Privacy Policy
Welcome to Cafe Rio. We respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how Cafe Rio ("we," "us," "our," or "the Company") collects, uses, discloses, and safeguards your personal information when you visit our website at food-caferio.click, place orders, use our services, or interact with us in any way. Please read this policy carefully. By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy.
This Privacy Policy applies to all users of our website, mobile services, online ordering platforms, and any other digital or physical touchpoints associated with Cafe Rio. If you do not agree with the terms of this Privacy Policy, please discontinue your use of our website and services immediately.
1. About Us
Cafe Rio is a food service business operating in the United States. We are committed to transparency in our data practices and to complying with all applicable federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act).
- Business Name: Cafe Rio
- Website: food-caferio.click
- Email: [email protected]
2. Information We Collect
We collect various types of information in connection with your use of our website and services. The categories of personal information we collect include the following:
2.1 Personal Identification Information
When you create an account, place an order, make a reservation, sign up for our newsletter, participate in promotions, or contact us directly, we may collect personal identification information such as:
- Full name
- Email address
- Phone number
- Mailing or delivery address
- Date of birth (for age verification and promotional purposes)
- Username and password (for account holders)
- Profile photograph (if you choose to upload one)
2.2 Payment and Financial Information
When you make a purchase or process a transaction through our website or ordering platform, we collect payment-related information, which may include:
- Credit or debit card details (processed securely through third-party payment processors)
- Billing address
- Transaction history and order records
- Gift card or loyalty program numbers
Please note that we do not directly store full credit card numbers on our servers. Payment processing is handled by PCI-DSS compliant third-party payment processors.
2.3 Usage and Behavioral Data
When you browse our website or interact with our digital services, we automatically collect usage data, including:
- Pages visited and time spent on each page
- Clicks, scrolling behavior, and navigation paths
- Search queries entered on our website
- Items added to cart or viewed
- Order frequency, preferences, and history
- Referral source (how you arrived at our website)
- Date and time of your visit
2.4 Device and Technical Information
We collect technical information about the device and connection you use to access our website, including:
- IP address
- Browser type and version
- Operating system and platform
- Device type (desktop, mobile, tablet)
- Screen resolution
- Unique device identifiers
- Cookie identifiers and session data
- Geographic location data (derived from IP address)
2.5 Cookie and Tracking Data
We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your interactions with our website. For detailed information about our use of cookies, please refer to Section 9 of this Privacy Policy and our dedicated Cookie Policy available on our website.
2.6 Communications and Feedback
When you contact us via email, contact forms, customer service channels, or social media, we collect:
- The content of your messages and communications
- Customer service records and correspondence
- Survey responses and feedback submissions
- Reviews and ratings you submit
2.7 Information from Third Parties
We may also receive information about you from third-party sources, including:
- Social media platforms (if you connect your social media account or log in using social authentication)
- Third-party food delivery and ordering platforms
- Marketing and analytics partners
- Publicly available sources
3. How We Use Your Information
We use the personal information we collect for the following purposes:
3.1 Providing and Managing Our Services
- Processing and fulfilling your food orders and reservations
- Managing your account and providing account-related services
- Facilitating payment processing and transaction management
- Delivering food orders to your specified address
- Managing loyalty programs and rewards
- Responding to your inquiries, complaints, and customer support requests
- Sending order confirmations, receipts, and delivery updates
3.2 Personalization and User Experience
- Personalizing your experience on our website by remembering your preferences
- Recommending menu items based on your order history and preferences
- Customizing promotional offers and discounts relevant to your interests
- Improving website navigation and layout based on user behavior
3.3 Marketing and Communications
- Sending promotional emails, newsletters, and special offers (with your consent where required)
- Notifying you about new menu items, seasonal specials, and events
- Conducting targeted advertising campaigns on our website and third-party platforms
- Sending push notifications (where applicable and with your permission)
- Running contests, sweepstakes, and promotional campaigns
You may opt out of marketing communications at any time by following the unsubscribe link in any promotional email or by contacting us directly at [email protected].
