UMGOODS FZCO – Privacy Policy

Last updated:

10 September 2025

YUMGOODS FZCO (“Company”, “we”, “us”, or “our”) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and Services. It also outlines your rights regarding your personal data. This policy is an integral part of our Terms and Conditions, and by using our Services, you agree to the collection and use of information in accordance with this Privacy Policy.

Note: Our privacy practices are designed to comply with applicable data protection laws in the UAE, including the Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (the “UAE PDPL”). We also consider international best practices for privacy and electronic communications.

1. Information We Collect

We collect several types of information from and about users of our Service, including:

Personal Identification Information: This is information that can identify you as an individual. For example: your name, address, email address, phone number, date of birth. We collect these when you register an account or place an order.
Contact Data: Such as your phone number and email, which we use to communicate with you (e.g., order updates, support).
Delivery Information: The physical delivery addresses you provide for receiving meal deliveries, and details like access instructions (e.g., gate code, reception, etc.).
Account Credentials: If you register, we collect the username (or email) and password you choose. Passwords are stored in encrypted form.
Demographic and Preference Information: This includes any information you volunteer about your preferences, e.g., dietary preferences, allergies, meal plan selections, and other preferences like communication language. If we ever run surveys or ask for feedback, that information is also collected.
Payment Information: We collect transaction data when you make a purchase. This includes the date/time of purchase and amount. We do not store full credit/debit card numbers or security codes on our servers for payments; those are handled by our payment processor. We may store a payment token or card brand and last4 digits (for reference and if you opt for auto-billing) in a secure manner, but not the sensitive data itself.
Usage Data: We automatically collect certain information when you interact with our website:
- Log and Device Data: IP address, browser type, device type, operating system, referring URLs, pages viewed, and the dates/times of access.
- Cookies and Tracking: We use cookies and similar tracking technologies (like web beacons or pixels) to enhance your experience (e.g., keeping you logged in, remembering preferences) and to collect analytics on site usage. Cookies may collect information about your browsing actions and patterns. (See “Cookies and Tracking Technologies” below for more.)
Location Information: When you provide an address for delivery, that inherently gives us location info. We do not use GPS tracking on you, but we know the general area of our customers by their addresses. If you use a mobile device, we might derive approximate location from your IP or if you explicitly allow location access for features like finding nearest delivery slot (not common for our service, but mentioning for transparency).
Third-Party Data: If you log in via a social media account or link your account to other services, we might receive information from those third parties as per your settings on those services. For example, if in future we enable “Sign in with Google/Facebook”, we’d receive basic profile info from them with your consent.
Publicly Shared Content: If you tag us on social media or post public reviews, we might collect that content (especially if addressing a customer service issue or to repost testimonials, with permission).

We limit our collection to what is necessary for the purposes set out in this policy. You have the option not to provide certain information, but then you might not be able to register or use some features (for instance, we need an address to deliver meals, so that’s mandatory).

2. How We Use Your Information

We use the collected information for various legitimate business purposes, including:

