Privacy Policy
Welcome to Cafe Rio (operated via cafes-rios.world). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website cafes-rios.world, place orders, interact with our services, or otherwise engage with us. Please read this policy carefully. If you disagree with any terms of this Privacy Policy, please discontinue use of our website and services immediately.
This Privacy Policy applies to all users located in the United States and is designed to comply with applicable federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant consumer protection regulations.
1. Who We Are
Cafe Rio is a food service business operating through its official website at cafes-rios.world. We serve customers across the United States, providing food products and related services online.
| Business Name | Cafe Rio |
|---|---|
| Website | cafes-rios.world |
| [email protected] | |
| Country of Operation | United States |
For any questions or concerns regarding this Privacy Policy or our data practices, please contact us using the details provided in Section 15 of this document.
2. Information We Collect
We collect various types of information in connection with your use of our website and services. The categories of information we collect are described below.
2.1 Personal Information You Provide to Us
When you interact with Cafe Rio — including when you create an account, place an order, sign up for our newsletter, contact customer support, or fill out any forms on our website — we may collect the following types of personal information:
- Identity Information: Full name, username, or similar identifiers.
- Contact Information: Email address, mailing address, billing address, delivery address, and telephone number.
- Account Credentials: Password and security questions (stored in encrypted form).
- Payment Information: Credit or debit card numbers, billing details, and transaction records. Note: Full payment card data is processed by our secure third-party payment processors and is not stored directly on our servers.
- Order Information: Details of food items you have ordered, special dietary preferences or restrictions you choose to share, order history, and delivery instructions.
- Communications: Records of your correspondence with us, including customer support inquiries, feedback, and reviews.
- Marketing Preferences: Your preferences regarding receiving marketing communications from us.
2.2 Information Collected Automatically
When you access or use our website, we may automatically collect certain technical information about your device and your interaction with our platform, including:
- Device Information: IP address, browser type and version, operating system and platform, device type (mobile, desktop, tablet), unique device identifiers, and mobile network information.
- Usage Data: Pages viewed, links clicked, time spent on pages, referring website addresses, search queries made on our site, and the date and time of your visits.
- Log Data: Server logs that record activity on our website, including error reports and performance data.
- Location Information: General geographic location derived from your IP address (such as city, state, and country). We do not collect precise GPS location unless you explicitly grant permission.
- Cookie and Tracking Data: Information collected through cookies, web beacons, pixels, and similar tracking technologies. Please refer to Section 8 of this Privacy Policy for more details on our cookie practices.
2.3 Information Collected from Third Parties
We may receive information about you from third-party sources, such as:
- Social media platforms (if you choose to connect your account or interact with us on social media).
- Marketing partners and advertising networks that provide us with aggregated analytics.
- Payment processors and fraud prevention services that verify transaction legitimacy.
- Review platforms that aggregate customer feedback.
Any information received from third parties is handled in accordance with this Privacy Policy and the terms under which it was shared with us.
3. How We Use Your Information
Cafe Rio uses the information we collect for a variety of legitimate business purposes. We will only use your personal information when we have a valid legal basis to do so. The purposes for which we use your data include:
3.1 Provision and Management of Services
- Processing and fulfilling your food orders and managing deliveries.
- Creating, maintaining, and managing your account.
- Processing payments and preventing fraudulent transactions.
- Sending order confirmations, receipts, and status updates.
- Responding to your inquiries, complaints, and customer support requests.
3.2 Improving Our Products and Services
- Analyzing usage patterns and customer behavior to improve our website functionality and user experience.
- Conducting internal research and data analysis to understand which menu items and promotions are most popular.
- Developing new features, products, and services based on customer feedback and preferences.
- Diagnosing technical problems and maintaining the security and integrity of our platform.
3.3 Marketing and Promotional Communications
- Sending you promotional emails, special offers, discount codes, and newsletters about our food items and services — only where you have opted in or where permitted by law.
- Displaying personalized advertisements and content on our website or third-party platforms based on your interests and browsing behavior.
- Conducting customer surveys and soliciting reviews and feedback.
