Legal · GDPR

Privacy Policy

Last updated: 23/06/2026.

This Policy describes how GUSTO ("we") processes your personal data under Regulation (EU) 2016/679 (GDPR) and Portuguese Law 58/2019 of 8 August.

1. Data Controller

Ângelo Francisco Araújo da Cunha, independent professional, NIF 271 364 920, operating in Portugal. Email: angelocunha@gusto-app.com (also acting as DPO — Data Protection Officer).

2. Data Collected

  • Identification: first name, email, phone (when provided by the customer).
  • Communications: delivery address, order notes, Aurora (AI concierge) conversations.
  • Transactions: order history, payment methods used (we do NOT store card numbers — processing via Stripe/Easypay/MBWay).
  • Reservations: date, time, party size, deposit paid.
  • Technical: IP, browser, OS, cookies (see Cookie Policy).

3. Purposes and Legal Basis

  • Contract performance (Art. 6(1)(b) GDPR): processing your order, delivering your meal, managing bookings and payments.
  • Legal obligation (Art. 6(1)(c)): invoicing, accounting, tax retention (10 years — PT DL 28/2019).
  • Legitimate interest (Art. 6(1)(f)): fraud prevention, service improvement, anonymised aggregate analytics.
  • Consent (Art. 6(1)(a)): marketing communications, analytics/marketing cookies, personalised recommendation profiles.

4. Data Retention

  • Order/invoice data: 10 years (legal tax obligation).
  • Visit history for personalised recommendations: 3 years after last visit or until consent is withdrawn.
  • Promo codes: until expiry or use (max. 15 days).
  • Technical logs: 6 months.

5. Your Rights

You may exercise at any time:

  • Access (Art. 15) — export all your data as JSON at /meus-dados.
  • Rectification (Art. 16) — request correction by contacting us.
  • Erasure (Art. 17) — "right to be forgotten" at /meus-dados.
  • Portability (Art. 20) — receive your data in structured format.
  • Object (Art. 21) — object to processing based on legitimate interest.
  • Complaint — file with the Portuguese DPA (CNPD): cnpd.pt.

6. Encryption

Sensitive fields (name, address, notes) are stored encrypted at the application level using AES-128 (Fernet). All traffic uses HTTPS/TLS 1.3.

7. Sub-processors

To deliver the service we use the following processors:

  • MongoDB Atlas (EU) — database.
  • Resend (EU) — transactional email.
  • Stripe / Easypay — payment processing (PCI-DSS).
  • Anthropic / OpenAI / Google — AI models (transcription, text generation). Conversations are sent in no-training mode.

8. International Transfers

When data is processed outside the EEA (e.g. AI services), we apply the European Commission's Standard Contractual Clauses.

9. Cookies

See our Cookie Policy.

10. Changes

Any change will be published on this page. We recommend you check it periodically.