+1 702-904-7310 [email protected]
Mon–Fri: 9am–6pm  |  Sat: 10am–4pm

Privacy Policy

This Privacy Policy describes how Cafe Rio ("we," "us," "our," or the "Company") collects, uses, discloses, retains, and protects information about you when you visit our website at eat-caferio.click (the "Website"), use our online ordering services, interact with us on social media, or otherwise engage with our food service business. Please read this policy carefully to understand our practices regarding your personal information.

By accessing or using our Website or services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with the practices described in this policy, please do not use our Website or services.

We are committed to protecting your privacy and handling your personal information with transparency, integrity, and respect. This Privacy Policy is designed to comply with applicable United States privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other applicable federal and state privacy regulations.

1. Who We Are

Cafe Rio is a food service business operating in the United States. We provide fresh, high-quality Mexican-inspired food through our restaurant locations and online ordering platform. Our contact details are as follows:

Business Name Cafe Rio
Email Address [email protected]
Website eat-caferio.click

For all privacy-related inquiries, requests, and complaints, please contact us using the email address provided above.

2. Information We Collect

We collect various categories of personal information when you interact with us. The types of data we collect depend on how you use our Website and services.

2.1 Personal Identification Information

When you create an account, place an order, sign up for our loyalty program, subscribe to our newsletter, or otherwise engage with us, we may collect the following personal identification information:

  • Full name
  • Email address
  • Phone number
  • Mailing and billing address
  • Date of birth (for age verification and birthday promotions)
  • Username and password for your account
  • Profile picture (if voluntarily provided)

2.2 Payment and Financial Information

When you place an order or make a purchase through our Website, we collect payment-related information necessary to process your transaction. This may include:

  • Credit or debit card number (processed through secure third-party payment processors)
  • Billing address
  • Payment method type
  • Transaction history and order details

Please note that we do not directly store your full credit card number on our servers. Payment information is processed and secured through our PCI-DSS-compliant third-party payment processors.

2.3 Usage Data and Interaction Information

When you visit our Website or use our services, we automatically collect certain information about your interactions, including:

  • Pages visited, time spent on pages, and navigation paths
  • Links clicked and features used
  • Search queries entered on our Website
  • Items added to your cart or wishlist
  • Order history and food preferences
  • Date and time of your visit
  • Referring website or source through which you accessed our Website

2.4 Device and Technical Information

We automatically collect technical information about the device and connection you use to access our Website:

  • IP address
  • Browser type and version
  • Operating system and device type (desktop, mobile, tablet)
  • Device identifiers
  • Screen resolution and display settings
  • Time zone and language settings
  • Internet service provider (ISP)
  • Mobile network information (where applicable)

2.5 Location Information

With your permission, we may collect precise or approximate location information to provide you with location-based services, such as finding the nearest Cafe Rio location, enabling delivery to your address, or offering location-specific promotions. You may disable location services through your browser or device settings at any time.

2.6 Communications and Customer Support Data

When you contact our customer support team, submit feedback, or communicate with us through any channel, we collect:

  • The content of your messages and correspondence
  • Records of your communications with us
  • Information you provide when filing a complaint or dispute
  • Survey responses and feedback submissions

2.7 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your activity on our Website. For detailed information about our use of cookies and how to manage your cookie preferences, please refer to Section 8 of this Privacy Policy below.

2.8 Information from Third Parties

We may receive information about you from third-party sources, including:

  • Social media platforms (if you connect your account or interact with our social media pages)
  • Third-party delivery platforms and partners
  • Analytics and advertising partners
  • Publicly available sources
  • Referral programs and promotional partners

3. How We Use Your Information

We use the personal information we collect for the following purposes:

3.1 Service Provision and Order Fulfillment

  • Processing and fulfilling your food orders, including delivery and pickup
  • Creating and managing your account
  • Processing payments and preventing fraud
  • Providing customer support and responding to your inquiries
  • Sending order confirmations, receipts, and status updates
  • Managing our loyalty and rewards program
  • Facilitating reservations and catering orders

3.2 Analytics and Service Improvement

  • Analyzing usage patterns and trends to improve our Website and services
  • Conducting research and development to enhance our menu and food offerings
  • Monitoring and improving the performance and security of our Website
  • Understanding customer preferences and dietary habits
  • Testing new features and service improvements
  • Generating aggregated, anonymized reports and statistics

3.3 Marketing and Promotions

  • Sending you promotional emails, newsletters, and special offers (with your consent where required by law)
  • Personalizing your experience based on your preferences and order history
  • Displaying targeted advertising on our Website and third-party platforms
  • Sending you information about new menu items, seasonal specials, and events
  • Administering contests, sweepstakes, and promotional campaigns
  • Delivering birthday and anniversary promotions

You may opt out of marketing communications at any time by clicking the "unsubscribe" link in any promotional email, by logging into your account and updating your communication preferences, or by contacting us directly at [email protected].

