Privacy Policy

1. Data Controller

VRealm P.C. (VAT: 802264482, GEMI: ELGEMI.173245503000) acts as data controller for personal data processed through this website. For privacy matters and data subject requests, contact info@vrealm.gr.

2. Scope

This policy applies to personal data processing related to website browsing, contact and review form submissions, and subsequent professional communication.

3. Categories of Data We Process

• Identity and contact details: name, company, role, email, phone.
• Project-related business details: industry, project type, timeline, budget range, description.
• Technical data: IP address, basic security logs, anti-spam and rate-limiting records.
• Usage/analytics data where website measurement tools are enabled.

4. Purposes and Legal Bases (GDPR Article 6)

• Handling requests and pre-contractual communication: Article 6(1)(b).
• Legitimate business communication and service improvement: Article 6(1)(f).
• Compliance with legal obligations (tax/accounting/regulatory): Article 6(1)(c).
• Consent for non-essential technologies (for example non-essential cookies): Article 6(1)(a).

5. Cookies and Similar Technologies

The website may use strictly necessary cookies for functionality and security. For non-essential cookies or tracking technologies, prior notice and consent are required under the ePrivacy Directive (2002/58/EC) and Greek Law 3471/2006.

6. Recipients and Processors

Personal data is accessible only to authorized personnel and service providers supporting technical operations (such as hosting, email delivery, analytics), under contractual confidentiality and data protection obligations. We do not sell personal data.

7. International Transfers

If data is transferred outside the EEA, we apply appropriate safeguards required by GDPR, such as adequacy decisions or Standard Contractual Clauses.

8. Retention Periods

• Contact/request data: up to 24 months after the last meaningful communication.
• Contract-related data: for the duration of the engagement and statutory retention periods.
• Security logs: for a reasonable and proportionate period for security and incident handling.

9. Security Measures

We implement appropriate technical and organizational measures, including access control, least-privilege handling, protected data transmission, and anti-spam/anti-abuse controls.

10. Your Rights

Subject to applicable conditions, you have the rights to:

• Access (GDPR Article 15)
• Rectification (GDPR Article 16)
• Erasure (GDPR Article 17)
• Restriction (GDPR Article 18)
• Portability (GDPR Article 20)
• Object (GDPR Article 21)
• Withdraw consent at any time, without affecting previous lawful processing

To exercise rights, contact info@vrealm.gr.

11. Right to Lodge a Complaint

If you believe processing infringes data protection law, you may lodge a complaint with the competent supervisory authority: Hellenic Data Protection Authority (HDPA), www.dpa.gr.

12. Children's Data

Our services are intended for professional/business audiences. We do not knowingly collect personal data from minors.

13. Policy Updates

We may update this policy to reflect legal, technical, or business changes. The current version is always published on this page.