Privacy Policy

Effective Date: March 28, 2026  |  Last Updated: March 28, 2026

This Privacy Policy describes how Cafe Rio ("we," "us," "our," or the "Company") collects, uses, discloses, and protects your personal information when you visit our website at cafes-rios.top, place orders, interact with our services, or otherwise engage with us. We are committed to protecting your privacy and handling your personal data with transparency, integrity, and care.

Please read this Privacy Policy carefully. By accessing or using our website, purchasing our products or services, or otherwise providing us with your personal information, you acknowledge that you have read, understood, and agree to the practices described in this policy. If you do not agree with the terms of this Privacy Policy, please do not use our website or services.

This Privacy Policy is intended to comply with applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable state and federal privacy regulations.

1. Who We Are

Cafe Rio is a food service business operating in the United States. We are committed to serving our customers with quality food and exceptional service while maintaining the highest standards of data privacy and security.

Contact Information

For any questions, concerns, or requests related to this Privacy Policy or the handling of your personal data, please contact us using the details provided above or in the "Contact Us" section at the end of this policy.

2. Information We Collect

We collect various types of information in connection with your use of our website, services, and food offerings. The categories of information we collect are described below.

2.1 Personal Identification Information

When you interact with Cafe Rio — whether by placing an order, creating an account, subscribing to our newsletter, participating in promotions, or contacting our customer service — we may collect the following personal identification information:

  • Full name
  • Email address
  • Mailing or delivery address
  • Phone number
  • Date of birth (where required for age verification or promotions)
  • Username and password (for account holders)
  • Profile photo (if voluntarily provided)
  • Payment and billing information (processed securely through our payment processors)
  • Loyalty program information and membership identifiers

2.2 Order and Transaction Information

When you place an order through our website or in-person at our establishments, we collect:

  • Details of food items ordered
  • Order history and frequency
  • Special dietary preferences or restrictions (if voluntarily provided)
  • Delivery instructions and preferences
  • Transaction amount and payment method type
  • Timestamps and order confirmation numbers

2.3 Usage and Technical Data

When you visit our website at cafes-rios.top, we automatically collect certain technical and usage data through cookies, web beacons, and similar tracking technologies, including:

  • IP address and approximate geographic location
  • Browser type and version
  • Operating system and device type
  • Referring website or source URL
  • Pages visited, time spent on each page, and navigation patterns
  • Links clicked and content interacted with
  • Search queries entered on our website
  • Date and time of your visit
  • Session duration and bounce rate data
  • Error logs and performance metrics

2.4 Device Information

We may collect specific information about the devices you use to access our website and services:

  • Device identifiers (such as mobile device IDs)
  • Hardware model and specifications
  • Mobile network information
  • Screen resolution and display settings
  • Language settings and time zone
  • Application version information (if applicable for mobile apps)

2.5 Communications and Feedback

If you contact us through email, our contact form, or other communication channels, we collect:

  • The content of your messages and inquiries
  • Customer service interaction records
  • Reviews, ratings, and feedback you submit
  • Survey responses (if you choose to participate)
  • Social media interactions with our official accounts

2.6 Information Collected from Third Parties

We may also receive information about you from third-party sources, including:

  • Social media platforms (if you connect your account or use social login features)
  • Third-party food delivery platforms that partner with us
  • Analytics and marketing partners
  • Publicly available databases

3. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes. The specific purposes for which we process your data are outlined below:

3.1 Service Provision and Order Fulfillment

The primary purpose for which we collect and use your personal data is to provide you with the products and services you request. This includes:

  • Processing and fulfilling your food orders
  • Managing your online account and profile
  • Processing payments and refunds
  • Coordinating delivery or pickup services
  • Administering loyalty programs and rewards
  • Communicating with you about your orders, including confirmations, updates, and receipts

3.2 Customer Support and Communications

We use your information to provide responsive and effective customer support:

  • Responding to your inquiries, questions, and complaints
  • Resolving disputes and troubleshooting issues
  • Sending operational notifications relevant to your account or orders
  • Providing updates about changes to our menu, services, or policies

3.3 Analytics and Service Improvement

We use collected data to continually improve our website, menu offerings, and overall customer experience:

  • Analyzing website traffic and usage patterns to optimize our platform
  • Conducting research and analysis on customer preferences and ordering trends
  • Testing and improving website features and functionalities
  • Developing new menu items and services based on customer feedback
  • Monitoring and improving operational performance

3.4 Marketing and Promotional Activities

Subject to your consent and applicable legal requirements, we may use your data for marketing purposes:

  • Sending promotional emails, newsletters, and special offers
  • Delivering targeted advertisements based on your preferences and browsing history
  • Notifying you about seasonal promotions, new menu items, and events
  • Conducting sweepstakes, contests, and giveaways
  • Personalizing marketing communications to align with your interests

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send or by contacting us at [email protected].

3.5 Legal Compliance and Safety

We may process your personal data as required by applicable law or to protect our legal interests:

  • Complying with applicable federal, state, and local laws and regulations
  • Responding to lawful requests from government authorities or law enforcement
  • Enforcing our Terms of Service and other agreements
  • Detecting, preventing, and addressing fraud, security breaches, or other illegal activities
  • Protecting the rights, property, and safety of Cafe Rio, our employees, and our customers

4. Sharing Your Information with Third Parties

We respect your privacy and do not sell your personal information to third parties. However, we may share your data with certain trusted third parties in the circumstances described below.

4.1 Service Providers and Business Partners

We work with carefully selected third-party service providers who assist us in operating our business and delivering services to you. These providers are contractually obligated to handle your data securely and only for the purposes for which it was shared. Categories of service providers include:

  • Payment Processors: To securely process credit card, debit card, and other payment transactions
  • Delivery Partners: Third-party delivery services that help fulfill your food orders
  • Email and Communication Platforms: To send transactional and marketing communications
  • Website Hosting and Cloud Services: To maintain and operate our website and data infrastructure
  • Analytics Providers: Such as Google Analytics, to help us understand how customers use our website
  • Customer Support Tools: Platforms that help us manage customer inquiries and support tickets
  • Marketing and Advertising Partners: To deliver relevant promotional content to you

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information when required by law or in good-faith belief that such disclosure is necessary to:

  • Comply with a subpoena, court order, legal process, or government request
  • Cooperate with law enforcement agencies in the United States
  • Enforce our Terms of Service or protect our legal rights
  • Protect against imminent harm to the safety of individuals or the public

4.3 Business Transfers

In the event that Cafe Rio undergoes a merger, acquisition, restructuring, or sale of all or a portion of its assets, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website of any such change in ownership or control, and we will ensure that any successor entity honors the commitments made in this Privacy Policy.

4.4 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data with third parties for research, marketing, analytics, or other lawful purposes. This data cannot reasonably be used to identify you individually.

5. Cookie Usage and Tracking Technologies

Our website at cafes-rios.top uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content.

5.1 What Are Cookies?

Cookies are small text files stored on your device by a website when you visit it. They allow the website to remember your actions and preferences over a period of time, so you do not have to re-enter information every time you return.

5.2 Types of Cookies We Use

Cookie Type Purpose Duration
Strictly Necessary Essential for website functionality, including login sessions and shopping cart operations Session
Performance/Analytics Collect information about how visitors use our website to improve performance Up to 2 years
Functional Remember your preferences such as language, region, and order history Up to 1 year
Marketing/Advertising Track browsing activity to deliver relevant advertisements on our site and third-party platforms Up to 2 years

5.3 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or receive a warning before a cookie is stored. Please note that disabling certain cookies may impact the functionality of our website and your ability to use some of its features.

For more detailed information about the cookies we use and your choices regarding them, please refer to our Cookie Policy, available on our website.

6. Data Security

We take the security of your personal information seriously and implement a comprehensive set of administrative, technical, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, and destruction.

6.1 Security Measures We Implement

  • Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our servers.
  • Access Controls: Access to personal data is restricted to authorized personnel who need it to perform their job functions. All access is logged and monitored.
  • Password Security: User account passwords are stored using strong cryptographic hashing algorithms. We do not store plaintext passwords.
  • Payment Security: Payment card data is handled by PCI DSS-compliant payment processors. We do not store full credit card numbers on our servers.
  • Regular Security Audits: We conduct periodic security reviews, vulnerability assessments, and penetration testing to identify and remediate risks.
  • Firewalls and Intrusion Detection: We deploy firewalls and intrusion detection systems to monitor and protect our network infrastructure.
  • Employee Training: Our team members receive regular training on data protection best practices and privacy compliance.

6.2 Limitations of Security

While we strive to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the appropriate regulatory authorities as required by applicable law.

7. Your Privacy Rights

Depending on your state of residence, you may have specific rights regarding your personal information. We are committed to honoring these rights in accordance with applicable United States privacy laws.

7.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA/CPRA:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, the purposes for which we use it, and the third parties with whom we share it.
  • Right to Delete: You have the right to request the deletion of your personal information, subject to certain legal exceptions.
  • Right to Correct: You have the right to request correction of inaccurate personal information we hold about you.
  • Right to Opt Out of Sale/Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell your personal information, but we may share it with advertising partners.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information to purposes strictly necessary to provide our services.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. You will not receive a lower quality of service or be charged different prices as a result.
  • Right to Data Portability: You may request a copy of your personal information in a portable and readily usable format.

7.2 General Privacy Rights (All U.S. Residents)

Regardless of your state of residence, you have the following general rights with respect to your personal data:

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Correction: Request that we correct or update inaccurate or incomplete information.
  • Right to Deletion: Request that we delete your personal information from our records.
  • Right to Withdraw Consent: Where we rely on your consent to process data, you may withdraw it at any time.
  • Right to Opt Out of Marketing: Unsubscribe from our marketing communications at any time.

