Privacy Policy

Last updated: May 12, 2026

1. Introduction

Ufondu Holdings LLC, doing business as Ufondu Kitchen (“we,” “us,” or “our”), operates the website at ufondukitchen.com and serves customers at our restaurant located at Space #326, Colonie Center Mall, 1417 Central Avenue, Albany, NY 12205. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal information when you visit our website, place orders, or interact with our services. We are committed to complying with the New York Stop Hacks and Improve Electronic Data Security Act (NY SHIELD Act) and applicable guidance from the New York Attorney General’s Office.

2. Information We Collect

We collect personal information that you voluntarily provide when you create an account, place an order, request catering, make a reservation, or contact us. This includes:

  • Identification Data: Full name, email address, phone number
  • Delivery Address: Street address, city, state, and ZIP code (when you choose delivery)
  • Payment Information: Processed securely through Stripe — we never store your full credit card number, CVV, or bank details on our servers. Stripe handles PCI-DSS compliant payment processing.
  • Order Information: Items ordered, order type (pickup, dine-in, delivery), dietary notes, and order history
  • Account Data: Login credentials (email and hashed password), Google account information if you use Google Sign-In
  • Communications: Messages sent through our contact form, catering inquiries, and reservation requests

Third-Party Service Providers

We share limited personal data with the following service providers to fulfill your orders:

  • Stripe: Processes card payments securely. Stripe’s privacy policy governs their handling of your payment data.
  • DoorDash Drive: Fulfills delivery orders. We share your name, phone number, and delivery address to facilitate delivery.
  • Mailchimp: Manages our newsletter. If you subscribe, your email is stored on Mailchimp’s platform.
  • Twilio: Sends SMS order notifications. Your phone number is transmitted to Twilio for messaging.

Mobile information/SMS opt-in data and consent will not be shared with any third parties or affiliates for marketing or promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

3. Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience, analyze site traffic, and understand user behavior:

  • Essential Cookies: Required for site functionality — authentication sessions, shopping cart persistence, and security tokens. These cannot be disabled.
  • Analytics Cookies (Google Analytics 4): We use GA4 (Measurement ID: G-VT8T2PM54L) to collect anonymized usage data including page views, menu item interactions, checkout behavior, and payment method preferences. GA4 data is used to improve our website and service offerings.

🔒 Your Opt-Out Rights

In accordance with New York Attorney General guidance on tracking transparency, you may opt out of analytics tracking at any time:

We honor “Do Not Track” (DNT) browser signals. If your browser sends a DNT header, analytics cookies will not be placed.

4. How We Use Your Information

  • To process and fulfill your orders, including payment, preparation, and delivery
  • To create and manage your account and loyalty rewards
  • To communicate order status updates via email or SMS
  • To respond to inquiries, catering requests, and reservation bookings
  • To send marketing communications (only with your explicit opt-in via newsletter signup)
  • To improve our website, menu offerings, and customer experience through anonymized analytics
  • To comply with legal obligations and protect against fraud

5. Data Security Safeguards

As required by the New York SHIELD Act (General Business Law § 899-bb), we maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of your private information. These safeguards include:

  • Administrative: Designated data security personnel, employee training on data handling, and regular risk assessments
  • Technical: Encrypted data transmission (HTTPS/TLS), bcrypt-hashed passwords, secure authentication tokens (JWT), and access controls
  • Physical: Restricted access to systems containing personal information

In the event of a data breach involving private information as defined by the NY SHIELD Act, we will notify affected individuals and the New York Attorney General, the Department of State, and the Division of State Police in accordance with statutory requirements.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes described in this policy, or as required by law. Order records are retained for accounting and tax purposes. You may request deletion of your account and associated data at any time by emailing [email protected].

7. Your Rights

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate data
  • Request deletion of your personal information
  • Opt out of marketing communications at any time
  • Opt out of analytics tracking as described above

To exercise any of these rights, contact us at [email protected] or call 518.977.3991.

8. Children’s Privacy

Our website is not directed to children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe we have inadvertently collected such information, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated “Last updated” date. We encourage you to review this policy periodically.

10. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: