Privacy Policy

Effective Date: July 1, 2026  |  Last Updated: July 1, 2026

At Cafe Rio, we are deeply committed to protecting the privacy and personal information of our customers, visitors, and users. We understand that when you share your information with us — whether to place a delivery order, create an account, or simply browse our menu — you are placing trust in us, and we take that responsibility seriously. This Privacy Policy has been drafted in full compliance with applicable United States federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant data protection regulations.

By accessing or using our website at caferiodelivery.click, submitting an order, creating an account, or otherwise engaging with our digital services, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please discontinue use of our website and services immediately.


1. Who We Are

Cafe Rio is a food delivery and restaurant service operating in the United States. Our digital platform is accessible at caferiodelivery.click, through which customers can browse our menu, place food delivery or pickup orders, manage their accounts, and interact with our customer support team.

For all privacy-related inquiries, you may contact us using the following details:

Company Name Cafe Rio
Website caferiodelivery.click
Email Address [email protected]
Location United States

2. Information We Collect

We collect various categories of personal information depending on how you interact with our website and services. Below is a comprehensive description of the types of data we may collect from you:

2.1 Personal Identification Information

When you register for an account, place a food order, or contact us, we may collect the following personal information:

  • Full name
  • Email address
  • Phone number
  • Home or delivery address (including street, city, state, and ZIP code)
  • Date of birth (where required for age verification)
  • Username and password for your account
  • Profile photo (if you choose to upload one)

2.2 Payment and Financial Information

To process your food orders and payments, we collect financial data including:

  • Credit card or debit card number (last four digits stored for reference)
  • Billing address
  • Payment method type (Visa, Mastercard, PayPal, Apple Pay, etc.)
  • Transaction history and order totals

Please note that full payment card details are processed and encrypted by our certified third-party payment processors. We do not store your complete card numbers on our servers.

2.3 Order and Transaction Data

Every time you place an order through our platform, we collect records of:

  • Items ordered, quantities, and customization preferences
  • Delivery instructions and special requests
  • Order timestamps and delivery times
  • Order history and frequency of purchases
  • Promotional codes or discount vouchers used
  • Restaurant ratings and reviews submitted

2.4 Usage Data and Analytics Information

When you visit our website, we automatically collect certain technical and behavioral data, including:

  • IP address
  • Browser type and version
  • Operating system and device type
  • Pages viewed and time spent on each page
  • Clickstream data and navigation paths
  • Referring URLs (the website that directed you to ours)
  • Search queries made within our website
  • Error logs and crash reports

2.5 Device Information

We may collect specific information about the device you use to access our services, such as:

  • Device model and manufacturer
  • Unique device identifiers (device ID, advertising ID)
  • Mobile network information
  • Screen resolution and display settings
  • Time zone and language settings

2.6 Location Data

To provide accurate food delivery services, we may collect and process your location information, including:

  • Precise GPS location (with your permission via your device settings)
  • Approximate location inferred from your IP address
  • Delivery address you provide manually

You may disable location sharing through your device settings at any time, though this may limit the functionality of certain features on our platform.

2.7 Communications Data

When you contact us or interact with our team, we collect:

  • Messages and emails sent to our customer support team
  • Feedback and survey responses
  • Chat transcripts from live support sessions
  • Social media messages or comments directed at our brand

2.8 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect data about your browsing behavior on our website. For full details, please refer to Section 8 of this policy dedicated to Cookie Usage.


3. How We Use Your Information

We use the personal information we collect for a variety of legitimate business purposes. Each use of your data is grounded in either your consent, contractual necessity, our legitimate business interests, or legal obligations. The specific purposes include:

3.1 Service Provision and Order Fulfillment

  • Processing and confirming your food orders
  • Coordinating delivery logistics and communicating estimated arrival times
  • Managing your account and providing access to your order history
  • Sending order confirmations, receipts, and delivery notifications via email or SMS
  • Providing customer support and resolving disputes or complaints

3.2 Payment Processing

  • Charging your selected payment method for completed orders
  • Processing refunds or adjustments when applicable
  • Detecting and preventing fraudulent transactions
  • Maintaining transaction records for accounting purposes

3.3 Analytics and Service Improvement

  • Analyzing usage patterns to understand how customers use our platform
  • Identifying and fixing bugs, errors, or performance issues
  • Developing new features, menu offerings, and service enhancements
  • Conducting internal research and business intelligence reporting
  • Measuring the effectiveness of our website design and user experience

3.4 Marketing and Promotional Communications

  • Sending you promotional emails, newsletters, and special offers (with your consent)
  • Delivering targeted advertisements based on your browsing history and preferences
  • Running loyalty programs, discount campaigns, and referral initiatives
  • Notifying you about seasonal promotions, new menu items, or limited-time deals

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email or by contacting us at [email protected].

