Terms, Conditions and Privacy

Terms and Conditions

Valid from 01.03.2016

PME Store


Pinnacle Helsinki Ltd / PME Store (Business ID 2416238-9) sells products to adult individuals in Finland and the EU. Product prices include VAT 24%, books 10%. In addition to the price of the product, we charge the shipping cost.


We reserve the right to change prices and shipping costs.


How to order

Products are ordered on the webshop by transferring them to the shopping cart and paying for the shopping cart with the payment method of your choice. Customer information is treated confidentially. Contact information is not used for any purpose other than delivery of the order or clarification of any ambiguity therein. When ordering from an online store, you are required to familiarize yourself with the current terms of delivery.


PME Store's packages are delivered by Finland Post. Please note that Post will keep the packages for 7 days after the package arrives at Post office on October 1, 2017. The package delivery time is about 2-10 business days.




This privacy statement describes how Pinnacle Helsinki Ltd (business ID 2416238-9) handles personal information; what personal information the company collects, for what purposes the information is used and to whom the information may be disclosed and how the data subject may influence the processing.


The Company protects the privacy of the data subject and respects the EU General Data Protection Regulation (2016/679) (the “Data Protection Regulation”) and other applicable data protection legislation and good data processing practices.


'Personal data' means all information relating to a natural person ('registered') which can be directly or indirectly identified by him as defined in the Data Protection Regulation. Registrar and Data Protection Officer


Registrar: Pinnacle Helsinki Ltd (Alina Tähtinen), Business ID 2416238-9


Registrar's contact information: store@pmerecords.fi


Purposes of the processing of personal data and legal basis for processing

Personal information is processed for the following purposes:


Ordering the company's products and services

services, production, maintenance, development and quality assurance

to ensure the safety of services and prevent and detect abuse to fulfill their legal obligations.

Product development

Marketing and Marketing Targeting Customers and Potential Customers risk management and prevention of abuse.

Legal grounds for processing personal data:


The legal basis for the processing of registered personal data is primarily the contractual relationship between the Company and the data subject. The processing of personal data is also based on statutory obligations such as accounting obligations, customer knowledge obligations and statutory reporting obligations. The treatment of customer relationship management and direct marketing is based on the Company's legitimate interest.


Personal data groups to be processed and data content and data sources

The Company will only collect personal data from those who are relevant and necessary for the purposes described in this Privacy Statement.


The following information will be processed from the register:


-Personal Data Group


-Examples of information content




-Registered name, address, phone number, email address.


-Customer relationship information


-Account number, billing and payment details, and other customer relationship specific information.


-Customer transaction information, contract and product information


Information about the agreement between the Company and the data subject, product and order information and customer feedback, as well as contact and complaints between the registered and the Company.


Consent and prohibitions granted by the data subject


Information on the data subject's consent to direct marketing and consent to the processing of personal data and information on the withdrawal of the above-mentioned consents and prohibitions issued by the data subject.


Behavioral and Technical Identification Information


Tracking registered online behavior and Company services, for example, using cookies or similar technical identifiers. The information to be collected can be, for example, the user's IP address, the pages used, the browser type, the web address, the time and duration of the session.


Personal information, the disclosure of which is necessary for the performance of the Company's and the Registered's obligations under the Agreement and / or legislation and for the provision of the Company's services, shall be notified to the data subject in each connection.


Primarily, personal information is collected from the registered ones or the company represented by the data subject, for example, when making a bid, entering into a customer agreement or during a customer relationship, marketing, or through forms on the website. The data subject may also have provided information to the Company, for example in connection with a competition or lottery, in connection with the use of websites, or by ordering an electronic newsletter.


Personal data may also be collected from the entity on whose behalf the registered person acts. In addition, the information may be collected and updated in registers maintained by third parties, such as the Population Register Center, the Trade Register and the Credit Registers of Credit Agencies, in circumstances permitted by law.


Retention of personal data

The Company retains personal data for as long as is necessary for the purposes specified in the Privacy Statement, unless the law obliges you to keep personal data longer (for example, responsibilities and obligations related to specific legislation, accounting obligations, or reporting obligations), or unless the Company needs information to establish, present, or defend a legal claim or settle a similar disagreement.


The data retention period and the retention criteria vary by personal data group depending on the intended use of a particular personal data group.


Personal data is processed for the duration of the customer and contractual relationship and the required time after the termination of the customer and contractual relationship.


Information about potential customers is mainly kept for 24 months.


In the case of the Communities, the retention of the personal data of the data subject is linked to the length of time for which the data subject acts as the representative of the Community towards the Company. Personal data will be removed within a reasonable time after the end of that role.


If personal data is no longer needed as defined above, the data will be deleted within a reasonable time, unless the Company is obliged by law to retain the data for a longer period of time.


Recipients of personal data

In accordance with this privacy statement, the company may outsource the processing of personal data to service providers or subcontractors. With sufficient contractual obligations, the company ensures that personal data is processed properly and lawfully.


The following entities are involved in the processing of personal data:


Paytrail Oyj

Personal data will not be disclosed for direct marketing purposes, opinion and market research, and other similar reports.


Personal data may, in special cases, be disclosed to authorities in situations that are legally binding and justified.


In addition, the Company may, in emergencies or other unexpected situations, be required to disclose the personal data of registered persons to protect the life and health of persons and property. In addition, the Company may need to disclose the personal data of the registered parties if the Company is involved in legal proceedings or other dispute resolution proceedings.


If the Company is involved in a merger, business transaction or other business transaction, it may have to disclose the personal data of the registered parties to third parties. Registered privacy is also secured by things. arrangements are duly notified to the data subject, if necessary.


Disclosure of information to a third party is mainly through electronic data transmission connections, but the information may also be provided by other means, such as telephone or letter.


Transfer of personal data outside the EU / EEA

Personal data are not transferred outside the European Union or the European Economic Area.


Principles of personal data protection and security of processing

The Company handles personal information in a manner that seeks to ensure the proper security of personal information, including protection against unauthorized processing, accidental loss, destruction or damage.


The company uses appropriate technical and organizational safeguards to safeguard this, including the use of firewalls, encryption technologies, secure device facilities, proper access control and access control, guidance and agreements for personnel involved in the processing of personal data, and subcontractors.


Contracts and other documents kept in the form of originals shall be kept in locked premises, the right of access of which is restricted to authorized persons.


All parties handling personal data have a duty of confidentiality on matters related to the processing of personal data registered on the basis of the Employment Contracts Act and the agreement secrecy.


Registered Rights

Right of access to information and right of access


The data subject has the right to receive confirmation of the personal data of the data subject.


The data subject has the right to check and see the information concerning him / herself and, upon request, the right to receive the information in writing or in electronic form.


Right of rectification and deletion of data


The data subject has the right to demand the correction of incorrect or inaccurate information. In addition, the data subject has the right to request the deletion of their data.


The controller also removes, corrects, and replenishes personal information that is erroneous, unnecessary, incomplete, or outdated for the purpose of the processing it has detected.


Right to transfer data, limit processing and oppose processing


The data subject has the right to request the transfer of his data to another registrar.


In addition, the data subject has the right, under the conditions laid down in the data protection law, to request the restriction of the processing of personal data.


The data subject has the right to oppose the use of the data for a particular treatment. The data subject has the right to prohibit the disclosure and processing of his / her data for direct marketing.


Right to cancel consent


If the processing of personal data is based on the user's explicit consent, the data subject has the right to withdraw his / her consent to the processing of his or her data. Cancellation has no effect on the previous processing of the cancellation.


Enforcement of rights


Requests for registered rights are made electronically and addressed to the Data Protection Officer listed in this privacy statement. The identity is checked before the information is provided. The request for verification shall be answered within a reasonable time and, as far as possible, within one month of the request and the verification of the identity.


If the data subject's request cannot be accepted, the refusal shall be notified in writing to the data subject.


Right to appeal to the Supervisory Authority

The data subject has the right to file a complaint with the data protection authority if the data subject considers that his / her personal data have been processed in violation of applicable legislation.


Change to privacy statement

The company is constantly developing its services and may need to modify and update this privacy statement as necessary. Changes can also be based on a change in data protection legislation. We recommend that you regularly review the content of this Privacy Statement. Significant changes are reported to the registered.


The Privacy Statement is published on May 24, 2018



General information about cookies

We use cookies on our website to improve the site's user experience. Cookies are short text files that the web server stores on the user's terminal. After saving, the browser sends the data back to the server as part of the request. This allows the service site to recognize and track web browsers.


Cookies tell us how users use our website. We may use cookies to develop our services and website, analyze website usage, and target and optimize marketing. The user of the website may give his consent or deny the use of cookies in the settings of his web browser.


Of cookies

There are two main types of cookies: session cookies and persistent cookies:


Session cookies will disappear from the computer as soon as the browser is closed.


Permanent cookies remain stored on your computer until they are removed or expired.


Used cookies

site cookies for the following purposes:


-to gather information about the user using Google Analytics tools

-to share content with Facebook

-suggestions to the user if this has previously been on the site

-identifying the user when logging in; anonymous users will not receive this cookie

-to save the selected language to the cookie

We also use the AdWords service to track purchase decisions and re-target your ads. These are third-party cookies, the validity of which is from 90 to two years.

Third-party cookies

Google Analytics

We use Google Analytics to analyze website usage. Google Analytics provides statistics and other information about the use of the website through cookies stored on users' computers. The information gathered from the Website is used to compile reports on the use of the Website. Here's a brief look at what Google's cookies do:


-determining the domain to be tracked

-separation of individual users

-remembering the number and date of previous visits

-remembering traffic source information

-determining the start and end of the session

-remembering the value of custom variables for the visitor level.

Google records and uses this information for 30 minutes to two years, depending on the type of cookie.


Google's Privacy Policy is available at http://www.google.com/privacypolicy.html


Allow cookies

Most web browsers automatically allow cookies.


By using the site and accepting this policy, you consent to the use of cookies in accordance with the cookie policy document.


Blocking cookies

For instructions on how to prevent cookies, please visit your browser's help pages:


Chrome (https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=en_US)

Firefox (https://support.mozilla.org/en/kb/support-breakdown)

Internet Explorer (https://support.microsoft.com/fi/help/17442/windows-internet-explorer-delete-manage-cookies)

Safari (https://support.apple.com/english/HT201265)

Blocking cookies is hampering the usability of some websites.

RePack 30.11.2020

PME STORE offers to ship orders with help of the returnable and reusable packaging service RePack (a service provided by Original RePack Ltd.). RePack service includes the delivery of the order in reusable packaging (the Packaging) and the delivery of a reward for using and/or returning the Packaging to RePack. To deliver the reward PME STORE shares the customer's email address and the individual identifier of the Packaging with RePack. RePack provides the customer with a personalised web link directing the customer to an online marketplace where the customer can select a personal shopping voucher or similar offering. RePack provides the delivery of the reward web link and of the shopping voucher as a processor on behalf of PME STORE. Legal basis for reward communication is the fulfillment of a contract as the reward is part

of the services by PME STORE. RePack is obliged on data protection by a data processing agreement in accordance with the EU General Data Protection Regulation (GDPR).