- Running loyalty programs or reward initiatives.
You have the right to opt out of marketing communications at any time. See Section 11 for information about your rights.
3.4 Legal and Compliance Purposes
- Complying with applicable federal and state laws and regulations.
- Enforcing our Terms of Service and other agreements.
- Responding to lawful requests from government authorities or law enforcement agencies.
- Protecting the rights, property, and safety of Cafe Rio, our customers, and the public.
- Resolving disputes and managing legal claims.
4. Legal Basis for Processing
Although the United States does not have a single comprehensive federal privacy law equivalent to the EU's GDPR, Cafe Rio adheres to the following legal grounds for processing your personal information:
- Contractual Necessity: Processing is necessary to fulfill the contract we have with you (e.g., processing your food order).
- Legitimate Business Interests: We process certain data to pursue our legitimate business interests, such as fraud prevention, improving our services, and direct marketing, provided these interests are not overridden by your rights.
- Legal Obligation: We may process your data to comply with a legal obligation under federal or state law.
- Consent: Where required by law, we will obtain your explicit consent before processing your data for specific purposes such as marketing communications or the use of non-essential cookies.
5. Sharing Your Information with Third Parties
Cafe Rio does not sell your personal information to third parties. However, we may share your information in the following circumstances:
5.1 Service Providers and Business Partners
We engage trusted third-party companies and individuals to perform services on our behalf, including:
- Payment Processors: To securely process credit and debit card transactions.
- Delivery and Logistics Partners: To fulfill and deliver your food orders.
- Cloud Hosting Providers: To store and manage our website data and infrastructure.
- Email and Marketing Platforms: To send transactional and promotional communications.
- Analytics Providers: To help us understand how our website is used (e.g., Google Analytics).
- Customer Support Tools: To manage and respond to customer inquiries.
- Fraud Prevention Services: To detect and prevent fraudulent activity on our platform.
All third-party service providers are contractually obligated to use your information only as directed by Cafe Rio and in accordance with this Privacy Policy. They are not permitted to use your data for their own purposes.
5.2 Legal Requirements and Law Enforcement
We may disclose your personal information if we believe in good faith that such disclosure is necessary to:
- Comply with a subpoena, court order, legal process, or government investigation.
- Protect the rights, property, or safety of Cafe Rio, our customers, employees, or the public.
- Enforce our Terms of Service or other applicable agreements.
- Prevent or address fraud, security, or technical issues.
5.3 Business Transfers
In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy involving Cafe Rio, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website if such a transfer occurs, and we will inform you of any choices you may have regarding your data.
5.4 Aggregated and Anonymized Data
We may share aggregated or de-identified information — data that cannot reasonably be used to identify you — with third parties for research, marketing, analytics, or other purposes. This data is not considered personal information and is not subject to the restrictions in this Privacy Policy.
6. California Consumer Privacy Rights (CCPA/CPRA)
If you are a resident of California, you are entitled to specific rights under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA). These rights include:
6.1 Right to Know
You have the right to request that Cafe Rio disclose: (a) the categories and specific pieces of personal information we have collected about you; (b) the categories of sources from which we collected your information; (c) the business purposes for which we collected or sold the information; and (d) the categories of third parties with whom we shared the information.
6.2 Right to Delete
You have the right to request deletion of your personal information that we have collected, subject to certain exceptions (such as where the information is necessary to complete a transaction or comply with a legal obligation).
6.3 Right to Correct
Under the CPRA, you have the right to request correction of inaccurate personal information that we maintain about you.
6.4 Right to Opt Out of Sale or Sharing
Cafe Rio does not sell personal information. However, we may share certain data with advertising partners. California residents have the right to opt out of the sharing of their personal information for cross-context behavioral advertising purposes.
6.5 Right to Limit Use of Sensitive Personal Information
You have the right to direct us to limit our use of sensitive personal information to what is necessary to provide the services you have requested.
6.6 Right to Non-Discrimination
We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, or provide a different level or quality of service because you exercised your privacy rights.
