Privacy Policy

Effective Date: June 24, 2026 | Last Updated: June 24, 2026

Important Notice: This Privacy Policy explains how Cafe Rio collects, uses, stores, and protects your personal information when you visit our website at mealcaferio.click or use any of our food-related services. Please read this document carefully before using our services.

1. Introduction and Who We Are

Welcome to Cafe Rio. We operate the website located at mealcaferio.click and provide food-related services to our customers across the United States. We are committed to protecting your personal information and your right to privacy.

This Privacy Policy applies to all information collected through our website, mobile applications, and any related services, sales, marketing, or events (collectively referred to as the "Services"). By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy.

If you have any questions or concerns about our policy or our practices with regard to your personal information, please contact us using the information provided below:

Contact Information

Company Name: Cafe Rio
Website: mealcaferio.click
Email: [email protected]

We operate under the laws of the United States, including applicable federal and state privacy laws such as the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), and the Federal Trade Commission Act (FTC Act), which governs our consumer protection and data practices.

2. Information We Collect

We collect several different types of information for various purposes to provide and improve our Services to you. The categories of personal information we collect are described in detail below.

2.1 Personal Information You Provide Directly

When you interact with our Services, you may voluntarily provide us with personal information, including but not limited to:

Identity Information: Your full name, username, or similar identifiers used when creating an account or placing an order.
Contact Information: Email address, telephone number, mailing address, and billing address.
Account Credentials: Username, password, and other security information used for authentication and account access.
Payment Information: Credit card numbers, debit card numbers, bank account information, and other financial data necessary to process transactions. Note that payment card data is processed through secure third-party payment processors and we do not store complete payment card numbers on our servers.
Order Information: Details about food items ordered, special dietary requirements, delivery instructions, and order history.
Communication Data: Messages, feedback, reviews, survey responses, and other content you submit to us through contact forms, customer service inquiries, or promotional participation.
Preferences: Dietary preferences, favorite menu items, and other customization choices you make when using our Services.

2.2 Information Collected Automatically

When you visit our website or use our Services, certain information is automatically collected about your device and how you interact with our platform:

Usage Data: Pages viewed, links clicked, time spent on pages, navigation paths through our website, and other interaction data.
Device Information: IP address, browser type and version, operating system, device type (mobile, desktop, tablet), screen resolution, and hardware identifiers.
Location Data: General geographic location derived from your IP address, and precise geolocation data if you grant permission through your device settings (used for delivery services and finding nearby locations).
Log Data: Server logs that record your requests, error logs, and diagnostic information generated during your interaction with our Services.
Referral Information: The website or source that directed you to our Services, search terms used to find us, and referral URLs.

2.3 Information Collected Through Cookies and Tracking Technologies

We use cookies, web beacons, pixel tags, local storage, and similar tracking technologies to collect information about your browsing behavior and preferences. This helps us personalize your experience, analyze usage patterns, and deliver targeted advertising.

The types of cookies we use include:

Cookie Type	Purpose	Duration
Essential Cookies	Required for the website to function properly, including session management, shopping cart functionality, and security features.	Session / Up to 1 year
Analytics Cookies	Help us understand how visitors interact with our website by collecting and reporting information anonymously.	Up to 2 years
Functional Cookies	Remember your preferences and personalize your experience, such as language settings and saved items.	Up to 1 year
Marketing Cookies	Track your activity across websites to deliver targeted advertisements relevant to your interests.	Up to 2 years

For more detailed information about the cookies we use and how to manage your cookie preferences, please refer to our Cookie Policy. You can also control cookie settings through your browser settings at any time.

2.4 Information From Third Parties

We may receive information about you from third-party sources, which we combine with information we collect directly. These sources include:

Social media platforms when you connect your social media account to our Services or log in using social authentication (e.g., Facebook Login, Google Sign-In).
Third-party delivery partners and food service platforms that facilitate orders on our behalf.
Marketing and advertising partners who provide us with information to improve our targeting and campaign performance.
Analytics providers that supply us with aggregated data about website traffic and user behavior patterns.
Payment processors and fraud prevention services that provide transaction verification data.

3. How We Use Your Information

We use the personal information we collect for a variety of purposes, all of which are aimed at providing you with the best possible experience with our Services and ensuring the smooth operation of our business.

