Privacy Policy

Last updated: 19 March 2026

Ridesum, Fascia Horse International AB, company registration number 559432-5291, Tingsvägen 17, 191 61 Sollentuna, Sweden (“Ridesum”, “we”, “us”, “our”) values your privacy. This Privacy Policy explains how we process personal data when you use our services, visit our websites, or otherwise interact with us.

This Policy applies to you if you:

  • use Ridesum’s services as a user,

  • offer services through the platform as a trainer or expert,

  • contact us,

  • subscribe to our newsletter,

  • appear in the background of video or image material uploaded to or recorded in the service,

  • visit our websites, including www.ridesum.com and www.ridesum.se.

All processing of personal data is carried out in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

1. Who is the controller?

Ridesum, Fascia Horse International AB, is the controller of the personal data processing described in this Privacy Policy, unless expressly stated otherwise.

Contact details
Email: hello@ridesum.com
Postal address: Ridesum, Fascia Horse International AB, Tingsvägen 17, 191 61 Sollentuna, Sweden

2. What personal data we process

The personal data we process depends on how you use our services.

2.1 Data relating to users

We may process the following personal data about you as a user:

  • name,

  • email address,

  • age or age category,

  • profile picture,

  • content that you upload, share, stream or record in the service, such as video, audio, images, comments and feedback,

  • technical data such as IP address, device identifiers, browser type, operating system, language, network and performance data, and information about how you use the service,

  • booking and activity data within the service,

  • payment-related data such as customer ID, order ID, payment history, receipts, transaction timestamps and other data required to administer payments.

Ridesum seeks not to store more card data than necessary itself. Card payments may be handled by external payment service providers in accordance with their own terms and privacy policies.

2.2 Data relating to trainers and experts

If you use the service as a trainer or expert, we may also process:

  • information about your competence, experience and specialisation,

  • teaching languages,

  • telephone number,

  • geographic information such as country, district, city, address and postal code,

  • payout-related information, such as bank account or other information required to make payments,

  • company name and company registration number if you represent a company,

  • profile text, presentation, pricing information, profile image and other material you upload to the service.

2.3 Data when you contact us

When you contact us by email or otherwise, we process the information you provide in your communication, such as your name, email address and the content of your message.

2.4 Data relating to persons appearing in the background

If individuals are identifiable in the background of video or image material that is streamed, recorded or uploaded through the service, Ridesum may process such personal data to the extent necessary to provide the service.

Users and trainers/experts should, as far as possible, avoid filming or recording other persons in an identifiable manner. If there is a risk that other individuals may appear in a recording, those individuals should be informed.

2.5 Newsletter data

If you subscribe to our newsletter, we process:

  • your email address,

  • information about whether you are a user or trainer/expert, if needed to tailor the content of our communications.

2.6 Health and Fitness Data

Ridesum may collect and process information related to your physical activity and training when you use the Service.

This may include:

  • videos of you riding or training,

  • movement, posture, and performance visible in recorded or streamed sessions,

  • feedback and analysis provided by Trainers/Experts regarding your training.

This information may constitute health-related data or fitness-related data.

Purpose of processing

We process this data in order to:

  • provide training, coaching, and feedback services,

  • enable video-based processing for seat analytics.

Health and fitness data may be shared with the Trainers/Experts you choose to connect with through the Service.

3. How we collect personal data

We collect personal data:

  • directly from you when you register an account, update your profile, make bookings, communicate, upload content or make payments,

  • automatically when you use the service or visit our websites, for example through logs, cookies and similar technologies,

  • from our service providers, such as payment providers, to the extent necessary to administer payments or protect the service,

  • from other users or trainers/experts where this follows from how the service works, for example in recorded or uploaded material.

4. Purposes and legal bases for processing

We process personal data for the following purposes:

4.1 To provide and administer the service

We process personal data to:

  • create and administer user accounts,

  • enable bookings, training sessions, video streaming, content uploads and content storage,

  • provide support and customer service,

  • communicate with you about bookings, reminders, service changes and other important notices.

Legal basis: performance of a contract.

4.2 To manage payments and comply with legal obligations

We process personal data to:

  • administer payments, payouts, receipts and transactions,

  • comply with bookkeeping, tax and other legal obligations.

Legal basis: performance of a contract and compliance with a legal obligation.

4.3 For security, troubleshooting and prevention of misuse

We process personal data to:

  • ensure the technical functionality of the service,

  • detect, prevent and investigate misuse, unauthorised access, fraud and security incidents,

  • enforce our terms and conditions and protect our users and business.

Legal basis: legitimate interests. Our legitimate interest is to provide a secure and well-functioning service.

4.4 To develop and improve the service

We process personal data to analyse how the service is used, troubleshoot issues, improve the user experience and further develop features, models, analyses and technical solutions.

Where possible, we use aggregated, de-identified or pseudonymised data. If personal data is used for development purposes, this is done only to the extent necessary and subject to appropriate safeguards.

Legal basis: legitimate interests. Our legitimate interest is to develop, improve and secure the service.

4.5 For newsletters and marketing

We process personal data to send newsletters and other information about Ridesum’s services, news and offers to users who have chosen to receive such communications.

Legal basis: consent, where consent is required.

You may withdraw your consent or unsubscribe from future communications at any time.

4.6 For processing of background persons in video

If individuals are identifiable in the background of material streamed or recorded through the service, we process such data to the extent necessary to provide the service and to handle any related questions, rights requests or claims.

Legal basis: legitimate interests. Our legitimate interest is to provide the video functionality of the service in an effective manner.

5. Cookies and similar technologies

We use cookies and similar technologies on our websites, including to make the websites work, remember your settings, generate statistics and support marketing activities.

A cookie is a small text file stored on your device. Some cookies are necessary for the website to function properly, while others are used for statistics or marketing purposes.

5.1 Cookie consent

When you visit our websites, you are given the option to choose which cookies you consent to. Your consent applies to the following domains:

You can change or withdraw your consent at any time through our cookie banner or cookie settings.

5.2 Necessary cookies

Necessary cookies help the website function and cannot be switched off in our systems. They are used, for example, for page navigation, secure areas, bot protection and storage of cookie preferences.

We use the following necessary cookies:

Cookiebot

  • CookieConsent – stores the user’s cookie consent state for the current domain. Storage duration: 1 year. Type: HTTP Cookie.

hCaptcha / related providers

  • __cf_bm – used to distinguish between humans and bots. Storage duration: 1 day. Type: HTTP Cookie.

sc-static.net

  • _ScCbts – stores the user’s cookie consent state for the current domain. Storage duration: 7 days. Type: HTTP Cookie.

Ridesum websites

  • _wpfuuid – registers a unique ID for the visitor in order to recognise the visitor upon re-entry. Storage duration: 11 years. Type: HTTP Cookie.

  • wpEmojiSettingsSupports – used for content delivery and presentation, such as displaying fonts, sliders, colour themes and other website settings. Storage duration: session. Type: HTML Local Storage.

5.3 Preference cookies

Preference cookies allow the website to remember information that changes the way the website behaves or looks, such as your preferred language or region.

We currently do not use cookies of this type.

5.4 Statistic cookies

Statistic cookies help us understand how visitors interact with the website by collecting and reporting information relating to use and behaviour.

We use the following statistic cookies:

TikTok

  • _tt_enable_cookie – used to track the use of embedded services. Storage duration: 1 year. Type: HTTP Cookie.

WordPress.com

  • g.gif – registers statistical data on users’ behaviour on the website. Storage duration: session. Type: Pixel Tracker.

sc-static.net

  • u_scsid – registers data on visitors’ website behaviour for analysis and optimisation. Storage duration: session. Type: HTML Local Storage.

  • X-AB – used for multivariate testing and optimisation of content. Storage duration: 1 day. Type: HTTP Cookie.

Statistic cookies are only used where permitted and, where required, only after you have given your consent.

5.5 Marketing cookies

Marketing cookies are used to track visitors across websites in order to display relevant advertisements and measure the effectiveness of marketing.

We use the following marketing cookies:

Meta Platforms, Inc.

  • lastExternalReferrer – detects the last URL-address from which the user reached the website. Storage duration: persistent. Type: HTML Local Storage.