To submit a California privacy rights request, please contact us at [email protected]. We will respond to verified requests within 45 days as required by law, with the possibility of a one-time 45-day extension where necessary.
7. Data Security
The security of your personal information is extremely important to us. Cafe Rio implements a combination of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, use, alteration, disclosure, or destruction.
7.1 Technical Safeguards
- SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using industry-standard Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols.
- Encrypted Storage: Sensitive data such as passwords are stored using strong one-way hashing algorithms. Payment card data is handled exclusively by PCI-DSS-compliant payment processors.
- Access Controls: Access to personal data within our systems is restricted to authorized personnel on a need-to-know basis.
- Firewall Protection: Our servers are protected by firewalls and intrusion detection systems.
- Regular Security Audits: We conduct periodic security assessments and vulnerability scans to identify and address potential weaknesses.
7.2 Administrative Safeguards
- Employee training on data protection best practices and confidentiality obligations.
- Data minimization practices — we collect only the minimum amount of personal data necessary for each purpose.
- Written data protection policies and procedures for all staff.
7.3 Limitation of Liability
Despite our best efforts, no method of electronic transmission or storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify you and the relevant authorities as required by applicable law.
8. Cookies and Tracking Technologies
Cafe Rio uses cookies and similar tracking technologies (such as web beacons, pixels, and local storage) to enhance your experience on our website, analyze site traffic, and deliver relevant advertising.
8.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They allow the website to remember your actions and preferences over time, so you do not have to re-enter certain information each time you visit.
8.2 Types of Cookies We Use
| Cookie Type | Purpose |
|---|---|
| Strictly Necessary | Essential for the website to function. These cannot be disabled. |
| Performance/Analytics | Help us understand how visitors interact with our site (e.g., Google Analytics). |
| Functionality | Remember your preferences such as language and login status. |
| Advertising/Targeting | Deliver relevant advertisements and track ad campaign effectiveness. |
8.3 Managing Cookies
You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or delete cookies already stored on your device. Please note that disabling certain cookies may affect the functionality of our website. You may also opt out of interest-based advertising through tools provided by the Digital Advertising Alliance (DAA) at optout.aboutads.info or the Network Advertising Initiative (NAI).
For more detailed information about the cookies we use, their specific purposes, and how to manage your preferences, please refer to our full Cookie Policy available on our website.
9. Data Retention
Cafe Rio retains your personal information only for as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, and reporting obligations.
| Data Category | Retention Period |
|---|---|
| Account Information | Duration of your account, plus up to 3 years after closure |
| Order and Transaction Records | 7 years (for tax and financial compliance) |
| Marketing Preferences | Until you withdraw consent or opt out |
| Customer Support Records | 3 years from the date of resolution |
| Website Usage and Analytics Data | Up to 26 months (anonymized after initial period) |
| Cookie Data | Varies by cookie type (session to 24 months) |
| Legal and Compliance Records | As required by applicable law (typically 5–7 years) |
When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention procedures.
10. Children's Privacy
In compliance with the Children's Online Privacy Protection Act (COPPA) and applicable FTC regulations, Cafe Rio does not knowingly collect personal information from children under 13 years of age. If we discover that we have inadvertently collected personal information from a child under 13 — or more broadly, from a user under the age of 18 — we will take immediate steps to delete such information from our records.
If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected] so that we can take appropriate action.
11. Your Privacy Rights and Choices
Depending on your location and applicable law, you may have the following rights regarding your personal information:
11.1 Right of Access
You have the right to request a copy of the personal information we hold about you. We will provide this information in a commonly used, machine-readable format where possible.
11.2 Right to Correction
If you believe any personal information we hold about you is inaccurate or incomplete, you have the right to request that we correct or update it. You may also update your account information directly through your account profile page on our website.
11.3 Right to Deletion
You have the right to request that we delete your personal information. We will honor deletion requests unless we are required to retain your data for legal, compliance, or legitimate business purposes.
11.4 Right to Data Portability
You have the right to request that we provide your personal information in a structured, commonly used, machine-readable format so that you can transfer it to another service provider.
