Privacy Policy

Effective Date: June 12, 2026 | Last Updated: June 12, 2026

Welcome to Cafe Rio. We are deeply committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website freshcaferio.click, place orders through our online platform, subscribe to our services, or otherwise interact with us. Please read this policy carefully. If you disagree with its terms, please discontinue use of our site and services.

This Privacy Policy applies to all information collected through our website, mobile experiences, and any related services, sales, marketing, or events (collectively referred to as our "Services"). We operate in the United States and comply with applicable federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable state privacy regulations.

1. About Us

Cafe Rio is a food service business dedicated to providing fresh, high-quality meals and dining experiences to our customers across the United States. We operate our digital presence through our website and online ordering platform at freshcaferio.click.

Business Name	Cafe Rio
Website	freshcaferio.click
Email Address	[email protected]
Operating Location	United States

2. Information We Collect

We collect information about you in various ways when you use our Services. The types of information we collect are described in detail below. We only collect information that is necessary for the purposes described in this Privacy Policy.

2.1 Personal Information You Provide Directly

When you interact with our website, create an account, place an order, subscribe to our newsletter, or contact our customer support, you may voluntarily provide us with personal information, including:

Name: First and last name used for account registration and order fulfillment.
Email Address: Used for account creation, order confirmations, promotional communications, and customer support.
Phone Number: Used for order updates, delivery coordination, and customer service.
Mailing and Delivery Address: Required for processing and delivering food orders to your location.
Payment Information: Credit card numbers, debit card details, billing address, and other financial data needed to process your transactions. Note that payment card details are processed through secure, PCI-DSS-compliant third-party payment processors, and we do not store your full card numbers on our servers.
Account Credentials: Username and password for your Cafe Rio online account.
Dietary Preferences and Food Allergies: Information you choose to share regarding food preferences, allergies, or dietary restrictions to help us customize your experience.
Communications: Any messages, feedback, reviews, or other content you send to us through our contact forms, emails, or customer support channels.
Loyalty Program Data: Points balance, redemption history, and preferences associated with any loyalty or rewards program you participate in.

2.2 Information Collected Automatically

When you visit or interact with our website, we automatically collect certain technical and usage information through cookies, web beacons, pixel tags, and other tracking technologies. This information includes:

IP Address: Your internet protocol address, which can indicate your approximate geographic location.
Browser Type and Version: The web browser you use to access our site (e.g., Chrome, Firefox, Safari).
Device Information: Type of device (desktop, mobile, tablet), operating system, device identifiers, and screen resolution.
Usage Data: Pages you visit, links you click, time spent on each page, referral URLs, and your navigation paths through our website.
Log Data: Server logs that record access times, error reports, and other diagnostic information.
Cookie Identifiers: Unique identifiers stored in cookies on your browser to remember your preferences and session data.
Location Data: General location data based on your IP address or, with your explicit consent, more precise GPS-based location data from your mobile device.
Transaction History: Records of past orders, items purchased, frequency of orders, and spending patterns on our platform.

2.3 Information from Third Parties

We may also receive information about you from third-party sources, which we may combine with information we already hold:

Social Media Platforms: If you connect your social media account (such as Facebook or Google) to log into our website, we may receive basic profile information such as your name, email address, and profile picture.
Marketing and Analytics Partners: Third-party analytics providers and advertising networks may share aggregated or de-identified information about your interactions with our ads or related websites.
Delivery Partners: Third-party delivery services integrated with our platform may share information relevant to completing and tracking your food delivery orders.
Payment Processors: Our payment processors may share transaction confirmation data, fraud alerts, and billing verification details with us.

3. How We Use Your Information

We use the personal information we collect for legitimate business purposes related to providing, improving, and promoting our food service offerings. Specifically, we use your information for the following purposes:

3.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders, including coordinating delivery or pickup arrangements.
Managing your account registration and login credentials.
Sending order confirmations, receipts, and updates regarding your orders.
Providing customer support and responding to your inquiries, complaints, and feedback.
Administering loyalty and rewards programs you have enrolled in.
Customizing your dining experience based on your stated dietary preferences and past order history.

3.2 Analytics and Service Improvement

Analyzing usage patterns on our website to understand how customers interact with our Services and to improve functionality and user experience.
Conducting internal research and analytics to develop new menu items, features, and service improvements.
Monitoring the performance, security, and reliability of our website and technology infrastructure.
Detecting and preventing fraudulent transactions, unauthorized account access, and other security threats.
Generating aggregated, anonymized reports on customer behavior and preferences for internal business planning.