3.5 Legal Compliance and Safety

  • Complying with applicable federal, state, and local laws and regulations
  • Responding to lawful requests from law enforcement or government authorities
  • Enforcing our Terms of Service and other agreements
  • Protecting the safety, security, and integrity of our platform and users
  • Investigating potential violations of our policies or illegal activity

3.6 Personalization

  • Customizing your experience on our platform based on your order history and preferences
  • Recommending menu items or restaurants based on your past orders
  • Displaying relevant content and promotions tailored to your location and behavior

4. How We Share Your Information

We respect your privacy and do not sell your personal information to third parties for their own direct marketing purposes. However, we may share your data with trusted partners and service providers in the following circumstances:

4.1 Third-Party Service Providers

We engage carefully vetted third-party vendors and service providers who assist us in operating our business. These parties may receive access to your personal information only to the extent necessary to perform their services on our behalf. They are contractually obligated not to use your data for any other purpose. Categories of service providers include:

  • Payment Processors: Companies such as Stripe, PayPal, or Square that handle secure payment transactions
  • Delivery Logistics Partners: Third-party delivery drivers or courier services that fulfill your orders
  • Cloud and Hosting Providers: Infrastructure providers such as Amazon Web Services (AWS) or Google Cloud
  • Email and SMS Communication Platforms: Services like SendGrid or Twilio used to send transactional notifications
  • Analytics Providers: Platforms such as Google Analytics used to monitor and analyze website traffic
  • Customer Support Tools: Helpdesk software platforms that manage support tickets and chat interactions
  • Marketing and Advertising Platforms: Services used to deliver targeted advertising campaigns

4.2 Business Transfers

In the event that Cafe Rio undergoes a merger, acquisition, asset sale, reorganization, or any other form of business transfer, your personal information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your personal data is transferred and becomes subject to a different privacy policy.

4.3 Legal Requirements and Law Enforcement

We may disclose your personal information when required to do so by law or in response to valid legal processes, including:

  • Court orders, subpoenas, or legal proceedings
  • Requests from federal, state, or local law enforcement agencies
  • Government regulatory inquiries or audits
  • Situations where disclosure is necessary to prevent imminent physical harm or illegal activity

4.4 Protection of Rights and Safety

We may share information when we believe, in good faith, that disclosure is necessary to:

  • Protect the rights, property, or safety of Cafe Rio, our customers, employees, or the public
  • Investigate and prevent fraud, security breaches, or technical issues
  • Enforce our Terms of Service or other legal agreements

4.5 Aggregated and Anonymized Data

We may share aggregated, de-identified, or anonymized data with third parties, research organizations, or the public for analytical, statistical, or business purposes. This data does not identify any individual and cannot be used to re-identify you.


5. Data Security

We take the security of your personal information seriously and implement a comprehensive set of technical, administrative, and physical safeguards designed to protect your data from unauthorized access, loss, misuse, alteration, or destruction.

5.1 Technical Security Measures

  • SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using industry-standard Secure Socket Layer (SSL) or Transport Layer Security (TLS) protocols.
  • Data Encryption at Rest: Sensitive information stored in our databases, including personal and payment data, is encrypted at rest.
  • Firewalls and Intrusion Detection: We maintain firewalls and intrusion detection systems to monitor and prevent unauthorized access to our network.
  • Access Controls: Access to personal data is restricted to authorized personnel on a need-to-know basis, with role-based access controls enforced.
  • Regular Security Audits: We conduct periodic security assessments, vulnerability scans, and penetration testing to identify and remediate potential weaknesses.

