Privacy Policy
This Privacy Policy describes how Cafe Rio ("we," "us," or "our") collects, uses, discloses, and protects your personal information when you visit our website at scafe-rio.click, use our online ordering services, participate in our loyalty programs, or otherwise interact with us. We are committed to protecting your privacy and handling your personal data in an open and transparent manner.
Please read this Privacy Policy carefully. By accessing or using our website or services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with this policy, please discontinue use of our website and services immediately.
This Privacy Policy applies to all users of our website and services located in the United States. We comply with applicable federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable state and federal regulations governing the collection, use, and disclosure of personal information.
1. About Us and Contact Information
Cafe Rio is a food service business operating in the United States. We provide dining, catering, and online food ordering services to our valued customers.
| Company Name | Cafe Rio |
|---|---|
| Website | scafe-rio.click |
| Email Address | [email protected] |
For any privacy-related questions, concerns, or requests, you may contact our privacy team directly at [email protected]. We are committed to responding to all privacy inquiries within a reasonable timeframe, and in any case, within the timeframe required by applicable law.
2. Information We Collect
We collect various types of information in connection with your use of our website and services. The categories of personal information we collect are described in detail below.
2.1 Personal Information You Provide to Us
We collect personal information that you voluntarily provide to us when you:
- Create an account or register for our loyalty program
- Place an order online or through our mobile platform
- Subscribe to our email newsletter or marketing communications
- Complete surveys, promotions, or contest entry forms
- Contact our customer support team
- Make a catering reservation or group order inquiry
- Apply for employment through our website
The personal information we collect in these contexts may include:
- Identifiers: Full name, username, email address, mailing address, phone number, date of birth
- Payment Information: Credit card numbers, billing address, and other payment-related data (processed securely through our payment processors)
- Order History: Details of food items ordered, order frequency, special dietary preferences or restrictions, and related transaction data
- Account Credentials: Username and encrypted password
- Communications Data: Records of your correspondence or communications with our customer service team
- Employment Information: Resume, work history, and contact details if you apply for a job
2.2 Information Collected Automatically
When you visit our website at scafe-rio.click, we and our third-party service providers automatically collect certain technical and usage information through cookies, web beacons, pixel tags, log files, and similar tracking technologies. This automatically collected data includes:
- Device Information: Device type, operating system and version, browser type and version, unique device identifiers, mobile network information, and hardware configuration
- Log Data: IP address, access dates and times, pages viewed, links clicked, referring URLs, and session duration
- Usage Data: Information about how you interact with our website, including navigation paths, search queries entered, features used, and content viewed
- Location Data: General geographic location inferred from your IP address; precise location data if you grant permission on a mobile device
- Cookie Data: Information stored in cookies and similar tracking technologies placed on your device (see Section 8 for detailed cookie information)
2.3 Information from Third-Party Sources
We may also receive information about you from third-party sources, including:
- Social Media Platforms: If you connect your account to a social media profile or log in using social sign-on (e.g., Google, Facebook), we receive basic profile information as authorized by you
- Delivery Partners: Information shared by third-party delivery services when you order through their platforms for fulfillment
- Analytics Providers: Aggregated or anonymized demographic and behavioral data to help us better understand our audience
- Advertising Partners: Information to help us reach you with relevant advertisements across other platforms
- Payment Processors: Transaction confirmation data, fraud signals, and payment status information
3. How We Use Your Information
We use the personal information we collect for a variety of legitimate business purposes. All uses of your personal data are grounded in one or more lawful bases, including the performance of a contract, compliance with legal obligations, legitimate business interests, or your consent where required.