To Provide Services: Primarily, we use your information to fulfill our contract with you, i.e., to process your orders and deliver your meal plan. For example, we use your delivery address to send you meals, your contact info to send order confirmations or resolve any issues. Your personal data is used to operate and provide our products and services to you.
Account Management: To maintain your account, authenticate you when you log in, and provide you with customer support. For instance, if you forget your password, we use your email or phone to verify your identity and reset it.
Communication:
- Transactional: We use your email/phone to send transactional messages: confirmations, invoices, delivery notifications, responses to inquiries, and similar service-related updates (as described in the Terms under Communications).
- Customer Support: If you contact us with questions or requests, we will use your info to respond and resolve issues. We might also record those communications for training or future reference.
- Marketing: With your consent, we use your contact information to send promotional communications (e.g., newsletters, special offers). We tailor these communications based on your preferences where possible (for example, if you indicated an interest in vegetarian plans, we might send you relevant new menu announcements). You can opt-out as detailed in the Terms and in section 5 below.
Customization and Improvements: We may use your data and usage patterns to personalize your experience. For example, remembering your previous meal plan selections or addresses to speed up checkout. Also, analyzing usage data helps us understand how customers use our website so we can improve layout, content, and features. This falls under legitimate interests to refine our Service.
Analytics: Internally, we analyze order history and website interactions to make business decisions like menu planning, identifying what features are used most, troubleshooting technical issues, etc. This analysis might be done with the help of third-party analytics tools, which use cookies to collect usage data (these tools typically provide us aggregated statistics and not personal info tied to your name).
Advertising: Currently, we do not host third-party ads on our site beyond our own content. However, we may in future use your information to form custom audiences for online advertising (e.g., using hashed email addresses to target ads on social media to our existing customers, or to exclude you from seeing signup ads because you’re already a user). Any such practices will be done in accordance with law and platform policies, and you can opt-out by adjusting your preferences or contacting us.
Logistics and Operational Purposes: We share necessary details with our delivery pertners to get the meals to you. They use your name, address, and phone to execute deliveries and may call oк WhatsApp you if needed for directions. We ensure they use this info solely for delivering your orders.
Security and Fraud Prevention: Information (especially usage and device data) may be used to protect our platform and you. For instance, we monitor login locations and times to detect suspicious account access. If an order looks fraudulent (e.g., mismatched card and user info), we may use the data to investigate or decline the transaction.
Legal Compliance: We may process your personal data to comply with legal obligations. For example, maintaining transaction records for audit/tax purposes, or responding to government requests or lawful subpoenas. Under UAE law, e-commerce providers must retain certain data and provide information to authorities upon request. We will also use data to exercise legal rights or defend legal claims if needed.
Research and Development: With appropriate safeguards, we might use aggregated and anonymized data for research purposes (for example, average age of our clientele, popular delivery areas, etc.) to improve our offerings. Such statistical data cannot identify you individually.
Business Transfers: If we undergo a business transaction like a merger, acquisition, or asset sale, your personal data might be part of the assets transferred. In such cases, we would ensure the new owner continues to respect your personal data in line with this policy or obtains your consent for any new uses.

We will not sell your personal information to third parties for their marketing independent of us. Any usage of your data is either internal, in partnership with service providers who act on our behalf, or with your consent.

3. Disclosure of Your Information

We may share your information with selected third parties in the following situations and with the following safeguards:

Within Our Organization: Your information may be accessed by our team members who need it to perform their duties (for example, our customer service team uses your profile information to assist you, our delivery coordination team uses address info). All staff are bound by confidentiality obligations.
Service Providers (Processors): We use third-party companies and individuals to support our Services – they process data on our behalf and are contractually obligated to protect it and use it only for the contracted purpose. Key examples include
- Delivery Partners: As mentioned, we give our courier or delivery service your name, address, contact number, and delivery instructions. They are obligated to use this info solely for delivering your meals and not for any marketing or other purposes.
- Payment Processors: When you make a payment, you are effectively providing your card data to our payment gateway (such as a bank or payment service). They process your payment and inform us of success/failure. They might retain your card details (tokenized) to facilitate refunds or auto-renewals. These payment providers are compliant with PCI DSS (Payment Card Industry Data Security Standard) and are not allowed to use your card info for anything except processing our charges. We share with them necessary identifiers (order number, amount, your name) to tie the payment.
- IT and Cloud Infrastructure: Our website may be hosted on cloud servers or we might use cloud storage for data. These infrastructure providers technically have access to data stored on their equipment, but we use reputable providers (e.g., AWS, Azure, etc.) with strong security. They are not allowed to access or use the data except to maintain the service.
- Analytics and Marketing Tools: We might share some data (often anonymized or aggregated) with analytics services to understand usage. We might also use email service providers (for sending out newsletters) where we give your email and name to send the email. Those providers are bound to use that info only to send communications on our behalf.
- SMS/WhatsApp Gateways: If we use a service to send bulk SMS or WhatsApp notifications, we provide your phone number and message content to that service. They are similarly obligated to only use it for sending our messages and not to retain or misuse your number.
Advertising Partners: Currently, we do not share personal data with ad networks except possibly hashed data for custom audiences as described. If in future we partner with advertising platforms, it would typically involve hashing (so they don’t see raw personal data) and only to target our own ads. We do not give your data to other companies for them to advertise their products to you.
Legal Requirements: We might disclose personal information if required to do so by UAE law or in response to valid requests by public authorities (e.g., law enforcement or government agencies). For instance, if a law enforcement agency provides the necessary documentation (like a court order), we may need to provide data to them. We will attempt to ensure any request is legally valid.
Protecting Rights: We may disclose your information to third parties if we believe it is necessary to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, situations involving potential threats to the safety of any person, or violations of our Terms & Conditions.
Business Transfers: If YUMGOODS FZCO is involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that deal. We would ensure the new entity continues to protect your data according to this Policy or notify you if any changes to handling your data will occur. You would have the opportunity to stop using the service if you do not agree with the new policies.
With Your Consent: Apart from the cases above, we will only share your personal information with third parties when we have your explicit consent to do so. For example, if we wanted to feature your testimonial on our website, we’d ask your permission to post your name or photo.