3.4 Analytics and Business Improvement
- Analyzing website traffic and user behavior to improve our services
- Conducting internal research and analysis to understand customer trends
- Monitoring and improving the performance of our website and digital platforms
- Developing new products, services, and menu offerings
- Measuring the effectiveness of our marketing campaigns
3.5 Legal Compliance and Security
- Complying with applicable federal and state laws and regulations
- Responding to legal requests, subpoenas, court orders, and government inquiries
- Detecting, investigating, and preventing fraudulent transactions and other illegal activity
- Enforcing our Terms of Service and other agreements
- Protecting the rights, property, and safety of Cafe Rio, our customers, and the public
4. Legal Basis for Processing
Cafe Rio processes your personal information based on one or more of the following legal grounds:
| Legal Basis | Description |
|---|---|
| Contract Performance | Processing is necessary to fulfill your orders and manage your account. |
| Legitimate Interests | Processing is necessary for our business operations, fraud prevention, and improving our services. |
| Consent | You have provided explicit consent for specific processing activities, such as marketing emails. |
| Legal Obligation | Processing is required to comply with applicable laws and regulations. |
5. Sharing Your Information with Third Parties
We do not sell, rent, or trade your personal information to third parties for their independent marketing purposes. However, we may share your information in the following circumstances:
5.1 Service Providers and Business Partners
We work with trusted third-party service providers who assist us in operating our website and delivering our services. These may include:
- Payment processors — to securely process your payments and transactions
- Delivery and logistics partners — to fulfill your food delivery orders
- Email and marketing platforms — to send communications and manage marketing campaigns
- Analytics providers — to analyze website performance and user behavior (e.g., Google Analytics)
- Cloud hosting providers — to host our website and store data securely
- Customer support platforms — to manage customer service interactions
- Fraud detection services — to identify and prevent fraudulent activity
All third-party service providers are required to maintain appropriate security measures and are only permitted to use your personal information as necessary to provide services on our behalf.
5.2 Legal Requirements and Law Enforcement
We may disclose your personal information when required to do so by law or in response to valid legal processes, including:
- Compliance with federal, state, or local laws and regulations
- Response to court orders, subpoenas, or government requests
- Cooperation with law enforcement agencies in investigating fraud or illegal activity
- Protecting the rights, property, or safety of Cafe Rio, our employees, customers, or the public
5.3 Business Transfers
In the event that Cafe Rio undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of its assets, your personal information may be transferred as part of that business transaction. We will notify you via email or a prominent notice on our website of any such change in ownership or control of your personal information.
5.4 Aggregate and Anonymized Data
We may share aggregated or anonymized data that cannot reasonably be used to identify you with third parties for research, analytics, marketing, or other business purposes.
6. Data Security
Cafe Rio takes the security of your personal information seriously and implements a range of technical, administrative, and physical security measures designed to protect your data against unauthorized access, disclosure, alteration, or destruction. Our security measures include:
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols.
- Secure Payment Processing: Payment information is processed through PCI-DSS compliant third-party payment processors. We do not store full credit card numbers on our servers.
- Access Controls: Access to personal data is restricted to authorized personnel who have a legitimate business need to access that information.
- Password Protection: User accounts are protected by passwords. We encourage you to use strong, unique passwords and to keep them confidential.
- Regular Security Audits: We conduct periodic reviews and assessments of our security practices and systems.
- Data Minimization: We collect only the personal information that is necessary for the purposes described in this Privacy Policy.
- Employee Training: Our employees receive training on data privacy and security practices.
7. Your Privacy Rights
Depending on your location and applicable law, you may have certain rights regarding your personal information. We honor these rights to the fullest extent required by applicable federal and state laws, including the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) for California residents.
7.1 Right to Know and Access
You have the right to request information about the personal data we hold about you, including the categories of personal information collected, the sources from which it was collected, the purposes for which it is used, and the categories of third parties with whom it is shared. Upon a verified request, we will provide you with a copy of your personal information.
7.2 Right to Correction
You have the right to request that we correct any inaccurate or incomplete personal information we hold about you. You can update certain account information directly through your account settings, or you may contact us to request corrections.
