Privacy Policy

Protecting your privacy is our commitment

Last Updated: January 15, 2026

1. Introduction

Welcome to Cafe Rio's Privacy Policy. At Cafe Rio, we are committed to protecting your privacy and ensuring the security of your personal information. This comprehensive policy explains how we collect, use, share, and protect your data when you visit our website, place orders, or use our food services.

This policy applies to all interactions with Cafe Rio, including our website (rios-cafe.rest), mobile applications, in-store visits, online orders, delivery services, and catering events. By using our services, you agree to the terms outlined in this privacy policy.

Our Promise: We never sell your personal data to third parties. Your trust is fundamental to our business, and we are committed to maintaining the highest standards of data protection.

2. Information We Collect

2.1 Information You Provide

  • Personal Identification: Name, email address, phone number, delivery address, billing address
  • Account Information: Username, password, order history, payment preferences
  • Food Service Specific Data:
    • Dietary preferences and restrictions (vegan, vegetarian, gluten-free)
    • Allergen information you provide
    • Special dietary requirements (halal, kosher, organic preferences)
    • Favorite orders and meal customizations
    • Table reservation information and seating preferences
    • Catering event details and guest counts
    • Loyalty program participation and rewards data
  • Payment Information: Credit card details (encrypted and stored securely), billing addresses, payment history
  • Communication Data: Contact form submissions, reviews, feedback, customer support inquiries
  • Marketing Preferences: Email subscription choices, promotional preferences, communication frequency settings

2.2 Automatically Collected Information

  • Device Information: IP address, browser type and version, operating system, device identifiers
  • Usage Data: Pages visited, time spent on site, click patterns, search queries, menu items viewed
  • Location Data: Approximate location from IP address, precise location for delivery (with permission)
  • Cookie Data: Session IDs, user preferences, shopping cart contents, analytics data
  • Order Tracking: Delivery status, preparation times, driver location (for delivery orders)

2.3 Information from Third Parties

  • Social Media: Profile information when you connect social accounts
  • Payment Processors: Transaction confirmations and payment status
  • Delivery Partners: Delivery confirmations and tracking information
  • Marketing Partners: Campaign performance data and audience insights
  • Review Platforms: Public reviews and ratings you post about our services

3. How We Use Your Information

3.1 Service Provision

  • Processing and fulfilling food orders and catering requests
  • Coordinating delivery and pickup services
  • Managing table reservations and seating arrangements
  • Providing customer support and resolving issues
  • Maintaining your account and order history
  • Ensuring food safety through allergen tracking
  • Customizing meals according to dietary preferences
  • Managing loyalty program benefits and rewards

3.2 Communication

  • Order confirmations and status updates
  • Delivery notifications and tracking information
  • Customer support responses and follow-ups
  • Important policy changes and service updates
  • Marketing emails and promotional offers (with your consent)
  • Loyalty program updates and reward notifications
  • Event and catering coordination communications

3.3 Marketing and Analytics

  • Personalizing menu recommendations based on preferences
  • Analyzing website traffic and user behavior patterns
  • Measuring marketing campaign effectiveness
  • Conducting market research for new menu items
  • Improving service quality and customer experience
  • Targeted advertising on social media platforms

3.4 Legal Compliance

  • Responding to legal requests and court orders
  • Fraud prevention and detection
  • Protecting our rights, property, and safety
  • Compliance with food safety regulations
  • Dispute resolution and legal proceedings
  • Age verification for certain products

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who help us deliver our services:

  • Payment Processors: Secure credit card processing and transaction management
  • Delivery Companies: Order fulfillment, tracking, and delivery services
  • Cloud Storage Providers: Secure data storage and backup services
  • Email Marketing Services: Newsletter and promotional campaign management
  • Analytics Tools: Website usage analysis and performance monitoring
  • Customer Support Platforms: Helpdesk and communication management
  • Food Safety Services: Allergen tracking and compliance verification

4.2 Legal Requirements

We may disclose your information when required by law:

  • Court orders, subpoenas, and legal process
  • Compliance with applicable laws and regulations
  • Protection of our rights, property, and safety
  • Public safety emergencies and health authorities
  • Investigation of fraud or illegal activities

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets:

  • Customer data may be transferred to the new owner
  • We will notify you before any transfer occurs
  • New owner must comply with this privacy policy
  • You will have the option to delete your account before transfer

4.4 With Your Consent

We may share information for other purposes with your explicit consent, such as:

  • Participating in joint marketing campaigns
  • Sharing testimonials and reviews (with permission)
  • Integration with third-party apps and services

5. Data Security

5.1 Technical Measures

  • Encryption: SSL/TLS encryption for all data transmission and sensitive data storage
  • Firewall Protection: Advanced firewall systems and intrusion detection
  • Access Control: Multi-factor authentication and role-based access for employees
  • Monitoring: 24/7 security monitoring and automated threat detection
  • Data Backup: Regular encrypted backups stored in secure, geographically distributed locations
  • Vulnerability Testing: Regular security audits and penetration testing