3.3 Marketing and Communications

Sending you promotional emails, newsletters, special offers, and information about new menu items or seasonal promotions — but only where you have provided consent or where we have a legitimate interest to do so under applicable law.
Displaying targeted advertising to you on our website, partner websites, and social media platforms based on your browsing behavior and interests.
Conducting customer satisfaction surveys and requesting reviews of our products and services.
Personalizing marketing communications based on your order history, location, and stated preferences.

3.4 Legal and Compliance Purposes

Complying with applicable federal and state laws, regulations, legal processes, and government requests.
Enforcing our Terms of Service and other applicable agreements.
Protecting the rights, property, and safety of Cafe Rio, our customers, and the public.
Resolving disputes, handling claims, and defending against legal actions.

4. How We Share Your Information

We do not sell, rent, or trade your personal information to unaffiliated third parties for their own marketing purposes without your explicit consent. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We engage trusted third-party service providers who assist us in operating our website and delivering our Services. These providers have access to your personal information only to the extent necessary to perform their services and are contractually obligated to protect your data in accordance with this Privacy Policy and applicable law. Our service providers include:

Payment Processors: To securely process your transactions and prevent fraud.
Delivery Partners: To coordinate and complete food delivery to your specified address.
Email Service Providers: To send transactional and marketing communications on our behalf.
Cloud Hosting and IT Service Providers: To host our website, store data securely, and maintain our technology infrastructure.
Analytics Providers: Such as Google Analytics, to help us understand how customers use our website and improve our Services.
Customer Support Platforms: To manage and respond to customer inquiries and complaints efficiently.
Marketing and Advertising Platforms: To deliver targeted advertising campaigns on your behalf.

4.2 Legal Requirements and Safety

We may disclose your personal information when we believe in good faith that disclosure is necessary to:

Comply with a legal obligation, court order, subpoena, or governmental request.
Enforce our Terms of Service or protect our rights, property, or safety.
Investigate potential violations of law or our policies.
Protect the safety, health, or rights of our customers, employees, or the general public.
Detect or prevent fraud, security incidents, or technically wrongful behavior.

4.3 Business Transfers

In the event that Cafe Rio is involved in a merger, acquisition, sale of assets, financing, or other corporate transaction, your personal information may be transferred as part of that transaction. We will provide notice to you prior to such transfer and inform you of any changes to how your data will be handled. Any successor entity will be bound by the terms of this Privacy Policy or will provide you with a new privacy notice.

4.4 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and business development purposes. Such sharing does not constitute a disclosure of your personal information.

5. Cookies and Tracking Technologies

Our website uses cookies, web beacons, pixel tags, and similar tracking technologies to enhance your experience, analyze usage patterns, and deliver personalized content and advertising.

5.1 Types of Cookies We Use

Strictly Necessary Cookies: Essential for the website to function properly. They enable core features such as page navigation, access to secure areas, and shopping cart functionality. These cookies cannot be disabled.
Performance and Analytics Cookies: Help us understand how visitors interact with our website by collecting information about pages visited, time spent on the site, and any errors encountered. We use this data to improve website performance.
Functionality Cookies: Allow the website to remember your preferences (such as your saved address or dietary preferences) to provide a more personalized experience.
Marketing and Advertising Cookies: Used to deliver advertisements relevant to your interests and to track the effectiveness of our marketing campaigns across different websites.

5.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or receive a notification before a cookie is placed. Please note that disabling certain cookies may affect the functionality of our website and your ability to use certain features. For more detailed information about the cookies we use and how to manage them, please refer to our Cookie Policy.

6. Data Security

The security of your personal information is a top priority for Cafe Rio. We implement a comprehensive set of technical, administrative, and physical security measures designed to protect your data from unauthorized access, disclosure, alteration, loss, or destruction.

6.1 Technical Safeguards

SSL/TLS Encryption: All data transmitted between your browser and our website is encrypted using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols.
Data Encryption at Rest: Sensitive personal data stored on our servers is encrypted using industry-standard encryption algorithms.
Secure Payment Processing: All payment card transactions are processed through PCI-DSS-compliant third-party processors, ensuring your financial data is handled to the highest security standards.
Firewall and Intrusion Detection Systems: We employ firewalls, intrusion detection and prevention systems, and other network security measures to protect our infrastructure.
Access Controls: Access to your personal information is restricted to authorized Cafe Rio employees and contractors who require it to perform their job functions, and is governed by strict role-based access controls.