7.3 How to Exercise Your Rights

To exercise any of the rights described above, please submit your request to us using the following methods:

  • Email: [email protected]
  • Website: cafes-rios.top (via the Contact or Privacy Request form)

We will respond to verified requests within 45 days of receipt, as required by the CCPA/CPRA. In some cases, we may require additional time to process your request, in which case we will notify you within the initial 45-day period and provide an estimated completion date. We may ask you to verify your identity before processing your request to ensure the security of your data.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, resolve disputes, and enforce our agreements. The specific retention periods we apply vary depending on the type of data and the purpose for which it is processed.

Data Category Retention Period
Account and profile information Duration of account plus 3 years after account closure
Order and transaction records 7 years (for tax and financial compliance)
Customer support communications 3 years from the date of interaction
Marketing preferences and consent records 3 years from the date of last interaction or opt-out
Website usage and analytics data Up to 26 months
Cookie data As specified in our Cookie Policy (typically up to 2 years)
Legal, compliance, and dispute records As required by applicable law, typically 5-10 years

Upon the expiration of the applicable retention period, we will securely delete or anonymize your personal information. If deletion is not immediately possible due to technical constraints, we will isolate your data from further processing until deletion can occur.

9. Children's Privacy

Important Notice: Our website and services are intended exclusively for users who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from individuals under the age of 18.

Cafe Rio does not direct its services to children under the age of 18. We do not knowingly collect personal information from minors. Our website, online ordering system, loyalty programs, and marketing communications are intended for adults only.

If we become aware that we have inadvertently collected personal information from a person under 18 years of age without appropriate parental consent, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected].

We comply with the Children's Online Privacy Protection Act (COPPA), which restricts the collection of personal information from children under the age of 13 in the United States. Our age restriction of 18 years exceeds this federal minimum requirement to ensure the appropriateness of our services for all users.

10. International Data Transfers

Cafe Rio is based in the United States and primarily processes personal data within the United States. However, some of our third-party service providers, including cloud hosting, analytics, and payment processing partners, may be located in or operate servers in countries outside of the United States.

When we transfer your personal data internationally, we take appropriate steps to ensure that your information receives an adequate level of protection in accordance with applicable United States privacy laws. These measures may include:

  • Ensuring that third-party service providers are bound by data processing agreements that require them to implement appropriate security measures
  • Selecting service providers in jurisdictions that offer comparable data protection standards
  • Implementing standard contractual clauses or other appropriate safeguards as recognized by applicable law

By using our website and services, you acknowledge and consent to the transfer of your personal information to the United States and to other countries as described in this section. We will always handle your data in accordance with this Privacy Policy, regardless of where it is processed.

11. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, delivery partner platforms, and other external services that are not operated or controlled by Cafe Rio. This Privacy Policy does not apply to those third-party websites or services.

We strongly encourage you to review the privacy policies of any third-party websites you visit through links from our website. We are not responsible for the privacy practices or the content of any websites that are not operated by Cafe Rio. Clicking on third-party links or interacting with third-party services may result in the collection of your personal data by those parties, which is governed by their respective privacy policies.

12. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites indicating that you do not wish to be tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals, and our website does not currently alter its data collection and use practices in response to DNT browser signals.

However, you can manage your cookie and tracking preferences as described in Section 5 of this Privacy Policy and through your browser settings.

13. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our data practices, legal requirements, or business operations. When we make material changes, we will notify you by:

  • Posting the updated Privacy Policy on our website at cafes-rios.top with a new "Last Updated" date
  • Sending you an email notification to the address associated with your account (for registered users)
  • Displaying a prominent notice on our website homepage

Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically to stay informed about how we protect your personal information.

14. How to File a Complaint

If you believe that your privacy rights have been violated or that we have failed to comply with applicable privacy laws, we encourage you to first contact us directly so that we can address your concerns:

We will acknowledge your complaint within 10 business days and work diligently to resolve your concern within 30 business days.

14.1 Complaints to Regulatory Authorities

If you are not satisfied with our response or believe we are processing your personal data in violation of applicable law, you have the right to lodge a complaint with the appropriate regulatory authority:

California Residents:

You may file a complaint with the California Privacy Protection Agency (CPPA):

All U.S. Residents – Federal Complaints:

You may file a complaint with the Federal Trade Commission (FTC) regarding unfair or deceptive practices:

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please do not hesitate to reach out to us. We are committed to addressing your privacy inquiries promptly and professionally.

Cafe Rio – Privacy Contact Information

Company: Cafe Rio
Email: [email protected]
Website: cafes-rios.top

When contacting us regarding a privacy request, please include your full name, email address, and a clear description of your request or concern. If you are submitting a data subject access request or exercising any of your legal rights, please also indicate the specific right you are exercising so we can process your request efficiently.

This Privacy Policy was last reviewed and updated on March 28, 2026. All previous versions of this Privacy Policy are superseded by this document.