3.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders, including coordinating delivery or pickup arrangements.
Creating and managing your customer account, including maintaining your order history and preferences.
Processing payments and preventing fraudulent transactions.
Sending transactional communications, including order confirmations, receipts, shipping updates, and delivery notifications.
Providing customer support and responding to your inquiries, complaints, and feedback.
Personalizing your experience on our platform based on your past orders, dietary preferences, and behavior.

3.2 Analytics and Service Improvement

Analyzing usage patterns, trends, and user behavior to understand how our Services are being used and to identify areas for improvement.
Conducting research and development to create new features, menu offerings, and service enhancements.
Monitoring the performance and technical functionality of our website and applications.
Generating statistical reports and aggregated analytics that help us make informed business decisions.
Testing new features, updates, and promotions before broader deployment.

3.3 Marketing and Promotional Communications

Sending you promotional emails, newsletters, and special offers about our food products, services, and events, subject to your marketing preferences and applicable opt-out rights.
Displaying targeted advertisements on our website and on third-party platforms based on your interests and behavior.
Conducting surveys and collecting feedback to improve our offerings and customer satisfaction.
Administering loyalty programs, contests, sweepstakes, and promotional campaigns.
Notifying you about changes to our Services, new menu items, and special seasonal promotions.

Opt-Out Rights: You have the right to opt out of receiving marketing communications from us at any time. You can do this by clicking the "unsubscribe" link in any marketing email we send, or by contacting us directly at [email protected]. Please note that even if you opt out of marketing communications, you will still receive transactional communications related to your orders and account.

3.4 Legal Compliance and Safety

Complying with applicable laws, regulations, legal processes, and governmental requests.
Enforcing our Terms of Service and other agreements.
Protecting the rights, property, and safety of Cafe Rio, our customers, and the public.
Detecting, preventing, and addressing fraud, security breaches, and other potentially prohibited or illegal activities.
Maintaining records as required by applicable food safety regulations and business law.

4. Sharing Your Information With Third Parties

We do not sell your personal information to third parties for monetary compensation. However, we may share your information with certain categories of third parties as described below. Under the CCPA/CPRA, some forms of data sharing for advertising purposes may be considered a "sale" or "sharing" of personal information, and California residents have the right to opt out of such practices.

4.1 Service Providers and Business Partners

We share personal information with trusted service providers who assist us in operating our business and providing our Services. These include:

Delivery and Logistics Partners: Third-party delivery services that fulfill your food orders and coordinate delivery to your location.
Payment Processors: Secure payment processing companies that handle financial transactions on our behalf.
Cloud and Hosting Providers: Technology companies that host our website, databases, and application infrastructure.
Analytics Providers: Companies such as Google Analytics that help us understand website usage and user behavior.
Email and Communication Services: Providers that help us send transactional and marketing emails, push notifications, and SMS messages.
Customer Support Tools: Platforms that facilitate our customer service operations and help manage support tickets and inquiries.
Marketing and Advertising Platforms: Digital advertising networks and social media platforms that help us reach potential customers and retarget existing users.

All service providers are contractually required to use your information only for the purposes of providing services to us and are prohibited from using your information for their own independent purposes. They are also required to maintain appropriate security measures to protect your data.

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

Comply with applicable law, regulation, legal process, or enforceable governmental request.
Respond to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Enforce our Terms of Service or other applicable agreements, including investigation of potential violations.
Protect against harm to the rights, property, or safety of Cafe Rio, our users, or the public as required or permitted by law.
Detect, prevent, or otherwise address fraud, security, or technical issues affecting our Services.

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, dissolution, or sale of all or a portion of our assets, your personal information may be transferred as part of such a transaction. We will notify you via email and/or a prominent notice on our website of any such change in ownership or uses of your personal information, as well as any choices you may have regarding your information in such circumstances.

4.4 Aggregated and De-Identified Information

We may share aggregated or de-identified information, which cannot reasonably be used to identify you, with third parties for research, marketing, analytics, and other purposes. This type of sharing does not constitute a disclosure of personal information as it does not identify you as an individual.

5. Data Security

The security of your personal information is a top priority for Cafe Rio. We have implemented a comprehensive set of technical, administrative, and physical security measures designed to protect your information from unauthorized access, disclosure, alteration, and destruction.

