Privacy Policy

Effective Date: June 24, 2026 | Last Updated: June 24, 2026

Welcome to Dion's Cafe. This Privacy Policy explains how Dion's Cafe ("Dion's," "we," "us," or "our") collects, uses, discloses, and safeguards your personal information when you visit our website at dionscafe.rest, place an order, make a reservation, or otherwise interact with our services. We are committed to protecting your privacy and handling your data in an open and transparent manner.

By accessing or using our website, placing an order, subscribing to our communications, or otherwise engaging with us, you acknowledge that you have read, understood, and agree to the practices described in this Privacy Policy. If you do not agree with the terms of this policy, please discontinue use of our services.

This Privacy Policy is governed by applicable United States federal and state privacy laws, including but not limited to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), the Federal Trade Commission Act (FTC Act), and other relevant consumer protection regulations.

1. About Us

Dion's Cafe is a food service business operating in the United States. Our contact details for all privacy-related inquiries are as follows:

Business Name	Dion's Cafe
Website	dionscafe.rest
Email Address	[email protected]

For all privacy-related requests, questions, or concerns, please contact us using the details provided above. We will respond to your inquiry within a reasonable timeframe, and in any case within the period required by applicable law.

2. Scope of This Privacy Policy

This Privacy Policy applies to all personal information collected through:

Our website located at dionscafe.rest
Online ordering systems and reservation platforms we use
Email, telephone, or written communications with our team
In-person interactions at our cafe locations
Loyalty programs, promotional campaigns, or contests we operate
Social media pages and platforms where we are active
Third-party services integrated with our website (such as delivery platforms)

This policy does not apply to the practices of third-party websites, applications, or services that may be linked from our website. We encourage you to review the privacy policies of any third-party services you visit.

3. Information We Collect

We collect various types of information in connection with your interactions with Dion's Cafe. The categories of personal information we may collect include:

3.1 Personal Identification Information

When you create an account, place an order, make a reservation, or contact us, we may collect:

Full name
Email address
Telephone number
Mailing or delivery address
Date of birth (for age verification or birthday promotions)
Username and password for account access
Profile preferences (dietary restrictions, favorite orders)

3.2 Payment and Financial Information

When you make a purchase through our website or in-person, we or our payment processors collect:

Credit or debit card information (processed securely through third-party payment processors)
Billing address
Transaction history and order details
Gift card or loyalty point balances

Please note that Dion's Cafe does not directly store complete payment card information. All payment processing is handled by PCI-DSS compliant third-party processors, and we only retain transaction references and summaries necessary for order fulfillment and record keeping.

3.3 Usage and Technical Data

When you visit our website, we automatically collect certain technical and usage data, including:

IP address
Browser type and version
Operating system and device type
Referring URLs and exit pages
Pages viewed, links clicked, and time spent on pages
Date and time of your visit
Search terms used on our website
Geolocation data (general location based on IP address)

3.4 Cookie and Tracking Data

We use cookies, web beacons, pixel tags, and similar tracking technologies to collect information about your browsing behavior on our website. This data helps us understand how users interact with our site and improve our services. For more detailed information, see Section 9 (Cookie Usage) of this policy.

3.5 Communications Data

When you contact us or participate in our communications, we collect:

Content of emails, messages, or letters you send us
Records of telephone calls (where legally permitted and disclosed)
Customer service inquiries and complaint records
Survey responses and feedback submissions
Social media messages and comments directed at our accounts

3.6 Marketing and Preference Data

If you subscribe to our marketing communications or loyalty programs, we collect:

Email subscription preferences
Marketing opt-in and opt-out records
Participation in promotions, contests, or events
Dining frequency and spending patterns
Food and beverage preferences

3.7 Information from Third Parties

We may receive information about you from third-party sources, including:

Food delivery platforms (such as DoorDash, Uber Eats, Grubhub) when you order through them
Social media platforms if you log in using a social media account or interact with our social content
Analytics providers and advertising partners
Business partners or promotional collaborators

4. How We Use Your Information

Dion's Cafe uses the personal information we collect for the following purposes:

4.1 Service Provision and Order Fulfillment

Processing and fulfilling your food orders and reservations
Managing your account and login credentials
Communicating order confirmations, updates, and delivery notifications
Processing payments and refunds
Providing customer support and resolving disputes
Accommodating dietary restrictions or special requests

