Privacy Policy

Your privacy is important to us. Learn how we protect your information.

Last Updated: March 4, 2026

1. Introduction

At Cafe Rio, we are committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website, order food, or use our services.

This policy applies to all services provided by Cafe Rio, including our website at rios-cafe.top, mobile applications, and in-restaurant services. By using our services, you agree to the collection and use of information in accordance with this policy.

Important Note: We never sell your personal data to third parties. Your trust is paramount to our business, and we are committed to maintaining the highest standards of data protection.

2. Information We Collect

2.1 Information You Provide to Us

  • Personal Identification: Name, email address, phone number, delivery address, billing address
  • Account Information: Username, password, order history, purchase preferences
  • Payment Information: Credit card details, billing information (encrypted and securely stored)
  • Food Preferences: Order history, dietary preferences, allergen information, special dietary requirements (vegan, halal, kosher, gluten-free)
  • Loyalty Program Data: Rewards points, membership status, earned benefits
  • Reservation Information: Table bookings, party size, special requests
  • Catering Details: Event information, guest count, menu selections, delivery instructions
  • Communication: Contact form submissions, customer reviews, feedback, support inquiries
  • Marketing Preferences: Email subscription status, promotional preferences

2.2 Automatically Collected Information

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, time spent on site, click patterns, search queries
  • Location Data: Approximate location based on IP address, GPS location (if permitted)
  • Cookie Data: Session IDs, user preferences, analytics data, shopping cart contents
  • Performance Data: Page load times, error reports, technical diagnostics

2.3 Information from Third Parties

  • Social Media: Profile information if you connect social media accounts
  • Payment Processors: Transaction confirmations, fraud prevention data
  • Delivery Partners: Delivery status updates, driver information
  • Marketing Partners: Campaign performance data, advertising metrics

3. How We Use Your Information

3.1 Service Provision

  • Processing and fulfilling food orders
  • Managing delivery and pickup services
  • Providing customer support and assistance
  • Account management and authentication
  • Processing payments securely
  • Managing table reservations and catering events
  • Administering loyalty programs and rewards
  • Quality improvement and service optimization

3.2 Communication

  • Order confirmations and status updates
  • Delivery notifications and tracking information
  • Customer support responses
  • Important service notices and policy changes
  • Marketing emails and promotional offers (with your consent)
  • Loyalty program updates and rewards notifications

3.3 Marketing and Analytics

  • Personalized advertising and recommendations
  • Website traffic analysis and usage patterns
  • Marketing campaign effectiveness measurement
  • Market research for new menu items and services
  • Customer behavior analysis for service improvement

3.4 Legal Compliance

  • Responding to legal requests and court orders
  • Fraud prevention and security monitoring
  • Protecting our rights, property, and safety
  • Dispute resolution and investigation
  • Compliance with applicable laws and regulations

4. Information Sharing and Disclosure

4.1 Service Providers

  • Payment Processors: Stripe, PayPal for secure payment processing
  • Delivery Companies: Third-party delivery services for order fulfillment
  • Cloud Storage Providers: AWS, Google Cloud for secure data storage
  • Email Marketing Services: Mailchimp for newsletter campaigns
  • Analytics Tools: Google Analytics for usage analysis
  • Customer Support: Zendesk for ticket management

4.2 Legal Requirements

  • Court orders and legal subpoenas
  • Government agency requests
  • Legal compliance obligations
  • Protection of rights and property
  • Public safety and emergency situations

4.3 Business Transfers

  • Mergers, acquisitions, or asset sales
  • Customer notification before any transfer
  • New owner compliance with this privacy policy
  • Your rights remain protected during transitions

4.4 With Your Consent

  • Any other sharing requires your explicit consent
  • Clear notification before sharing
  • Right to withdraw consent at any time

5. Data Security

5.1 Technical Measures

  • Encryption: SSL/TLS encryption for all data transmission
  • Firewall Systems: Advanced firewall protection against cyber threats
  • Access Control: Restricted access on a need-to-know basis
  • Monitoring: 24/7 security monitoring and threat detection
  • Data Backups: Regular automated backups with encryption
  • Vulnerability Testing: Regular security assessments and penetration testing

5.2 Organizational Measures

  • Comprehensive employee security training programs
  • Strict personal data handling procedures
  • Confidentiality agreements with all third-party vendors
  • Incident response plan for security breaches
  • Regular security audits and compliance reviews
  • Data minimization and retention policies

5.3 Your Security Responsibilities

  • Use strong, unique passwords for your account
  • Never share your login credentials with others
  • Log out when using public computers
  • Be cautious of suspicious emails or links
  • Report any unauthorized account access immediately
  • Keep your contact information updated

Security Breach Notification: In the unlikely event of a security breach affecting your personal data, we will promptly notify you and relevant authorities within 72 hours as required by law.