  • lastExternalReferrerTime – records when the user reached the website from an external source. Storage duration: persistent. Type: HTML Local Storage.

  • _fbp – used by Facebook to deliver advertising products, including real-time bidding from third-party advertisers. Storage duration: 3 months. Type: HTTP Cookie.

TikTok

  • tt_appInfo – used to track the use of embedded services. Storage duration: session. Type: HTML Local Storage.

  • tt_pixel_session_index – used to track the use of embedded services. Storage duration: session. Type: HTML Local Storage.

  • tt_sessionId – used to track the use of embedded services. Storage duration: session. Type: HTML Local Storage.

  • _ttp – used to track the use of embedded services. Storage duration: 1 year. Type: HTTP Cookie.

  • ttcsid – used to track visitors across websites in order to present relevant ads. Storage duration: 1 year. Type: HTTP Cookie.

  • ttcsid_# – tracks conversion between users and advertisements. Storage duration: 1 year. Type: HTTP Cookie.

YouTube
We also use cookies and storage technologies in connection with embedded YouTube content, including:

  • __Secure-ROLLOUT_TOKEN – storage duration: 180 days. Type: HTTP Cookie.

  • __Secure-YEC – stores video player preferences. Storage duration: session. Type: HTTP Cookie.

  • __Secure-YNID – storage duration: 180 days. Type: HTTP Cookie.

  • LAST_RESULT_ENTRY_KEY – tracks interaction with embedded content. Storage duration: session. Type: HTTP Cookie.

  • LogsDatabaseV2:V#||LogsRequestsStore – tracks interaction with embedded content. Storage duration: persistent. Type: IndexedDB.

  • remote_sid – necessary for YouTube video functionality. Storage duration: session. Type: HTTP Cookie.

  • ServiceWorkerLogsDatabase#SWHealthLog – necessary for YouTube video functionality. Storage duration: persistent. Type: IndexedDB.

  • TESTCOOKIESENABLED – tracks interaction with embedded content. Storage duration: 1 day. Type: HTTP Cookie.

  • VISITOR_INFO1_LIVE – storage duration: 180 days. Type: HTTP Cookie.

  • YSC – storage duration: session. Type: HTTP Cookie.

  • yt-icons-last-purged – necessary for YouTube video functionality. Storage duration: persistent. Type: HTML Local Storage.

  • ytidb::LAST_RESULT_ENTRY_KEY – tracks interaction with embedded content. Storage duration: persistent. Type: HTML Local Storage.

  • YtIdbMeta#databases – tracks interaction with embedded content. Storage duration: persistent. Type: IndexedDB.

  • yt-remote-cast-available – stores video player preferences. Storage duration: session. Type: HTML Local Storage.

  • yt-remote-cast-installed – stores video player preferences. Storage duration: session. Type: HTML Local Storage.

  • yt-remote-connected-devices – stores video player preferences. Storage duration: persistent. Type: HTML Local Storage.

  • yt-remote-device-id – stores video player preferences. Storage duration: persistent. Type: HTML Local Storage.

  • yt-remote-fast-check-period – stores video player preferences. Storage duration: session. Type: HTML Local Storage.

  • yt-remote-session-app – stores video player preferences. Storage duration: session. Type: HTML Local Storage.

  • yt-remote-session-name – stores video player preferences. Storage duration: session. Type: HTML Local Storage.

sc-static.net / Snapchat-related cookies

  • _schn1 – sets a unique ID for targeted advertising. Storage duration: 1 day. Type: HTTP Cookie.

  • _scid – sets a unique ID for targeted advertising. Storage duration: 13 months. Type: HTTP Cookie.

  • _scid_r – sets a unique ID for targeted advertising. Storage duration: 13 months. Type: HTTP Cookie.

  • _screload – used to measure ad effectiveness and segment visitors. Storage duration: session. Type: HTTP Cookie.

  • u_sclid – sets a unique ID for targeted advertising. Storage duration: persistent. Type: HTML Local Storage.

  • u_sclid_r – sets a unique ID for targeted advertising. Storage duration: persistent. Type: HTML Local Storage.