4.2 Business Operations and Improvement

Analyzing usage trends to improve our website and menu offerings
Conducting internal research and analytics
Testing new features, products, and services
Maintaining and improving our IT systems and cybersecurity
Training staff and improving service quality
Inventory management and operational planning

4.3 Marketing and Communications

Sending promotional emails, newsletters, and special offers (with your consent or as permitted by law)
Personalizing content and recommendations based on your preferences and history
Administering loyalty programs, reward points, and member benefits
Conducting surveys and gathering feedback about your experience
Delivering targeted advertisements on our website and third-party platforms
Notifying you about upcoming events, new menu items, and seasonal promotions

4.4 Legal and Compliance Purposes

Complying with applicable federal, state, and local laws and regulations
Responding to lawful requests from government authorities or law enforcement
Enforcing our Terms of Service and other agreements
Detecting, preventing, and investigating fraud, security breaches, or illegal activity
Protecting the rights, property, and safety of Dion's Cafe, our customers, and the public
Maintaining records required by tax, food safety, or labor regulations

5. Legal Basis for Processing

We process your personal information based on one or more of the following legal grounds:

Contractual necessity: Processing is required to fulfill an order, reservation, or other agreement with you.
Consent: You have given us explicit consent to process your data for a specific purpose, such as receiving marketing emails. You may withdraw this consent at any time.
Legitimate interests: Processing is necessary for our legitimate business interests, such as improving our services and preventing fraud, provided these interests are not overridden by your privacy rights.
Legal obligation: Processing is required to comply with applicable laws and regulations.

6. Sharing Your Information with Third Parties

Dion's Cafe does not sell your personal information to third parties for monetary compensation. However, we may share your information in the following circumstances:

6.1 Service Providers and Business Partners

We work with trusted third-party companies to help us operate our business and deliver services to you. These service providers may have access to your personal information only as necessary to perform their functions and are contractually required to protect your data. Categories of service providers include:

Payment processors (e.g., Stripe, Square, PayPal)
Online ordering and point-of-sale platforms
Food delivery and logistics platforms
Email marketing and communication platforms
Website hosting and cloud infrastructure providers
Analytics and performance monitoring tools
Customer relationship management (CRM) software
Loyalty program administrators
Advertising and retargeting platforms (e.g., Google Ads, Meta Ads)

6.2 Legal Requirements and Law Enforcement

We may disclose your personal information if required to do so by law or in response to valid legal process, including:

Compliance with a subpoena, court order, or other legal obligation
Requests from government agencies, regulatory authorities, or law enforcement officials
Protection of the rights, property, or personal safety of Dion's Cafe, our users, or the public
Detection or prevention of fraudulent, harmful, or illegal activity

6.3 Business Transfers

If Dion's Cafe undergoes a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your personal information may be transferred as part of that transaction. We will notify you of any such change in ownership or control of your personal information, and the acquiring entity will be required to honor the commitments made in this Privacy Policy.

6.4 With Your Consent

We may share your personal information with third parties in other circumstances when we have obtained your explicit consent to do so.

6.5 Aggregated and De-Identified Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other business purposes.

7. Data Security

Dion's Cafe takes the security of your personal information seriously. We implement a range of technical, administrative, and physical safeguards designed to protect your data against unauthorized access, disclosure, alteration, or destruction.

7.1 Technical Safeguards

SSL/TLS encryption for all data transmitted between your browser and our website
Secure, encrypted storage of sensitive data including passwords (hashed and salted)
Firewalls, intrusion detection systems, and regular security monitoring
Access controls and authentication protocols limiting who can access personal data
Regular software updates, vulnerability scanning, and security patching
Use of PCI-DSS compliant payment processors to handle financial information

7.2 Administrative Safeguards

Privacy and security training for all employees who handle customer data
Strict data access policies on a need-to-know basis
Confidentiality agreements with employees and contractors
Regular review and updating of our privacy and security policies
Incident response procedures for data breaches

7.3 Physical Safeguards

Secure facilities and restricted access to servers and data storage systems
Secure disposal of physical records containing personal information

Important: While we implement robust security measures, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of your personal information. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and applicable regulatory authorities as required by law.

8. Your Privacy Rights

Depending on your location and applicable law, you may have certain rights with respect to your personal information. Dion's Cafe respects these rights and provides mechanisms for you to exercise them.

