards such as standard contractual clauses or other legally recognized transfer mechanisms as required.
11. Third-Party Links and Services
Our website may contain links to third-party websites, social media platforms, third-party delivery apps, and other external services that are not operated or controlled by Cafe Rio. This Privacy Policy does not apply to those third-party services, and we are not responsible for their privacy practices.
We encourage you to review the privacy policies of any third-party websites or services you visit. The inclusion of a link to a third-party site on our website does not constitute an endorsement of that site's privacy practices or content.
Third-party services we may reference or link to include, but are not limited to:
- Social media platforms (Facebook, Instagram, Twitter/X, TikTok)
- Third-party food delivery platforms
- Google Maps and location services
- Payment gateway providers
12. Do Not Track Signals
Some web browsers include a "Do Not Track" (DNT) feature that sends a signal to websites requesting that your browsing activity not be tracked. At this time, our website does not respond to DNT signals because there is no universally accepted standard for how such signals should be interpreted and honored. However, you may manage your privacy preferences through the cookie settings described in Section 8 of this Policy.
We will continue to monitor developments regarding Do Not Track and similar signals and will update this Policy accordingly if our practices change.
13. How to File a Complaint with a Data Protection Authority
If you are a California resident and believe that we have violated your rights under the CCPA/CPRA, you have the right to file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office.
California Privacy Protection Agency (CPPA)
Website: cppa.ca.gov
Email: [email protected]
California Attorney General's Office
Website: oag.ca.gov/privacy
Phone: 1-800-952-5225
If you are a resident of another U.S. state, you may also have the right to file complaints with your state's Attorney General or consumer protection authority. We encourage you to contact us first at [email protected] so we have an opportunity to resolve your concerns before you escalate to regulatory authorities.
For general consumer protection concerns, you may also contact the Federal Trade Commission (FTC):
Website: ftc.gov
Phone: 1-877-382-4357
14. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes to this Privacy Policy, we will:
- Update the "Last Updated" date at the top of this page
- Post a prominent notice on our website homepage or the Privacy Policy page
- Send an email notification to registered users if the changes are significant and affect how we use your personal information
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with the changes, you should discontinue use of our services and may request deletion of your personal information.
15. Contact Us for Privacy Inquiries
If you have any questions, concerns, comments, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We are committed to working with you to resolve any privacy concerns promptly and fairly.
- Company: Cafe Rio
- Website: eat-caferio.top
- Privacy Email: [email protected]
When contacting us regarding a privacy matter, please include the following information to help us respond efficiently:
- Your full name and email address associated with your account (if applicable)
- A clear description of your request or concern
- The specific right you wish to exercise (if applicable)
- Any relevant order numbers or account information
We will respond to all privacy inquiries within 10 business days of receipt and will provide a substantive response within 45 days, or notify you if an extension is required.