11.5 Right to Opt Out of Marketing
You can opt out of receiving marketing emails from us at any time by:
- Clicking the "unsubscribe" link included in every marketing email we send.
- Updating your communication preferences in your account settings.
- Contacting us directly at [email protected].
Please note that even after opting out of marketing communications, you will still receive transactional messages related to your orders and account.
11.6 How to Submit a Request
To exercise any of your privacy rights, please submit a request to us by:
- Email: [email protected]
- Website: cafes-rios.world
We will need to verify your identity before processing your request. We will respond within the timeframe required by applicable law — generally within 30 to 45 days of receiving your verified request.
12. International Data Transfers
Cafe Rio is based in the United States, and your personal information is primarily collected, stored, and processed within the United States. However, some of our third-party service providers may operate in other countries, which means your data could be transferred to, stored in, or processed in a country outside of the United States.
Where such international data transfers occur, we take steps to ensure that your personal information receives an adequate level of protection in accordance with applicable privacy laws. These steps may include:
- Entering into data processing agreements with third parties that include appropriate data transfer mechanisms.
- Ensuring that our third-party partners maintain appropriate data security standards consistent with US law requirements.
- Relying on adequacy decisions or other recognized safeguards where applicable.
By using our website and services, you acknowledge and consent to the processing of your personal information in the United States and in other countries where our service providers operate.
13. Third-Party Links and Websites
Our website may contain links to third-party websites, applications, or services that are not operated or controlled by Cafe Rio. This Privacy Policy applies solely to our website and services. We have no control over, and accept no responsibility for, the privacy practices of third-party websites. We strongly encourage you to review the privacy policies of any third-party sites you visit through links on our website.
14. FTC Act Compliance and Consumer Protection
Cafe Rio is committed to complying with the Federal Trade Commission Act (FTC Act) and all FTC regulations and guidelines applicable to online businesses operating in the United States. We engage in fair and honest data practices and do not engage in unfair or deceptive acts or practices in connection with the collection, use, or disclosure of consumer information.
In particular, we:
- Provide clear and transparent disclosures about our data collection practices.
- Honor our commitments regarding data privacy and security.
- Maintain reasonable security practices appropriate to the sensitivity of the data we handle.
- Do not make material misrepresentations about our privacy practices.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact our privacy team using the following details:
| Business Name | Cafe Rio |
|---|---|
| Email Address | [email protected] |
| Website | cafes-rios.world |
We aim to respond to all privacy-related inquiries within 5 business days. For formal data subject access requests or rights exercises, we will respond within the legally mandated timeframe.
16. How to File a Complaint
If you are not satisfied with how we have handled your personal information or responded to your privacy request, you have the right to lodge a complaint with the appropriate regulatory authority.
16.1 Federal Trade Commission (FTC)
In the United States, the primary federal agency responsible for consumer protection and privacy enforcement is the Federal Trade Commission (FTC). You may file a complaint with the FTC at:
- Website: www.ftc.gov/complaint
- Phone: 1-877-FTC-HELP (1-877-382-4357)
- Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580
16.2 California Privacy Protection Agency (CPPA)
If you are a California resident and believe that your rights under the CCPA/CPRA have been violated, you may submit a complaint to the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:
- California Privacy Protection Agency: cppa.ca.gov
- California Attorney General: oag.ca.gov/privacy/ccpa
16.3 State Attorney General Offices
Residents of other states may also have the right to file privacy-related complaints with their respective state Attorney General offices. We encourage you to check the laws applicable in your state for more information.
Before filing a complaint with a regulatory authority, we encourage you to contact us first at [email protected] so we have the opportunity to resolve your concern directly and promptly.
17. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, applicable law, or for other operational, legal, or regulatory reasons. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page.
- Notify you by sending an email to the address associated with your account (if applicable).
- Display a prominent notice on our website for a reasonable period following the change.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after any changes to this Privacy Policy constitutes your acceptance of those changes.
© 2026 Cafe Rio. All rights reserved. | Privacy Policy effective as of March 28, 2026.