Privacy Policy

Ισχύει από 1.1.2021

Thank You for visiting the website of the Company “WHITEROOM” (the "Website") having its principal address in Athens, Mnisikleous 12 Plaka, 10554, T:+30 210 3312350, Email: ("the Company"). 

Before using the Website as a User / Visitor (hereinafter referred to as "User", “You”, “Your”), please read this Privacy Policy ("Policy").

1. Introduction

The Company is committed to collecting and processing Your personal data in accordance with the provisions of Regulation (EU) 2016/679 (hereinafter referred to as "GDPR") and law 4624/2019. The Company as Data Controller informs You on the way it collects and processes information about You in accordance with all applicable European and national laws concerning personal data.
Personal data is any information relating to natural persons whose identity is known or can be identified ("Personal Data").
Protecting Your Personal Data is very important for the Company, which takes steps to this end!

2. How do we collect Your Personal Data?

2.1 Directly from you: We collect Personal Data directly from You when You visit our Website, when You request information, submit a request, e.t.c.

2.2 By automated means through the use of the Website:

When You visit the Company's Website, we may collect data from You based on Your browsing and using our services. This data may include search history, address IP, screen resolution, browser You used, operating system and settings, access times and URL reference as well as data collected through cookies (See Policy cookies). 

2.3 From third parties: If You connect to through a third-party service (e.g. Facebook), this third-party service may send us information, such as Your registration information and profile from that service. This information varies and is controlled by or authorized by You through Your privacy settings in the third party service. Also, and to the extent permitted by applicable law, we may receive additional information about You, such as demographic data or fraud detection information, from third-party service providers and/or partners, and combine them with information we have about You.

3. What types of Personal Data do we collect?

When You visit our Website we may collect the following Personal Data:

  • Name
  • Surname
  • Email address
  • Telephone
  • Browsing data such as address IP, screen resolution, browser used, operating system and settings, access times and URL and data collected through (cookies). 

4. Why we collect Your Personal Data?



To enable You to access and use the services we provide through our site;

Processing is necessary for the purposes of the legitimate interests pursued by Company.

To respond to customer service requests;

Processing of the Personal Data is necessary for the performance of the contract between You and the Company (provide the requested services). 

To send You notices and commercial communications;

Your consent, in order to process Your Personal Data for direct marketing purposes.

To be able to detect and prevent fraud, abuse, security incidents and other harmful activities and conduct security investigations and risk assessments;

Processing is necessary for the purposes of the legitimate interests pursued by Company.

To improve our services and improve the user experience, for the purpose of controlling, troubleshooting and improving the functionality and quality of our online services

Processing is necessary for the purposes of the legitimate interests pursued by Company.

For compliance purposes;

Processing is necessary for compliance with a legal obligation to which Company is subject.

5. How long do we keep Your Personal Data?

We retain Your Personal Data for the duration of our contractual relationship. The Personal Data we process is not retained for a longer period than is necessary for the performance of the contract and any services directly related to it:

a. when we provide a service, Your Personal Data is retained for as long as it is necessary to fulfill the service and at least for as long as it is defined by the legal (tax or other) obligation.

b. In case You fill in the contact form or submit a request, Your Personal Data is retained for as long as necessary to respond to Your request.

We will also retain Personal Data:
To the extent required by law (for example, in order to comply with tax legislation)
In order to comply with court proceedings (any ongoing or future court proceedings)
To establish, exercise or defend our legal rights, personal security of the users and the public.

6. Which are Your privacy rights?

Under the GDPR (articles 12-22) You have the following rights: 

  • Request a copy of Your Personal Data.
  • Withdraw Your consent when this is the legal basis of the processing of Your Personal Data.
  • Request that Your Personal Data be corrected if it is inaccurate.
  • Request erasure of the Personal Data You have provided, under the conditions set out by law.
  • Request restriction of processing, under the conditions set out by law.
  • Request the portability of Your Personal Data, if You have provide us with the data and the processing is based on consent or performance of a contract and processing is based on automated means.
  • Oppose some form of processing of Your Personal Data by the Company.

To exercise any of the above rights, You can contact us via e-mail: or by post or in person at the Company’s premises at Mnisikleous 12 Plaka, 10554, Athens. We will take all possible measures to satisfy Your request within a reasonable period, no later than one (1) month after the submission of the request and proper proof of identification.
Finally, if You consider that Your rights are infringed, You have the right to file a complaint with the Data Protection Authority (, Kifisias 1-3, P.C. 115 23, Athens, 210 6475600).

7. Minors

Please be aware that the content and services of this site are not intended for children under 16 years of age. No Personal Data must be submitted to the Company through the Website by visitors under 16 years of age. If we become aware that a user under the age of 16 has registered and provided Personal Data without the explicit consent of the parent or legal guardian, we will immediately delete, after receiving such information or request, the relevant data in accordance with the applicable Company policy.

8. Privacy Policy Changes

The Company may change this Policy. Please check the effective date at the top of the Policy to see when it was last revised. Every revision will be implemented as soon as we publish the revised Policy.
If we make substantive changes to this Policy that broaden our rights to use the Personal Data that we have already collected from You, we will inform You and provide You with a choice for the future use of these data.