Privacy policy

Last updated: 10.06.2026 
Scope: www.leonite.ch and the associated online shop, hereinafter referred to as the “Website” or “Online Shop”

1. CONTROLLER 

E-COMMERCE TAVIC (sole proprietorship), trading under the brand "LEONITE®"
Weiherstrasse 17
CH-5015 Erlinsbach 

Tel.: +41 79 646 53 13
Email: support@leonite.ch
Website: https://leonite.ch 

Registered in the Commercial Register of the Canton of Solothurn.
UID: CHE-402.414.024

Owner and authorized representative: Stjepan Tavic

2. PURPOSE OF THIS PRIVACY POLICY

This Privacy Policy informs you, in accordance with Art. 19 of the Swiss Federal Act on Data Protection (FADP), about the nature, purpose, and scope of the processing of your personal data when you visit our Website and use our services, in particular when shopping in our Online Shop.

This Privacy Policy serves transparency and traceability of data processing. It explains which data we collect, for what purpose, and how we process it. This also includes data processed through third-party providers used by us, for example Shopify, payment and shipping service providers, and marketing tools such as TikTok.

We obtain legally required consent only where it is actually necessary, for example for non-essential cookies or analytics and marketing tools.

3. PERSONAL DATE WE PROCESS

Source of the data: We receive most personal data directly from you, for example during checkout or when you contact us. In addition, we receive data from service providers used by us, for example payment providers and logistics companies, as well as from the technical use of our Website, for example server logs, analytics tools, or marketing tools.

Categories of personal data:

·       Master data: name, addresses, contact details

·       Order and contract data: shopping cart, orders, delivery and billing data, payment status

·       Payment data: payment method, transaction IDs/tokens — no complete card data is stored by us, as processing is carried out through payment service providers

·       Communication data: inquiries, emails, correspondence

·       Usage and technical data: IP address, protocols/logs, browser and device information, access times

·       Analytics and marketing data: information collected through tools such as TikTok Pixel, Shopify statistics, or comparable services, for example click behavior, viewed products, and conversions

4. PURPOSES AND LEGAL BASIC OF DATA PROCESSING

We process personal data in particular for the following purposes:

·       to provide our Website and Online Shop

·       to process orders and contracts

·       to process payments

·       to deliver goods

·       to handle inquiries and customer communication

·       to ensure IT security and prevent misuse or fraud

·       to fulfill legal obligations

·       to analyze, improve, and economically optimize our offering

·       for marketing purposes, insofar as this is legally permissible

Where required under applicable data protection law, we base the processing in particular on the following legal bases:

·       the implementation of pre-contractual measures and the performance of a contract

·       compliance with legal obligations

·       our overriding interests, in particular in providing our offering in a secure, efficient, and customer-friendly manner

·       your consent, in particular for optional cookies and the use of certain analytics and marketing tools

As a rule, we do not process sensitive personal data within the meaning of the Swiss Federal Act on Data Protection, unless this is exceptionally legally permissible or initiated by you.

5. HOSTING / SHOP-PLATTFORM (SHOPIFY)

Our Online Shop is operated via Shopify. The provider of the shop platform is Shopify International Limited, Victoria Buildings, 1-2 Haddington Road, Dublin 4, D04 XN32, Ireland. Depending on the processing activity, data may also be processed by other Shopify companies, in particular Shopify Inc., Canada. Shopify provides the technical infrastructure, hosting, and functions required to operate our Online Shop.

Shopify generally processes personal data on our behalf insofar as this is necessary for the provision and operation of our Online Shop. For individual functions or so-called enhanced services, however, Shopify may also be independently responsible under data protection law, in particular where data is used to provide, develop, or improve platform-related services, analytics, or security functions.

In connection with the use of Shopify, personal data may also be processed in countries outside Switzerland, in particular in Canada, Ireland, the USA, or other countries in which Shopify or its subprocessors operate.

Further information can be found at:

·       Shopify Privacy Policy: https://www.shopify.com/legal/privacy

·       Shopify Data Processing Addendum: https://www.shopify.com/legal/dpa

·       Shopify Privacy Portal: https://privacy.shopify.com

The data protection agreements required for commissioned data processing are in place with Shopify insofar as Shopify processes personal data on our behalf.

6. WEBSITE VISIT

When you use our Website for purely informational purposes, meaning if you do not otherwise provide us with information, technical data required for operating the Website is automatically collected. This includes in particular:

·       pages or URLs accessed

·       date and time of access

·       amount of data transferred

·       referrer URL

·       information about browser, operating system, and device

·       IP address

·       status messages relating to the request

This data is processed to ensure the technical operation, stability, and security of our Website, to analyze errors, and to prevent misuse.

Processing takes place via the infrastructure of our shop platform Shopify, see Section 5.