8.1 Rights Under California Law (CCPA/CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: You have the right to request that we disclose what personal information we have collected about you, the categories of sources, the purposes for collection, and the categories of third parties with whom it is shared.
Right to Delete: You have the right to request deletion of your personal information, subject to certain exceptions permitted by law.
Right to Correct: You have the right to request correction of inaccurate personal information we hold about you.
Right to Opt-Out of Sale or Sharing: You have the right to opt out of the sale or sharing of your personal information for cross-context behavioral advertising.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of sensitive personal information to only what is necessary to provide the services you request.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights. You will not receive inferior service, higher prices, or reduced quality as a result of exercising these rights.

8.2 General Privacy Rights (All Users)

Regardless of your location, Dion's Cafe honors the following requests to the extent reasonably practicable:

Access: Request a copy of the personal information we hold about you.
Correction: Request that we correct inaccurate or outdated personal information.
Deletion: Request that we delete your personal information, subject to legal retention obligations.
Portability: Request that we provide your personal information in a structured, commonly used, machine-readable format.
Opt-Out of Marketing: Unsubscribe from marketing communications at any time by clicking the "unsubscribe" link in our emails or contacting us directly.
Withdrawal of Consent: Withdraw previously given consent for data processing, without affecting the lawfulness of processing before withdrawal.

8.3 How to Submit a Privacy Request

To exercise any of the rights described in this section, please contact us using the following methods:

Email: [email protected]
Website: dionscafe.rest

We may need to verify your identity before processing your request to ensure the security of your personal information. We will respond to your request within 45 days, as required under the CCPA/CPRA. If additional time is needed, we will notify you within the initial 45-day period and may extend the response time by an additional 45 days.

You may designate an authorized agent to submit a request on your behalf. We may require written proof of authorization and may verify your identity directly.

9. Cookie Usage

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and support our marketing activities. Cookies are small text files placed on your device when you visit our website.

9.1 Types of Cookies We Use

Essential Cookies: Required for the basic functionality of our website, such as maintaining your session, shopping cart, and login status. These cannot be disabled without affecting your ability to use our site.
Analytics Cookies: Help us understand how visitors interact with our website by collecting anonymous usage data (e.g., Google Analytics).
Functional Cookies: Remember your preferences such as language settings, location preferences, and order history to provide a more personalized experience.
Marketing and Advertising Cookies: Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns across third-party platforms.

9.2 Managing Your Cookie Preferences

You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies or alert you when cookies are being sent. However, disabling certain cookies may affect the functionality of our website. You may also use browser extensions or opt-out tools provided by advertising networks (such as the Network Advertising Initiative opt-out page or the Digital Advertising Alliance opt-out tool) to limit interest-based advertising.

For detailed information about the specific cookies we use and how to manage them, please refer to our full Cookie Policy, which is available on our website at dionscafe.rest.

10. Data Retention

Dion's Cafe retains your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. The specific retention periods depend on the type of information and the purpose of its collection:

Category of Data	Retention Period
Account and profile information	Duration of account plus 3 years after account closure
Order and transaction records	7 years (to comply with tax and financial regulations)
Customer service communications	3 years from the date of the last interaction
Marketing preferences and opt-in records	Until you opt out, plus 3 years thereafter
Website usage and analytics data	26 months (anonymized after this period)
Cookie and tracking data	As specified in each cookie's settings (typically 1-24 months)
Legal and compliance records	As required by applicable law (typically 5-7 years)

When your personal information is no longer needed, we will securely delete, anonymize, or de-identify it in accordance with our data disposal procedures. In some cases, we may be required to retain certain information for longer periods to comply with legal obligations or resolve disputes.

11. Children's Privacy

Age Requirement: Our website and online services are intended for individuals who are 18 years of age or older. We do not knowingly collect personal information from individuals under the age of 18.

Dion's Cafe does not direct its digital services, online ordering platforms, or marketing communications to children under the age of 18. If you are under 18, please do not submit any personal information through our website. If you are a parent or legal guardian and believe that your child under 18 has provided us with personal information without your consent, please contact us immediately at [email protected] so that we can take appropriate steps to delete such information.

We comply with the Children's Online Privacy Protection Act (COPPA) and do not knowingly collect, use, or disclose personal information from children under 13. If we discover that we have inadvertently collected personal information from a child under 13, we will promptly delete it from our records.

12. International Data Transfers

Dion's Cafe is a United States-based business, and your personal information is primarily stored and processed within the United States. The United States may not provide the same level of data protection as laws in other countries, including those in the European Economic Area (EEA) or the United Kingdom.