Importantly, when we share data with third parties as described, we adhere to the principle of data minimization – we give them only what they need to perform their function. For example, the delivery guy doesn’t get your email or payment info – just name, meals and address; the payment processor doesn’t get your address – just payment details, etc.

We also require any third party that processes personal data on our behalf to implement adequate security measures.

We do not sell or rent your personal data to unrelated third parties for their marketing.

4. Data Security

We implement a variety of security measures to reduce the risk of loss, misuse, unauthorized access, disclosure, or alteration of your information. However, please note that no website or Internet transmission is completely secure.

Our security practices include:

Encryption: Our website is secured via SSL (Secure Socket Layer) encryption. This means that when you enter personal information (like login credentials or payment data) on our site, that information is encrypted during transmission. Look for the “https” in our URL and the lock icon in your browser.
Payment Security: Payments are processed by PCI-compliant providers. We do not handle raw credit card data ourselves beyond the initial entry form that is securely transmitted. If we store tokens for auto-renew, those are stored securely and cannot be used to reconstruct your card details. Additionally, as per standard practice, we never store your CVV code.
Access Controls: Personal information within our organization is accessible only to those employees or contractors who require it to perform their job. Access to sensitive data is restricted and protected by authentication (passwords, two-factor where applicable). Our staff are trained on the importance of data privacy and security.
Secure Storage: We store your data on secure servers. We take precautions with both physical and cloud storage – using reputable hosting providers that employ strong security measures (firewalls, intrusion detection systems, etc.). Regular backups are performed but also stored securely.
Data Minimization: We only keep data as long as necessary (see Data Retention below). Less data held means less risk. When data is no longer needed, we dispose of it safely (e.g., securely erasing digital records).
Monitoring: We monitor our systems for potential vulnerabilities and attacks. We employ anti-malware tools and regularly update our software to patch security issues. If we detect any suspicious activity, we investigate promptly.
Third-Party Audits: Where possible, we use third-party services that have verifiable security track records. For example, our payment gateway’s systems are audited and certified. We may also periodically undergo security assessments or penetration tests on our own infrastructure to identify and fix weaknesses.
Incident Response: In the unlikely event of a data breach or security incident, we have a response plan in place. This involves identifying and containing the issue, assessing scope of impact, and notifying affected users and authorities as required by law. Under UAE PDPL, for instance, we may have to notify the Data Office and possibly users if a breach poses a serious risk. We will be transparent and work to mitigate any damage.

Despite all these measures, it’s important you also play a role in protecting your data. Choose a strong password for our site and do not share it. Be cautious of phishing attempts – we will never ask for your password via email or unsolicited communications. If using a public computer, always log out. If you suspect any account compromise, contact us immediately.

In summary, we strive to use commercially reasonable means to protect your personal data, but we cannot guarantee absolute security. You provide data at your own risk, understanding this context.

5. Your Rights and Choices

We want you to be in control of your personal data. Subject to UAE law and applicable regulations, you have certain rights regarding your data that we respect and uphold:

Access: You have the right to request a copy of the personal data we hold about you and information about how we process it. This is often called a Subject Access Request. We will provide you with the data in a reasonable timeframe (usually within 30 days) as required by law. If you have an account, much of your basic info can be seen in your profile, but you can request a full export.

Correction (Rectification): If you believe any personal information we have is incorrect or incomplete, you have the right to ask us to correct it. For instance, if you realize you misspelled your name or we have an outdated address, please let us know. Many fields you can update yourself by logging in, or we’ll assist.

Deletion (Erasure): You may ask us to delete or remove your personal data in certain circumstances. For example, if you cancel the service and want your data wiped. However, please note we might retain certain information if we have an ongoing legitimate business need or legal obligation (e.g., we cannot delete your transaction records immediately if required for financial reporting, or if there’s an unresolved issue with your account). We will inform you of what can/cannot be deleted when you request. Account deletion can be requested via contacting customer support.

