Privacy Policy

Effective Date: June 24, 2026 | Last Updated: June 24, 2026

Important Notice: This Privacy Policy explains how Cafe Rio collects, uses, discloses, and protects your personal information when you visit our website at mealcaferio.rest or interact with our food services. Please read this document carefully before using our services.

1. Introduction and Who We Are

Welcome to Cafe Rio. We are a food service business operating in the United States, committed to protecting the privacy and personal information of our customers, website visitors, and anyone who interacts with our services. This Privacy Policy has been drafted in compliance with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant consumer protection regulations.

Throughout this Privacy Policy, "Cafe Rio," "we," "us," or "our" refers to the business operating under the name Cafe Rio. "You" or "your" refers to any individual who visits our website, places an order, signs up for our services, or otherwise engages with us in any capacity.

Our contact details for all privacy-related matters are as follows:

Business Name	Cafe Rio
Email Address	[email protected]
Website	mealcaferio.rest
Location	United States

By accessing or using our website and services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any portion of this policy, please discontinue use of our website and services immediately.

2. Information We Collect

We collect various types of information in connection with your use of our website and food services. The categories of information we collect are described in detail below.

2.1 Personal Identification Information

When you register an account, place a food order, make a reservation, subscribe to our newsletter, or contact us directly, we may collect personal identification information, including but not limited to:

Full name
Email address
Phone number
Postal address or delivery address
Date of birth (for age verification purposes)
Username and password for account access
Profile photograph (if voluntarily provided)
Dietary preferences, food allergies, or special dietary requirements you choose to share with us

2.2 Payment and Financial Information

When you make a purchase or payment through our website, we collect payment-related information necessary to process your transaction. This may include:

Credit or debit card details (processed securely through our third-party payment processors)
Billing address
Transaction history and order records
Gift card or promotional code information

Please note that we do not store full credit or debit card numbers on our servers. Payment processing is handled by PCI-DSS compliant third-party payment service providers.

2.3 Usage Data and Behavioral Information

We automatically collect certain information about how you interact with our website and digital services, including:

Pages visited and content viewed on our website
Search queries entered on our website
Time and date of visits
Duration of time spent on specific pages
Clickstream data and navigation paths through our website
Products or menu items viewed, added to cart, or purchased
Links clicked and features used
Referring website or source (how you arrived at our website)

2.4 Device and Technical Information

We collect technical information about the devices and software you use to access our services, including:

IP address
Browser type and version
Operating system and version
Device type (desktop, mobile, tablet)
Device identifiers and hardware model
Screen resolution and display settings
Language preferences
Time zone settings
Internet service provider (ISP)

2.5 Location Information

With your consent, we may collect approximate or precise location data in order to provide location-based services, such as identifying nearby Cafe Rio locations, facilitating delivery orders, or presenting relevant regional promotions. You may disable location services in your browser or device settings at any time.

2.6 Communications and Customer Service Data

When you contact us via email, phone, online chat, or any other communication channel, we collect and retain records of those communications, including:

The content of your messages and inquiries
Your contact details provided during communication
Records of complaints, feedback, or reviews you submit
Notes made by our customer service representatives

2.7 Information Collected from Third Parties

We may receive information about you from third-party sources, including:

Social media platforms (if you connect your account or interact with our social media content)
Third-party delivery platforms and partners
Loyalty program partners
Marketing and analytics providers
Publicly available databases and directories

3. How We Use Your Information

Cafe Rio uses the personal information we collect for a variety of legitimate business purposes. We are committed to using your data only in ways that are necessary, proportionate, and in accordance with applicable law.

