Privacy Policy - Lion Ragtime

The provider of the website, as laid out in the terms and conditions, is responsible for compliance with any applicable data protection laws, especially the EU General Data Protection Regulation that applies to citizens of the EU.

General Information

According to the GDPR, each person has the right to protection of their privacy and the right to protection against the misuse of the personal data. The provider of this website takes the protection of your personal data seriously, and we treat it with utmost confidentiality, in accordance with the legal data protection regulations, as well as this privacy policy.

In cooperation with our hosting provider, we take measures to protect your data against unauthorised access, loss, misuse and falsification. However, data transmission on the Internet is prone to security gaps and the complete protection of data against third party access is not possible.

By using this website, you consent to the collection, processing and use of personal data as described below. This website can be visited without registration. Anonymous use data such as the pages and files visited, and the date and time of access are stored on the server for security purposes and for statistical analysis. This data is not directly related to you as a person or individual.

Personal data, in particular, name, address and e-mail address, are collected on a voluntary basis and will not be passed on to third parties without your consent.

Processing of Personal Data

Personal data is any information relating to an identified or identifiable person. A data subject is a person about whom personal data is processed. Processing includes any handling of personal data, regardless of the means and procedures used, in particular the storage, disclosure, acquisition, deletion, storage, modification, destruction and use of personal data.

We process personal data in accordance with European data protection law. Furthermore, we process personal data in accordance with the following legal bases in connection with Art. 6 para. 1 DSGVO – insofar as and to the extent that the EU-DSGVO is applicable:

Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO) – The data subject has given his/her consent to the processing of personal data relating to him/her for a specific purpose or purposes.
Performance of a contract and pre-contractual enquiries (Art. 6 para. 1 p. 1 lit. b. DSGVO) – Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request.
Legal obligation (Art. 6 para. 1 p. 1 lit. c. DSGVO) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
Protection of vital interests (Art. 6 para. 1 p. 1 lit. d. DSGVO) – Processing is necessary to protect the vital interests of the data subject or another natural person.
Legitimate interests (Art. 6 para. 1 p. 1 lit. f DSGVO) – Processing is necessary to protect the legitimate interests of the controller or a third party, unless such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data.
Application procedure as a pre-contractual or contractual relationship (Art. 9(2)(b) GDPR) – Insofar as special categories of personal data within the meaning of Art. 9(1) GDPR (e.g. health data, such as severely disabled status or ethnic origin) are requested from applicants in the context of the application procedure so that the controller or the data subject can exercise the rights accruing to him or her under labour law and social security and social protection law and fulfil his or her obligations in this respect, they are processed in accordance with Art. 9(2)(b) GDPR. If the data protection officer or the data subject asks for data from job applicants (e.g. health data, such as severely disabled person or ethnic origin) so that the data protection officer or the data subject can exercise his or her rights under labour law and social security law and fulfil his or her obligations in this respect, the data is processed in accordance with Article 9(2)(b) of the GDPR. DSGVO, in the case of the protection of vital interests of the applicants or other persons pursuant to Art. 9 para. 2 lit. c. DSGVO or for the purposes of preventive health care or occupational medicine, for the assessment of the employee’s fitness for work, for medical diagnostics, care or treatment in the health or social sector or for the management of systems and services in the health or social sector pursuant to Art. 9 para. 2 lit. h. DSGVO. In the case of a communication of special categories of data based on voluntary consent, their processing is based on Art. 9 para. 2 lit. a. DSGVO.

We process personal data for the period of time required for the respective purpose or purposes. In the case of longer-term retention obligations due to legal and other obligations to which we are subject, we restrict processing accordingly.

Relevant Legal Basis

In accordance with Art. 13 DSGVO, we inform you of the legal basis for our data processing. If the legal basis is not stated in the data protection declaration, the following applies: The legal basis for obtaining consent is Art. 6(1)(a) and Art. 7 DSGVO, the legal basis for processing to fulfil our services and carry out contractual measures and respond to enquiries is Art. 6(1)(b) DSGVO, the legal basis for processing to fulfil our legal obligations is Art. 6(1)(c) DSGVO, and the legal basis for processing to protect our legitimate interests is Art. 6(1)(f) DSGVO. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DSGVO serves as the legal basis.

