.png){kind=small}
DrumOrama Privacy Policy
Last updated: 13/1/2026
1. Introduction
DrumOrama (“we”, “our”, or “us”) respects your privacy and is committed to protecting your personal data.
This Privacy Policy explains how personal data is collected, used, stored, and protected when you visit https://drumorama.co
(the “Website”) and use our services (the “Services”).
By accessing the Website or using our Services, you acknowledge that you have read and understood this Privacy Policy.
2. Data Controller
For the purposes of the General Data Protection Regulation (EU) 2016/679 (“GDPR”), the Data Controller is:
Business Name: DrumOrama
Legal Form: Sole Proprietorship
VAT Number (ΑΦΜ): EL134043379
Country: Greece
Email: info@drumorama.com
Website: https://drumorama.co
3. Personal Data We Collect
We collect only data that is necessary for the operation of our Services.
a. Personal Data Provided by You
Full name
Email address
Billing and invoicing details
Account, booking, and subscription information
Communications sent to us
b. Automatically Collected Data
IP address
Browser type and operating system
Access times and pages visited
Technical and usage data
c. Payment Data
Payments are processed through third-party payment providers.
DrumOrama does not store or access full payment card details at any time.
4. Purpose of Processing
We process personal data solely for the following purposes:
To provide and manage access to our Services
To process payments and issue invoices
To manage bookings and customer support
To ensure platform security and prevent fraud
To comply with legal and tax obligations
Personal data is not used for advertising profiling or non-essential marketing.
5. Legal Basis for Processing (GDPR Art. 6)
Processing is based on one or more of the following lawful grounds:
Contractual necessity – to deliver purchased Services
Legal obligation – accounting, invoicing, tax compliance
Legitimate interest – security, fraud prevention, service reliability
Consent – where explicitly required (e.g. analytics cookies)
Consent may be withdrawn at any time without affecting prior lawful processing.
6. Email Communications
DrumOrama sends transactional emails only, including:
Booking confirmations
Account notifications
Payment receipts
Service-related updates
We do not send newsletters or promotional marketing emails.
7. Cookies and Analytics
The Website uses cookies and similar technologies to ensure functionality and performance.
A cookie consent banner is implemented via Wix.
Non-essential cookies are activated only after user consent.
Google Analytics is used solely to understand website usage and improve functionality.
Users may manage or withdraw cookie consent at any time through the cookie settings.
8. Third-Party Service Providers
We use the following third-party providers:
Wix – website hosting, member management, transactional emails
Stripe – secure payment processing
These providers act as Data Processors under GDPR-compliant agreements and process data only as required to deliver their services.
9. Payment Processing and Saved Payment Methods
Payments on DrumOrama are processed via Stripe through the Wix platform.
Users may be given the option to securely store payment details for future purchases.
DrumOrama does not store, access, or process full payment card details at any time.
Any saved payment information is stored and managed exclusively by Stripe and/or Wix, in accordance with their PCI-DSS compliance and security standards.
The use of saved payment methods is optional and subject to the privacy policies of the respective payment providers.
10. International Data Transfers
Where personal data may be processed outside the European Economic Area (EEA), appropriate safeguards are applied, including Standard Contractual Clauses or equivalent legal mechanisms, in accordance with GDPR requirements.
11. Data Retention
Personal data is retained only for as long as necessary:
Account and service data: while active and as legally required thereafter
Financial and invoicing data: according to Greek and EU tax legislation
Technical and analytics data: anonymized or aggregated where possible
Data is securely deleted or anonymized once no longer required.
12. Data Security
We implement appropriate technical and organizational measures, including:
HTTPS and TLS encryption
Secure hosting infrastructure
Restricted access to personal data
Continuous security monitoring
While no system is entirely secure, reasonable measures are taken to protect personal data.
13. Children’s Privacy
Our Services are not directed at children under the age of 13.
We do not knowingly collect personal data from children without verified parental consent.
14. Your Rights Under GDPR
You have the right to:
Access your personal data
Request correction of inaccurate or incomplete data
Request deletion of data where legally applicable
Restrict or object to processing
Request data portability
Lodge a complaint with a supervisory authority
Requests can be submitted to info@drumorama.co
.
Identity verification may be required.
15. Do-Not-Track Signals
At present, no standardized mechanism exists for responding to Do-Not-Track signals. We comply with applicable regulatory guidance as it evolves.
16. Third-Party Links
The Website may contain links to third-party websites.
We are not responsible for their content or privacy practices.
17. Changes to This Privacy Policy
We may update this Privacy Policy to reflect legal, technical, or operational changes.
The updated version will be published on this page with a revised date.
18. Contact
For any questions or requests regarding this Privacy Policy:
Email: info@drumorama.co