EquiLink

Legal · Privacy

Privacy Policy

How EquiLink collects, uses, shares and protects your personal information — and the choices and rights you have.

Last updated · September 2025

Mizar & Alcor Inc., operating as EquiLink ("EquiLink," "we," "us," or "our"), values your privacy and is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use and share it, and your rights regarding that information. It applies when you use EquiLink's mobile applications, website, and any related services (collectively, the "Service"). We comply with applicable privacy laws, including the EU General Data Protection Regulation (GDPR), the UK GDPR, and the California Consumer Privacy Act (as amended by the CPRA) (CCPA). We want you to understand your choices and our practices, so please read this policy carefully. If you do not agree with this Privacy Policy, please do not use EquiLink.

For purposes of data protection laws, EquiLink is the "data controller" of personal information we collect (unless this Policy states otherwise). Our contact information is provided at the end of this Policy.

Information We Collect

We collect several categories of information, depending on how you interact with our Service:

  • Information You Provide Directly. When you create an account or profile on EquiLink, you may provide information such as your name, email address, phone number, username, password, and (if you are a business user) business name and details. You may also provide profile information like a photo, bio, location (e.g. city/region), and your equestrian interests or qualifications. If you list a service or event, you provide content about that listing (description, pricing, dates, etc.). We also collect information you submit through forms or communications: if you contact support or provide feedback, we will collect whatever information you choose to share. If you participate in surveys, promotions, or beta tests, we collect that information too.
  • Payment Information. If you make purchases or receive payouts through EquiLink, we collect information to process those transactions. For riders or customers making payments, our payment processor (Stripe) will collect your payment card details, billing address, and related information. EquiLink itself does not store your full credit card numbers; that data is handled securely by Stripe, Apple Pay, Google Pay or other payment providers. We may retain non-sensitive payment details like the last four digits of your card or the billing country, and records of your transactions (amount, date, item purchased) for accounting. For business users (service providers/organizers) who receive payments, we collect information necessary to route payouts: for example, your bank account details, tax identification (like EIN or last four of SSN in the US) if required by Stripe for KYC/KYB verification, and any forms needed for tax reporting. These payout details are collected via Stripe Connect Express onboarding, meaning you input them into Stripe's hosted form and Stripe shares with us whether you've been verified and your account IDs, but we do not see your full bank info except as needed to identify your account.
  • Information from Your Use of the Service (Usage Data). When you use EquiLink, we automatically collect certain information about your device and how you use the app/website:
    • Device and Technical Information: We receive data such as your device type (e.g. iPhone, Android phone), operating system version, unique device identifiers, and mobile network. We also log technical info like IP address, browser type (if on web), app version, and device language/region settings.
    • Usage Information: We track your activity on the Platform – for instance, the pages or screens you view, features you use, links or listings you click on, search queries you enter, and the time and duration of your activities. This helps us understand what content is popular or how users navigate our Service.
    • Location Information: If you enable location services, we may collect precise location data from your mobile device in order to show you nearby listings (for example, events or services in your area). You can always choose to disable precise GPS location access in your app settings, but we may still infer your approximate location from your IP address or the region you select in your profile (for example, we might know you are in "California, USA" generally, even if we don't know your exact GPS coordinates).
    • Cookies and Similar Tech: Our website (and potentially our app) uses cookies or similar tracking technologies to remember your preferences and analyze usage. For example, we might use cookies to keep you logged in on the web, or to track analytics on how users reach our site. We also utilize third-party analytics services (like Mixpanel) that use cookies or SDKs to collect usage data for us. See "Analytics and Tracking" below for more.
  • Information from Third Parties. We may receive information about you from other sources. For example, if you register through a third-party account like Apple Sign-in or Google Sign-in (if we offer those options), we get basic info (like your name and email) from those accounts with your permission. If a friend refers you via our referral program, we might receive your email to send you an invite. Also, if you are a business listed on EquiLink and someone else creates a listing for you (say a user recommends a local trainer by adding a listing), we may receive info from that user that we then associate with you once you claim the listing. Additionally, if you interact with our social media pages or accounts, we may indirectly gather info from those interactions (subject to the privacy settings of the platform).
  • Sensitive Personal Data. EquiLink is not meant to collect sensitive personal data such as health information, racial or ethnic origin, political opinions, etc., about users – please do not provide this in your profile or communications. The only context we might collect certain sensitive data is for identity verification of business users (for example, Stripe may require a Social Security Number or ID document to verify an individual for payouts, in which case that data is handled by Stripe and not stored by EquiLink).

