Privacy Policy

Sep 14, 2023

Sparkling Rocks S.r.l (hereinafter also "SR" or the "Company"), as the Data Controller (the "Controller"), aims to respect applicable regulations regarding personal data protection and, for this reason, ensures compliance with the necessary requirements to align with current regulations. In accordance with Regulation (EU) 2016/679, relating to the protection of individuals with regard to the processing of personal data, and the free movement of such data, and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018, we would like to inform the website user ("User"), as the data subject (hereinafter "Data Subject"), about aspects related to the processing of personal data that the User provides while browsing our website, as well as regarding their rights.


However, technical limitations do not allow us to control all cookies installed by third parties. The User always has the option to block these cookies by following the instructions in our cookie policy page.


Data Controller

The Data Controller is Sparkling Rocks S.r.l with registered office in Milan 20123, Viale Gabriele d'Annunzio 9, contactable at the email address: info@sparklingrocks.it


Data Processed by SR

The data processed by SR includes:


Personal data voluntarily provided by the User when interacting with the website's features and/or requesting services offered, such as, for example, submitting requests through the website, through the channels indicated within it, or in the case of spontaneous applications.

Identifying data implicit in the use of Internet communication protocols (so-called "navigation data"), acquired by computer systems and software procedures designed for website consultation.

Purpose of Processing

SR will process User data for the following purposes:


  1. Navigation data is collected and processed by SR solely for statistical purposes and in an anonymous form related to access and use of the website, for monitoring and improving the website's operation and content.

  2. To allow SR to provide services requested by the User if the User has contacted the Controller to avail themselves of the services offered.

  3. For sending commercial communications related to goods and services offered by the Controller.

  4. To manage User-initiated applications through the "work with us" section.

The provision of data for the purposes mentioned in point (i) is not necessary. Failure to provide it may result in website malfunction or an inefficient experience within it.


The provision of data for the purposes mentioned in point (ii) is necessary for SR to contact the User and provide the requested services. Therefore, failure to provide data may result in the User not being contacted and, consequently, unable to avail themselves of the services offered by SR.


The provision of data for the purposes mentioned in point (iii) is optional. Failure to provide it will prevent the User from receiving updates on news and commercial offers related to the goods and services of the Controller.


The provision of data for the purposes mentioned in point (iv) is optional. Failure to provide it will prevent the User from applying for any open positions and participating in the selection process as provided by the Controller.


While complying with the obligation to inform through this detailed and concise information, SR does not assume the consent of users for certain profiling activities carried out by third parties:

  • Targeted advertising Newsletter;

  • Consent to cookie policy (duration).

Therefore, users remain free to use the site, limiting some cookies, and, through browsers and devices "shielded" by extensions provided by third parties, limiting most of them. SR cannot assume responsibility for the actual effectiveness of such client-side screening tools, nor for the effective use of the website.


The use of thematic newsletters by the User is always optional.


Children under the age of fourteen cannot provide consent in accordance with Italian and European regulations. SR does not process user identifying data and does not have the ability to verify the age of users browsing its website; therefore, it declines any responsibility in this regard.


It is always possible to browse the site as an unregistered and anonymous user and view the available content and materials without registration.


Communication of Personal Data

User personal data will be communicated to the following categories of recipients, within the aforementioned purposes:


Data may also be transferred abroad, to countries within or outside the European Union, to third-party companies providing support activities always for the purposes indicated above.

In the event of the transfer of personal data to countries outside the European Union, such countries will guarantee an adequate level of protection based on a specific decision of the European Commission or, alternatively, the recipient will be contractually obliged to protect personal data at an adequate and comparable level to the protection provided by Regulation (EU) 2016/679.

In general, third parties may be able to process the following anonymous user data:

  • Date and time of connection.

  • IP address of the device browsing the site.

  • User's location.

  • Browser used by the User.

  • Type of device (device) used by the User.

  • Browsing data.

Retention Period for Personal Data

User personal data will be retained for the entire duration necessary to achieve the above purposes and subsequently:

  • Within the limits of applicable prescription. In the event of acts interrupting the prescription, the retention period will be extended accordingly.

  • Within the limits provided by regulatory data retention regulations (e.g., tax declarations), in order to correctly fulfill any legal obligations.

  • Within the time period necessary to protect SR's rights in the event of any legal disputes.

As for navigation data, it will be retained for 90 days.

For the sending of commercial communications, the data, if provided, will be retained for 730 days.

User Rights

Data protection regulations guarantee a series of rights throughout the duration of data processing. The rights that the User, as the Data Subject, can exercise are as follows:

  • Right of access: to know which data are being processed and receive all information related to the processing.

  • Right of rectification: to request the modification of data if they are inaccurate or outdated.

  • Right to data portability: to obtain a copy of the data being processed in a structured, commonly used, and machine-readable format, to facilitate potential data transfer to another data controller, other than SR.

  • Right to restrict processing: to limit the processing of one's data, provided that one of the hypotheses provided by applicable law exists.

  • Right to erasure: to request data deletion.

  • Right to object: to request the cessation of data processing.

  • Right to lodge a complaint with the supervisory authority: to file any reports or complaints with the Data Protection Authority.

The exercise of these rights can be carried out through postal, electronic means, or any additional communication methods chosen by the Data Subject, using the contact information provided above and attaching the necessary documents (e.g., a copy of the identity document) to identify the legitimate Data Subject.