5.1 Technical Safeguards

Encryption: We use industry-standard SSL/TLS encryption to protect data transmitted between your browser and our servers. Sensitive data, including payment information, is encrypted both in transit and at rest.
Access Controls: Access to personal information is restricted to authorized personnel who need it to perform their job functions. We use role-based access controls and multi-factor authentication for sensitive systems.
Firewalls and Intrusion Detection: Our systems are protected by firewalls, intrusion detection systems, and regular security monitoring to identify and respond to potential threats.
Regular Security Audits: We conduct regular security assessments and vulnerability testing to identify and address potential weaknesses in our systems.

5.2 Administrative Safeguards

Employee training on data privacy and security best practices.
Confidentiality agreements with all staff who handle personal information.
Incident response procedures for detecting and responding to data breaches.
Regular review and updating of our privacy and security policies.

Important Limitation: While we take reasonable precautions to protect your personal information, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security of your data. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at [email protected].

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods we apply are as follows:

Data Category	Retention Period	Reason
Account Information	Duration of account plus 3 years after closure	Customer service, dispute resolution, legal compliance
Order History	7 years	Tax and financial record-keeping requirements
Payment Records	7 years	Financial and tax compliance obligations
Marketing Preferences	Until opt-out plus 1 year	To honor opt-out requests and prevent re-subscription errors
Website Usage Data	Up to 2 years	Analytics and service improvement
Customer Support Records	3 years from resolution	Quality assurance and dispute resolution
Cookie Data	As specified in Cookie Policy (up to 2 years)	Personalization and analytics

When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention schedules. In some cases, we may retain anonymized data for longer periods for statistical or research purposes, where such data can no longer be linked back to you as an individual.

7. Your Rights and Choices

Depending on your location within the United States, you may have certain rights with respect to your personal information. We are committed to honoring these rights in accordance with applicable law.

7.1 Rights for All Users

Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You may request that we correct inaccurate or incomplete personal information about you.
Right to Deletion: You may request that we delete your personal information, subject to certain exceptions required by law or legitimate business purposes.
Right to Opt Out of Marketing: You can opt out of receiving marketing communications from us at any time.
Right to Data Portability: Where technically feasible, you may request a copy of your data in a structured, machine-readable format.

7.2 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: The right to know what categories of personal information we collect, the purposes for collection, and the categories of third parties with whom we share it.
Right to Delete: The right to request deletion of personal information we have collected, with certain exceptions.
Right to Correct: The right to request correction of inaccurate personal information.
Right to Opt Out of Sale/Sharing: The right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information: The right to limit our use of your sensitive personal information to what is necessary to provide the requested services.
Right to Non-Discrimination: The right not to receive discriminatory treatment for exercising your CCPA/CPRA rights. We will not deny you goods or services, charge different prices, or provide a different level of quality because you exercised your privacy rights.

California Residents — Do Not Sell or Share My Personal Information: California residents may opt out of the sale or sharing of their personal information by contacting us at [email protected] with the subject line "Do Not Sell or Share My Personal Information."

7.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a verifiable consumer request to us by:

Email: [email protected] with the subject line "Privacy Rights Request"
Website: Through our contact form at mealcaferio.click

We will acknowledge receipt of your request within 10 business days and provide a substantive response within 45 calendar days of receipt. If we require additional time (up to 90 days total), we will notify you of the extension and the reason for the delay.

To protect your privacy and security, we may need to verify your identity before processing your request. We will ask you to provide certain information to confirm that you are the person about whom we have collected personal information.

You may also designate an authorized agent to make a request on your behalf. The authorized agent must provide written permission signed by you, and we may still require you to verify your identity directly with us.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website, understand how you use our Services, and deliver relevant content and advertising. Cookies are small text files that are stored on your device when you visit a website.

Our use of cookies falls into four main categories: essential cookies necessary for the website to function, analytics cookies that help us understand user behavior, functional cookies that remember your preferences, and marketing cookies used for targeted advertising purposes.

You have the right to manage your cookie preferences at any time. You can:

Configure your browser settings to block or delete cookies (note that this may affect the functionality of our website).
Use our cookie preference center on our website to customize which categories of cookies you accept.
Opt out of interest-based advertising through industry opt-out tools such as the Digital Advertising Alliance (DAA) opt-out portal at www.aboutads.info.
Use browser extensions designed to block tracking technologies.

