Privacy Policy

Welcome to Cafe Rio. We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website foodcaferio.rest, place orders, or otherwise interact with our services. Please read this policy carefully. If you disagree with its terms, please discontinue use of our website and services immediately.

This Privacy Policy applies to all information collected through our website, mobile platforms, in-store interactions, loyalty programs, and any related services, sales, marketing, or events (collectively referred to as the "Services").

1. Who We Are

Cafe Rio is a food service business operating in the United States. We are dedicated to providing high-quality dining experiences to our valued customers. For all privacy-related matters, you may contact us using the following details:

2. Information We Collect

We collect various types of information in connection with the Services we provide. The categories of personal information we may collect include, but are not limited to, the following:

2.1 Personal Information You Provide to Us

We collect personal information that you voluntarily provide to us when you:

• Register for an account on our website or mobile application
• Place an order for food or beverages online or in-store
• Sign up for our loyalty or rewards program
• Subscribe to our email newsletters or promotional communications
• Participate in contests, surveys, promotions, or sweepstakes
• Contact us for customer support or submit feedback or inquiries
• Apply for employment with Cafe Rio

This information may include:

• Identifiers: Full name, username, account password
• Contact Information: Email address, mailing address, telephone number
• Payment Information: Credit or debit card numbers, billing address, and other financial information (processed securely through PCI-compliant third-party payment processors)
• Order History: Items purchased, order preferences, dietary requirements, and customization preferences
• Demographic Information: Date of birth, age, and other demographic details voluntarily provided
• Communications: Content of messages you send us, including feedback, complaints, and inquiries

2.2 Information Collected Automatically

When you visit our website or use our digital services, we automatically collect certain information about your device and browsing activity. This information may include:

• Device Information: IP address, browser type and version, operating system, device identifiers, and hardware model
• Usage Data: Pages viewed, links clicked, time spent on pages, referring URLs, and navigation paths through our website
• Location Data: General geographic location based on IP address, or precise geolocation if you grant permission through a mobile application
• Log Data: Server logs, access times, error logs, and other diagnostic data
• Interaction Data: Information about how you interact with our emails, including open rates and click-through rates

2.3 Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage, and other tracking technologies to collect information about your browsing behavior and to enhance your experience on our website. For a detailed explanation of the types of cookies we use and how to manage your cookie preferences, please refer to our Cookie Policy.

Categories of cookies we use include:

• Strictly Necessary Cookies: Essential for the operation of our website and services
• Analytics Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics)
• Functional Cookies: Remember your preferences and personalize your experience
• Marketing and Advertising Cookies: Used to deliver relevant advertisements and measure campaign effectiveness

2.4 Information from Third Parties

We may receive information about you from third-party sources, including:

• Social media platforms (e.g., Facebook, Instagram) when you interact with our social media presence or use social login features
• Third-party food delivery platforms and partners
• Marketing and advertising partners
• Analytics providers
• Publicly available sources

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Providing and Managing Our Services

• Processing and fulfilling your food orders, both online and in-store
• Creating and managing your account and loyalty program membership
• Processing payments and preventing fraudulent transactions
• Sending order confirmations, receipts, and delivery updates
• Providing customer support and responding to your inquiries
• Managing reservations and in-store dining arrangements

3.2 Improving Our Products and Services

• Analyzing customer preferences and ordering patterns to improve our menu
• Conducting internal research, analytics, and quality assurance
• Testing and improving our website functionality and user experience
• Developing new features, products, and services

3.3 Marketing and Promotional Communications

• Sending promotional emails, newsletters, and special offers (where you have consented or where permitted by law)
• Personalizing marketing content based on your preferences and order history
• Administering contests, giveaways, surveys, and promotional events
• Delivering targeted advertisements on third-party platforms

You may opt out of receiving marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at [email protected]. Please note that even after opting out of marketing communications, you may still receive transactional and service-related communications.

3.4 Legal Compliance and Safety

• Complying with applicable federal, state, and local laws and regulations
• Responding to legal requests, court orders, and government investigations
• Enforcing our Terms of Service and other policies
• Protecting the rights, property, and safety of Cafe Rio, our customers, and the public
• Detecting, investigating, and preventing fraud, unauthorized access, and other illegal activities

3.5 Business Operations

• Evaluating and processing job applications
• Conducting business planning, auditing, and accounting functions
• Supporting mergers, acquisitions, or other business transactions

4. Sharing Your Information with Third Parties

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

4.1 Service Providers

We may share your information with trusted third-party service providers who assist us in operating our business and delivering our Services. These include:

• Payment processing companies (e.g., Stripe, Square, or similar processors)
• Food delivery and logistics platforms
• Email marketing and communications platforms
• Website hosting and cloud infrastructure providers
• Analytics and data processing services (e.g., Google Analytics)
• Customer relationship management (CRM) software providers
• Loyalty and rewards program administrators
• Security and fraud prevention services

All service providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures to protect your data.