How We Use Your Information

We use the collected information for the following purposes, and we always strive to do so under an appropriate legal basis (as required by GDPR and similar laws):

  • To Provide and Maintain the Service. We process your personal data to create your account, enable your profile, and allow you to use EquiLink's features. For example, we use your information to display your profile to others as appropriate, to list your services or events if you're a provider, and to show you relevant content (like nearby events if you've shared location). We use data about your device and usage to ensure the Service functions properly across different devices and browsers, and to customize your experience (e.g. remembering your preferences, language, etc.). (Legal bases: performance of a contract – we need to do these to provide the service you signed up for; and/or our legitimate interest in operating an effective service.)
  • Facilitating Transactions. If you book a service or buy a ticket, we use your information to process that order – including transmitting your provided payment details to our payment processor (Stripe/Apple/Google) for authorization, and communicating the booking details to the provider or organizer. Likewise, for providers, we use your info to coordinate payouts (for instance, telling Stripe to initiate a payout to your account when a booking is completed). We also send confirmations, receipts, and any necessary updates about the transaction (e.g. if an event is canceled, we notify attendees). (Legal basis: performance of contract – fulfilling the bookings you make or accept.)
  • Communication. We use contact information (email, phone if provided) to send you service-related communications. These include confirmations, reminders (e.g. "Your lesson is tomorrow at 10am"), updates about changes to bookings or our policies, and support messages if you have an open ticket. We might also send news and promotional communications if you have subscribed to them (like a newsletter or announcements of new features, or recommendations such as "New events in your area"). You can opt-out of marketing emails at any time by clicking "unsubscribe" in those emails or adjusting your settings. However, you cannot opt out of essential service communications (like an important security notice or a booking confirmation, as those are not promotional). (Legal basis: for service communications – performance of contract or legitimate interests to keep you informed about your account; for marketing – your consent where required or our legitimate interest in promoting our service if permitted.)
  • Analytics and Product Improvement. We want to make EquiLink better. We use analytics tools like Mixpanel to understand how users interact with our app and website – for example, what features are most popular, where users encounter errors, how long they spend on certain pages, etc. This usage data helps us identify trends, debug issues, and plan new features. We may also use feedback you provide (via surveys or support interactions) to improve our offerings. Where possible, we use this information in an aggregated or de-identified form (not tied to you personally). (Legal basis: legitimate interests in improving and optimizing our product.)
  • Personalization. We might use your data to personalize the content you see. For example, we could use your location and activity to suggest relevant listings ("Show jumping clinics near you" or "Farriers popular with riders in [your region]"). We may highlight new features or tips relevant to you (e.g. if you frequently book training services, we might show you our new "Opportunity Board" because you might be interested in equestrian job postings). (Legal basis: legitimate interests in providing a tailored user experience; or consent, in contexts where required.)
  • Safety and Trust & Safety Monitoring. Ensuring a safe community is crucial. We use information (such as user reports, messages sent through our platform, and activity logs) to detect and prevent fraud, abuse, and violations of our terms. For instance, we might monitor message communications on the Platform for scam indicators or review content that is reported by other users to see if it violates our Community Guidelines. We also may use automated systems to flag suspicious behavior (like rapid-fire messages that could be spam, or payment activities that look like fraud) and to perform content and listing checks. If necessary, we use data to investigate and intervene (which could include communicating with you or with law enforcement). (Legal basis: legitimate interests in protecting our users and service; compliance with legal obligations in some cases.)
  • Legal and Compliance. We process personal data as required to comply with legal obligations. For example, for financial transactions we keep records to satisfy accounting and tax laws. We might need to use and retain identity information to meet anti-fraud or KYC (Know Your Customer) regulations for payments. If we receive a lawful subpoena or request from law enforcement, we may need to provide data as required by law. We also use data to enforce our agreements (Terms of Service, etc.) and to resolve disputes with users. (Legal basis: compliance with legal obligations; and protecting our legitimate interests.)
  • Other Purposes (with notice and consent). If we intend to use your data for a purpose beyond what is described here, we will seek your consent or provide you with notice and the opportunity to opt out. For instance, if we ever want to use a testimonial or success story that personally identifies you, we'd ask for your permission.

How We Share Your Information

EquiLink is careful about how we share personal information. We do not sell your personal data to third parties for their own marketing. We only share information in the following circumstances:

  • With Other Users (Platform interactions). EquiLink is a social marketplace, so some information is shared with other users by nature of the service. For example:
    • When you create a profile, certain information like your display name and profile photo is visible to all users. If you are a service provider, your business listing and profile may be visible even to unregistered visitors. Communication between users (like messages sent via our in-app chat) is private between those users, although EquiLink as the platform can access it as needed for safety or support.
    • If a rider makes a booking with a provider, the rider's relevant information will be shared with that provider (and vice versa) to facilitate the service. For example, when you book a lesson, the provider will see your name and the contact info you've provided for the booking (such as phone number or email) so they can coordinate with you. Similarly, you will see the provider's business name and contact info (if they have chosen to share it) once you've booked. We also might share any special notes you include with the booking (e.g. "I'm a beginner" or dietary requirements if it's a clinic that includes meals). Essentially, information necessary to fulfill the transaction is shared between the parties involved.
    • If you post a review or comment in a public area (e.g. reviewing a service), that content along with your first name or username will be visible to others.
    • If you report a safety issue or concern about another user or content, we may share details of that report (possibly anonymized) with relevant organizations or authorities, especially if it concerns animal welfare (e.g. reports may be routed to welfare NGOs) or illegal activity.
  • With Service Providers (Processors). We share information with third-party companies that perform services on our behalf to help us run EquiLink. These service providers are bound by contract to protect your data and only use it for our specified purposes. Key service providers include:
    • Payment Processors: As noted, we use Stripe for payment transactions and payouts. When you enter payment info or when we transfer payouts, those details go to Stripe. Stripe in turn provides us with limited info (e.g. a payment token or confirmation, your payout account ID, verification status). If you use Apple Pay or Google Pay, those services process your card info and confirm payment to Stripe; we might know that you paid via Apple Pay but we don't see your card.
    • Analytics Providers: We use analytics tools like Mixpanel to collect usage data. Mixpanel will receive identifiers (like a user ID or device ID) and events (e.g. "User clicked X"). This helps us analyze usage; Mixpanel acts under our instructions and cannot use that data for others.
    • Cloud Hosting and IT: Our application and data are likely hosted on cloud services. These hosts store the data and logs, but they do not access your data except as needed for maintenance of the service.
    • Communication Tools: We may use email services (like Loops or Resend) to send emails, or OneSignal to send SMS alerts if applicable. Those providers would get your contact info solely for sending communications.
    • Customer Support Tools: If you contact support, we might use a ticketing system or CRM where your name, email, and issue are stored to help us manage the support process.
  • We ensure that all service providers have appropriate data protection agreements in place. Some of these providers may be located outside of your country (see "International Data Transfers" below).
  • With Business Partners. We do not currently share personal data with third-party business partners for their independent use, unless you specifically opt-in. If in the future we run a promotion or partnership (say with an equestrian brand or an event) where data sharing is involved, we will inform you and/or get your consent. For example, if we co-host a contest and you choose to enter, we might share the names of winners with the sponsoring partner – but we would clarify that at the time of the contest.
  • For Legal Reasons. We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court order, subpoena, or government demand). We may also share information when we believe in good faith that disclosure is necessary to protect our rights, property, or safety, or that of our users or others. This includes investigating fraud, security, or technical issues, or responding to emergencies. For instance, if we suspect a user is engaging in human or animal abuse, we might report it to law enforcement or relevant agencies, providing the information necessary to address the situation.
  • Business Transfers. If EquiLink is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be transferred as part of such a transaction. In such cases, we will ensure the successor respects your personal data in line with this Privacy Policy (or you'll be given notice and a chance to opt-out if required by law).
  • With Your Consent. In situations not covered above, if we want to share your information, we will ask for your consent. You have the right to say no. For example, if we wanted to feature your success story with your name and photo on our blog, we'd ask for your explicit permission.

Cookies and Tracking Technologies

EquiLink uses cookies and similar technologies on our website (and analogous mobile app identifiers) for various purposes:

  • Essential Cookies: These are necessary to provide you with services. For example, authentication cookies keep you logged in as you navigate between pages.
  • Preference Cookies: These remember your preferences (e.g., language or region selection) to provide a more personalized experience.
  • Analytics Cookies: These help us count visitors and understand how they navigate our site, so we can measure and improve performance. For instance, we might use Google Analytics or Mixpanel cookies to see which pages are popular.
  • Advertising Cookies: As of this Policy's date, EquiLink does not host third-party ads, but if we ever do, those partners might use cookies to tailor ads. We will update this section if that changes.

You can control cookies through your browser settings – for example, you can refuse all or some cookies or delete cookies. However, blocking certain cookies might affect the functionality of our Service (for instance, you might have to log in repeatedly if cookies are disabled).

On our mobile app, tracking works via the app's own storage and device identifiers. If you wish to opt out of certain trackers (like for analytics or personalized content), you may adjust settings within the app or your device's privacy settings (for example, on iOS you can select "Limit Ad Tracking" or "Ask App Not to Track").

We do not currently respond to "Do Not Track" signals, due to lack of a universal standard, but we offer the controls described above.