3.4 Legal Compliance and Safety

  • Complying with applicable laws, regulations, and legal obligations
  • Responding to lawful requests from law enforcement and government authorities
  • Protecting the rights, property, and safety of Cafe Rio, our customers, and the public
  • Investigating and preventing fraud, abuse, and unauthorized access
  • Enforcing our Terms of Service and other agreements
  • Resolving disputes and administering claims

3.5 Business Operations

  • Managing our business operations, including accounting, auditing, and record-keeping
  • Evaluating or executing a merger, acquisition, reorganization, or sale of assets
  • Communicating with you about changes to our services, policies, or terms

4. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We work with trusted third-party service providers who assist us in operating our Website and delivering our services. These providers are authorized to use your personal information only as necessary to perform services on our behalf and are bound by confidentiality obligations. Our service providers include:

  • Payment processors: For secure handling of payment transactions
  • Delivery and logistics partners: For fulfilling delivery orders
  • Cloud hosting providers: For storing data and operating our technology infrastructure
  • Email and communications platforms: For sending transactional and marketing emails
  • Analytics providers: Such as Google Analytics, for analyzing Website usage
  • Advertising networks: For serving targeted advertisements
  • Customer support platforms: For managing customer inquiries
  • Loyalty program administrators: For managing rewards and promotions

4.2 Legal Requirements and Law Enforcement

We may disclose your personal information if we believe in good faith that such disclosure is necessary to:

  • Comply with a legal obligation, court order, or government request
  • Protect and defend the rights or property of Cafe Rio
  • Prevent or investigate possible wrongdoing in connection with our services
  • Protect the personal safety of users or the public
  • Protect against legal liability

4.3 Business Transfers

If Cafe Rio is involved in a merger, acquisition, asset sale, financing, or other business transaction, your personal information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our Website before your personal information becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with third parties when you have given us your explicit consent to do so, such as when you participate in a co-branded promotion or integrate a third-party service with your account.

4.5 Aggregated and Anonymized Data

We may share aggregated or anonymized information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, and other business purposes.

5. Data Security

We take the security of your personal information seriously and implement a variety of technical, administrative, and physical security measures to protect your data from unauthorized access, disclosure, alteration, and destruction.

5.1 Security Measures We Employ

  • Encryption: We use SSL/TLS encryption to protect data transmitted between your browser and our servers.
  • Access controls: We restrict access to personal information to authorized employees, contractors, and service providers who need it to perform their job functions.
  • Secure payment processing: Payment card information is processed through PCI-DSS-compliant payment processors.
  • Regular security audits: We conduct periodic reviews and testing of our security systems and practices.
  • Data minimization: We collect only the personal information necessary for the purposes described in this policy.
  • Employee training: We train our employees on data privacy and security best practices.
  • Incident response: We maintain procedures to detect, respond to, and recover from data security incidents.

5.2 Limitations

While we strive to protect your personal information, no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your data. If you believe your account has been compromised, please contact us immediately at [email protected].

In the event of a data breach that affects your personal information, we will notify you and the appropriate authorities as required by applicable law, including applicable state data breach notification laws.

6. Your Privacy Rights

Depending on your state of residence, you may have certain rights regarding your personal information. We are committed to honoring these rights in accordance with applicable law.

6.1 Rights Under the California Consumer Privacy Act (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA as amended by the CPRA:

Right Description
Right to Know You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources from which we collected it, our purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete You have the right to request deletion of personal information we have collected about you, subject to certain exceptions permitted by law.
Right to Correct You have the right to request correction of inaccurate personal information we maintain about you.
Right to Opt-Out of Sale or Sharing You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising purposes.
Right to Limit Use of Sensitive Personal Information You have the right to limit our use and disclosure of sensitive personal information to only what is necessary to provide our services.
Right to Non-Discrimination We will not discriminate against you for exercising any of your CCPA/CPRA rights. We will not deny you goods or services, charge different prices, or provide a different level of quality because you exercised your rights.
Right to Data Portability You have the right to receive your personal information in a portable, readily usable format that you can transfer to another entity.