7.3 Right to Deletion
You have the right to request that we delete your personal information, subject to certain exceptions. We may retain information where required by law, for legitimate business purposes (such as completing transactions or preventing fraud), or where other legal exceptions apply.
7.4 Right to Data Portability
You have the right to receive a copy of your personal information in a structured, commonly used, machine-readable format, and to transmit that data to another controller where technically feasible.
7.5 Right to Opt Out of Sale or Sharing
Under the CCPA/CPRA, California residents have the right to opt out of the sale or sharing of their personal information for cross-context behavioral advertising. To exercise this right, please contact us at [email protected] or use the "Do Not Sell or Share My Personal Information" link on our website.
7.6 Right to Limit Use of Sensitive Personal Information
California residents have the right to limit our use and disclosure of sensitive personal information (such as financial data and precise geolocation) to only what is necessary to provide the requested services.
7.7 Right to Non-Discrimination
We will not discriminate against you for exercising any of your privacy rights. This means we will not deny you goods or services, charge you different prices, or provide you with a different quality of service because you exercised your privacy rights.
7.8 How to Exercise Your Rights
To exercise any of your privacy rights, please submit a request by:
- Emailing us at [email protected] with the subject line "Privacy Rights Request"
- Visiting our website at food-caferio.click and submitting a request through the designated privacy request form
We will verify your identity before processing your request to protect your personal information. We will respond to your request within 45 days. If we require additional time, we will notify you of the extension and the reason for the delay. We may need to collect additional information to verify your identity and process your request.
8. Data Retention
We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods we apply include:
| Category of Data | Retention Period |
|---|---|
| Account information | For the duration of your account, plus 3 years after account closure |
| Order and transaction records | 7 years (for accounting and tax compliance purposes) |
| Marketing and communication preferences | Until you opt out or request deletion |
| Customer service records | 3 years from the date of last interaction |
| Usage and analytics data | Up to 26 months (anonymized after this period) |
| Cookie and tracking data | As specified in our Cookie Policy (typically 30 days to 2 years) |
| Legal and compliance records | As required by applicable law (typically up to 7 years) |
After the applicable retention period expires, we will securely delete or anonymize your personal information in accordance with our data disposal practices.
9. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and support our marketing activities. Cookies are small text files placed on your device when you visit our website.
9.1 Types of Cookies We Use
- Essential Cookies: These are necessary for the basic functionality of our website, such as enabling you to add items to your cart and complete purchases. These cannot be disabled.
- Performance and Analytics Cookies: These help us understand how visitors interact with our website by collecting anonymous usage data. We use tools such as Google Analytics for this purpose.
- Functionality Cookies: These remember your preferences and settings to provide a more personalized experience.
- Marketing and Advertising Cookies: These track your browsing activity to deliver targeted advertisements and measure the effectiveness of our advertising campaigns.
9.2 Managing Your Cookie Preferences
You can manage your cookie preferences through your browser settings or our cookie consent tool available on our website. Most browsers allow you to refuse or delete cookies. However, please note that disabling certain cookies may impact the functionality of our website.
For full details about our use of cookies, including how to opt out of specific cookie categories, please refer to our Cookie Policy available at food-caferio.click/cookie-policy.
10. Children's Privacy
Cafe Rio does not knowingly collect, use, or disclose personal information from children under the age of 18. Our website, services, and online ordering platform are not directed at or intended for use by minors. If you are under 18 years of age, please do not use our website or provide any personal information to us.
If we become aware that we have inadvertently collected personal information from a child under the age of 18, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us at [email protected] so that we can promptly address the issue.
We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly engage in the collection of personal information from children under 13 years of age.
11. International Data Transfers
Cafe Rio is based in the United States and operates primarily within the United States. Your personal information is stored and processed on servers located in the United States. If you are accessing our website from outside the United States, please be aware that your personal information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.
By using our website and services and providing your personal information, you acknowledge and consent to the transfer of your data to the United States. We take steps to ensure that your personal information receives an adequate level of protection regardless of where it is processed, including entering into appropriate data processing agreements with our service providers.
If you have questions about international data transfers or wish to understand more about the safeguards we have in place, please contact us at [email protected].