3.1 Service Provision and Order Fulfillment

The primary purpose for which we collect your personal information is to provide you with our food services, including:

Processing and fulfilling your food orders, whether online, in-person, or through third-party delivery platforms
Managing your customer account and profile
Processing payments and issuing receipts or invoices
Arranging delivery or facilitating pickup orders
Communicating with you about your orders and any changes or issues
Responding to your questions, complaints, or requests for assistance
Administering loyalty programs or reward points

3.2 Website Operations and Improvement

We use usage data, device information, and analytics to operate and continuously improve our website and digital services:

Monitoring website performance and identifying technical issues
Analyzing user behavior to improve website design and functionality
Conducting A/B testing and feature optimization
Ensuring website security and preventing fraudulent activity
Personalizing your website experience based on your preferences and history

3.3 Marketing and Promotional Communications

With your consent, or where permitted by applicable law, we may use your contact information to send you marketing communications, including:

Promotional offers, discounts, and special deals on menu items
Newsletters and updates about new menu additions or seasonal specials
Information about loyalty program benefits and rewards
Invitations to events, tastings, or special dining experiences
Personalized recommendations based on your previous orders or preferences

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any of our emails or by contacting us directly at [email protected].

3.4 Analytics and Business Intelligence

We use aggregated and de-identified data for internal analytics and business intelligence purposes, including understanding customer trends, evaluating the performance of our menu offerings, and making informed decisions about our business strategy.

3.5 Legal and Compliance Purposes

We may use your personal information to:

Comply with applicable federal, state, and local laws and regulations
Respond to lawful requests from courts, law enforcement, and government authorities
Enforce our Terms of Service and other agreements
Protect the rights, property, and safety of Cafe Rio, our customers, and the public
Investigate and prevent fraud, security breaches, and other illegal activities

4. Cookies and Tracking Technologies

Our website uses cookies, web beacons, pixel tags, and similar tracking technologies to enhance your browsing experience, analyze website traffic, and support our marketing efforts.

4.1 Types of Cookies We Use

Essential Cookies: Necessary for the basic functioning of our website, such as maintaining your session and shopping cart.
Performance Cookies: Used to collect anonymous information about how visitors use our website, helping us identify areas for improvement.
Functional Cookies: Enable enhanced features and personalization, such as remembering your language preferences or login details.
Marketing and Advertising Cookies: Used to track visitors across websites for the purpose of displaying relevant advertisements and measuring the effectiveness of our marketing campaigns.

4.2 Managing Your Cookie Preferences

You have the right to accept or reject non-essential cookies. You can manage your cookie preferences through your browser settings or through any cookie consent tool presented to you on our website. Please note that disabling certain cookies may affect the functionality and performance of our website.

For more detailed information about the specific cookies we use and how to manage them, please refer to our Cookie Policy, which is available on our website at mealcaferio.rest.

5. Sharing Your Information with Third Parties

Cafe Rio does not sell your personal information to third parties. However, we may share your information with certain trusted third parties in the following circumstances:

5.1 Service Providers and Business Partners

We engage third-party companies and individuals to perform various services on our behalf, including:

Payment processing companies and financial institutions
Food delivery platforms and courier services
Cloud hosting and data storage providers
Email marketing and communication platforms
Customer relationship management (CRM) software providers
Analytics and website performance tools (e.g., Google Analytics)
Advertising and retargeting networks
IT support and cybersecurity service providers

These service providers are granted access to your personal information only to the extent necessary to perform their functions and are contractually obligated to maintain the confidentiality and security of your information.

5.2 Legal Requirements and Law Enforcement

We may disclose your personal information when required to do so by law or in response to valid legal processes, including:

Court orders, subpoenas, or other legal mandates
Requests from law enforcement agencies or government authorities
Regulatory investigations or audits
Situations involving the protection of the safety, rights, or property of any person or entity

5.3 Business Transfers

In the event that Cafe Rio undergoes a merger, acquisition, restructuring, sale of assets, or any other form of corporate transaction, your personal information may be transferred to the acquiring or successor entity as part of that transaction. We will notify you of any such change in ownership or control of your personal data, and any successor entity will be bound by this Privacy Policy or will provide you with a new privacy notice.

5.4 With Your Consent

We may share your personal information with other third parties for purposes not described in this policy when we have obtained your explicit prior consent to do so.

6. Data Security

Cafe Rio takes the security of your personal information seriously and has implemented a range of technical, administrative, and physical safeguards designed to protect your data against unauthorized access, disclosure, alteration, or destruction.