Where server log files are stored, this is generally done only for as long as required for the purposes mentioned, usually for a maximum of 30 days. Longer storage only takes place where this is necessary to investigate security incidents, misuse, or technical errors.

In addition, cookies and similar technologies may be used. Information on this and on optional analytics and marketing tools can be found in the following sections.

7. COOKIES, ANALYSTICS, AND MARKETING TOOLS 

Our Website uses cookies and comparable technologies. Cookies are small text files that are stored on your device and contain certain information. Some are used for the technical provision and security of our Online Shop, while others are used to analyze usage and for marketing purposes.

We distinguish between:

·       technically required cookies and technologies that are necessary for the operation of the shop, security functions, the shopping cart, checkout, or the storage of your privacy settings

·       optional analytics and marketing technologies that help us understand user behavior, measure the performance of our shop, and optimize advertising

We only use non-technically required cookies and comparable technologies if you have given us your express consent. You can withdraw or adjust your consent at any time with effect for the future via the cookie banner or the corresponding settings.

Shopify cookies and shop functions

As part of the operation of our Shopify Online Shop, Shopify uses technically necessary cookies and similar technologies, in particular to provide the shopping cart, checkout, security, session storage, and consent management. Depending on the configuration, Shopify’s own analytics or statistics functions may also be used.

Where such functions are not technically required, they are used only on the basis of your consent.

TikTok Pixel / TikTok Events API

If you have given your consent, we use marketing and analytics tools from TikTok, in particular the TikTok Pixel and, where applicable, the TikTok Events API. These tools allow interactions in our Online Shop to be recorded, such as page views, product views, shopping cart actions, or purchases. This serves to measure the effectiveness of our advertising measures, create target groups, and optimize our advertising.

In particular, the following data may be processed:

·       IP address

·       device and browser information

·       pages accessed and timestamps

·       interactions in the Online Shop

·       pseudonymized identifiers such as cookie IDs or similar identifiers

·       purchase-related events and conversion data

TikTok may also process some of the data collected for its own purposes as an independent controller. It cannot be ruled out that data may also be transferred to countries outside Switzerland, in particular to the USA or other third countries.

Further information on processing by TikTok can be found in TikTok’s privacy notices.

8. GOOGLE reCAPTCHA

Where Google reCAPTCHA is used on our Website, this serves to protect our Online Shop against abusive automated entries, spam, and other abusive access. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Data may also be transferred to Google LLC in the USA. Google describes reCAPTCHA as a service for protection against spam and abuse; a necessary cookie may be set in this context.

In connection with the use of reCAPTCHA, the following data in particular may be processed:

·       IP address

·       information about browser and operating system

·       referrer URL

·       date and duration of the visit

·       mouse movements, keyboard entries, or other interaction data, insofar as technically recorded by the service

·       security-related assessment data to distinguish between human users and bots

The service is used to ensure the security of our Website and to prevent abusive or automated access. Where reCAPTCHA is technically required, it is used on the basis of our overriding interest in the secure operation of our Online Shop. Where additional non-essential cookies or comparable technologies are used in individual cases, this is done only on the basis of your consent.

Further information can be found in Google’s privacy notices.

9. ORDER, PAYMENT AND SHIPPING

When you place an order in our Online Shop, we process the personal data required to perform the contract. This includes in particular:

·       information about the products ordered

·       shopping cart and order data

·       billing and delivery address

·       name and contact details

·       communication data

·       payment status and transaction-related information

Processing is carried out for the purpose of contract performance, delivery, customer support, fraud prevention, warranty handling, and compliance with legal obligations.

Payment processing: We offer various payment methods. Payment processing is carried out via external payment service providers. Only the data required for payment processing, authorization, fraud prevention, and transaction documentation is transmitted.

Shopify Payments / local payment methods: If you select a payment method via Shopify Payments, payment processing is carried out via Shopify Payments and, where applicable, via one or more payment processors used by Shopify. This applies in particular to card payments and — if offered and selected at checkout — Apple Pay, Google Pay, and Klarna. In particular, the following data may be transmitted and processed:

·       name 

·       billing and delivery address

·       payment amount and currency

·       payment method-related information

·       transaction ID or token

·       order information

·       fraud prevention information

As a rule, we do not receive complete credit card or bank account details, but only confirmations, status information, and transaction-related details. Processing is carried out for the purpose of payment processing, preventing misuse, and complying with legal obligations. Depending on the specific function, participating payment service providers may also process certain data for their own purposes. Shopify Payments works with one or more payment processors in this regard.

Klarna: If you choose a Klarna payment option, payment processing may be carried out in whole or in part through Klarna. The data required for the selected payment option may be transmitted to Klarna and processed by Klarna in accordance with its own privacy and contractual provisions.

PayPal: If you pay with PayPal, payment processing is carried out through PayPal (Europe) S.à r.l. et Cie, S.C.A., Luxembourg. The data required for payment is transmitted to PayPal. PayPal may also process this data for its own purposes, in particular for identity verification, fraud prevention, and compliance with legal obligations.