3.1 Service Provision and Operations
- Processing and fulfilling your food orders and catering requests
- Managing your account, loyalty points, and membership benefits
- Processing payments and issuing refunds or credits
- Sending order confirmations, receipts, and delivery status notifications
- Providing customer service and responding to inquiries or complaints
- Enabling you to save favorite orders and dietary preferences
3.2 Business Improvement and Analytics
- Analyzing usage patterns and trends to improve our website functionality and user experience
- Conducting internal research and data analysis to understand customer preferences
- Monitoring and evaluating the performance of our digital platforms
- Developing new menu items, services, and features based on customer behavior
- Performing quality assurance and testing of new website features or ordering flows
3.3 Marketing and Communications
- Sending promotional emails, special offers, and news about Cafe Rio (with your consent or as permitted by applicable law)
- Personalizing your experience by showing relevant menu recommendations and offers
- Displaying targeted advertisements on third-party platforms based on your interests
- Administering contests, sweepstakes, and loyalty rewards programs
- Notifying you of changes to our menu, hours, locations, or policies
3.4 Legal Compliance and Safety
- Complying with applicable federal and state laws and regulations
- Detecting, investigating, and preventing fraudulent transactions, security breaches, and other illegal or harmful activities
- Enforcing our Terms of Service and other legal agreements
- Responding to lawful requests from government authorities, courts, or law enforcement agencies
- Protecting the rights, property, and safety of Cafe Rio, our customers, employees, and the public
4. Sharing of Your Information with Third Parties
We do not sell, rent, or trade your personal information to third parties for their own independent marketing purposes. However, we may share your personal information with the following categories of third parties under the circumstances described below.
4.1 Service Providers and Business Partners
We engage trusted third-party companies and individuals to perform services on our behalf. These service providers are given access to your personal information only to the extent necessary to perform their functions and are contractually obligated to maintain the confidentiality and security of your data. Categories of service providers include:
- Payment processors and fraud prevention services
- Cloud hosting, data storage, and IT infrastructure providers
- Email marketing and communications platforms
- Website analytics and performance measurement tools (e.g., Google Analytics)
- Customer relationship management (CRM) software providers
- Third-party food delivery and logistics partners
- Customer support and help desk software providers
- Advertising and remarketing technology platforms
4.2 Legal Requirements and Law Enforcement
We may disclose your personal information if we believe, in good faith, that such disclosure is necessary to: (a) comply with a legal obligation, subpoena, court order, or governmental request; (b) enforce our Terms of Service; (c) protect our rights, property, or safety or the rights, property, or safety of our users or the public; or (d) detect and prevent fraud or security incidents.
4.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, sale of assets, or similar corporate transaction, your personal information may be transferred to the successor entity as part of the transaction. We will notify you by email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information.
4.4 With Your Consent
We may share your personal information with other third parties when we have obtained your explicit consent to do so.
4.5 Aggregated and Anonymized Data
We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other purposes.
5. Data Security
Cafe Rio takes the security of your personal information seriously. We have implemented a variety of administrative, technical, and physical security measures designed to protect your personal data from unauthorized access, disclosure, alteration, destruction, or misuse. Our security practices include:
- Encryption: We use Secure Socket Layer (SSL) / Transport Layer Security (TLS) encryption to protect data transmitted between your browser and our website. Sensitive data such as payment card information is encrypted both in transit and at rest.
- Access Controls: Access to personal information is restricted to authorized employees and contractors who need it to perform their job functions. We enforce role-based access controls and require strong authentication for system access.
- Payment Security: We comply with the Payment Card Industry Data Security Standard (PCI-DSS) through our use of certified payment processors. We do not store full credit card numbers on our servers.
- Regular Security Assessments: We conduct periodic vulnerability assessments and security audits to identify and address potential weaknesses in our systems.
- Incident Response: We maintain a documented data breach response plan and will notify affected individuals and relevant regulatory authorities in the event of a security incident as required by applicable law.
- Employee Training: Our staff receives regular training on data privacy and security best practices.
While we strive to use commercially reasonable means to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. You are also responsible for maintaining the confidentiality of your account credentials and should notify us immediately at [email protected] if you suspect unauthorized access to your account.
6. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, regulatory, and reporting obligations. The specific retention periods we apply depend on the type of data and the purpose for which it was collected.
| Category of Data | Typical Retention Period |
|---|---|
| Account and registration data | Duration of account plus 3 years after account closure |
| Order and transaction history | 7 years (for tax and financial compliance purposes) |
| Customer support communications | 3 years from the date of the interaction |
| Marketing preferences and consent records | Until opt-out plus 3 years |
| Website usage and analytics data | 26 months (as configured in analytics platforms) |
| Cookie and tracking data | Variable (see Section 8 — Cookie Policy) |
| Employment application data | 2 years from the date of application |
| Legal and compliance records | As required by applicable law (typically 7 years) |
When personal information is no longer needed, we securely delete or anonymize it. If complete deletion is not immediately possible (for example, because data is stored in backup archives), we will isolate the data from further processing until deletion is feasible.
7. Your Privacy Rights
Depending on your state of residence, you may have certain rights with respect to your personal information. We respect and honor these rights in accordance with applicable federal and state privacy laws.
7.1 Rights Available to All Users
- Right of Access: You may request a copy of the personal information we hold about you.
- Right to Correction: You may request that we correct inaccurate or incomplete personal information.
- Right to Deletion: You may request that we delete your personal information, subject to certain exceptions (e.g., where we are required to retain data by law).
- Right to Opt Out of Marketing: You may unsubscribe from our marketing communications at any time by clicking the "unsubscribe" link in our emails or contacting us at [email protected].
7.2 Additional Rights for California Residents (CCPA/CPRA)
- Right to Know: You have the right to know the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, the business purpose for collecting it, and the categories of third parties with whom we share it.
- Right to Delete: You have the right to request deletion of personal information we have collected about you, subject to certain exceptions.
- Right to Correct: You have the right to request correction of inaccurate personal information we maintain about you.
- Right to Opt Out of Sale or Sharing: You have the right to opt out of the sale of your personal information or the sharing of your personal information for cross-context behavioral advertising purposes. To exercise this right, contact us at [email protected].
- Right to Limit Use of Sensitive Personal Information: Under the CPRA, you have the right to limit our use and disclosure of your sensitive personal information to purposes necessary to provide our services.
- Right to Data Portability: You have the right to receive a copy of your personal information in a portable, usable format where technically feasible.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge you different prices, provide a different level of service quality, or suggest that you may receive a different price or quality because you exercised your rights.
7.3 How to Submit a Privacy Rights Request
To exercise any of the rights described above, please submit a verifiable consumer request by:
- Emailing us at: [email protected]
- Subject line: "Privacy Rights Request"
We will acknowledge your request within 10 business days and respond fully within 45 days of receipt. If we require additional time, we will notify you of the extension and the reason for the delay. We may need to verify your identity before processing your request. We will not require you to create an account solely to submit a request.
You may also designate an authorized agent to submit a request on your behalf. We will require written authorization and may take steps to verify the agent's authority.
8. Cookie Policy
Our website at scafe-rio.click uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, personalize content, and serve targeted advertisements. This section provides an overview of our cookie practices.
8.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website. They allow the website to remember your actions and preferences over time. Similar technologies include web beacons, pixel tags, localStorage, and session storage.
8.2 Types of Cookies We Use
| Cookie Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Essential for website functionality, including login sessions, shopping cart, and order processing | Session / Short-term |
| Performance & Analytics | Collect data on how visitors use our site (e.g., Google Analytics) to improve performance | Up to 26 months |
| Functional | Remember your preferences (e.g., language, location, favorite orders) | Up to 12 months |
| Marketing & Advertising | Track browsing habits to deliver personalized ads on other platforms | Up to 24 months |
8.3 Managing Your Cookie Preferences
You can control and manage cookies in several ways. Most web browsers allow you to refuse cookies or to delete cookies that have already been set. However, please note that disabling certain cookies may affect the functionality of our website and your ability to place orders online. You can manage your preferences through your browser settings or through our cookie consent tool available on the website.
