Privacy Policy

Effective Date: March 27, 2026 | Last Updated: March 27, 2026

This Privacy Policy describes how Cafe Rio ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website at rioscafe.top, place orders, interact with our services, or otherwise engage with us. Please read this policy carefully. By using our website or services, you agree to the practices described herein.

We are committed to protecting your privacy and handling your personal data with transparency, integrity, and respect. This policy has been drafted in accordance with applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act).

1. About Us

Cafe Rio is a food service business operating through the website rioscafe.top. We provide customers with access to our menu, online ordering, reservations, catering inquiries, and related food and beverage services.

Business Name	Cafe Rio
Website	rioscafe.top
Email Address	[email protected]
Phone	Not provided
Mailing Address	United States

For all privacy-related inquiries, questions, requests, or concerns, please contact us using the details provided in Section 15 of this policy.

2. Scope of This Privacy Policy

This Privacy Policy applies to:

All visitors to our website rioscafe.top
Customers who place online food orders or make reservations through our platform
Individuals who subscribe to our newsletter or marketing communications
Anyone who contacts us via email, phone, or any other communication channel
Users who participate in promotions, surveys, loyalty programs, or contests we may run

This policy does not apply to third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party platforms you visit.

3. Information We Collect

We collect various types of personal and non-personal information in the course of operating our business and providing services to you. The categories of information we collect include:

3.1 Personal Identification Information

When you register an account, place an order, make a reservation, or contact us, we may collect:

Full name
Email address
Phone number
Mailing or delivery address
Date of birth (for age verification or promotional purposes)
Username and password (for account holders)

3.2 Order and Transaction Information

When you place an order or make a purchase, we collect:

Items ordered, special instructions, and dietary preferences
Order history and purchase records
Billing information (though full payment card details are processed by our secure third-party payment processors)
Delivery address and instructions
Transaction amounts and timestamps

3.3 Usage and Behavioral Data

As you interact with our website, we automatically collect certain technical and behavioral information, including:

Pages visited and content viewed
Time and duration of visits
Links clicked and navigation paths
Search queries entered on our website
Shopping cart activity and browsing patterns
Referral URLs (how you arrived at our site)

3.4 Device and Technical Information

We collect technical information about the devices you use to access our services, including:

IP address
Browser type and version
Operating system and device type
Screen resolution
Device identifiers
Geolocation data (city or region level, derived from IP address)
Mobile advertising identifiers (where applicable)

3.5 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar technologies to collect information about your browsing behavior. For more detailed information, please refer to Section 10 of this policy.

3.6 Communications and Feedback

When you contact us by email, phone, or through a contact form, we collect:

The content of your messages and inquiries
Your name and contact details as provided
Records of communications for customer service purposes
Feedback, reviews, and survey responses you voluntarily submit

3.7 Information from Third Parties

We may receive information about you from third-party sources, including:

Third-party food delivery platforms (if applicable)
Social media platforms when you interact with our social media profiles or log in via social media
Analytics and advertising partners
Publicly available sources

4. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes, as described below:

4.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders, including delivery and pickup coordination
Managing your account and providing access to account features
Processing payments and issuing receipts or confirmations
Coordinating reservations, catering requests, and special events
Responding to your inquiries, complaints, and customer service requests

4.2 Analytics and Service Improvement

Analyzing website traffic and user behavior to improve our website and online ordering experience
Understanding customer preferences to refine our menu offerings
Conducting internal research and business analysis
Monitoring and improving website performance and functionality
Identifying and fixing technical issues

4.3 Marketing and Promotions

Sending you promotional emails, newsletters, and special offers (with your consent where required)
Informing you about new menu items, seasonal specials, and events
Running loyalty programs, contests, and promotional campaigns
Delivering targeted advertising based on your browsing behavior and preferences
Measuring the effectiveness of our marketing campaigns

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any email we send, or by contacting us directly at [email protected].

4.4 Legal Compliance and Safety

Complying with applicable federal and state laws, regulations, and legal obligations
Responding to lawful requests from government authorities or law enforcement
Protecting our rights, property, and the safety of our customers and staff
Detecting, investigating, and preventing fraudulent or illegal activities
Enforcing our Terms of Service and other agreements

4.5 Personalization

Customizing your experience on our website based on your preferences and order history
Recommending menu items based on your past orders
Displaying location-relevant content and promotions

5. Legal Basis for Processing Personal Information

As a business operating in the United States, we process your personal information on the following grounds:

Contractual Necessity: Processing is necessary to fulfill your orders, manage your account, and provide the services you have requested.
Legitimate Interests: We process data for our legitimate business interests, such as improving our services, preventing fraud, and marketing our offerings, provided these interests do not override your rights.
Consent: Where required by law, we obtain your explicit consent before processing your data, such as for marketing communications or certain cookie placements.
Legal Obligation: We process data as necessary to comply with applicable laws and regulations, including tax, food safety, and consumer protection requirements.

6. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information with trusted third parties in the following circumstances:

6.1 Service Providers and Business Partners

We engage third-party companies and individuals to assist us in operating our website and delivering our services. These service providers are contractually obligated to protect your information and may only use it for the specific purposes we designate. Categories of service providers include:

Payment processors: To securely process your payments (e.g., credit card transactions, digital wallets)
Delivery platforms: If your order is fulfilled through a third-party delivery service
Email marketing platforms: To send newsletters and promotional communications
Analytics providers: Such as Google Analytics, to help us understand website usage
Cloud hosting and IT service providers: To maintain and operate our website infrastructure
Customer support tools: To manage and respond to customer inquiries

6.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law, or in good faith belief that such action is necessary to:

Comply with a legal obligation, subpoena, court order, or government request
Protect and defend our legal rights or property
Prevent or investigate possible wrongdoing in connection with our services
Protect the personal safety of our customers, staff, or the public

6.3 Business Transfers

If Cafe Rio undergoes a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred as part of that transaction. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy.

6.4 With Your Consent

We may share your information with additional third parties if you provide explicit consent for us to do so.

6.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably identify you with third parties for research, marketing, analytics, or other business purposes.

7. Data Security

We take the security of your personal information seriously. We implement a variety of administrative, technical, and physical safeguards to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

Encryption: We use industry-standard SSL/TLS encryption to protect data transmitted between your browser and our servers.
Secure payment processing: All payment transactions are processed by PCI-DSS compliant third-party payment processors. We do not store full credit card numbers on our servers.
Access controls: Access to personal information is restricted to authorized personnel who need it to perform their job functions.
Regular security audits: We periodically review and update our security practices to address emerging threats.
Employee training: Our staff are trained on data privacy and security best practices.
Incident response: We maintain procedures for detecting, reporting, and responding to data security incidents.

Important Notice: While we strive to use commercially acceptable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data.

In the event of a data breach that affects your personal information, we will notify you and relevant authorities as required by applicable law, including applicable state data breach notification laws.

8. Your Privacy Rights

Depending on your state of residence, you may have certain rights with respect to your personal information. We honor these rights to the extent required by applicable law.

8.1 Rights for California Residents (CCPA/CPRA)

If you are a resident of California, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: You have the right to request that we disclose what personal information we collect, use, disclose, and sell about you.
Right to Delete: You have the right to request deletion of personal information we have collected about you, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising. We do not sell your personal information.
Right to Limit Use of Sensitive Personal Information: You have the right to limit the use and disclosure of sensitive personal information to what is necessary for providing services.
Right to Non-Discrimination: You have the right not to receive discriminatory treatment for exercising your CCPA/CPRA privacy rights.
Right to Data Portability: You may request a copy of your personal information in a portable, readily usable format.

To exercise your California privacy rights, please submit a verifiable consumer request to us at [email protected]. We will respond to your request within 45 days, with a possible extension of an additional 45 days when necessary.

8.2 General Privacy Rights (All Users)

Regardless of your state of residence, we offer all users the following options:

Access and Review: You may request access to the personal information we hold about you.
Correction: You may request that we correct inaccurate or incomplete information.
Deletion: You may request deletion of your personal information, subject to our legal obligations.
Opt-Out of Marketing: You may opt out of receiving marketing communications at any time.
Account Closure: You may request closure of your account and deletion of associated data.

8.3 How to Submit a Privacy Request

To exercise any of the rights described above, please contact us using the following methods:

Email: [email protected]
Website: rioscafe.top

We may need to verify your identity before processing your request. This may involve confirming your email address, account details, or other identifying information. We will not process your request if we are unable to verify your identity.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. The following general retention periods apply:

Category of Data	Retention Period
Account information	Duration of account plus 3 years after closure
Order and transaction records	7 years (for tax and accounting purposes)
Marketing preferences and communications	Until you opt out, plus 2 years
Customer service communications	3 years from last interaction
Website usage and analytics data	26 months (standard analytics retention)
Cookie data	As specified in our Cookie Policy
Legal compliance records	As required by applicable law

When your personal information is no longer needed, we will securely delete, destroy, or anonymize it in accordance with our data retention and disposal procedures.

10. Cookie Policy Summary

Our website uses cookies and similar tracking technologies to enhance your experience, analyze traffic, and support our marketing activities. Below is a summary of how we use cookies:

10.1 What Are Cookies?

Cookies are small text files placed on your device when you visit a website. They help websites recognize your device and remember information about your visit, such as your preferences or items in your shopping cart.

10.2 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the operation of our website, including enabling you to navigate the site and use core features like ordering and checkout.
Performance and Analytics Cookies: These cookies help us understand how visitors interact with our website, which pages are most popular, and where users encounter issues. We use tools such as Google Analytics for this purpose.
Functional Cookies: These cookies remember your preferences and settings, such as your language preference or saved items in your cart.
Targeting and Advertising Cookies: These cookies track your browsing behavior to deliver relevant advertisements and measure the effectiveness of our marketing campaigns.

