If I were going to suggest how to do this... I would also use ACL's, but I would instead use a control group (rather than users) on who could access the folder. If in the future you decide to give others access to this folder (or revoke access to this folder) it is as easy as adding/removing them from the control group
Create your folder with default settings in the webUI
In the webUI, click on Groups under User Management
Create a custom group name, and then make sure the user you want access to that folder, is the only one in that group.. Example below, I created a group called "control" and then made sure my user "ken0201" was the only one in that group.
Now go to Storage/Shared Folders
Click on the folder you want to restrict access to and click the ACL button
At the top, all of the buttons should not be highlighted.
At the bottom.
owner: root read/write/execute
groups: control (or whatever you name yours) read/write/execute
others: none
Check the recursive and replace boxes at the very bottom
It should look something like this.
Save
Now users you create and put in the "control" group, will have access to that folder. Anyone else will have permission denied.