This privacy policy (designated the “Privacy Policy”) governs the manner in which De la Rosa Management S.a.r.l., a Luxembourgish company with registered office at 11, um Lënster Bierg L-6125 Junglinster, Grand Duchy of Luxembourg, registered with the Luxembourg Trade and Companies Registry under number B239473 or any of its affiliated companies (together designated “De la Rosa Management”) collects, uses, maintains and discloses information collected from clients and/or users (designated each, a “User” or “Users”) of its websites, mobile applications or any other services (the “Services”).

Compliance with Data protection Law

De la Rosa Management acknowledges and undertakes to comply with the laws and regulations governing the processing of personal data, including, but not limited to, the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (designated “GDPR”) and any other national applicable laws or regulations governing the processing of any personal data.

Data protection officer

De la Rosa Management acts as data controller and has appointed a data protection officer.

The data protection officer appointed by De la Rosa Management shall be contacted by using the following information:

Address: De la Rosa Management Luxembourg S.a.r.l., to the attention of the Data Protection Officer
11, um Lënster Bierg L-6125 Junglinster, Luxembourg
Phone: +352 661 836 087

Personal identification information

De la Rosa Management may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit De la Rosa Management websites, or fill out the contact form. Users may be asked for, as appropriate, name, email address, etc.

Non-personal identification information

De la Rosa Management may collect non-personal identification information about Users whenever they use an De la Rosa Management website or application or other online service. Non-personal identification information may include technical information about Users means of connection, such as the operating system and the Internet service provider utilized, geographical information such as country of origin, behavioural information such as time spent on the website, as well as further non-personal analytical data to improve customer experience, products and services.

Each User recognizes and accepts that the performance of the Services may depend on the collection and processing of personal identification information and non-personal identification information.

Web browser cookies

De la Rosa Management may use « cookies » to improve the User’s experience in regard of the Services. In that case, the User’s Internet navigator places cookies on his hard drive to gather a certain set of information used to customize the navigation in the framework of the Services, thus enabling certain unique functionalities. For more information on how we use cookies and the cookie options we offer please see our Cookie Policy.

How De la Rosa Management uses collected information

Principally, personal and non-personal identification information is used to provide the Users with the Services and to ensure a full efficiency of the Services they have registered for or they requested in any other manner.

In this framework, De la Rosa Management may collect and use Users’ personal and non-personal identification information for the following purposes:

  • To improve Services: Information Users provide will help De la Rosa Management respond to certain Users’ requests.
  • To personalize User experience: De la Rosa Management may use non-personal identification information to understand how Users as a group use De la Rosa Management’ Services.
  • To improve De la Rosa Management’ websites and other internet presence as well as other communication tools or tools for specific Services: De la Rosa Management may use feedback Users provide to improve its products and services.

How De la Rosa Management protects personal identification information

De la Rosa Management adopts appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of Users’ personal identification information within the limits of De la Rosa Management’ role with respect to the relevant Services (as certain specific services might be rendered by third parties).

Sharing personal information

De la Rosa Management does not sell, trade, or otherwise transfer to third parties Users’ personal identification information. However each User accepts that its personal identification information can be transmitted to website hosting and editing partners and other sub-contractors who assist De la Rosa Management in providing the Services, conducting its business, or servicing the User, so long as those sub-contractors undertake to process the information only according to De la Rosa Management’ instructions and to comply with the applicable law regarding the protection of personal identification information. De la Rosa Management may also release User’s personal identification information when it believes that such release is necessary to comply with the law, enforce its websites’ general terms of use, or protect its or others’ rights, property, or safety.

However, Users’ non-personal identification information may be provided to third parties for marketing, advertising, or other uses.

Changes to this Privacy Policy

De la Rosa Management has the discretion to update this Privacy Policy at any time. De la Rosa Management will therefore revise the “last update date” at the bottom of this page. De la Rosa Management encourages Users to frequently check this page for any changes. Users acknowledge and agree that it is their responsibility to review this Privacy Policy periodically and become aware of modifications.

Data Retention

De la Rosa Management takes all reasonable measures to ensure that your personal data are processed for the minimum period necessary for the purposes set out in this Privacy Policy. The criteria for determining the duration for which we will retain your personal data in connection with the Services are as follows:

  • as long as we maintain an ongoing relationship with you (e.g., where you are a recipient of our services, or you are lawfully included in our mailing list and have not unsubscribed);
  • as long as your personal data are necessary in connection with the lawful purposes set out in this Privacy Policy, for which we have a valid legal basis;
  • until the expiry of a period of a two (2)-months’ period following the end of any applicable limitation period under applicable law; and
  • with your prior consent, until the expiry of any additional retention period.

De la Rosa Management undertakes to delete or to anonymise your personal data upon expiry of the retention period as described above.

Data Security and data transfer

De la Rosa Management has implemented appropriate technical and organizational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of Processing, in accordance with applicable law.

You are responsible for ensuring that any personal data that you send to us are sent securely.

De la Rosa Management does not transfer personal data to any third country nor to any international organisation, except as the case may be on the basis of:

  • adequacy decisions;
  • suitable Standard Contractual Clauses; or
  • other valid transfer mechanisms under GDPR.

Data Accuracy and minimization

We take reasonable measures:

  • to ensure that your personal data are accurate and, when necessary, kept up to date; and
  • to ensure that your personal data are collected as a needed basis, in connection with the purposes set out in this Privacy Policy.

Data subject rights

Each User benefits under data protection law from a right of access, modification and opposition to the processing of its personal data, a right to erasure and a right to portability of its personal data by sending an email to Those rights may only be exercised within the limits of any contractual or legal obligation. Each User has also a right to lodge a complaint with the Luxembourg supervisory authority, namely the Commission nationale pour la protection des données (

Acceptance of these terms

By using the Services, Users confirm their acceptance of this Privacy Policy. If a User does not agree with this Privacy Policy, De la Rosa Management recommends to such User that he shall not use the Services. The continued use of the Services following the posting of changes to this Privacy Policy will be deemed as an acceptance of those changes.

This Privacy Policy is applicable from 7th December 2019.