5.2 Organizational Measures

  • Employee Training: Regular security awareness training for all staff
  • Data Handling Procedures: Strict protocols for accessing and processing personal data
  • Confidentiality Agreements: All employees and contractors sign data protection agreements
  • Incident Response: Comprehensive security breach response plan
  • Compliance Audits: Regular third-party security assessments and certifications
  • Data Minimization: We collect only necessary data and delete it when no longer needed

5.3 Your Security Responsibilities

  • Create strong, unique passwords for your account
  • Never share your login credentials with others
  • Log out of your account when using public computers
  • Be cautious of phishing emails and suspicious links
  • Report any unauthorized account access immediately
  • Keep your contact information updated for security notifications

Security Breach Notification: In the unlikely event of a data breach that affects your personal information, we will notify you and relevant authorities within 72 hours of discovery, as required by applicable laws.

6. Cookies and Tracking Technologies

We use various tracking technologies to enhance your experience on our website and mobile applications. Below is a detailed breakdown of how we use these technologies:

Cookie Type Purpose Duration
Essential Cookies Basic site functionality, login state, shopping cart persistence, security features Session (deleted when browser closes)
Functional Cookies User preferences, language settings, location for delivery, dietary preferences Up to 1 year
Analytics Cookies Website usage analysis, performance improvement, popular menu items tracking Up to 2 years
Marketing Cookies Personalized advertising, retargeting campaigns, social media integration Up to 1 year

Tracking Technologies Used

  • Google Analytics: Traffic analysis, user behavior tracking, and conversion measurement
  • Facebook Pixel: Advertising effectiveness measurement and custom audience creation
  • Web Beacons: Email open rates and engagement tracking
  • Local Storage: Storing user preferences and temporary data in your browser
  • Session Storage: Maintaining your shopping cart and session state

Cookie Management

You can control cookies through your browser settings. Most browsers allow you to:

  • View and delete existing cookies
  • Block all or specific types of cookies
  • Set preferences for future cookie handling
  • Receive notifications when cookies are set

Note: Disabling essential cookies may affect website functionality, including the ability to place orders, save preferences, or maintain your login session.

7. Your Rights (GDPR/CCPA Compliance)

Under applicable privacy laws (GDPR, CCPA, and others), you have the following rights regarding your personal information:

7.1 Right of Access

You have the right to request and receive information about the personal data we hold about you, including:

  • What personal data we collect and process
  • The purposes for which we use your data
  • Categories of third parties with whom we share your data
  • How long we retain your information

7.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data, including:

  • Updating your contact information
  • Correcting dietary preferences or allergen information
  • Modifying delivery addresses or payment details

7.3 Right to Erasure (Right to be Forgotten)

You may request deletion of your personal data when:

  • The data is no longer necessary for its original purpose
  • You withdraw consent and there's no other legal basis
  • You object to processing and there are no overriding legitimate grounds

7.4 Right to Restrict Processing

You can request limitation of how we process your data in certain circumstances.

7.5 Right to Data Portability

You have the right to receive your personal data in a machine-readable format and transfer it to another service provider.

7.6 Right to Object

You can object to processing of your personal data, especially for marketing purposes.

7.7 Right Against Automated Decision-Making

You have the right not to be subject to decisions based solely on automated processing, including profiling.

How to Exercise Your Rights: Contact us using the information in Section 13. We will respond to your request within 30 days. You may also contact our Data Protection Officer directly for privacy-related concerns.

8. Children's Privacy

Cafe Rio is committed to protecting the privacy of children. Our services are not intended for individuals under the age of 16, and we do not knowingly collect personal information from children without parental consent.

  • We do not target our marketing to children under 16
  • We do not knowingly collect personal information from children
  • If we discover we have collected information from a child, we will delete it immediately
  • Parents or guardians may contact us to review, modify, or delete their child's information
  • We require parental consent for children's participation in any promotional activities

If you believe we have inadvertently collected information from a child under 16, please contact us immediately at [email protected] so we can take appropriate action.

9. International Data Transfers

As a global food service business, we may transfer your personal data to countries outside your region for processing and storage. We ensure appropriate safeguards are in place for all international transfers.

9.1 Protection Measures

  • Adequacy Decisions: Transfers to countries with adequate privacy protections as determined by relevant authorities
  • Standard Contractual Clauses (SCC): Legally binding data protection agreements with service providers
  • Binding Corporate Rules: Internal data protection standards for multinational operations
  • Data Processing Agreements: Comprehensive contracts ensuring data protection compliance
  • Regular Audits: Ongoing monitoring of international data handling practices

9.2 Transfer Destinations

Your data may be transferred to the following regions:

  • United States: Cloud storage services and analytics platforms
  • European Union: Data processing and customer support services
  • Other Countries: As needed for delivery services and business operations, always with appropriate safeguards

10. Data Retention Periods

We retain your personal information only as long as necessary to fulfill the purposes for which it was collected or as required by law.