6.2 Organizational Safeguards

Regular employee training on data privacy, security best practices, and our internal policies.
Confidentiality agreements with all employees and contractors who handle personal information.
Periodic security audits, vulnerability assessments, and penetration testing.
A documented data breach response plan that includes timely notification to affected individuals and regulatory authorities as required by applicable law.

Important Notice: While we take extensive precautions to protect your personal information, no method of data transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, and you provide your personal information at your own risk. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you as required by applicable law.

7. Your Privacy Rights

Depending on your state of residence in the United States, you may have specific legal rights regarding your personal information. We respect and honor these rights as described below.

7.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

Right to Know: You have the right to request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of that information, the purposes for which we use it, and the categories of third parties with whom we share it.
Right to Delete: You have the right to request that we delete the personal information we have collected about you, subject to certain exceptions (such as where retention is necessary to complete a transaction, comply with a legal obligation, or protect against security threats).
Right to Correct: You have the right to request that we correct inaccurate personal information we hold about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information to third parties for cross-context behavioral advertising purposes.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of sensitive personal information (such as financial information or precise geolocation) to what is necessary to provide you with the Services.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you our Services, charge you different prices, or provide a different level of quality because you exercised your rights.

7.2 General Privacy Rights (All U.S. Residents)

Right to Access: You may request a copy of the personal information we hold about you.
Right to Correction: You may request that we update or correct inaccurate or incomplete information in your account.
Right to Deletion: You may request that we delete your personal information, subject to applicable legal limitations.
Right to Data Portability: Where technically feasible, you may request that we provide your personal information in a structured, commonly used, machine-readable format.
Right to Withdraw Consent: Where our processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.
Right to Opt-Out of Marketing: You may opt out of receiving marketing and promotional communications from us at any time by clicking the "unsubscribe" link in any of our emails or by contacting us directly.

7.3 How to Exercise Your Rights

To exercise any of your privacy rights, please submit a verifiable request to us using one of the following methods:

Email: [email protected]
Website: freshcaferio.click (via our contact form)

We will respond to your verified request within 45 days of receipt. If we require additional time (up to 90 days total), we will inform you of the reason and extension in writing. We may need to verify your identity before processing your request to ensure the security of your personal information.

8. Data Retention

We retain your personal information only for as long as is necessary to fulfill the purposes for which it was collected, to provide our Services, and to comply with our legal obligations. The specific retention periods we apply are as follows:

Category of Data	Retention Period	Basis for Retention
Account and Registration Data	Duration of account + 3 years after closure	Contractual obligation, legal compliance
Order and Transaction History	7 years from date of transaction	Tax, financial, and legal compliance
Payment Information	Only for duration of transaction (card details not stored)	PCI-DSS compliance
Marketing and Communication Data	Until you opt out + 1 year	Consent / legitimate interest
Website Usage and Analytics Data	26 months from collection	Analytics and service improvement
Customer Support Communications	3 years from last interaction	Legal defense, service improvement
Cookie Data	As specified in Cookie Policy (typically 30 days to 2 years)	Functionality and analytics

When your personal information is no longer required, we will securely delete, destroy, or anonymize it in accordance with our data retention and disposal procedures.

9. Children's Privacy

Age Restriction: Our Services are intended for individuals who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 18.

Cafe Rio's website, online ordering platform, and related Services are not directed to, intended for, or designed to attract children under the age of 18. We do not knowingly collect personal information from minors under 18 years of age. If you are under 18, please do not use our Services or provide any personal information through our website.

If we discover or are notified that we have inadvertently collected personal information from a person under the age of 18, we will promptly take steps to delete that information from our records. If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information, please contact us immediately at [email protected] so that we can take appropriate action.

We are committed to compliance with the Children's Online Privacy Protection Act (COPPA) and all applicable federal and state laws regarding the privacy of children online.

10. International Data Transfers

Cafe Rio is based in the United States, and our primary data processing and storage activities take place within the United States. Our website is operated and managed from the United States, and the personal information we collect is primarily stored on servers located in the United States.

However, as a result of our use of certain third-party service providers — including cloud hosting services, analytics platforms, email service providers, and marketing partners — your personal information may be transferred to, stored in, or processed in countries outside of your state of residence or, in some cases, outside of the United States. These countries may have data protection laws that differ from those of your home jurisdiction.