6.1 Security Measures We Implement

Encryption: We use industry-standard SSL/TLS encryption to protect data transmitted between your browser and our servers.
Access Controls: Access to personal data is restricted to authorized personnel who have a legitimate need to access that data as part of their job responsibilities.
Secure Payment Processing: All payment transactions are processed through PCI-DSS compliant third-party payment processors.
Regular Security Audits: We conduct periodic security assessments and vulnerability scans of our systems.
Employee Training: Our staff receive regular training on data protection and privacy best practices.
Incident Response Plans: We maintain documented procedures for responding to data breaches or security incidents in a timely and effective manner.

6.2 Limitations of Security

While we strive to use commercially reasonable means to protect your personal information, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security of your data, and you share information with us at your own risk. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the appropriate regulatory authorities as required by applicable law.

7. Your Privacy Rights

Depending on your state of residence within the United States, you may have various rights with respect to your personal information. Cafe Rio is committed to respecting and honoring these rights.

7.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a resident of California, you have the following rights under the CCPA as amended by the CPRA:

Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, as well as how that information has been used, disclosed, or sold.
Right to Delete: You have the right to request the deletion of your personal information that we have collected, subject to certain exceptions.
Right to Correct: You have the right to request that we correct inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. Cafe Rio does not sell your personal information.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information to that which is necessary to perform the requested services.
Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights. You will not receive a different level of service or be charged different prices for asserting your rights under the CCPA/CPRA.

7.2 General Privacy Rights for All U.S. Residents

Regardless of your state of residence, Cafe Rio respects the following privacy rights:

Right to Access: You may request access to the personal information we hold about you.
Right to Correction: You may request that we update or correct inaccurate or incomplete information.
Right to Deletion: You may request the deletion of your personal data, subject to our legal obligations to retain certain information.
Right to Data Portability: You may request a copy of your personal information in a structured, commonly used, and machine-readable format.
Right to Withdraw Consent: Where we process your data based on consent, you have the right to withdraw that consent at any time without affecting the lawfulness of prior processing.
Right to Object to Marketing: You may object to the processing of your personal information for direct marketing purposes at any time.

7.3 How to Exercise Your Rights

To exercise any of the rights described above, please contact us using the following methods:

Email: [email protected]
Website: mealcaferio.rest

We will verify your identity before responding to your request to ensure that we are disclosing or modifying information only to the appropriate individual. We will respond to verified requests within 45 days of receipt. If we require additional time, we will notify you of the extension and provide a reason for the delay.

You may also designate an authorized agent to submit requests on your behalf. Authorized agents must provide written authorization signed by you and may be required to verify their identity and authority.

8. Data Retention

Cafe Rio retains your personal information only for as long as is necessary to fulfill the purposes for which it was collected, or as required or permitted by applicable law. Our general data retention practices are as follows:

Category of Data	Retention Period
Account registration information	Duration of account activity plus 3 years after account closure
Order and transaction records	7 years (for tax and legal compliance purposes)
Customer service communications	3 years from the date of the interaction
Marketing and communications preferences	Until you opt out or request deletion
Website usage and analytics data	26 months from date of collection
Cookie data	As specified in our Cookie Policy (typically 1-2 years)
Payment information	7 years (as required by financial regulations)
Legal dispute records	Duration of the dispute plus applicable statute of limitations

When personal information is no longer needed for the purpose for which it was collected and no legal retention obligation applies, we will securely delete, anonymize, or destroy it in accordance with our data disposal procedures.

9. Children's Privacy

Age Requirement: Our website and services are intended for individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 18.

Cafe Rio's website and online ordering services are not directed at, nor intended for use by, individuals under the age of 18 years. We do not knowingly collect personal information from minors. If you are under the age of 18, please do not use our website or submit any personal information to us.

If you are a parent or legal guardian and you believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon verification, we will take prompt steps to delete such information from our records.

In compliance with the Children's Online Privacy Protection Act (COPPA), we do not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected personal information from a child under 13, we will delete that information as quickly as possible.

10. International Data Transfers

Cafe Rio operates primarily within the United States and stores personal information on servers located within the United States. However, some of our third-party service providers, including cloud hosting platforms, analytics tools, and marketing software vendors, may be located in or may process data in countries outside the United States.

