Privacy Policy

Last updated: April 29, 2026

BK Halal Grill ("we," "us," "our") respects your privacy. This page explains, in plain language, what information we collect when you use bkhalalgrill.com or order from our two Brooklyn locations, what we do with it, and the choices you have. If anything here is unclear, email us at [email protected] — a real human will reply.

The short version: we collect what we need to take your order and run a loyalty program — your name, phone, optional email, and what you bought. We never sell your data to anyone. We share it with payment and delivery partners (Stripe, DoorDash) only to the extent needed to process your order. You can ask us to delete it any time.

1. What we collect

When you place an order on our website, we collect:

Your name — so we can call out your order
Your phone number — so we can reach you if there's an issue and to identify you in our loyalty program
Your email — only if you choose to provide it
Delivery address — only if you order delivery
The items you ordered, special instructions, and your order total
Loyalty points balance and history if you use our rewards program

For payment, your card details go directly to Stripe, our payment processor. We never see, store, or have access to your full card number, expiration date, or CVC.

We also automatically log basic technical info when you use our site:

Your IP address (used briefly for rate-limiting and fraud prevention, then discarded)
Browser type and device type (helps us debug display problems)
Pages you visited on our site (basic analytics)

2. How we use it

We use the info above to:

Take, prepare, and deliver or hand off your order
Contact you about your order if something needs clarification
Track your loyalty points and let you redeem rewards
Send you receipts (where applicable)
Run the website itself (technical operation, fraud prevention)
Improve our menu and operations based on order patterns

We will only send you marketing texts or emails if you explicitly opt in. Opting in is never required to place an order. You can unsubscribe any time.

3. Who we share it with

We share the minimum amount of your info with these third parties only to make your order work:

Stripe — processes your card payment. Stripe's privacy policy.
DoorDash Drive — for delivery orders only. They get your name, phone, and delivery address so the driver can reach you. DoorDash's privacy policy.
Cloudflare — hosts our website and stores your order data. Cloudflare's privacy policy.
Google Analytics — if enabled, helps us see how the website is used (with anonymized IPs). You can opt out of Google Analytics here.

We do not sell, rent, or trade your information to third parties for their marketing purposes. Period.

4. How long we keep it

Active orders and recent loyalty data: kept while your account is active
Completed orders: kept up to 7 years for accounting/tax records
IP addresses: discarded within a few minutes after rate-limiting checks
Marketing opt-in records: kept until you unsubscribe, plus 1 year for proof of consent

5. Your rights and choices

You have the right to:

Access the personal info we have about you
Correct any inaccurate information
Delete your data (we'll delete loyalty accounts on request; some order records must be kept for tax/legal purposes)
Opt out of any marketing communications you receive
Object to certain processing (under GDPR if you're in the EU, CCPA if you're in California)

To exercise any of these rights, email [email protected] from the email or with the phone number associated with your account. We'll respond within 30 days.

6. Children's privacy

Our website and ordering service are intended for adults (18+) and minors with parental supervision. We do not knowingly collect information from children under 13. If we discover we've collected such information, we will delete it. If you believe we have, contact us.

7. Cookies and tracking

We use a small number of cookies and similar technologies:

Essential cookies — keep your shopping cart working, your loyalty session active. Cannot be disabled or the site won't function.
Functional cookies — remember your preferences (e.g., your default location).
Analytics — Google Analytics tracks aggregate usage with anonymized IPs. You can disable in your browser settings or use the opt-out link above.

We do not use third-party advertising cookies, retargeting pixels, or behavioral tracking.

8. Data security

We take reasonable technical and organizational steps to protect your data:

HTTPS encryption on every page
API keys and secrets are encrypted at rest in Cloudflare's infrastructure
Our admin dashboard is protected by Cloudflare Access with magic-link authentication
Card data never touches our servers — Stripe handles all payment processing
We regularly audit our systems for vulnerabilities

No system is 100% secure, but we work hard to protect your data. If we ever experience a security breach affecting your data, we will notify you within 72 hours as required by New York law (NY GBL §899-aa).

9. International users

Our service is operated in the United States. If you access it from elsewhere, your information will be processed in the U.S. and may be subject to U.S. law. We follow GDPR-friendly practices for EU visitors.

10. Changes to this policy

We may update this policy as our practices evolve. The "Last updated" date at the top will reflect the change. Material changes (anything affecting your rights or how we use your data) will be announced on the website at least 30 days before taking effect.

11. Contact

BK Halal Grill 411 Utica Avenue, Brooklyn, NY 11213
619 Nostrand Avenue, Brooklyn, NY 11216
[email protected]