6.2 General Privacy Rights (All Users)

Regardless of your location, we offer all users the following rights:

  • Access: Request access to the personal information we hold about you
  • Correction: Request correction of inaccurate or incomplete personal information
  • Deletion: Request deletion of your personal information, subject to legal and operational requirements
  • Opt-Out of Marketing: Opt out of receiving marketing communications at any time
  • Account Closure: Request closure of your account

6.3 How to Exercise Your Rights

To exercise any of the rights described in this section, please submit a request to us by:

  • Emailing us at [email protected] with the subject line "Privacy Rights Request"
  • Logging into your account and accessing the privacy settings dashboard

We will verify your identity before processing your request to protect your privacy and security. We may ask you to provide additional information to confirm your identity. We will respond to verified requests within 45 days as required by California law. If we need more time, we will inform you of the reason and the extension period.

You may designate an authorized agent to make a request on your behalf. We may require you to verify your own identity and confirm that the authorized agent has permission to submit the request.

7. Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The following general retention periods apply:

Data Category Retention Period
Account information Duration of account plus 3 years after closure
Order and transaction records 7 years (for tax and accounting compliance)
Payment information As required by payment processors and applicable law
Marketing preferences Until opt-out or account deletion
Customer support records 3 years after resolution of the matter
Website usage and analytics data Up to 26 months
Cookie data As specified in our Cookie Policy
Legal and compliance records As required by applicable law

After the applicable retention period expires, we will securely delete or anonymize your personal information. In some cases, we may retain anonymized or aggregated data indefinitely for research and analytics purposes.

8. Cookies and Tracking Technologies

Our Website uses cookies, web beacons, pixels, and similar tracking technologies to enhance your browsing experience, analyze Website traffic, and deliver personalized content and advertising.

8.1 Types of Cookies We Use

  • Strictly Necessary Cookies: Essential for the Website to function properly, including maintaining your session, shopping cart, and security features. These cannot be disabled.
  • Functional Cookies: Remember your preferences, such as your language settings, location, and login information to provide a personalized experience.
  • Analytics Cookies: Collect information about how visitors use our Website, including which pages are visited most often and any error messages received. We use this data to improve our Website.
  • Marketing and Advertising Cookies: Track your browsing habits across websites to deliver targeted advertisements relevant to your interests.
  • Social Media Cookies: Enable you to share content from our Website on social media platforms and may track your activity across websites.

8.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or accept cookies, delete existing cookies, and set preferences for certain websites. Please note that disabling certain cookies may affect the functionality of our Website.

For California residents, you have the right to opt out of the sale or sharing of personal information collected through cookies for cross-context behavioral advertising. You may exercise this right by adjusting your cookie preferences on our Website or by contacting us at [email protected].

We honor Global Privacy Control (GPC) signals as required under the CPRA.

9. Children's Privacy

Our Website and services are intended for users who are 18 years of age or older. We do not knowingly collect, use, or disclose personal information from children under the age of 13, and we do not direct our Website or services to children under 13.

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect personal information from children under 13 years of age. If you are under 13, please do not use our Website or provide any personal information to us.

If you are between 13 and 17 years of age, you should use our Website only under the supervision of a parent or legal guardian. We do not knowingly sell or share the personal information of minors under the age of 16 without affirmative authorization, as required by the CPRA for California residents.

If we become aware that we have inadvertently collected personal information from a child under the age of 13, we will take immediate steps to delete such information from our records. If you believe we may have collected information from a child under 13, please contact us immediately at [email protected].

10. International Data Transfers

Cafe Rio is based in the United States, and the information we collect is governed by United States law. By using our Website and services, you acknowledge and understand that your personal information may be transferred to and processed in the United States.

If you are accessing our Website from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country of residence.

When we transfer personal data internationally, we implement appropriate safeguards to ensure that your information receives an adequate level of protection, including:

  • Standard contractual clauses approved by relevant data protection authorities
  • Data processing agreements with our service providers that include appropriate data transfer mechanisms
  • Technical and organizational security measures to protect your data

We work with service providers that may have servers located in various countries. We ensure that all such transfers comply with applicable law and that appropriate protections are in place for your personal data.

11. Third-Party Links and Services

Our Website may contain links to third-party websites, applications, or services that are not operated by us. When you click on a third-party link, you will be directed to that third party's website. We strongly advise you to review the privacy policy of every website you visit.

