Last updated: June 23, 2026
We care about your privacy and want to share with you everything we do with your personal data. Within Cibus' Privacy Policy, you can verify your rights, what data we process and with whom we share it, how long we retain it, and many other details.
We certify that this Policy is as transparent and concise as possible. It is important that you read it carefully, because the privacy we guarantee is complete only when your knowledge is complete as well.
We also recommend reading the full Regulation (EU) 2016/679 of the European Parliament and of the Council, also known as the General Data Protection Regulation (hereinafter, GDPR), where you can inform yourself in more detail about your rights in the field of privacy and personal data protection.
TP53 S.R.L., with legal headquarters in Via Pomposa n. 153, 44123 Ferrara (FE), Italy, is dedicated to developing software mainly in the health area, being the company responsible for the creation and development of the Cibus software, in its various aspects.
This software allows to simplify the most complex tasks of Professionals, such as planning, analysis and creation of meal plans, nutritional calculations, information management and analysis, and other functions. Cibus is, therefore, the entity that manages the processing of personal data collected through the Cibus software, acting mainly as a processor for the Professional, under the terms of the GDPR.
This Privacy Policy applies to all users of the website https://www.cibushealth.com and its subdomains, whether registered or not; to all users of the mobile app, from the moment it is installed on the mobile device; to all platform users who register for the trial period as well as all those who actually enter into a contract with our services once the trial period is concluded.
The use of the services we offer is conditioned by reading the terms described here and accepting the Terms and Conditions of Use.
The collection and processing of data is fundamental to the operation of Cibus. Our project is built on this data and it allows us to offer you a reference service in the area of nutrition and client management. We limit the collection of data and its retention time to the minimum necessary.
Data required from the professional during registration: all data entered by the Professional at the time of registration on the platform are stored and processed. The data we mandatorily require during registration are: first and last name, main workplace name, sex, country of residence, email address and, obviously, a password.
Payment data: payment data for your monthly subscription are also processed by Cibus, although we use a third party for this purpose.
Billing data: to fulfill our tax obligations, we must necessarily ask for some billing data such as: name, tax code or VAT number, address, city, postal code and country of residence.
Automatically collected data: in addition to the data mentioned above, we automatically collect, through cookies and other methods and services, a set of data that allows us to know precisely how you use the platform. For more information, see our cookie policy.
Client data is largely collected by the Professional. They are responsible for processing the Client's personal data. Cibus processes Client data only once entered by the Professional or directly through the mobile application.
The mobile application is intended for use by clients and is obviously optional. Data such as: login credentials, amount of water ingested, weight, location data (with consent), local files and notifications (with consent), data from health applications like Apple Health or Google Fit (with consent) may be collected.
Cibus may process, in aggregate and anonymized form, data relating to the use of the platform by nutritionists. This data may be used for scientific research purposes, for the development of new features or for the continuous improvement of the clinical tools offered. The processing will be carried out in compliance with the principles of data minimization, anonymization and security, in accordance with the GDPR.
We use the data we collect for the following purposes:
Personal data may be retained for different periods of time depending on their legal relevance or the duration of the contractual relationship. In general, after the user's deletion request, data is encrypted and securely stored for 10 years, after which it is permanently deleted.
Some of the information you provide may be processed by third parties external to our services:
We want to ensure that your rights are fully respected. You can contact us at support@cibushealth.com:
The security of your data and the services we provide is one of our top priorities. We regularly analyze our platforms and related servers to ensure that all necessary security measures are taken. In particular, we adopt the following technical and organizational measures:
The correct allocation of the roles set out in Regulation (EU) 2016/679 ensures transparency of processing and protection of data subjects' rights:
Data entered into the Cibus platform cannot be attributed to anyone outside the Professional's practice and is not used for any purpose other than providing the service. TP53 S.R.L. has neither the interest nor the ability to access patients' clinical content for purposes other than those strictly technical and related to the operation of the platform. Data is never sold, transferred, or exchanged with third parties, nor used for advertising or commercial profiling purposes.
The artificial intelligence features integrated into Cibus are designed as tools to support professional activity, and their use is governed by the following principles:
TP53 S.R.L. assumes no responsibility for clinical decisions made on the basis of outputs generated by the platform's AI features. The Professional is required to critically evaluate every suggestion produced by the system before applying it to clinical practice.
All data processed through the Cibus platform is hosted on infrastructure located within the European territory, in compliance with GDPR requirements regarding the transfer and storage of personal data. No data entered into the platform is transferred or processed outside the European Union, avoiding transfers to third countries that would require additional safeguards pursuant to arts. 44-49 GDPR.
TP53 S.R.L. provides a Data Processing Agreement (DPA) compliant with art. 28 GDPR for each Professional, governing the processing methods, the security measures adopted, and the guarantees offered as Data Processor. The DPA can be requested at business@tp53health.com.
Should the Professional require supplementary documentation â for a supervisory authority inspection, an internal audit, or any other need â TP53 S.R.L. is available to provide the necessary support. Available documentation includes the privacy notice under arts. 13-14 GDPR, the DPA under art. 28 GDPR, technical documentation on the measures adopted, the Record of Processing Activities under art. 30 GDPR, and any clarifications and declarations.
For any questions or to exercise your rights, contact us at:
TP53 S.R.L.
Via Pomposa n. 153, 44123 Ferrara (FE), Italy
Legal Representative: Mr. Matteo Melina
Email: support@cibushealth.com
Without prejudice to any complaints you may address to Cibus, you can also file a complaint with the Italian supervisory authority:
Garante per la Protezione dei Dati Personali
Piazza di Monte Citorio n. 121
00186 Rome
Tel: +39 06 696771
www.garanteprivacy.it