Restriction: You have the right to ask us to limit processing of your data in certain scenarios – for instance, if you contest the accuracy of data or object to our processing, we’ll pause processing (aside from storage) until resolved.

Withdraw Consent: If we rely on your consent for any processing (e.g., for sending marketing emails), you can withdraw your consent at any time. The easiest way is to contact our customer support. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal. Note: If you withdraw consent for marketing, we will stop those communications, but we may still contact you for service-related matters.

Object to Processing: You have the right to object to our processing of your personal data when we are doing so on legitimate interest grounds. For example, if you object to us using your data for direct marketing or if you object to analytics processing. We will evaluate any objection and comply unless we have compelling legitimate grounds to continue or as otherwise permitted by law.

Non-Discrimination: Exercising your privacy rights will not result in any discrimination or lesser service from us. We provide equal service to all users whether or not they exercise rights (except, of course, if you ask us to delete data necessary for service, we might not be able to provide that service – but that’s a natural consequence, not discrimination).

Authorized Agents: If you want someone (e.g., an attorney or family member) to make a request on your behalf, we will need proper authorization and identification to ensure it’s a legitimate request.

Complaints: If you believe we have not complied with this Privacy Policy or your rights under applicable law, you have the right to lodge a complaint with the UAE Data Office or other relevant supervisory authority. We would, however, appreciate the chance to deal with your concerns first, so please consider reaching out to us.

To exercise any of these rights, please contact us at our email or WhatsApp provided in the Contact section. We may need to verify your identity to fulfill requests (for example, asking you to confirm from your registered email or provide identification) – this is to protect your data from unauthorized access.

We will not charge a fee to process your request unless it is manifestly unfounded or excessive (e.g., repetitive requests), in which case we may charge a reasonable fee or refuse to act on the request.

6. Cookies and Tracking Technologies

Cookies are small text files placed on your device (computer or smartphone) by websites you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the site owners. We use cookies and similar technologies for several reasons:

Essential Cookies: These are necessary for the website to function properly. For example, when you log in, we set a cookie to keep you logged in as you navigate pages. Without these, basic e-commerce functionality (like maintaining your cart or remembering your preferences) may not work.
Analytics Cookies: We use these to collect information about how users interact with our site (pages visited, time spent, any errors encountered). This helps us improve our Service and user experience. The information collected is usually aggregated and anonymous. For instance, we might see that X% of users drop off at a certain page, indicating a problem to fix.
Preference Cookies: These remember your settings and preferences, such as your language or region (though currently our site is one language-focused) or other customizations, so we can personalize your experience.
Advertising and Social Media Cookies: At present, we do not have third-party ads on our site, but if we run campaigns, these cookies might be used to deliver relevant ads to you on other sites or to measure the effectiveness of our marketing. For example, we might use a Facebook Pixel which drops a cookie, and then we can show you an ad on Facebook related to our service. Or Google Analytics Advertising features that allow remarketing. These typically track your browsing on our site and link to an advertising network. We would only use such cookies if you’ve permitted, as per applicable law (in some jurisdictions, opting in is required).

Third-Party Cookies: Some cookies are placed by third parties acting on our behalf. For example, Google Analytics sets cookies (_ga, _gid, etc.) to compile site usage reports. If we embed content from other platforms (like a YouTube video or Instagram feed), those platforms might set their own cookies. We do not have direct control over third-party cookies, but we do ensure that we only use reputable third-party services with their own privacy standards.

‍Your Choices: When you first visit our site, you might see a cookie notice or settings tool if required by applicable law. You can choose to accept or reject certain non-essential cookies. Regardless, you can always manage cookies through your browser settings:

You can typically set your browser to refuse all or some cookies, or to alert you when cookies are being sent. Each browser is different, so check the help menu of your browser to learn how to change your cookie preferences.
If you disable or refuse cookies, please note that some parts of our site might become inaccessible or not function properly (especially the essential cookies). For example, you might not be able to log in or maintain a cart.a
Preference Cookies: These remember your settings and preferences, such as your language or region (though currently our site is one language-focused) or other customizations, so we can personalize your experience.
You can also delete cookies that have already been set. However, removing or rejecting cookies might impact your user experience negatively as you might have to manually adjust preferences each time you visit our site.

Do-Not-Track Signals: Some browsers have a “Do Not Track” feature that lets you tell websites you do not want to have your online activities tracked. There is currently no uniform standard for DNT signals, and as such our site does not respond differently to DNT signals. We treat all visitors according to this policy. We will update our practices if an official standard is established in the future.