When personal information is transferred to, or accessed from, countries outside the United States, we take steps to ensure that appropriate safeguards are in place to protect your information in accordance with applicable U.S. privacy laws and international data protection standards. These safeguards may include:

Data processing agreements with third-party providers incorporating standard data protection clauses
Transfers only to countries or organizations that provide an adequate level of data protection
Use of certified frameworks and mechanisms for cross-border data transfers

By using our website and services, you acknowledge and consent to the transfer of your personal information to and processing in countries outside your country of residence, including the United States, which may have different data protection rules than those of your country.

11. Third-Party Links and Services

Our website may contain links to third-party websites, applications, social media platforms, and other services that are not owned or controlled by Cafe Rio. This Privacy Policy applies only to information collected through our own website and services.

We have no control over the privacy practices, content, or data handling practices of third-party websites and services. We strongly encourage you to review the privacy policies of any third-party sites you visit. Cafe Rio is not responsible for the privacy practices or content of third-party websites, and any information you provide to such third parties is subject to their respective privacy policies.

12. Social Media and Online Reviews

We maintain social media accounts and profiles on various platforms. If you interact with us through social media, leave reviews on third-party platforms, or engage with our content on social networks, the information you share may be visible to the public and to the operators of those platforms. Please be mindful of the information you share in such public forums, as we have limited control over how such information is used or displayed.

We may use publicly available social media content (such as reviews, comments, or posts that mention Cafe Rio) for marketing, customer service, and business improvement purposes, subject to the terms of use of the respective platforms.

13. Do Not Track Signals

Some web browsers and devices allow you to send "Do Not Track" (DNT) signals to websites to indicate that you do not wish to be tracked. At this time, our website does not respond to browser-initiated DNT signals, as there is no uniform industry standard for how such signals should be interpreted and honored. However, you may opt out of certain types of tracking by managing your cookie preferences as described in Section 4 of this policy.

14. How to File a Complaint

If you believe that your privacy rights have been violated or that we have failed to comply with applicable data protection laws, we encourage you to first contact us directly so that we can attempt to resolve the issue:

Email: [email protected]
Website: mealcaferio.rest

We take all privacy complaints seriously and will investigate and respond to your complaint in a timely and thorough manner.

14.1 Filing a Complaint with the Federal Trade Commission (FTC)

If you are not satisfied with our response or believe that we are engaged in unfair or deceptive practices, you have the right to file a complaint with the Federal Trade Commission (FTC), which enforces consumer protection and privacy laws in the United States:

Federal Trade Commission (FTC)
Website: www.ftc.gov
Consumer Helpline: 1-877-382-4357
Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, D.C. 20580

14.2 Filing a Complaint with the California Attorney General (California Residents)

California residents who believe their CCPA/CPRA rights have been violated may also file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

California Privacy Protection Agency (CPPA)
Website: cppa.ca.gov
California Attorney General's Office
Website: oag.ca.gov

14.3 State Attorney General Offices

Residents of other states may have the right to file privacy complaints with their respective state attorney general's office or relevant state consumer protection agency. We encourage you to consult the specific laws and resources applicable to your state of residence.

15. Changes to This Privacy Policy

Cafe Rio reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, legal requirements, or for other operational reasons. When we make material changes to this policy, we will notify you by:

Updating the "Last Updated" date at the top of this Privacy Policy
Posting a prominent notice on our website
Sending an email notification to the address associated with your account (for significant changes)

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after the posting of changes to this Privacy Policy will constitute your acceptance of those changes.

16. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or our data practices, please do not hesitate to contact our privacy team using the details below:

Cafe Rio — Privacy Inquiries
Email: [email protected]
Website: mealcaferio.rest
Location: United States

We are committed to resolving any privacy concerns promptly and transparently. You can expect to receive an acknowledgment of your inquiry within 5 business days and a substantive response within 30 to 45 days, depending on the nature and complexity of your request.

This Privacy Policy was last reviewed and updated on June 24, 2026. Cafe Rio is committed to transparency and accountability in all aspects of personal data handling and privacy protection.