5.2 Administrative Security Measures

  • Employee training on data privacy and security best practices
  • Confidentiality agreements with all staff members who handle personal data
  • Documented data handling procedures and incident response plans
  • Vendor due diligence processes for third-party service providers

5.3 Limitations of Security

While we strive to use commercially acceptable means to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of your data. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected individuals and relevant authorities as required by applicable law, including applicable state data breach notification laws.


6. Your Privacy Rights

Depending on your state of residence, you may have specific legal rights regarding your personal information. We are committed to honoring these rights in accordance with applicable United States federal and state privacy laws.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

Right Description
Right to Know You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes for collection, and the categories of third parties with whom we share your data.
Right to Delete You have the right to request the deletion of personal information we have collected from you, subject to certain exceptions provided by law.
Right to Correct You have the right to request that we correct inaccurate personal information that we maintain about you.
Right to Opt Out of Sale or Sharing You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes.
Right to Limit Sensitive Information Use You have the right to limit our use and disclosure of your sensitive personal information to only what is necessary to provide the services you request.
Right to Non-Discrimination We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you services, charge different prices, or provide a different level of quality because you exercised your privacy rights.
Right to Data Portability You have the right to receive a copy of your personal information in a portable, usable format that allows you to transmit it to another entity.

6.2 General Privacy Rights for All Users

Regardless of your state of residence, we provide the following rights to all users of our platform:

  • Access: You may request access to the personal information we hold about you at any time.
  • Correction: You may update or correct inaccurate information through your account settings or by contacting us.
  • Deletion: You may request deletion of your account and associated personal data, subject to legal retention requirements.
  • Opt-Out of Marketing: You may unsubscribe from marketing communications at any time.
  • Withdraw Consent: Where we rely on your consent as the legal basis for processing, you may withdraw that consent at any time without affecting the lawfulness of prior processing.

6.3 How to Exercise Your Rights

To exercise any of the rights described above, please submit a verifiable request to us using the following methods:

We will respond to your verifiable request within 45 days of receipt. In some cases, we may require additional time (up to 90 days total), in which case we will notify you of the extension and the reason for it. We may need to verify your identity before processing your request to protect the security of your personal information. We will not charge a fee for processing your request unless it is excessive, repetitive, or manifestly unfounded.

You may also designate an authorized agent to submit a request on your behalf. Authorized agents must provide written authorization or power of attorney confirming their authority to act on your behalf.


7. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, to comply with our legal obligations, resolve disputes, and enforce our agreements. Our general data retention guidelines are as follows:

Data Category Retention Period
Account and Profile Information For the duration of your account plus 3 years after account closure
Order and Transaction Records 7 years (for tax and financial compliance purposes)
Payment Information As required by PCI DSS standards and applicable financial regulations
Customer Support Communications 3 years from the date of the last interaction
Usage and Analytics Data Up to 26 months (anonymized after 14 months)
Marketing Preferences Until you opt out or request deletion
Cookie Data As specified in our Cookie Policy (typically 1-13 months)
Legal Compliance Records As required by applicable law (typically 5-10 years)

After the applicable retention period expires, we will securely delete or anonymize your personal information so that it can no longer be associated with you.


8. Cookie Usage

Our website uses cookies and similar tracking technologies (including web beacons, pixel tags, and local storage) to enhance your browsing experience, analyze traffic patterns, and deliver relevant content and advertising.

8.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the website to function properly. These enable core features such as login sessions, shopping cart functionality, and security. These cookies cannot be disabled.
  • Performance and Analytics Cookies: Used to collect anonymized data about how visitors use our website, helping us improve performance and user experience (e.g., Google Analytics).
  • Functional Cookies: Allow our website to remember your preferences, such as language settings, saved addresses, and customized menu options.
  • Marketing and Advertising Cookies: Used to deliver targeted advertisements based on your interests and browsing behavior, both on our website and on third-party platforms.

8.2 Managing Your Cookie Preferences

You can control and manage cookie settings through:

  • Your browser settings (most browsers allow you to block or delete cookies)
  • Our cookie consent banner displayed when you first visit our website
  • Opt-out tools provided by third-party advertisers (e.g., Google's Ad Settings)

Please note that disabling certain cookies may affect the functionality of our website and your ability to use some features, such as saving your cart or staying logged in.

For full details about the specific cookies we use, their purpose, duration, and how to manage them, please refer to our dedicated Cookie Policy available on our website at caferiodelivery.click.