For more information about cookies and how to manage them, visit www.allaboutcookies.org.
9. Children's Privacy
Our website and services are intended for use by adults aged 18 years and older. We do not knowingly collect, use, or disclose personal information from individuals under the age of 18. Our website is not directed at children.
If you are a parent or guardian and believe that your child under the age of 18 has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take prompt steps to delete such information from our records.
We comply with the Children's Online Privacy Protection Act (COPPA), which imposes certain requirements on operators of websites and online services directed to children under 13. In the event we discover we have inadvertently collected information from a child under 13, we will delete it as quickly as possible.
10. International Data Transfers
Cafe Rio is based in the United States, and the personal information we collect is primarily processed and stored on servers located within the United States. If you are accessing our website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.
If we transfer personal data outside of the United States in connection with our service providers or business operations, we take appropriate safeguards to ensure that such transfers comply with applicable law, including entering into standard contractual clauses or other legally recognized transfer mechanisms where required.
By using our website and services, you consent to the transfer of your personal information to the United States as described in this Privacy Policy.
11. Do Not Track Signals
Some browsers offer a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activities tracked. Currently, there is no universally accepted standard for how websites should respond to DNT signals. As such, our website does not currently respond to browser DNT signals. However, you can use the cookie management tools described in Section 8 to limit tracking on our website.
California residents may also exercise rights under the California Shine the Light Law (California Civil Code Section 1798.83) to request information about whether we disclose personal information to third parties for their direct marketing purposes. We do not share personal information with third parties for their own independent direct marketing purposes without your consent.
12. Third-Party Links and Services
Our website may contain links to third-party websites, applications, or services that are not owned or controlled by Cafe Rio. These include delivery partner platforms, social media networks, and payment processing services. We are not responsible for the privacy practices of these third-party services and encourage you to review their privacy policies before providing any personal information.
This Privacy Policy applies solely to information collected by Cafe Rio through our website and services at scafe-rio.click and does not cover any third-party data collection.
13. How to File a Complaint
If you believe that we have violated your privacy rights or this Privacy Policy, we encourage you to first contact us directly so we can attempt to resolve your concern:
- Email: [email protected]
- Subject Line: "Privacy Complaint"
We will acknowledge your complaint within 10 business days and work with you to address your concern as quickly as possible.
13.1 Filing a Complaint with a Regulatory Authority
If you are not satisfied with our response, or if you believe we are processing your personal information in a manner that violates applicable law, you have the right to file a complaint with the relevant data protection or consumer protection authority in your jurisdiction:
- Federal Trade Commission (FTC): The FTC enforces federal consumer protection laws, including privacy-related requirements. You can file a complaint at www.ftc.gov/complaint or by calling 1-877-FTC-HELP (1-877-382-4357).
- California Residents — California Privacy Protection Agency (CPPA): If you are a California resident and believe your CCPA/CPRA rights have been violated, you may file a complaint with the California Privacy Protection Agency at cppa.ca.gov.
- California Attorney General: You may also contact the California Office of the Attorney General at oag.ca.gov/privacy.
- State Attorneys General: Residents of other states may contact their respective state attorney general's office for consumer protection and privacy-related complaints.
14. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, services, legal requirements, or business operations. When we make material changes, we will notify you by:
- Posting the revised Privacy Policy on our website with an updated "Last Updated" date at the top of this page
- Sending an email notification to registered account holders where feasible
- Displaying a prominent notice on our website homepage
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. Your continued use of our website and services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.
15. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to reach out to us:
We are committed to working with you to resolve any privacy concerns in a fair, transparent, and timely manner. We aim to respond to all privacy-related inquiries within 30 calendar days of receipt.
This Privacy Policy was last reviewed and updated on April 8, 2026. Cafe Rio reserves all rights not expressly granted herein. This document constitutes the complete and binding privacy notice for Cafe Rio's website and online services at scafe-rio.click.