Security Measures

We take appropriate technical and organisational measures in accordance with the law, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.

The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as access to, entry into, disclosure of, assurance of availability of and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, the deletion of data and responses to data compromise. Furthermore, we take the protection of personal data into account in the development or selection of hardware, software and procedures in accordance with the principle of data protection, through technology design and through data protection-friendly default settings.

Transmission of Personal Data

In the course of our processing of personal data, the data may be transferred to or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of this data may include, for example, service providers commissioned with IT tasks or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and, in particular, conclude appropriate contracts or agreements that serve to protect your data with the recipients of your data.

Data processing in Third Countries

If we process data in a third country (i.e., outside the European Union (EU), the European Economic Area (EEA)) or the processing takes place in the context of using third-party services or disclosing or transferring data to other persons, entities or companies, this will only be done in accordance with legal requirements.

Subject to express consent or contractually or legally required transfer, we process the data only in third countries with a recognised level of data protection, contractual obligation through so-called standard protection clauses of the EU Commission, in the presence of certifications or binding internal data protection regulations (Art. 44 to 49 DSGVO, information page of the EU Commission: https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection_de).

Privacy Policy for Cookies

This website uses cookies. Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer. A cookie is primarily used to store information about a user during or after their visit within an online service. Stored information may include, for example, language settings on a website, login status, a shopping cart or where a video was watched. The term cookies also includes other technologies that perform the same functions as cookies (e.g. when user details are stored using pseudonymous online identifiers, also known as “user IDs”).

The following cookie types and functions are distinguished:

Temporary cookies (also: session cookies): Temporary cookies are deleted at the latest after a user has left an online offer and closed his browser.
Permanent cookies: Permanent cookies remain stored even after the browser is closed. For example, the login status can be saved or preferred content can be displayed directly when the user visits a website again. Likewise, the interests of users used for range measurement or marketing purposes can be stored in such a cookie.
First-party cookies: First-party cookies are set by ourselves.
Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) to process user information.
Necessary (also: essential or absolutely necessary) cookies: Cookies may be absolutely necessary for the operation of a website (e.g. to save logins or other user entries or for security reasons).
Statistical, marketing and personalisation cookies: Furthermore, cookies are usually also used in the context of range measurement and when a user’s interests or behaviour (e.g. viewing certain content, using functions, etc.) on individual websites are stored in a user profile. Such profiles are used, for example, to show users content that matches their potential interests. This procedure is also referred to as “tracking”, i.e. tracking the potential interests of users. Insofar as we use cookies or “tracking” technologies, we will inform you separately in our data protection declaration or in the context of obtaining consent.

Notes on legal bases: The legal basis on which we process your personal data using cookies depends on whether we ask you for consent. If this is the case and you consent to the use of cookies, the legal basis for the processing of your data is the consent given. Otherwise, the data processed with the help of cookies is processed on the basis of our legitimate interests (e.g. in the business operation of our online offer and its improvement) or, if the use of cookies is necessary to fulfil our contractual obligations.

Storage period: Unless we provide you with explicit information on the storage period of permanent cookies (e.g. in the context of a so-called cookie opt-in), please assume that the storage period can be up to two years.

General information on revocation and objection (opt-out): Depending on whether the processing is based on consent or legal permission, you have the option at any time to revoke any consent you have given or to object to the processing of your data by cookie technologies (collectively referred to as “opt-out”). You can initially declare your objection by means of your browser settings, e.g. by deactivating the use of cookies (whereby this may also restrict the functionality of our online offer). An objection to the use of cookies for online marketing purposes can also be declared by means of a variety of services, especially in the case of tracking, via the https://optout.aboutads.info and https://www.youronlinechoices.com/ websites. In addition, you can obtain further instructions on how to object within the scope of the information on the service providers and cookies used.

Processing of cookie data on the basis of consent: We use a cookie consent management procedure in which the consent of users to the use of cookies, or to the processing and providers mentioned in the cookie consent management procedure, can be obtained and managed and revoked by users. The declaration of consent is stored in order not to have to repeat the request and to be able to prove the consent in accordance with the legal obligation. The storage can take place on the server side and/or in a cookie (so-called opt-in cookie or with the help of comparable technologies) in order to be able to assign the consent to a user or their device. Subject to individual information on the providers of cookie management services, the following information applies: The duration of the storage of consent can be up to two years. A pseudonymous user identifier is created and stored with the time of consent, information on the scope of consent (e.g. which categories of cookies and/or service providers) and the browser, system and end device used.