We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services. This Privacy Policy does not apply to third-party websites or services, and we are not responsible for the privacy practices of such third parties.

Our Website may include social media features and widgets, such as the Facebook "Like" button and Twitter share buttons. These features may collect your IP address, which page you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing them.

12. FTC Act Compliance and Consumer Protection

We operate in compliance with the Federal Trade Commission Act (FTC Act) and all FTC regulations applicable to our business. The FTC Act prohibits unfair or deceptive practices in commerce, and we are committed to maintaining truthful, transparent practices in all aspects of our business, including our privacy and data handling practices.

We do not engage in deceptive data collection practices. All material terms of our data collection and use are disclosed in this Privacy Policy. If you believe that we have engaged in any unfair or deceptive practices, you may file a complaint with the Federal Trade Commission at www.ftc.gov or by calling 1-877-FTC-HELP (1-877-382-4357).

13. How to File a Complaint

If you have concerns about how we handle your personal information, we encourage you to contact us first so that we can attempt to resolve your complaint directly.

13.1 Contact Us Directly

Please send your privacy complaint to:

We will acknowledge receipt of your complaint within 5 business days and aim to resolve your complaint within 30 days. If the matter is complex, we will keep you informed of the progress of your complaint.

13.2 File a Complaint with Government Authorities

If you are not satisfied with our response or believe that your privacy rights have been violated, you have the right to file a complaint with the appropriate government authority:

  • Federal Trade Commission (FTC):
    Website: www.ftc.gov/complaint
    Phone: 1-877-FTC-HELP (1-877-382-4357)
  • California Privacy Protection Agency (CPPA) — for California residents:
    Website: cppa.ca.gov
  • California Attorney General — for California residents:
    Website: oag.ca.gov/privacy
    Phone: 1-800-952-5225
  • Your State Attorney General:
    Contact your state's attorney general office for state-specific consumer protection complaints. A directory of state attorneys general is available at www.naag.org.

14. Do Not Track Signals

Some browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want to have your online activities tracked. At this time, our Website does not respond to browser "Do Not Track" signals because there is no industry-wide standard for how to interpret and respond to these signals.

However, as noted in Section 8, we honor Global Privacy Control (GPC) signals as required under the California Privacy Rights Act (CPRA) for California residents. If you have the GPC browser extension enabled and visit our Website from California, we will treat your browser signal as a valid opt-out of the sale and sharing of your personal information.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, and other factors. When we make changes, we will update the "Last Updated" date at the top of this policy.

For material changes that significantly affect your privacy rights or how we handle your personal information, we will provide more prominent notice, which may include:

  • Sending you an email notification (if we have your email address)
  • Posting a notice on our Website's homepage
  • Displaying an in-app notification when you next access our services

Your continued use of our Website and services after the effective date of any changes to this Privacy Policy constitutes your acceptance of the updated policy. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

Previous versions of this Privacy Policy are available upon request by contacting us at [email protected].

16. Specific State Privacy Rights

In addition to California, several other states have enacted comprehensive privacy legislation that may grant you additional rights. If you are a resident of any of the following states, you may have additional privacy rights:

  • Virginia (VCDPA): The Virginia Consumer Data Protection Act grants Virginia residents rights including access, correction, deletion, portability, and the right to opt out of targeted advertising and profiling.
  • Colorado (CPA): The Colorado Privacy Act provides similar rights to Colorado residents, including the right to opt out of targeted advertising.
  • Connecticut (CTDPA): The Connecticut Data Privacy Act grants Connecticut residents similar rights regarding their personal data.
  • Utah (UCPA): The Utah Consumer Privacy Act provides certain privacy rights to Utah residents.
  • Texas (TDPSA): The Texas Data Privacy and Security Act grants Texas residents privacy rights similar to those in other state laws.

Regardless of your state of residence, we are committed to respecting your privacy and will consider all reasonable requests to access, correct, or delete your personal information. To exercise any state-specific privacy rights, please contact us at [email protected].

17. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to contact us. We are committed to addressing your concerns promptly and transparently.

We aim to respond to all privacy-related inquiries within 5 business days. For formal rights requests under the CCPA/CPRA or other state privacy laws, we will respond within the timeframes required by applicable law (generally within 45 days, with a possible extension of an additional 45 days when necessary).

When contacting us about a privacy matter, please include the following information to help us process your request efficiently:

  • Your full name and email address associated with your account
  • A description of your request or concern
  • Your state of residence (for state-specific rights requests)
  • Any relevant details about the specific information or data practice at issue