  • u_scsid_r – sets a unique ID for targeted advertising. Storage duration: session. Type: HTML Local Storage.

  • _schn2 – sets a unique ID for targeted advertising. Storage duration: 1 day. Type: HTTP Cookie.

Marketing cookies are only used where permitted and, where required, only after you have given your consent.

5.6 Unclassified cookies

We currently do not use unclassified cookies.

5.7 Third-party providers and international transfers relating to cookies

Some cookie providers, such as Meta, TikTok and YouTube/Google, may process personal data outside the EU/EEA. Where such transfers take place, we seek to ensure that appropriate safeguards are used in accordance with applicable data protection law.

6. Who we share personal data with

We may share personal data with the following categories of recipients:

  • providers of hosting, storage, communications, analytics, support and security services,

  • payment service providers and payout service providers,

  • providers of video, streaming and communication services,

  • marketing and analytics providers, if you have consented to such processing where required,

  • public authorities, courts or other parties where we are required to do so by law or legal decision,

  • potential buyers or investors in connection with a merger, acquisition, restructuring or transfer of all or part of our business.

When we use suppliers processing personal data on our behalf, we enter into data processing agreements and require appropriate security measures.

7. Transfers outside the EU/EEA

We aim to process personal data within the EU/EEA. However, some suppliers may process personal data outside the EU/EEA.

If personal data is transferred to a country outside the EU/EEA, we ensure that the transfer takes place in accordance with applicable law, for example through:

  • an adequacy decision by the European Commission, or

  • the European Commission’s Standard Contractual Clauses, where relevant supplemented with additional safeguards.

You may contact us if you would like more information about the safeguards used in a specific case.

8. How long we retain personal data

We retain personal data for as long as necessary for the purposes for which it was collected, or for as long as we are required to retain it by law.

This generally means that:

  • account data is retained for as long as your account remains active and thereafter for a limited period where needed for support, security or legal claims,

  • payment and accounting-related data is retained for as long as required by applicable law,

  • support case data is retained for as long as necessary to handle the matter and for a reasonable period thereafter for follow-up and documentation,

  • newsletter data is retained until you withdraw your consent or unsubscribe,

  • technical logs are retained for as long as required for security, operation and troubleshooting,

  • video recordings and uploaded material are retained for as long as they remain in the service or until they are deleted under our routines or upon request, unless longer retention is required for legal obligations or dispute resolution.

Real-time video streaming that is not recorded is generally not stored by Ridesum.

When personal data is no longer needed, it is securely deleted or anonymised.

9. Links to other websites and external services

Our websites and services may contain links to external websites or embedded third-party content. Those third parties are responsible for their own personal data processing. We recommend that you review their privacy policies before using such services.

10. Personal data shared with trainers or experts

When you use the Ridesum service, personal data may be shared between users and trainers/experts as part of the functionality of the service.

To the extent trainers or experts process personal data for their own purposes, they are themselves responsible for such processing under applicable law. The allocation of responsibility depends on the actual role and the circumstances of the specific processing.

11. Children

If our services are used by children or young people, personal data must be processed with particular care. If consent is required for a specific processing activity and the user is below the age applicable under relevant law, parental consent may be required.

12. Your rights

Under the GDPR, you have the right to:

  • request information about the personal data we process about you,

  • request access to your personal data,

  • request rectification of inaccurate or incomplete personal data,

  • request erasure in certain circumstances,

  • request restriction of processing in certain circumstances,

  • object to processing based on legitimate interests,

  • withdraw consent where processing is based on consent,

  • request data portability for data you have provided to us where processing is based on consent or contract and carried out by automated means,

  • lodge a complaint with the Swedish Authority for Privacy Protection (IMY).

If you wish to exercise any of your rights, please contact us at hello@ridesum.com.

Please note that certain rights are subject to legal limitations and that in some cases we may need to continue processing certain data in order to comply with legal obligations or defend legal claims.

13. Changes to this Policy

We may update this Privacy Policy from time to time. The latest version will always be available on our websites. If we make material changes, we will also inform you in an appropriate manner, for example by email or within the service.