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience and analyze our services:

Cookie Type Purpose Duration
Essential Cookies Basic site functions, login state, shopping cart Session
Functional Cookies User preferences, language settings, location Up to 1 year
Analytics Cookies Usage analysis and website improvement Up to 2 years
Marketing Cookies Personalized advertising and recommendations Up to 1 year

Tracking Technologies Used:

  • Google Analytics: Website traffic analysis and user behavior
  • Facebook Pixel: Advertising effectiveness measurement
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Browser-based data storage for preferences
  • Session Storage: Temporary data for current browsing session

Cookie Management: You can manage cookies through your browser settings to accept, reject, or delete cookies. Please note that disabling certain cookies may affect website functionality and your user experience.

7. Your Rights (GDPR/CCPA Compliance)

Your Privacy Rights Include:

  • Right of Access: Request to view all personal data we hold about you
  • Right to Rectification: Correct any inaccurate or incomplete personal data
  • Right to Erasure (Right to be Forgotten): Request deletion of your personal data
  • Right to Restrict Processing: Limit how we use your personal data
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing, especially for marketing purposes
  • Right Against Automated Decision-Making: Opt out of automated profiling

How to Exercise Your Rights: Contact us using the information provided in Section 13. We will respond to your request within 30 days and may require identity verification to protect your privacy.

8. Children's Privacy

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately.

If we discover that we have collected personal information from a child under 16, we will promptly delete such information from our systems and notify the parents or guardians if required by law.

Parents and guardians are encouraged to monitor their children's internet usage and help enforce this privacy policy by instructing their children never to provide personal information through our services without permission.

9. International Data Transfers

9.1 Protection Measures

  • EU-Japan adequacy decisions for secure transfers
  • Standard Contractual Clauses (SCC) with international partners
  • Comprehensive data processing agreements
  • Appropriate security measures in all jurisdictions
  • Regular compliance audits and assessments

9.2 Transfer Destinations

  • United States: Cloud storage and data processing services
  • European Union: Data analytics and marketing services
  • Other Countries: As needed for service provision with appropriate safeguards

10. Data Retention Periods

Information Type Retention Period Reason
Account Information 6 months after account deletion Legal obligations, dispute resolution
Order History 7 years Tax and accounting requirements
Marketing Consent 3 months after withdrawal Consent record keeping
Website Usage Logs Up to 2 years Security monitoring, analytics
Customer Support Records 3 years Service quality improvement
Payment Information As required by payment processors Fraud prevention, chargebacks

Safe Data Disposal

  • Complete electronic deletion using industry-standard methods
  • Physical document shredding for paper records
  • Secure deletion of backup data copies
  • Maintenance of disposal records for compliance

11. Third-Party Links

Our website may contain links to external websites operated by third parties. We are not responsible for the privacy practices or content of these third-party websites.

We encourage you to review the privacy policies of any third-party websites before providing personal information. Your interactions with third-party websites are governed by their respective privacy policies, not this one.

We cannot control or be held responsible for third parties' privacy practices, and we encourage you to exercise caution when leaving our website.

12. Policy Changes

12.1 Change Notification

  • Prominent notice on our website homepage
  • Email notification to all registered users
  • Pop-up notification upon next login
  • Explicit consent required for significant changes

12.2 Staying Informed

  • The latest version is always available on our website
  • Check the "Last Updated" date at the top of this policy
  • Continued use of our services constitutes acceptance of changes
  • You may discontinue using our services if you disagree with changes

13. Contact Information

Get in Touch

Company: Cafe Rio

Address: 6640 Washington St, Yountville, CA 94599, USA

Phone: +1 707-944-2380

Email: [email protected]

Business Hours: Monday - Friday: 9:00 AM - 6:00 PM PST

Response Commitment: We will respond to all privacy-related inquiries within 3 business days.

13.1 Filing Complaints

If you have concerns about our privacy practices, please contact us first for resolution. If you remain unsatisfied, you may contact your local data protection supervisory authority.

14. Withdrawal of Consent

14.1 Marketing Consent Withdrawal

  • Click the "unsubscribe" link in any marketing email
  • Update preferences in your account settings
  • Contact our customer support team directly
  • Send an email to [email protected] with "Unsubscribe" in the subject

14.2 Account Deletion Process

  1. Log into your account and go to Settings
  2. Click "Delete Account" and confirm your decision
  3. Or contact customer support to request account deletion
  4. Note: Some data may be retained for legal compliance purposes

15. Conclusion

At Cafe Rio, protecting your privacy is not just a legal requirement—it's fundamental to our relationship with you. We are committed to maintaining the highest standards of data protection and transparency in all our practices.

Building and maintaining your trust is essential to our business. We will continue to evolve our privacy practices to meet the highest standards and protect your personal information as technology and regulations develop.

If you have any questions about this Privacy Policy or our data practices, please don't hesitate to contact us. We're here to help and ensure you feel confident about how your information is handled.

Thank you for choosing Cafe Rio. We appreciate your trust and look forward to serving you with the highest levels of service and privacy protection.

Please remember to check this page periodically for updates to our Privacy Policy. The "Last Updated" date at the top of this document indicates when the most recent changes were made.