10.3 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to block or delete cookies. However, please note that disabling certain cookies may affect the functionality of our website and your ability to place orders. You may also opt out of certain analytics and advertising cookies through opt-out tools provided by third parties.

For a full description of the cookies we use and how to manage them, please refer to our detailed Cookie Policy available on our website at rioscafe.top.

11. Children's Privacy

Age Restriction: Our services are intended for users who are 18 years of age or older. We do not knowingly collect personal information from individuals under the age of 18.

Cafe Rio's website and services are not directed to children under the age of 18. We do not knowingly collect, use, or disclose personal information from minors. If you are under 18, please do not use our website, register for an account, or submit any personal information to us.

If we become aware that we have inadvertently collected personal information from a child under 18, we will take immediate steps to delete that information from our records. If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us immediately at [email protected].

Our practices are consistent with the Children's Online Privacy Protection Act (COPPA), which prohibits the collection of personal information from children under 13 without verifiable parental consent. As our services are intended for adults, we do not knowingly interact with any users under the age of 13.

12. International Data Transfers

Cafe Rio is based in the United States, and your personal information is primarily collected and processed in the United States. However, as we use third-party service providers who may be located in other countries, your information may be transferred to, stored in, or processed in countries outside of the United States.

When we transfer your personal information internationally, we take steps to ensure that your data receives adequate protection, including:

Transferring data only to service providers that maintain appropriate data protection practices
Utilizing standard contractual clauses or other legally recognized transfer mechanisms where applicable
Ensuring that international partners comply with applicable privacy and data protection standards

By using our services, you acknowledge that your personal information may be transferred to and processed in countries that may not provide the same level of data protection as your country of residence. We commit to handling your data in accordance with this Privacy Policy regardless of where it is processed.

13. Third-Party Links and Services

Our website may contain links to third-party websites, social media platforms, food delivery apps, and other external services. These third-party sites operate independently and have their own privacy policies. We are not responsible for the privacy practices or content of these external sites.

When you click on a third-party link, you will be directed away from our website. We encourage you to review the privacy policy of every website you visit. The inclusion of a link on our website does not imply endorsement of the linked site or its privacy practices.

Our website may include social media features, such as share buttons or embedded feeds from platforms like Instagram, Facebook, or Twitter. These features may collect your IP address and set cookies to enable the feature to function properly. Your interactions with these features are governed by the privacy policies of the respective social media platforms.

14. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our business practices, applicable laws, or technology. When we make material changes to this policy, we will:

Update the "Last Updated" date at the top of this page
Post a notice on our website informing users of the change
Where required by law or where changes are significant, notify you by email

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services following the posting of changes constitutes your acceptance of those changes.

If you disagree with any changes to this Privacy Policy, you should discontinue use of our services and, if you have an account, request deletion of your account and personal data.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please do not hesitate to reach out to us. We are committed to addressing your privacy concerns promptly and transparently.

Business Name	Cafe Rio
Email	[email protected]
Website	rioscafe.top
Country	United States

We aim to respond to all privacy-related inquiries within 30 business days. For California residents making CCPA/CPRA requests, we will respond within 45 days as required by law.

16. Filing a Complaint with a Regulatory Authority

If you believe that we have not adequately addressed your privacy concerns, you have the right to file a complaint with the appropriate regulatory authority. In the United States, privacy complaints may be directed to:

16.1 Federal Trade Commission (FTC)

The Federal Trade Commission is the primary federal agency responsible for consumer protection and privacy enforcement in the United States. If you believe we have engaged in unfair or deceptive practices, you may file a complaint with the FTC.

Website: reportfraud.ftc.gov
Phone: 1-877-FTC-HELP (1-877-382-4357)
Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

16.2 California Residents — California Privacy Protection Agency (CPPA)

If you are a California resident and believe your CCPA/CPRA rights have been violated, you may file a complaint with the California Privacy Protection Agency:

Website: cppa.ca.gov
Address: California Privacy Protection Agency, 2101 Arena Boulevard, Sacramento, CA 95834

16.3 State Attorney General Offices

Many U.S. states have their own consumer protection and privacy enforcement mechanisms. You may also file a complaint with the Attorney General's office in your state of residence. Most state AG offices maintain consumer protection divisions that handle privacy-related complaints.

We encourage you to contact us directly before filing a regulatory complaint, as we are committed to resolving any issues you may have in a fair and timely manner. Please reach out to us at [email protected] and we will do our best to address your concerns.

Summary: At Cafe Rio, we value your trust and are dedicated to being transparent about how we collect, use, and protect your personal information. This Privacy Policy reflects our ongoing commitment to responsible data stewardship in accordance with United States federal and state privacy laws. Thank you for choosing Cafe Rio.

This Privacy Policy was last reviewed and updated on March 27, 2026. All previous versions of this policy are superseded by this document.