If you are accessing our services from outside the United States, please be aware that your personal information will be transferred to, stored, and processed in the United States. By using our services, you consent to this transfer. We take appropriate safeguards to ensure that any international transfers of personal data are made in compliance with applicable laws, including implementing standard contractual clauses or other lawful transfer mechanisms where required.

Our third-party service providers may also process your data in other countries. We ensure that all such providers maintain appropriate data protection standards through contractual obligations and due diligence processes.

13. Third-Party Links and Services

Our website may contain links to third-party websites, applications, and services, including social media platforms, delivery apps, and partner businesses. These third-party services operate under their own privacy policies, and Dion's Cafe is not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing them with your personal information.

Specifically, our website may integrate with services such as Google Maps, social media sharing buttons, and third-party review platforms. Each of these services collects information according to their own terms and policies.

14. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature that signals your preference not to be tracked across websites. Currently, our website does not respond to DNT signals because there is no uniform industry standard for how to interpret these signals. However, you can manage your preferences through our cookie settings and by opting out of specific tracking as described in Section 9 of this policy.

Under the California Privacy Rights Act (CPRA), California residents have the right to opt out of the sharing of their personal information for cross-context behavioral advertising. To exercise this right, please contact us at [email protected].

15. Marketing Communications

With your permission or where permitted by applicable law, Dion's Cafe may contact you with promotional content, special offers, new menu announcements, seasonal campaigns, and information about our loyalty program. You can opt out of marketing communications at any time by:

Clicking the "unsubscribe" or "opt-out" link included in every marketing email we send
Contacting us directly at [email protected] with the subject line "Unsubscribe"
Updating your communication preferences through your online account settings
Texting "STOP" to any SMS marketing messages you receive from us

Please note that even if you opt out of marketing communications, we may still send you transactional or service-related messages necessary for the fulfillment of your orders, account management, and legal compliance. Opt-out requests may take up to 10 business days to be fully processed across all systems.

16. How to File a Complaint

If you believe that Dion's Cafe has handled your personal information in a manner inconsistent with this Privacy Policy or applicable law, we encourage you to contact us first so that we can address your concerns promptly.

16.1 Internal Complaint Process

To submit a privacy complaint to Dion's Cafe directly:

Contact us by email at [email protected] with the subject line "Privacy Complaint."
Describe the nature of your complaint and the specific concern you have about how your data was handled.
Include your name, contact information, and any relevant details or documentation.
We will acknowledge your complaint within 5 business days and provide a substantive response within 30 days.

16.2 Filing a Complaint with Regulatory Authorities

If you are not satisfied with our response or believe we are processing your personal information in violation of applicable law, you have the right to file a complaint with the relevant data protection or consumer protection authority:

For California Residents:

California Privacy Protection Agency (CPPA)
Website: cppa.ca.gov
The CPPA is the primary regulatory agency responsible for enforcing the CCPA/CPRA.
California Attorney General's Office
Website: oag.ca.gov/privacy
You may also file a complaint related to privacy violations with the California Attorney General.

For All U.S. Residents:

Federal Trade Commission (FTC)
Website: ftc.gov
The FTC enforces federal consumer protection and privacy laws. You may report unfair or deceptive privacy practices through the FTC's online complaint portal at reportfraud.ftc.gov.

17. Changes to This Privacy Policy

Dion's Cafe reserves the right to update, modify, or replace this Privacy Policy at any time to reflect changes in our practices, applicable laws, or business operations. When we make material changes to this policy, we will:

Update the "Last Updated" date at the top of this page
Post a prominent notice on our website informing users of the change
Send an email notification to registered users if the changes are significant

Your continued use of our website and services after the revised policy is posted constitutes your acceptance of the updated terms. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. If you do not agree to the updated policy, please discontinue use of our services and contact us to close your account.

18. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please do not hesitate to reach out to us. We are committed to addressing your privacy concerns in a timely and transparent manner.

Business Name	Dion's Cafe
Website	dionscafe.rest
Email	[email protected]
Privacy Inquiries	Please use the subject line "Privacy Inquiry" when emailing us about data protection matters

We aim to respond to all privacy-related inquiries within 5 business days. For requests requiring verification or more complex investigation, we will notify you of the expected timeline and keep you informed of progress.

Note: This Privacy Policy was last reviewed and updated on June 24, 2026. Dion's Cafe is committed to maintaining transparency about our data practices and will continue to update this policy as needed to reflect changes in law and our business.