Privacy Policy

Last updated: 29.08.2025

Introduction

Welcome to the Privacy Policy of AS Pajo (registration code 10248356). AS Pajo respects the privacy of its customers and all other individuals whose data we process, and we make every effort to ensure the protection and secure handling of personal data. This Privacy Policy (hereinafter: Policy) describes the principles of data processing at AS Pajo and explains how we process personal data. The purpose of the Policy is to protect the privacy of our customers in accordance with the laws of the Republic of Estonia and the legislation of the European Union.

1. Definitions

• GDPR – the EU General Data Protection Regulation.
• Personal Data – any information relating to an identified or identifiable natural person.
• Applicable Law – all relevant EU and Estonian legislation, including GDPR and national implementing acts.
• Customer / Data Subject – a natural person who uses, has used, or has expressed the wish to use the services of AS Pajo and whose personal data we process.
• Processing – any operation performed on personal data (collection, storage, use, transfer, deletion, etc.).
• Controller – AS Pajo.
• Website – www.pajoprint.eu, www.pajoprint.ee and related subdomains.
• Processor – a person or company who processes data on behalf of AS Pajo (e.g., IT providers, payment providers, logistics).

2. General Provisions

• This Policy applies whenever a customer uses, has used, or has expressed the wish to use the services of AS Pajo.
• AS Pajo ensures that personal data is processed in accordance with applicable law and GDPR.
• AS Pajo may update this Policy when necessary. The latest version will always be available on our Website.

3. Purposes and Legal Basis of Processing

• Contract performance: order processing, production, and delivery.
• Legal obligation: fulfilling accounting and other statutory requirements.
• Legitimate interest: service development, customer communication, analytics, and marketing.
• Consent: sending newsletters and direct marketing (customers can unsubscribe at any time).
• Campaigns / promotions: conducting campaigns and contacting winners under the applicable terms.

4. Collected Data

• Name and contact details (phone, email, address), company name and address.
• Order details (content, number, frequency) and technical information generated when using our services or Website (e.g., IP address, cookies).
• Additional data required to provide the service as specified by the customer in the order.

5. Retention and Transfer of Personal Data

• Personal data is not retained longer than necessary for the purpose or as required by law. Accounting records are generally retained for up to 7 years from the transaction.
• Data may be shared with Processors, including:
  • Payment service providers,
  • Logistics partners,
  • Accounting services,
  • IT and cloud service providers (including hosting and backup).
• If data is stored or processed outside the EU/EEA, appropriate safeguards are applied in accordance with EU requirements (e.g., EU Standard Contractual Clauses).
• Our infrastructure is hosted by Amazon Web Services (AWS), which is GDPR compliant (AWS GDPR Center).

6. Use of Security Cameras

• AS Pajo uses security cameras on its premises for the protection of property and individuals.
• Camera zones are marked with notification signs.
• Recordings are stored for up to 3 months unless proceedings are initiated that require longer storage.
• Recordings may be shared with competent authorities (e.g., the Estonian Police and Border Guard Board) if necessary.

7. Cookies

• Our Website uses cookies (essential, analytical, and marketing).
• Cookies are small text files stored on the user’s device to support the functionality of the Website.
• Customers may disable cookies in their browser settings, but some functions of the Website may not work properly.
• More information: allaboutcookies.org.

8. Customer Rights

• Right of access to their personal data.
• Right to rectification of inaccurate or incomplete data.
• Right to erasure of data (“right to be forgotten”).
• Right to restrict processing.
• Right to object to processing (including direct marketing).
• Right to withdraw consent (e.g., newsletters).
• Right to data portability, where applicable.

Customers may also lodge a complaint with the Estonian Data Protection Inspectorate (www.aki.ee) or with the supervisory authority in their country of residence.

AS Pajo does not make automated decisions or carry out profiling that would have legal effects on customers.

9. Customer Accounts and Marketing

• When creating a customer account, we process the data provided for account management and order history.
• Newsletters are sent only with prior consent. Each email contains an unsubscribe link.

10. Security

• We use encrypted connections (HTTPS), restricted access rights, and regular backups.
• We follow the principle of “need-to-know” and have internal procedures in place for handling potential incidents.

11. Customer-Provided Print Files

• AS Pajo provides printing services based on files submitted by the customer.
• We do not collect or process any personal data contained in print files for purposes other than what is strictly necessary to fulfil the order (e.g., file check, layout, printing).
• We are not responsible for the content of the print files, including the accuracy or legality of any personal data. Responsibility lies with the customer.
• If files contain personal data, the customer confirms they have a lawful basis (e.g., consent) for such processing.
• Files may be opened and viewed by technical staff only to the extent necessary to complete the order.

12. Contact

13. Policy Updates

AS Pajo may update this Policy from time to time. The latest version will always be published on our Website.