4.2 Business Partners

We may share your information with carefully selected business partners for joint promotions, co-branded programs, or combined service offerings. We will notify you when sharing occurs in such contexts and provide you with the opportunity to opt out.

4.3 Legal Requirements and Law Enforcement

We may disclose your information when required to do so by law or in response to valid requests by public authorities, including:

• Compliance with applicable laws, regulations, and legal processes
• Responses to subpoenas, court orders, or government requests
• Cooperation with law enforcement agencies
• Protection against legal liability or to defend our legal rights

4.4 Business Transfers

In the event of a merger, acquisition, reorganization, sale of assets, or bankruptcy, your personal information may be transferred to a successor entity. We will notify you via email or prominent notice on our website if such a transfer occurs and if the privacy practices will change significantly.

4.5 With Your Consent

We may share your information with third parties when you have given us your explicit consent to do so, such as when connecting third-party applications to your Cafe Rio account.

5. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical security measures to protect your data from unauthorized access, disclosure, alteration, or destruction. Our security measures include:

• Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers
• Secure Payment Processing: Payment card information is processed through PCI DSS-compliant third-party processors and is never stored on our servers in unencrypted form
• Access Controls: We restrict access to personal information to authorized employees and contractors who need access to perform their job functions
• Regular Security Assessments: We conduct periodic security audits and vulnerability assessments
• Employee Training: Our staff receives regular training on data privacy and security best practices
• Incident Response: We maintain a data breach response plan and will notify affected individuals as required by applicable law

6. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights regarding your personal information. As a business operating in the United States, we are committed to honoring consumer privacy rights under applicable federal and state laws, including the California Consumer Privacy Act (CCPA) and its amendment, the California Privacy Rights Act (CPRA), as well as the Federal Trade Commission Act (FTC Act).

6.1 Right to Know and Access

You have the right to request that we disclose what personal information we have collected about you, including the categories of information collected, the purposes for which it is used, and the categories of third parties with whom it is shared.

6.2 Right to Correction

You have the right to request that we correct inaccurate personal information we hold about you. You may also update your information directly through your account settings on our website.

6.3 Right to Deletion

You have the right to request that we delete your personal information, subject to certain exceptions. We may retain your information where necessary to complete a transaction, comply with a legal obligation, detect security incidents, or for other legitimate business purposes permitted by applicable law.

6.4 Right to Data Portability

You have the right to receive a copy of your personal information in a structured, commonly used, and machine-readable format, and to request that we transmit this information to another service provider where technically feasible.

6.5 Right to Opt Out of Sale or Sharing

Under the CCPA/CPRA, California residents have the right to opt out of the sale or sharing of their personal information for cross-context behavioral advertising. We do not sell personal information. However, if you believe your information is being shared in a manner that constitutes a "sale" under California law, you may exercise your opt-out right by contacting us at [email protected].

6.6 Right to Limit Use of Sensitive Personal Information

Under the CPRA, California residents have the right to limit the use and disclosure of sensitive personal information. If we collect sensitive personal information, we will only use it for the purposes permitted by law or with your explicit consent.

6.7 Right to Non-Discrimination

We will not discriminate against you for exercising any of your privacy rights. We will not deny you services, charge different prices, provide a different level of quality, or otherwise penalize you for exercising your privacy rights.

6.8 How to Submit a Privacy Rights Request

To exercise any of the rights described above, please contact us using one of the following methods:

• Email: [email protected] with the subject line "Privacy Rights Request"
• Website: foodcaferio.rest

We will acknowledge receipt of your request within 10 business days and respond to your request within 45 days. If we require additional time, we will notify you of the extension and the reason for it. We may need to verify your identity before processing your request to protect your security and prevent fraud.

You may also designate an authorized agent to submit requests on your behalf. The authorized agent must provide written proof of authorization, and we may require you to verify your own identity directly with us.

7. Cookie Policy Summary

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and support our marketing efforts. A cookie is a small text file placed on your device when you visit our website.

We use the following types of cookies:

You can manage your cookie preferences through your browser settings or by using our cookie consent tool available on our website. Please note that disabling certain cookies may affect the functionality of our website and your ability to use some of our services. For full details, please review our complete Cookie Policy.

8. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Our general data retention practices are as follows:

When personal information is no longer needed for any legitimate business or legal purpose, we securely delete or anonymize it. Anonymized data that can no longer be linked to an identifiable individual may be retained indefinitely for analytical and research purposes.