Types of data processed: Usage data (e.g. web pages visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
Data subjects: Users (e.g. website visitors, users of online services).
Legal basis: Consent (Art. 6 para. 1 p. 1 lit. a. DSGVO), Legitimate Interests (Art. 6 para. 1 p. 1 lit. f. DSGVO).

Privacy Policy for SSL/TLS Encryption

This website uses SSL/TLS encryption for security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator. You can recognise an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Privacy Policy for Contact Form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you have provided there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.

Privacy Policy for Newsletter Data

If you would like to receive the newsletter offered on this website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data will be collected. We use this data exclusively for sending the requested information and do not pass it on to third parties.

You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe link” in the newsletter.

Services Subject to a Charge

For the provision of chargeable services, we request additional data, such as payment details, in order to be able to execute your order. We store this data in our systems until the statutory retention periods have expired.

External Payment Service Providers

This website uses third-party payment service providers for managing and processing transactions. These service providers may include:

Visa (https://www.visa.de/nutzungsbedingungen/visa-privacy-center.html)
Mastercard (https://www.mastercard.ch/de-ch/datenschutz.html)
American Express (https://www.americanexpress.com/de/legal/online-datenschutzerklarung.html)
Paypal (https://www.paypal.com/de/webapps/mpp/ua/privacy-full)
Apple Pay (https://support.apple.com/de-ch/ht203027)
Woopayments (https://automattic.com/privacy/)
Stripe (https://stripe.com/en-de/privacy)
MyCryptoCheckout (https://mycryptocheckout.com/privacy-policy/) etc.

In the context of the performance of contracts, we use the payment service providers on the basis of Art. 6 para. 1 lit. b. EU-DSGVO. Furthermore, we use external payment service providers on the basis of our legitimate interests and, where necessary, in accordance with Art. 6 para. 1 lit. f. EU-DSGVO in order to offer our users effective and secure payment options.

The data processed by the payment service providers include inventory data, such as the name and address, bank data, such as account numbers or credit card numbers, passwords, TANs and checksums, as well as the contract, totals and recipient-related information. The information is required to carry out the transactions. However, the data entered is only processed by the payment service providers and stored with them. We as the operator do not receive any information about your (bank) account or credit card, but only information to confirm (accept) or reject the payment. Under certain circumstances, the data may be transmitted by the payment service providers to credit agencies. The purpose of this transmission is to check identity and creditworthiness. Please refer to the terms and conditions and data protection information of the payment service providers.

The terms and conditions and data protection notices of the respective payment service providers apply to the payment transactions and can be accessed within the respective website or transaction applications. We also refer to these for further information and the assertion of revocation, information and other data subject rights.

Newsletter – Mailchimp

The newsletter is sent using the mailing service provider ‘MailChimp’, a newsletter mailing platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA. You can view the privacy policy of the mailing service provider here. The Rocket Science Group LLC d/b/a MailChimp is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with the European level of data protection (PrivacyShield). The shipping service provider is used on the basis of our legitimate interests pursuant to Art. 6 para. 1 lit. f DSGVO and an order processing agreement pursuant to Art. 28 para. 3 p. 1 DSGVO.

The dispatch service provider may use the data of the recipients in pseudonymous form, i.e. without assignment to a user, to optimise or improve its own services, e.g. to technically optimise the dispatch and presentation of the newsletter or for statistical purposes. However, the dispatch service provider does not use the data of our newsletter recipients to write to them itself or to pass the data on to third parties.

Privacy Policy for YouTube

Functions of the “YouTube” service are integrated on this website. “YouTube” is owned and operated by Google Ireland Limited, a company incorporated under the laws of Ireland with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which operates the services in the European Economic Area and Switzerland.

Your legal agreement with “YouTube” consists of the terms and conditions found at the following link: https://www.youtube.com/static?gl=de&template=terms&hl=de. These terms constitute a legally binding agreement between you and YouTube regarding your use of the Services. Google’s privacy policy explains how YouTube treats and protects your personal data when you use the service.