For more detailed information about our use of cookies, you can refer to our Cookies Notice (if available separately on our site). Also, services like Google Analytics offer opt-outs (Google provides a browser add-on to opt out of GA tracking). For interest-based advertising, you can opt out via tools like the Network Advertising Initiative’s consumer opt-out or the Digital Advertising Alliance’s choices page – though note this will opt you out of targeted ads from participating companies generally, not just us.

7. International Data Transfers

We are based in the UAE, and our primary operations and data storage are in the UAE. However, in today’s digital world, some of the third-party services we use might process or store data in other countries. For example:

Our email service provider might route emails through servers outside the UAE.
Our cloud hosting might have backups or servers in multiple regions (though we aim to keep primary storage in UAE or nearby when possible).
If you are using our service from outside the UAE (even though we restrict orders to UAE, someone abroad might access the site), your data obviously travels internationally to reach us.

UAE Data Export Rules: The UAE Personal Data Protection Law has rules about transferring personal data outside the UAE. Generally, transfer is allowed to countries that the UAE considers as having adequate data protection or if certain safeguards are in place, or with consent, etc. As of now, the law is new and an official list of “adequate” jurisdictions is expected. We will monitor this and ensure compliance.

Whenever we transfer your personal data out of the UAE or your country of residence, we ensure a similar degree of protection is afforded to it by implementing appropriate safeguards. These may include:
Contractual Clauses: We sign agreements with service providers that include standard data protection clauses (akin to EU’s Standard Contractual Clauses) obligating them to protect your data no matter where it’s processed.
Adequacy: If data goes to a country officially deemed as providing adequate protection (for example, if the UAE recognizes the EU/EEA or certain other countries as adequate, or vice versa if relevant), we rely on that.
Consent: In some cases, we may ask for your consent for certain transfers if they are necessary (though usually our other measures suffice).
Security Measures: We ensure encryption and other security practices are applied during transfer and storage in the foreign location.

By using our Service or providing us with your information, you consent to the transfer of your data to countries which may be outside your own, including the UAE (and potentially others) for the purposes described. We will take all steps reasonably necessary to ensure your data is treated securely and in accordance with this Privacy Policy.

If you have questions about international transfers or want more specifics about which countries your data might transit or reside in, please contact us. We aim for transparency. Generally, our key partners (hypothetical examples) might be:

Cloud host in EU or US (with proper clauses).
Email/SMS service possibly in US.
Payment gateway likely in UAE or connected to global networks.
Analytics data might go to US if using Google, etc., but usually aggregated.

We reiterate: no matter where your data is processed, we protect it per this policy and applicable law.

8. Data Retention

We will retain your personal information for as long as necessary to fulfill the purposes we collected it for, including to satisfy any legal, accounting, or reporting requirements.

Active Account Data: If you have an account or active subscription, we retain your data for as long as your account exists or as long as needed to provide you services. For example, your profile information and order history are kept to allow you to see past orders and for us to provide customer service.
Inactive Accounts: If you cease using our service or request account deletion, we will either delete or anonymize your personal data, or if that’s not immediately feasible (e.g., stored in backups), we will securely store your data and isolate it from further processing until deletion is possible. Generally, if an account has been inactive for a long period, we may also reach out to confirm if you want to maintain it.
Legally Required Retention: Certain information we may need to keep for legal obligations. For instance, UAE law might require retaining transaction records and invoices for a number of years for audit/tax purposes. Also, if a dispute arises, we might retain data through the resolution period.
Marketing Data: If you have opted into marketing communications, we retain your contact details for that purpose until you opt out. If you opt out, we may still keep your contact info on a suppression list to ensure we don’t accidentally send you marketing (this is a standard practice).
Backups: Our system likely keeps regular backups which are retained for some time. If we delete data from live systems, it may remain in encrypted backups for a period until those backups expire and are overwritten. We maintain backup retention policies balancing disaster recovery needs with data minimization.
Anonymized Data: In some cases, we may convert your personal data into statistical or aggregated form that cannot be linked back to you (anonymization). We may retain anonymized data indefinitely for research and analysis without further notice, since it no longer constitutes personal data. For example, we might keep stats like “X meals delivered in 2025” or “percentage of customers in Dubai vs Abu Dhabi,” without any personal identifiers.