Whenever we transfer personal information internationally, we take appropriate steps to ensure that such transfers comply with applicable data protection laws and that your information remains protected to a standard consistent with this Privacy Policy. These steps may include entering into data processing agreements with our international service providers that incorporate standard contractual protections.

By using our Services, you acknowledge and consent to the transfer of your personal information to the United States and, where applicable, to other countries, as described in this Privacy Policy.

11. Third-Party Links and Services

Our website may contain links to third-party websites, applications, social media platforms, or services that are not owned or controlled by Cafe Rio. This Privacy Policy applies solely to information collected by Cafe Rio through our own Services. We are not responsible for the privacy practices of third-party websites or services.

We encourage you to review the privacy policies of any third-party websites or services you visit or use, as their data collection and handling practices may differ significantly from ours. The inclusion of a link to a third-party website on our site does not constitute an endorsement of that website or its privacy practices.

12. Do Not Track Signals

Some web browsers transmit "Do Not Track" (DNT) signals to websites they visit. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As a result, our website does not currently respond to browser DNT signals. We continue to monitor developments in this area and may update our practices in the future. You can manage your tracking preferences through our cookie consent settings available on our website.

13. Marketing Communications and Opt-Out

With your consent or where otherwise permitted by law, we may send you promotional emails, newsletters, special offers, and other marketing communications related to Cafe Rio's products, services, and promotions. We strive to make our communications relevant and valuable to you.

You have the right to opt out of receiving marketing communications from us at any time, free of charge. You may do so by:

Clicking the "Unsubscribe" link at the bottom of any marketing email we send you.
Logging into your Cafe Rio account and updating your communication preferences in your account settings.
Contacting us directly at [email protected] with your request to opt out.

Please note that even if you opt out of marketing communications, we may still send you transactional and service-related communications, such as order confirmations, receipts, and important account notices, as these are necessary for the operation of our Services.

14. Filing Complaints with Regulatory Authorities

If you believe that your privacy rights have been violated and you are dissatisfied with our response to your concerns, you have the right to file a complaint with the appropriate regulatory authority. In the United States, the relevant authorities include:

14.1 Federal Trade Commission (FTC)

The Federal Trade Commission (FTC) is the primary federal agency responsible for enforcing consumer protection laws, including privacy-related violations under the FTC Act. You may file a complaint with the FTC at:

Website: www.ftc.gov/complaint
Phone: 1-877-382-4357
Address: Federal Trade Commission, 600 Pennsylvania Avenue NW, Washington, DC 20580

14.2 California Attorney General (California Residents)

California residents who believe their rights under the CCPA/CPRA have been violated may file a complaint with the California Privacy Protection Agency (CPPA) or the California Attorney General's Office:

California Privacy Protection Agency: cppa.ca.gov
California Attorney General: oag.ca.gov/privacy/ccpa

14.3 State Attorney General Offices

Residents of other states may also have the right to file complaints with their respective state attorney general's office regarding violations of applicable state privacy laws. We encourage you to consult the relevant authority in your state of residence.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes to this Privacy Policy, we will notify you by:

Posting the updated Privacy Policy on our website at freshcaferio.click with a revised "Last Updated" date.
Sending you an email notification to the email address associated with your account (where we have your email address and the changes are material).
Displaying a prominent notice on our website when you first visit after the changes take effect.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our Services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy. If you do not agree with the updated policy, you should discontinue use of our Services and may request deletion of your account and personal data.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, the way we handle your personal information, or if you wish to exercise any of your privacy rights, please do not hesitate to contact us. We are committed to addressing your concerns promptly and transparently.

Privacy Inquiries — Contact Information

Business Name: Cafe Rio

Website: freshcaferio.click

Email: [email protected]

Operating Location: United States

We will do our best to respond to all privacy-related inquiries and requests within 45 days of receipt. For complex requests, we may require additional time (up to 90 days total), and we will notify you of any such extension within the initial 45-day period.

When contacting us to exercise your rights or make a privacy inquiry, please provide sufficient information to allow us to identify you and process your request effectively. We may request additional verification to confirm your identity before fulfilling certain requests, particularly those involving access to, deletion of, or changes to personal information.

Thank you for trusting Cafe Rio with your personal information. We are committed to handling your data with the utmost care, transparency, and respect for your privacy rights.

This Privacy Policy was last reviewed and updated on June 12, 2026. The contents of this Privacy Policy are governed by the laws of the United States, including applicable federal statutes and state privacy laws. If any provision of this Privacy Policy is found to be unenforceable, the remaining provisions shall remain in full force and effect.