Rysto, the platform for jobs in the restaurant industry.

Your account

Already have an account?

Log in

Companies

Post job offers.

Register as a Company

Professionals

Apply to job offers.

Register as a Professional

Privacy Policy

Find out how Rysto.com protects your personal data. Read our Privacy Policy to learn about your rights, data processing, and GDPR compliance.

Privacy Policy of Rysto.com

Last update: 12/12/2025

This notice describes how Rysto.com processes personal data, a platform that connects companies and professionals in the restaurant industry.

This notice is provided in accordance with EU Regulation 2016/679 (GDPR), Legislative Decree 196/2003 as amended by Legislative Decree 101/2018, and any other applicable data protection laws.

1. Data Controller

The Data Controller is:

Associazione Rysto
Email: info@rysto.com

2. Types of Data Processed

  • Identification data (name, surname, email, phone)
  • Professional data (CV, work experience, qualifications)
  • Company data (business name, VAT number, locations)
  • Browsing data (IP address, technical and analytics cookies, aggregated data)
  • Other data voluntarily provided by the user through the platform

3. Purpose of Processing

  • Management of user accounts (companies and professionals)
  • Publishing and responding to job offers
  • Communication between candidates and companies
  • Publication of basic professional profiles (name, profession, city, and image) in public areas of the Site to promote users and improve job matching.
  • Sending service communications
  • Technical management of the platform
  • Statistical analysis in aggregated form to improve services
  • Compliance with legal and tax obligations
  • Direct marketing (only with prior consent)

4. Legal Basis for Processing

The processing is lawful because it is based on:

  • Performance of a contract or pre-contractual measures (Art. 6, para. 1, lett. b GDPR)
  • Legal obligations (Art. 6, para. 1, lett. c GDPR)
  • User consent, where required (Art. 6, para. 1, lett. a GDPR)
  • Legitimate interest of the Controller (e.g., IT security, aggregated data analysis)

5. Processing Methods

Processing is carried out using manual and/or IT tools, respecting the principles of lawfulness, fairness, and transparency, and adopting adequate technical and organizational measures to ensure data security.

6. Data Communication and Disclosure

Data may be shared with:

  • Registered companies on the platform (for recruitment purposes)
  • Collaborators and technical providers (hosting, software, consulting)
  • Public entities or authorities when required by law

Data will not be disclosed to third parties outside the stated purposes, unless expressly authorized by the user. The publication of basic professional profile data, as described in Section 3, in publicly accessible areas of Rysto.com, is considered an integral part of the service provided to Professionals and is based on Contract Performance.

7. Data Transfer Outside the EU

Data is not normally transferred outside the European Economic Area. If so, transfers will comply with Articles 44 et seq. of the GDPR, with adequate safeguards.

8. Data Retention

Personal data will be retained:

  • For as long as the user uses the platform
  • Afterwards, for the time necessary to protect the Controller’s rights or fulfill legal obligations
  • Data for marketing purposes will be kept until consent is withdrawn

9. Data Subject Rights

Users have the right to:

  • Access their data
  • Request rectification or deletion
  • Restrict or object to processing
  • Withdraw consent at any time
  • Lodge a complaint with the Data Protection Authority

Requests can be sent to: info@rysto.com

10. Cookies

We use technical and analytics cookies to improve your browsing experience and our services. No profiling cookies are used without your consent.

11. Changes to this Notice

This notice may be subject to changes. Users will be informed via the platform or email.

This policy describes how Rysto.com, the platform that connects companies and professionals in the hospitality and restaurant sector, handles personal data.

This policy is provided pursuant to EU Regulation 2016/679 (GDPR), Legislative Decree 196/2003 as amended by Legislative Decree 101/2018, and any other applicable regulations on personal data protection.

1. Data Controller

The data controller is:

Rysto Association
Email: info@rysto.com

2. Types of Data Collected

  • Identification data (name, surname, email, phone)
  • Professional data (CV, work experience, qualifications)
  • Company data (company name, VAT number, store locations)
  • Browsing data (IP address, technical and analytics cookies, aggregated data)
  • Other data voluntarily provided by the user through the platform

3. Purpose of Data Processing

  • User account management (companies and professionals)
  • Job posting and application handling
  • Communication between candidates and companies
  • Sending service communications
  • Technical management of the platform
  • Aggregate statistical analysis to improve services
  • Compliance with legal and tax obligations
  • Direct marketing (only with prior consent)

4. Legal Basis for Processing

Processing is lawful based on:

  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
  • Legal obligations (Art. 6(1)(c) GDPR)
  • User consent, where required (Art. 6(1)(a) GDPR)
  • Legitimate interests of the Data Controller (e.g., IT security, aggregated data analysis)

5. Data Processing Methods

Data is processed using manual and/or digital tools, in compliance with principles of lawfulness, fairness, and transparency, applying suitable technical and organizational measures to ensure data security.

6. Data Disclosure and Sharing

Data may be shared with:

  • Registered companies on the platform (for recruitment purposes)
  • Collaborators and technical service providers (hosting, software, consulting)
  • Public entities or authorities, where required by law

Data will not be disclosed unless explicitly authorized by the user.

7. Data Transfer to Third Countries

Data is generally not transferred outside the European Economic Area. If it is, the transfer will comply with Articles 44 et seq. of the GDPR and be subject to appropriate safeguards.

8. Data Retention

Personal data will be retained:

  • For the entire duration of the user's use of the platform
  • Afterwards, for the time necessary to protect the Controller’s rights or comply with legal obligations
  • For marketing purposes, until consent is withdrawn

9. User Rights

Users have the right to:

  • Access their data
  • Request rectification or deletion
  • Restrict or object to processing
  • Withdraw consent at any time
  • Lodge a complaint with the Data Protection Authority

Requests can be sent to: info@rysto.com

10. Cookies

We use technical and analytics cookies to improve your experience on the site and our services. No profiling cookies are used without your consent.

11. Changes to this Policy

This policy may be subject to changes. Users will be notified via the platform or email.