9. Children's Privacy

In compliance with the Children's Online Privacy Protection Act (COPPA) and our own internal policies, we do not intentionally collect, use, or disclose personal information from children under 18 years of age. Our food delivery platform is designed and marketed for adult consumers only.

If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. Upon receiving such notification, we will promptly investigate the matter and take steps to delete the child's personal information from our systems.

We reserve the right to terminate or suspend any account that we determine belongs to a user under the age of 18, and we may request proof of age verification when necessary.


10. International Data Transfers

Cafe Rio is based in the United States, and your personal information is primarily collected, stored, and processed within the United States. However, some of our third-party service providers and technology partners may be located in or operate from other countries, which means your data may be transferred to, stored in, or processed in countries outside the United States.

When we transfer personal information to countries outside the United States, we take appropriate safeguards to ensure that your information receives an adequate level of protection consistent with applicable privacy laws. These safeguards may include:

  • Using third-party vendors that are certified under approved data transfer frameworks
  • Implementing standard contractual clauses or data processing agreements with our international partners
  • Ensuring that our service providers maintain privacy and security standards equivalent to or greater than those required under U.S. law

By using our website and services, you acknowledge and consent to the potential transfer of your personal data to countries outside the United States where data protection laws may differ from those in your jurisdiction.


11. Third-Party Websites and Links

Our website may contain links to third-party websites, applications, or services that are not owned or controlled by Cafe Rio. These may include social media platforms, restaurant partner websites, payment portals, or third-party review platforms. This Privacy Policy applies only to our website and services at caferiodelivery.click.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. We strongly encourage you to review the privacy policies of any third-party websites you visit before providing any personal information to them.

The inclusion of any link on our website does not imply our endorsement of the linked site or its privacy practices.


12. Do Not Track Signals

Some web browsers may transmit "Do Not Track" (DNT) signals to websites they visit. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As a result, our website does not currently alter its data collection or usage practices in response to DNT signals from your browser. We will continue to monitor developments in this area and update our practices accordingly as industry standards evolve.

California residents who wish to exercise their opt-out rights may do so pursuant to their rights under the CCPA/CPRA as described in Section 6 of this policy.


13. How to File a Privacy Complaint

If you believe that we have not handled your personal information in accordance with this Privacy Policy or applicable privacy laws, we encourage you to contact us first so that we can address your concerns directly.

13.1 Contact Us Directly

Please reach out to our Privacy team using the contact details below, and we will make every effort to resolve your complaint promptly and fairly:

We aim to acknowledge all privacy complaints within 5 business days and provide a full response within 30 days.

13.2 Reporting to Regulatory Authorities

If you are not satisfied with our response, or if you believe we are processing your personal information in violation of applicable law, you may file a complaint with the relevant regulatory authority:

  • Federal Trade Commission (FTC): The FTC is the primary federal agency responsible for consumer protection and data privacy enforcement in the United States. You may file a complaint at: www.ftc.gov or by calling 1-877-FTC-HELP (1-877-382-4357).
  • California Privacy Protection Agency (CPPA): If you are a California resident and believe your CCPA/CPRA rights have been violated, you may contact the California Privacy Protection Agency at: cppa.ca.gov.
  • State Attorney General: Residents of most U.S. states may also file privacy-related complaints with their state's Attorney General office. Contact details for your state's Attorney General can typically be found through your state's official government website.

14. Changes to This Privacy Policy

We reserve the right to modify, update, or revise this Privacy Policy at any time to reflect changes in our business practices, legal requirements, or technological developments. When we make material changes to this policy, we will:

  • Update the "Last Updated" date at the top of this page
  • Post a prominent notice on our website homepage
  • Send an email notification to registered users (for significant changes)

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal information. Your continued use of our website and services after any changes to this policy are posted will constitute your acceptance of the revised policy. If you do not agree with the updated policy, please discontinue using our services and contact us to close your account.


15. Contact Us

If you have any questions, concerns, or requests related to this Privacy Policy or the handling of your personal information, please do not hesitate to reach out to us. Our Privacy team is available to assist you and is committed to responding to all inquiries in a timely and transparent manner.

Privacy Contact Information — Cafe Rio
Company Cafe Rio
Website caferiodelivery.click
Email [email protected]
Location United States
Policy Effective Date July 1, 2026