Newsletter subscription form



Pursuant to Article 13 of the General Data Protection Regulation – Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”), we will provide you with information relating to the processing of your personal data provided to allow the relationship with RIBES NEST S.c.a.r.l. (hereinafter referred to as “RIBES Nest” or “Società”)

Data Controller

The Data Controller is RIBES Nest S.C.A.R.L, with registered office in Via San Fermo 3, Padua, contact information can be retrieved from the “Contacts” section of the web site, or by using the certified e-mail address, whose legal representative is Fanin Mauro.

Mandatory purposes for which the processing does not require your consent


Legal basis of the treatment

Managing the entry and storage of data, sending of information and communications, including electronic communications, requested by you through the Company’s website, sending of documents relating to the relationship with the Company. (Art. 6, paragraph 1, letter c), GDPR) Treatment necessary to fulfil a legal obligation to which the Controller is subject(Art. 6, Paragraph 1, lett. f), GDPR)Treatment necessary for the pursuit of the legitimate interest of the Controller related to the organizational and administrative management of its organization

Optional purposes for which the processing requires your consent


Legal basis of the treatment

Promotional and marketing activities with the provision of material and information on new products and services of interest to you related to your business and to the activities of RIBES Nest, also by sending special material in paper and/or electronic form, by means of newsletters (e-mail, sms, mms, instant messaging); sending information and news about the Company and its activities by means of newsletters (e-mail, sms, mms, instant messaging);invitations to events organized or sponsored by the Company;carrying out market surveys and/or customer satisfaction surveys. (Art. 6, comma 1, lett. a), GDPR) Consenso dell’interessato

Recipients of personal data

For the fulfilment of the purposes indicated above, your personal data may be communicated to:

– public and private bodies responsible for fulfilling the obligations laid down by current legislation, such as banks, financial or credit institutions, law firms or accountancy firms.

– The data may also be communicated, in whole or in part, to any persons in charge of processing or data processors, in accordance with the instructions given by the Data Controller.

– The data will also be processed with the use of electronic and computer equipment.

– Third parties other than the Controller, such as:

Third parties or categories


Computer companies Management, maintenance, updating of systems and software used by the Controller
Providers of networks, electronic communication services and computer and telematic services for the storage and management of computer data.Cloud services may involve data processing in non-EU countries, which guarantee appropriate confidentiality rights. Hosting, housing, Cloud, SaaS and other remote IT services essential for the provision of the activities of the Controller; filing and storage services in accordance with electronic documents
Consultants, professionals, law firms, arbitrators, insurance companies, experts, brokers Judicial, extra-judicial and accident insurance activitiesOrganisational, administrative, financial and accounting management

Period of retention of personal data

We explain below the period of retention of personal data or, if this is not possible, the criteria used to determine this period.

Personal data and documents

Retention period or criteria for determining it

Personal data and documents relating to the relationship with the Company For the duration necessary to pursue the purposes of the processing and also subsequently, within the limits granted by law, for administrative and accounting purposes, as well as to assert or protect the rights of the Controller, where necessary

Rights of the data subject

We inform you of the existence of certain rights provided by the GDPR with regard to personal data and the processing thereof that you may request from the Controller.



Right of withdrawal of consent(Art. 13, Paragraph 2, letter c) You have the right to withdraw consent for the processing operations for which you are requested, without prejudice to the lawfulness of processing based on consent prior to withdrawal
Right of access to data(Art. 15) You may request: (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients from third countries or international organisations; (d) where possible, the expected retention period for the personal data or, where that is not possible, the criteria used to determine that period; (e) the existence of the right of the data subject to request the controller to correct or erase the personal data or to restrict the processing of personal data concerning him or to object to their processing; (f) the right to lodge a complaint (g) all available information on the origin of data, if they are not collected from the data subject; (h) the existence of an automated decision-making process, including profiling as referred to in Article 22 (1) and (4), and, at least in such cases, relevant information on the logic used and the importance of and the anticipated consequences of such processing for the data subject. You have the right to request a copy of the personal data being processed
Right of rectification(Art. 16) You have the right to request the rectification of inaccurate personal data concerning you and to obtain the integration of incomplete personal data
Right to be forgotten(Art. 17) You have the right to obtain from the Controller the cancellation of your personal data if the personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed
Right to limitation of processing(Art. 18) You have the right to obtain from the Data Controller the restriction of the processing when you have contested the accuracy of the personal data (for the period necessary for the Data Controller to verify the accuracy of such personal data) or if the processing is unlawful, but you object to the deletion of the personal data and instead request that their use be restricted or if they are necessary for the establishment, exercise or defence of a right in court, while the Data Controller no longer needs them.
Right to portability (Article 20) You have the right to receive in a structured format, commonly used and readable by automatic device personal data concerning you provided to us and have the right to transmit them to another Controller if the treatment: (i) was based on consent, (ii) on contract and (iii) whether the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority and such transmission does not infringe the rights of a third party.
Right of opposition(Art. 21) You have the right at any time to object, in whole or in part, to the processing of your personal data if the processing is carried out for the pursuit of a legitimate interest of the Controller or if the processing is carried out for direct marketing purposes.
Right to lodge a complaint with the Control Authority(Art. 77) You have the right to complain to the Control Authority if you consider that the processing of your data is in breach of the GDPR.

The exercise of these rights is subject to the limits, rules and procedures laid down by the GDPR and which the interested party must know and implement. Furthermore, in accordance with the provisions of article 12, paragraph 3, the Controller shall provide the interested party with information relating to the action taken without undue delay and, in any case, no later than one month after receipt of the request. This period may be extended by two months, if necessary, taking into account the complexity and number of requests. The Data Controller shall inform the data subject of such extension, and of the reasons for the delay, within one month of receipt of the request.

Changes and updates

This statement may be subject to change and/or addition, also as a result of the applicability of the GDPR and any future changes and/or regulatory updates.

The updated information is constantly available on the website of the Controller.