Order Processing in the Online Shop with a Customer Account

We process the data of our customers in accordance with the data protection regulations of the federal government (Data Protection Act, DSG) and the EU-DSGVO, within the framework of the order processes in our online shop, in order to enable them to select and order the selected products and services, as well as their payment and delivery, or execution.

The data processed includes master data (inventory data), communication data, contract data, payment data and the persons affected by the processing include our customers, interested parties and other business partners. The processing is carried out for the purpose of providing contractual services within the scope of operating an online shop, billing, delivery and customer services. In this context, we use session cookies, e.g. for storing the contents of the shopping cart, and permanent cookies, e.g. for storing the login status.

The processing is based on Art. 6 Para. 1 lit. b (execution of order transactions) and c (legally required archiving) DSGVO. In this context, the information marked as required is necessary for the justification and fulfilment of the contract. We disclose the data to third parties only within the scope of delivery, payment or within the scope of legal permissions and obligations. The data is only processed in third countries if this is necessary for the fulfilment of the contract (e.g. at the customer’s request for delivery or payment).

Users can optionally create a user account, in which they can view their orders in particular. As part of the registration process, users are provided with the required mandatory information. The user accounts are not public and cannot be indexed by search engines, e.g. Google. If users have cancelled their user account, their data with regard to the user account will be deleted, subject to their retention being necessary for reasons of commercial or tax law in accordance with Art. 6 Para. 1 lit. c DSGVO. Information in the customer account shall remain until it is deleted and subsequently archived in the event of a legal obligation. It is the responsibility of the users to save their data in the event of termination before the end of the contract.

Within the scope of registration and renewed logins as well as the use of our online services, we store the IP address and the time of the respective user action. The storage is based on our legitimate interests as well as those of the users in protection against misuse and other unauthorised use. As a matter of principle, this data is not passed on to third parties unless it is necessary for the pursuit of our claims or there is a legal obligation to do so in accordance with Art. 6 Para. 1 lit. c DSGVO.

The deletion takes place after the expiry of legal warranty and comparable obligations, the necessity of keeping the data is reviewed at irregular intervals. In the case of statutory archiving obligations, deletion takes place after their expiry.

Note on Data Transfer to the USA

Third-party tools from companies based in the USA (e.g. Stripe, PayPal, YouTube, among others) are embedded in our website. When these tools are active, your personal data may be transferred to the US servers of the respective companies. We would like to bring to your attention that the USA is not a safe third country in the sense of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate and permanently store your data located on US servers for monitoring purposes. We have no influence on these processing activities.

Copyrights

The copyright and all other rights to the content, images, photos or other files on the website belong exclusively to the operator of this website or to the specifically named copyright holders. The written consent of the copyright holder must be obtained in advance for the reproduction of any files. Anyone who commits a copyright infringement without the consent of the respective copyright holder may be liable to prosecution and possibly to damages. The use of copyrighted material by artificial intelligence, or automatic processing tools is prohibited and also liable to prosecution, and where possible damages.

General Disclaimer

All information on our website has been carefully checked. We make every effort to ensure that the information we provide is up-to-date, correct and complete. Nevertheless, the occurrence of errors cannot be completely ruled out, which means that we cannot guarantee the completeness, correctness and up-to-dateness of information, including journalistic and editorial information. Liability claims regarding damage caused by the use of any information provided, including any kind of information which is incomplete or incorrect, will therefore be rejected.

The publisher may change or delete texts at its own discretion and without notice and is not obliged to update the contents of this website. Use of or access to this website is at the visitor’s own risk. The publisher, its principals or partners are not responsible for damages, such as direct, indirect, incidental, consequential or punitive damages, allegedly caused by the use of this website and consequently assume no liability for such damages.

The publisher also accepts no responsibility or liability for the content and availability of third-party websites that can be accessed via external links on this website. The operators of the linked sites are solely responsible for their content. The publisher thus expressly distances itself from all third-party content that may be relevant under criminal or liability law or that may offend common decency.

Changes

We may amend this privacy policy at any time without prior notice. The current version published on our website will apply. Insofar as the data protection declaration is part of an agreement with you, we will inform you of the change by e-mail or other suitable means in the event of an update.

Questions for the Data Protection Officer

If you have any questions about data protection, please write us an email or contact the data protection officer in our organisation listed at the beginning of this privacy policy directly.