Privacy Policy

Last updated: 18 June 2026

Scope and who we are

This policy describes how we handle personal data collected through this website (HYPPA), under Regulation (EU) 2016/679 (the GDPR) and Portuguese Law no. 58/2019. The website is operated by TODO_NOME_LEGAL, at TODO_MORADA, tax number TODO_NIF, which is the data controller for the data described here.

The HYPPA app (the management platform for riding schools) has its own privacy policy, provided within the app, which governs the processing of usage data for that service.

Data protection contact

For privacy questions or to exercise your rights, contact privacidade@hipparium.app.

What data we process

  • Contact details you send us: if you email us (or, in future, use a contact form on the site), we process your name, email address and the content of your message in order to reply;
  • Technical browsing data: our hosting provider may automatically record your IP address, device/browser type and the date/time of access, in log files, for security and operational reasons;
  • Preferences: your choice in the cookie panel, stored locally in your browser (see the Cookie Policy).

We do not collect special-category data through the site, and we do not profile you or take automated decisions with legal effects concerning you.

Purposes and legal bases

We process your data for the following purposes and on the following legal bases (Article 6 GDPR):

  • Responding to enquiries and requests for information/demos — pre-contractual steps at your request [Art. 6(1)(b)];
  • Site security and abuse prevention — legitimate interests [(f)];
  • Non-essential cookies and technologies, should any exist — consent [(a)], withdrawable at any time;
  • Compliance with legal obligations to which we are subject [(c)].

Who we share data with

We do not sell or rent your data. We use service providers acting as processors, under contract and on our instructions, namely:

  • Hosting and site-delivery provider — to serve the site and keep technical logs;
  • Email provider — to receive and reply to the messages you send us.

How long we keep data

We keep correspondence only for as long as necessary to deal with your request and for a reasonable period thereafter; the host's technical logs are kept for short periods for security purposes. Where a legal retention obligation applies, we comply with the applicable period.

Your rights (GDPR)

  • Access: obtain a copy of the data we hold about you;
  • Rectification: correct inaccurate data;
  • Erasure: request the deletion of your data;
  • Portability: receive your data in a machine-readable format;
  • Objection: object to processing based on legitimate interests;
  • Restriction: request that processing be restricted;
  • Withdrawal of consent: where processing is based on consent, without affecting prior processing.

To exercise any of these rights, contact privacidade@hipparium.app.

Security

We apply technical and organisational measures appropriate to the risk, in particular encryption in transit (HTTPS/TLS) and restricted access to data. No system is completely secure, so we cannot guarantee absolute security.

Cookies

The site uses only strictly necessary storage and does not currently use analytics or marketing cookies. For details, see the Cookie Policy.

International transfers

We favour processing data within the European Union. Whenever a processor involves a transfer outside the European Economic Area, we ensure appropriate safeguards, in particular the European Commission's Standard Contractual Clauses (SCCs) and supplementary measures where necessary.

Changes to this policy

We may update this policy. Changes take effect when published on this page, with the date of the last update indicated.

Contact and complaints

For questions about this policy, contact privacidade@hipparium.app. You have the right to lodge a complaint with the competent supervisory authority — in Portugal, the National Data Protection Commission (CNPD), www.cnpd.pt — or with the authority of your Member State of residence.