Shipping and logistics: To deliver the ordered goods, we transmit the data required for this purpose to the commissioned shipping company, in particular Swiss Post. This usually includes:

·       name

·       delivery address

·       where applicable, email address or telephone number for shipping information

·       shipment-related information

The data is shared exclusively for the purpose of delivery and shipping processing.

10. DISCLOSURE OF DATA ABROAD

As part of our business activities and the use of external service providers, personal data may also be disclosed to recipients abroad or processed there. This concerns in particular providers in Switzerland, the EU/EEA area, Canada, the USA, and, where applicable, other countries.

Data disclosure takes place in particular in connection with hosting, shop operation, payment processing, shipping, analytics, marketing, and support services.

Where, from the perspective of Swiss data protection law, a recipient country has an adequate level of data protection, disclosure takes place on this basis. Canada has a recognized adequate level of data protection for the private sector. Since 15 September 2024, an adequate level of data protection may also exist for certified US companies, provided they are certified under the Swiss-U.S. Data Privacy Framework.

Where there is no legally recognized adequacy decision or a recipient is not appropriately certified, we base the disclosure of data on suitable safeguards, in particular standard contractual clauses, where applicable with Swiss amendments, and — where necessary — additional technical and organizational protective measures.

You may request further information from us regarding the essential safeguards for international data transfers.

11. RETENTION

We retain personal data only for as long as this is necessary for the respective purposes or as required by law.

In particular, the following principles apply:

·       Business and accounting records are generally retained for 10 years in accordance with statutory retention obligations.

·       Technical protocols and server log data are generally stored only for a short period, usually for a maximum of 30 days, unless longer retention is necessary to investigate security or misuse incidents.

·       Data from cookies, analytics, and marketing tools is stored in accordance with the settings of the respective tools, the stored durations, and your consent.

As soon as personal data is no longer required for the stated purposes and there are no statutory retention obligations preventing deletion, it will be deleted or anonymized.

12. YOUR RIGHTS

Within the scope of applicable data protection law, you have in particular the following rights:

·       to request information as to whether we process personal data about you

·       to receive information about the personal data processed

·       to have inaccurate personal data corrected

·       under the statutory conditions, to request the release or transfer of certain personal data in a commonly used electronic format

·       to object to the processing of your personal data or request its restriction, insofar as this is legally provided for

·       to request the deletion or destruction of your personal data, insofar as no legal obligations or overriding interests prevent this

·       to withdraw consent given with effect for the future

To exercise your rights, you may contact us at any time using the contact details provided in Section 17. To protect against misuse, we may request appropriate proof of identity.

If you believe that the processing of your personal data violates data protection law, you may contact the Federal Data Protection and Information Commissioner (FDPIC).

13. DATA SECURITY AND NOTIFICATION OF INCIDENTS

We take appropriate technical and organizational security measures to protect your personal data against unauthorized access, loss, misuse, alteration, or unlawful disclosure.

Our security measures include in particular:

·       encrypted data transmission using TLS/SSL

·       access restrictions and authorization concepts

·       technical protective measures for systems and data

·       regular review, maintenance, and protection of our IT infrastructure

Please note that electronic data transmission over the internet is never completely secure despite appropriate security measures. Absolute protection therefore cannot be guaranteed.

Where our data processing is carried out via external service providers, in particular via Shopify, we ensure that these providers also implement appropriate security measures.

In the event of a data protection breach, we review the incident in accordance with legal requirements and take the necessary measures. Where there is a statutory notification or information obligation, we inform the competent supervisory authority and affected persons to the required extent.

14. MINORS

Our offering is generally addressed to adults. We do not knowingly collect personal data from minors who do not have the required consent of their parents or legal guardians.

If we determine that personal data from minors has been processed unlawfully, we will delete this data or restrict processing within the framework of legal requirements.

Parents or legal guardians who suspect unlawful processing may contact us at any time.

15. THIRD-PARTY WEBSITES AND LINKS

Our Website may contain links to websites, services, or content of third-party providers. The respective provider is solely responsible for data processing on such external websites or by such third-party providers.

We have no influence over their content, security standards, or privacy provisions and accept no responsibility for them.

Please therefore always observe the separate privacy policies and terms of use of the respective third-party providers.

16. AMENDMENT OF THIS PRIVACY POLICY

We may amend this Privacy Policy at any time with effect for the future, in particular if we modify our Website, Online Shop, services, or the data processing activities used, or if legal requirements change.

The current version published on our Website shall apply.

In the event of material changes, we will draw attention to the updated version in an appropriate manner.

17. CONTACT

For questions regarding data protection or to exercise your data protection rights, you may contact us at any time.

Email: support@leonite.ch
Subject: Privacy

Where this is necessary to process your request, we may require appropriate proof of your identity.