When we have no ongoing legitimate need or obligation to process your personal data, we will either delete it or anonymize it. If deletion is not possible (for example, because your personal data is stored in archival systems), then we will securely store your personal data and isolate it from further use until deletion is possible.

In summary: we keep your data only as long as necessary. The exact duration varies by data type and purpose, but we apply criteria in line with legal requirements and business necessity. If you have specific questions about retention for a certain type of data, you can contact us.

9. Children’s Privacy

Our website and Services are not intended for children under 18 years of age. We do not knowingly collect personal information from anyone under 18. As stated in our Terms, minors under 18 are not allowed to register or use the service. If you are under 18, do not use or provide any information on this site or on/through any of its features, and do not place orders.

If we learn that we have inadvertently collected personal data from someone under 18, we will delete that information promptly. Parents or legal guardians: if you discover that your under-18 child has created an account or provided us personal info without your consent, please contact us and we will take steps to remove that data and (if applicable) terminate the child’s account.

We encourage parents and guardians to monitor their children’s internet usage and to help enforce our policy by instructing minors never to provide personal data on our Service.

Note: We deliver food, so conceivably a parent could order on behalf of their family including children. That’s fine, but the account holder must be an adult. Any information about family members is provided by the adult in charge and we treat it as part of the adult’s account. If you as a parent provide us data about your children, you are consenting to our processing of that information under this policy. We use it only to serve your family’s needs and will not separately use a child’s data for any marketing or other purposes.

10. Third-Party Websites and Services

Our Service may contain links to third-party websites or services that are not operated by YUMGOODS FZCO. For example:

We might link to our social media pages (Instagram, Facebook).
We might have partnerships or references (like a nutrition blog or an article) that lead to another site.
Payment is done through a gateway’s page or embedded form – that’s a trusted third party handling that transaction.
Our site might integrate Google Maps API for address autofill (just hypothetical).

This Privacy Policy applies solely to data we collect and process. If you click a third-party link or otherwise leave our site for another site/service, their privacy policy will apply, and we are not responsible for their content or practices. We encourage you to review the privacy policies of any third-party site or service you visit.

Examples of where this could matter:

If you go to our Instagram profile, any data you share or that is collected on Instagram is governed by Facebook/Instagram’s policies.
If we use YouTube to host videos and you watch them on our site, YouTube may collect certain info (views, etc.) under their policies.
Our payment processor might have its own privacy terms covering what they do with your data for fraud prevention etc., beyond our use.

We do not sell or share your personal data with third-party websites for their independent purposes, but if you interact with third parties through our Service, the information you provide to them is at your own risk and subject to whatever terms they have.

11. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other operational reasons. We will not reduce your rights under this Privacy Policy without your explicit consent. When we make a significant change, we will let you know:

Posting on Website: We will post the updated Policy on this page with a new “Last updated” date.
Notification: If changes are material, we may also provide a more prominent notice – for example, a banner on our website, or an email/WhatsApp notification. We may also prompt you to review the new policy when you log in.
Effective Date: Changes will become effective when posted unless stated otherwise. If you continue to use the Service after the effective date, it means you accept the revised Privacy Policy. If you do not agree, you should stop using the Service and can request deletion of your data

We encourage you to review this page periodically for the latest information on our privacy practices. It’s important to us that you are aware of any changes and understand how your data is handled.

For any substantial changes, we’ll also archive previous versions of this Privacy Policy (and they can be provided upon request) so you can see what’s different

12. Contact Us (Privacy Queries)

If you have any questions or concerns about this Privacy Policy or our data handling practices, or if you wish to exercise your rights regarding your personal data, please contact us:

Email: hello@themeal.menu – Please include “Privacy Inquiry” in the subject line for faster routing.
Postal Mail: YUMGOODS FZCO (Privacy Officer), IFZA Properties, Dubai Silicon Oasis, Dubai, UAE.
Telephone/WhatsApp: +971 54 459 5462 – You can reach out with questions, but for detailed data requests we may direct you to submit via email for record-keeping.

We will address your inquiry as promptly as possible, typically within 30 days or sooner for standard requests. If you are contacting to exercise a specific right, please be clear about what you need so we can assist effectively. We might need to verify your identity for certain requests (to protect your data from unauthorized access).

Thank you for trusting YUMGOODS FZCO with your meals and your personal data. We are committed to safeguarding your privacy while providing you delicious and convenient meal services!