Information Type Retention Period Reason for Retention
Account Information 6 months after account deletion Legal obligations, dispute resolution, fraud prevention
Order and Purchase History 7 years Tax compliance, accounting requirements, warranty claims
Payment Information Until card expiration or removal Future order processing, refund processing
Marketing Consent Records 3 years after consent withdrawal Compliance documentation, consent proof
Website Usage Logs Up to 2 years Security monitoring, analytics, performance optimization
Customer Support Records 3 years Service quality improvement, training purposes
Allergen and Dietary Information Until account deletion Food safety, order accuracy, health protection

Safe Data Disposal

When retention periods expire, we ensure secure data disposal through:

  • Electronic Deletion: Complete removal making data unrecoverable
  • Physical Record Destruction: Secure shredding of paper documents
  • Backup Data Removal: Deletion from all backup systems and archives
  • Documentation: Maintaining records of disposal for compliance verification

11. Third-Party Links

Our website and mobile applications may contain links to external websites, social media platforms, and partner services. We are not responsible for the privacy practices or content of these third-party sites.

  • Third-party sites have their own privacy policies and terms of service
  • We encourage you to review their privacy practices before providing personal information
  • We do not control how third parties collect, use, or share your data
  • Links to third-party sites do not constitute our endorsement of their privacy practices
  • You are responsible for reading and understanding third-party privacy policies

Examples of third-party links you may encounter include payment processors, delivery tracking services, social media platforms, and review sites. Always verify you are on the intended website before entering personal information.

12. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We are committed to keeping you informed about any changes.

12.1 Change Notification Methods

  • Website Notice: Prominent notification on our homepage and privacy policy page
  • Email Notification: Direct email to all registered users with active accounts
  • In-App Notifications: Push notifications and in-app alerts for mobile app users
  • Account Dashboard: Notice in your account when you log in
  • Consent Requests: Explicit consent for significant changes affecting your rights

12.2 Staying Informed

  • Check the "Last Updated" date at the top of this policy
  • Review the policy periodically for changes
  • Subscribe to our newsletter for important updates
  • Contact us with questions about policy changes

Continued use of our services after policy changes constitutes acceptance of the updated terms. If you disagree with changes, you may discontinue using our services and request account deletion.

13. Contact Information

Data Protection Office

Company: Cafe Rio

Address: Ulitsa Varvarka, 6, Moskva, Russia, 109012

Phone: +7 495 531-09-50

Email: [email protected]

Privacy Email: [email protected]

Business Hours: Monday-Friday, 9:00 AM - 6:00 PM (Moscow Time)

Response Commitment: We will acknowledge your privacy-related inquiries within 3 business days and provide a complete response within 30 days as required by applicable law.

13.1 Filing Complaints

If you have concerns about our privacy practices:

  • Contact Us First: We encourage you to reach out directly so we can address your concerns
  • Supervisory Authority: You may file a complaint with your local privacy regulator if you're not satisfied with our response
  • Documentation: Keep records of your communications with us for reference

14. Withdrawal of Consent

You have the right to withdraw your consent for data processing at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

14.1 Marketing Consent Withdrawal

You can withdraw consent for marketing communications through:

  • Unsubscribe Links: Click the unsubscribe link in any marketing email
  • Account Settings: Manage preferences in your account dashboard
  • Customer Support: Contact our support team directly
  • Email Request: Send a request to [email protected]
  • Phone Request: Call our customer service line

14.2 Account Deletion Process

To completely delete your account and associated data:

  1. Log into your account and go to account settings
  2. Select "Delete Account" option
  3. Confirm your identity for security purposes
  4. Review what data will be deleted vs. retained for legal compliance
  5. Confirm deletion request
  6. Receive confirmation email within 24 hours

Note: Some information may be retained for legal compliance, fraud prevention, and dispute resolution as outlined in our retention policy.

15. Conclusion

At Cafe Rio, protecting your privacy is fundamental to our relationship with you. We are committed to maintaining the highest standards of data protection while providing you with exceptional food service experiences.

This comprehensive privacy policy reflects our dedication to transparency, security, and respect for your personal information. We understand that trust is earned through consistent actions, and we work every day to maintain your confidence in how we handle your data.

Your privacy rights are important to us, and we encourage you to reach out with any questions, concerns, or requests regarding your personal information. Our team is here to help ensure you feel confident and informed about our privacy practices.

Thank you for choosing Cafe Rio and trusting us with your personal information. We look forward to continuing to serve you while protecting your privacy every step of the way.

Remember: This privacy policy was last updated on January 15, 2026. Please check back periodically for updates, and don't hesitate to contact us with any questions about our privacy practices.