For comprehensive information about the specific cookies we use, their purposes, and how to manage them, please visit our full Cookie Policy.

9. Children's Privacy

Our Services are intended exclusively for users who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from individuals under the age of 18.

We do not knowingly market to children under 13, and our practices comply with the Children's Online Privacy Protection Act (COPPA). If we become aware that we have inadvertently collected personal information from a child under 13, we will take immediate steps to delete that information from our records.

If you are a parent or guardian and you believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. We will investigate the matter and take appropriate action, which may include deleting the child's information from our systems.

Age Restriction: By using our Services, you confirm that you are at least 18 years of age. If you are under 18, please do not use our website or provide any personal information to us.

10. International Data Transfers

Cafe Rio is based in the United States, and the information we collect is governed by U.S. law. Our primary data processing activities occur within the United States. However, some of our third-party service providers may operate in or transfer data to other countries.

If you are accessing our Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States. Data protection laws in the United States may differ from those in your country of residence. By using our Services, you acknowledge and consent to the transfer of your information to the United States and its processing under U.S. law.

When we transfer data internationally, we take steps to ensure that appropriate safeguards are in place to protect your personal information, including:

Entering into data transfer agreements with our international service providers that incorporate standard contractual clauses or other approved transfer mechanisms.
Ensuring that any third-party service providers we work with maintain adequate data protection standards regardless of where they are located.
Limiting international data transfers to what is necessary for the provision of our Services.

11. Third-Party Links and Services

Our website may contain links to third-party websites, applications, and services, including social media platforms, delivery partner websites, and payment processing pages. These third-party sites have their own privacy policies, and we do not accept any responsibility or liability for their policies or practices.

When you click on a link to a third-party website or engage a third-party service, you are subject to the privacy practices of that third party, not ours. We strongly encourage you to review the privacy policies of any third-party sites you visit before providing any personal information.

This Privacy Policy does not apply to information collected through third-party websites, applications, or services that may link to or be accessible from our Services.

12. Social Media and User-Generated Content

Our Services may include features that integrate with social media platforms, such as social login options, social sharing buttons, or the ability to connect your social media accounts. When you use these features, we may receive information from those platforms as described in Section 2.4 of this Privacy Policy.

If you post reviews, comments, or other content on our website or through our Services, please be aware that such content may be publicly visible to other users. We are not responsible for how other users may use information you have voluntarily shared in public areas of our Services.

13. How to File a Complaint With a Data Protection Authority

If you believe that we have not handled your personal information in accordance with applicable law, you have the right to file a complaint with the appropriate regulatory authority.

13.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) enforces consumer protection laws in the United States, including rules related to unfair or deceptive practices in data handling. You may file a complaint with the FTC at:

Website: www.ftc.gov
Phone: 1-877-FTC-HELP (1-877-382-4357)
Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

13.2 California Residents — California Privacy Protection Agency

California residents may also file a complaint with the California Privacy Protection Agency (CPPA), which enforces the CCPA/CPRA:

Website: cppa.ca.gov
Email: [email protected]

13.3 State Attorney General Offices

Depending on your state of residence, you may also be able to file a complaint with your state Attorney General's office. Many states have consumer protection divisions that handle privacy-related complaints.

Before filing a complaint with any regulatory authority, we encourage you to contact us directly at [email protected] so that we have an opportunity to resolve your concern. We are committed to working with you to address any privacy issues in a timely and fair manner.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time in response to changing legal requirements, business practices, or improvements to our Services. When we make material changes to this policy, we will notify you through one or more of the following methods:

Sending an email notification to the address associated with your account.
Posting a prominent notice on our website at mealcaferio.click.
Updating the "Last Updated" date at the top of this Privacy Policy.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after the effective date of any updated Privacy Policy constitutes your acceptance of the updated terms. If you do not agree with the changes, you should discontinue use of our Services and may request deletion of your account and personal information.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to contact us. We take all privacy inquiries seriously and will respond to your request as promptly as possible.

Privacy Inquiries — Contact Information

Company: Cafe Rio
Website: mealcaferio.click
Email: [email protected]
Subject Line for Privacy Requests: "Privacy Rights Request" or "Privacy Inquiry"

Our privacy team is dedicated to addressing your concerns and ensuring that your personal information is handled with the highest standards of care and integrity. We aim to acknowledge all privacy inquiries within 10 business days of receipt.