12. California Privacy Rights (CCPA/CPRA)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). This section supplements the general privacy rights described elsewhere in this policy.
12.1 Categories of Personal Information Collected
In the past 12 months, we have collected the following categories of personal information from California consumers:
| Category | Examples | Collected |
|---|---|---|
| Identifiers | Name, email address, IP address, account username | Yes |
| Personal Information (Cal. Civ. Code § 1798.80(e)) | Name, address, telephone number, payment card information | Yes |
| Commercial Information | Order history, products purchased, transaction records | Yes |
| Internet or Electronic Activity | Browsing history on our website, search queries, interaction data | Yes |
| Geolocation Data | General location derived from IP address | Yes |
| Inferences | Preferences, characteristics, and behavior derived from data | Yes |
| Sensitive Personal Information | Payment card data (processed by third parties), precise geolocation (if consented) | Limited |
12.2 Submitting California Privacy Requests
California residents may submit privacy rights requests by contacting us at [email protected]. You may also designate an authorized agent to make a request on your behalf. We will verify the identity of the requesting party before processing any request.
13. Federal Privacy Protections (FTC Act)
Cafe Rio is committed to compliance with the Federal Trade Commission Act (FTC Act), which prohibits unfair or deceptive acts and practices in commerce, including in the area of consumer privacy. We maintain fair information practices and do not engage in deceptive data collection or use. If you believe our privacy practices are unfair or deceptive, you have the right to file a complaint with the Federal Trade Commission (FTC) at www.ftc.gov.
14. Third-Party Links and Services
Our website may contain links to third-party websites, applications, or services, including social media platforms, delivery apps, and partner websites. This Privacy Policy applies only to our website and services. We are not responsible for the privacy practices of third-party websites or services. We encourage you to review the privacy policies of any third-party sites you visit. The inclusion of a link to a third-party website does not imply our endorsement of that website or its privacy practices.
15. Do Not Track Signals
Some web browsers include a "Do Not Track" (DNT) feature that signals to websites that a user does not wish to be tracked. Currently, our website does not respond to DNT signals because there is no universal standard for how websites should respond to such signals. We will continue to monitor developments in this area and update our practices accordingly.
16. Marketing Communications and Opt-Out
With your consent (where required by applicable law), we may send you marketing emails, promotional offers, newsletters, and other communications about our products and services. You have the right to opt out of receiving marketing communications from us at any time by:
- Clicking the "Unsubscribe" link at the bottom of any marketing email we send you
- Logging into your account and adjusting your communication preferences
- Contacting us directly at [email protected] with the subject line "Unsubscribe"
Please note that even if you opt out of marketing communications, we may still send you transactional or service-related messages, such as order confirmations, delivery updates, and account notifications.
17. How to File a Complaint
If you believe that your privacy rights have been violated or that we have not handled your personal information in accordance with applicable law, we encourage you to first contact us directly so we can attempt to resolve your concern:
- Email: [email protected]
- Website: food-caferio.click
If you are not satisfied with our response, you may file a complaint with relevant data protection authorities:
- Federal Trade Commission (FTC): If you believe we have engaged in unfair or deceptive privacy practices, you may file a complaint with the FTC at reportfraud.ftc.gov or by calling 1-877-FTC-HELP (1-877-382-4357).
- California Attorney General (for California residents): California residents may also contact the California Attorney General's Office at oag.ca.gov or by calling 1-800-952-5225.
- California Privacy Protection Agency (CPPA): California residents may file complaints related to CCPA/CPRA violations with the California Privacy Protection Agency at cppa.ca.gov.
- State Attorney General: Residents of other states may contact their respective state attorney general's office for privacy-related complaints.
18. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or data processing activities. When we make material changes to this policy, we will:
- Update the "Last Updated" date at the top of this page
- Post a prominent notice on our website notifying users of the changes
- Send an email notification to registered account holders where required by law
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.
19. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team:
Cafe Rio — Privacy Inquiries
- Business Name: Cafe Rio
- Website: food-caferio.click
- Email: [email protected]
We are committed to resolving any privacy-related concerns promptly and transparently. Our privacy team will respond to your inquiry within a reasonable timeframe, typically within 30 business days.