9. Children's Privacy

Cafe Rio does not direct its Services to individuals under the age of 18. If you are under 18, please do not use our website or submit any personal information to us. If we become aware that we have inadvertently collected personal information from a child under 18 without verifiable parental consent, we will take prompt steps to delete that information from our records.

If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information, please contact us immediately at [email protected] so that we can take appropriate action.

Our practices are designed to comply with the Children's Online Privacy Protection Act (COPPA) and other applicable laws governing the privacy of minors. We do not knowingly market our products directly to children.

10. International Data Transfers

Cafe Rio is a United States-based business, and your personal information is primarily collected, processed, and stored within the United States. The United States may not have the same level of data protection laws as your country of residence.

If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate. By using our Services, you acknowledge and consent to this transfer of information.

We take appropriate measures to ensure that any international transfers of personal data are conducted in compliance with applicable law and that adequate safeguards are in place to protect your information. These safeguards may include standard contractual clauses, data processing agreements, or other legally recognized transfer mechanisms.

If you have concerns about international data transfers, please contact us at [email protected].

11. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). This section provides additional disclosures required by California law.

11.1 Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information from California consumers:

• Identifiers (name, email address, IP address, account credentials)
• Commercial information (purchase history, ordering preferences)
• Internet or other electronic network activity information (browsing history, cookie data)
• Geolocation data (general location derived from IP address)
• Inferences drawn from personal information (user profiles, preferences)
• Customer records information (contact details, billing information)

11.2 Business or Commercial Purposes for Collection

We collect the categories of personal information listed above for the business purposes described in Section 3 of this Privacy Policy.

11.3 Your California Privacy Rights

California residents have the right to:

• Know what personal information is being collected about them
• Know whether their personal information is sold or disclosed and to whom
• Opt out of the sale or sharing of their personal information
• Access their personal information
• Request deletion of their personal information
• Request correction of inaccurate personal information
• Limit the use of sensitive personal information
• Non-discrimination for exercising privacy rights

To submit a California privacy rights request, please contact us at [email protected] with the subject line "California Privacy Rights Request."

11.4 Shine the Light Law

Under California's "Shine the Light" law (Civil Code Section 1798.83), California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us using the contact information provided in this policy.

12. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not operated by Cafe Rio. When you click on a third-party link, you will be directed to that third party's website. We strongly advise you to review the privacy policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. This Privacy Policy does not apply to information collected by third parties, including through any application or content that may link to or be accessible from our website.

Examples of third-party services we may link to or integrate with include:

• Social media platforms (Facebook, Instagram, Twitter/X, TikTok)
• Third-party food delivery services (DoorDash, Uber Eats, Grubhub)
• Google Maps and location services
• Review platforms (Yelp, Google Reviews)

13. Do Not Track Signals

Some web browsers offer a "Do Not Track" (DNT) feature that sends a signal to websites requesting that they do not track your online activity. Currently, there is no universally accepted standard for how websites should respond to DNT signals. At this time, our website does not respond to DNT signals from web browsers.

You may control tracking through your browser settings, our cookie consent tool, or by contacting us directly. We will continue to monitor developments in DNT standards and update our practices accordingly.

14. How to File a Complaint

If you believe that we have not complied with applicable privacy laws or this Privacy Policy, or if you are dissatisfied with how we have handled your personal information, we encourage you to contact us first so that we can resolve the issue directly.

Step 1 — Contact Us Directly:

• Email: [email protected] with the subject line "Privacy Complaint"
• Website: foodcaferio.rest

We will acknowledge your complaint within 5 business days and work to resolve the matter within 30 days.

Step 2 — Contact a Regulatory Authority:

If you are not satisfied with our response, or if you believe your privacy rights have been violated, you may file a complaint with the relevant data protection or consumer protection authority:

• California Residents: California Privacy Protection Agency (CPPA)
  Website: cppa.ca.gov
  Email: [email protected]
• All U.S. Residents: Federal Trade Commission (FTC)
  Website: ftc.gov/complaint
  Phone: 1-877-FTC-HELP (1-877-382-4357)
• State Attorneys General: You may also file a complaint with your state's Attorney General office for violations of state consumer protection laws.

15. Changes to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes to this policy, we will:

• Update the "Last Updated" date at the top of this page
• Post a prominent notice on our website
• Send an email notification to registered users (where required by law)

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the revised policy. If you do not agree with the changes, please discontinue your use of our Services and contact us to request deletion of your account and personal information.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to reach out to us. We are committed to addressing your privacy concerns in a timely and transparent manner.