Retention of Data

We retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including satisfying any legal, accounting, or reporting requirements. Here are some general retention practices:

  • Account Data. We keep your profile information and content for as long as your account exists. If you delete your account, we will initiate deletion of your personal data from our live systems within a reasonable time (generally within 30 days), except that we may retain certain data as noted below.
  • Transactions. We retain records of transactions (bookings, payments, payouts) as long as required by financial regulations and tax laws – typically at least 7 years. If you have made payments or earned money, we keep a record for accounting even if you delete your account, to maintain financial integrity and compliance.
  • Communications. If you contacted support or we have correspondence with you, we may retain those communications until we resolve your issue and for a period after (to track our support performance or in case of follow-up needs). Generally, support tickets might be kept for a couple of years.
  • Analytics Data. We may retain aggregated analytics data (which isn't personal) indefinitely to track long-term trends. Raw analytics logs tied to user identifiers might be kept for a shorter period (maybe 14 months, as per Google Analytics default, or as configured in Mixpanel) unless we deem it necessary to keep longer.
  • Legal Holds. If we are under a legal obligation to retain data (for example, due to a litigation hold or a request from law enforcement in an ongoing investigation), we will retain the data as needed. Similarly, if you violated our Terms, we might keep information about you to prevent you from re-registering, or to pursue legal remedies.

When we no longer have a legitimate need or legal obligation to keep your personal data, we will securely delete or anonymize it.

Your Rights and Choices

You have certain rights regarding your personal data. These rights may vary based on your location and the applicable laws, but we provide the following to all users as a courtesy (and as required):

  • Access. You have the right to request a copy of the personal information we hold about you. We will provide this in a common electronic format. (For example, EU users have a right of access under GDPR.)
  • Correction (Rectification). If any of your information is inaccurate or incomplete, you have the right to ask us to correct it. You can also update most of your profile data directly in the app.
  • Deletion. You can request deletion of your personal data. This is also known as the "right to be forgotten." For example, EU and California users have this right under GDPR/CCPA. Keep in mind, as noted in Retention, we might need to keep certain information for legal reasons, but we will inform you if so.
  • Objection to Processing. You have the right to object to our processing of your data in some cases – for example, if we are processing based on legitimate interests and you have a particular reason to object, we will consider your request. You also have the right to object to direct marketing – you can always opt-out of marketing emails as mentioned.
  • Restriction of Processing. You can ask us to suspend processing of your personal data, for example if you want us to verify its accuracy or our reasons for processing it.
  • Data Portability. For data you provided to us, you have the right to request it in a structured, commonly used, machine-readable format, and you have the right to transfer that to another service. (This is a GDPR right; we will do our best to provide it to anyone who asks, in a CSV or similar format.)
  • Automated Decision-Making. EquiLink does not make any legally significant decisions about you solely by automated means (without human involvement). If that changes, and if those decisions affect you significantly, you would have rights to request human review of such decisions under GDPR.
  • California Privacy Rights. If you are a California resident, the CCPA gives you the right to request: (1) disclosure of the categories and specific pieces of personal information we have collected about you, (2) the categories of sources of that information, (3) the business purpose for collecting it, (4) the categories of third parties with whom we share it, and (5) if we sold or disclosed your personal information for a business purpose, the categories of information and recipients of that information (note: we do not sell personal data). You also have the right to request deletion of your personal info, as described above. Additionally, you have the right to opt-out of the "sale" of your personal information – however, EquiLink does not sell user data in the traditional sense (monetary exchange for data). We also do not share personal information for cross-context behavioral advertising at this time. If that ever changes, we will implement a "Do Not Sell or Share My Personal Information" link or setting for California users. California users may also request information about our compliance with Shine the Light law (Civil Code §1798.83) regarding direct marketing disclosures; again, we do not share personal data with third parties for their direct marketing.
  • Exercising Your Rights. To exercise any of these rights, please contact us at legal@equilink.com with your request. We may need to verify your identity (to make sure we're giving the data to the right person, for instance) by asking for some information or using an existing authentication factor. For California, you can also designate an authorized agent to make requests on your behalf, but we will need proof of that authorization and still need to verify you (or the agent). We will respond to requests within the timeframes required by law (e.g. generally within 30 days for GDPR requests, 45 days for CCPA, with extensions if needed and communicated).
  • No Discrimination. EquiLink will not discriminate against you for exercising any privacy rights. That means we won't deny you service or give you a different level of service or pricing just because you made a privacy request. However, deleting certain data or objecting to some processing might impact our ability to provide the Service (for example, if you withdraw consent for location, some features might be less relevant).

Security Measures

We take security seriously and have implemented measures to protect your personal information from unauthorized access, loss, misuse, or alteration. These measures include encryption of data in transit (our app and website use HTTPS/TLS to secure data transfer) and encryption of sensitive data at rest where appropriate. We limit access to personal data to employees, contractors, and service providers who need it to perform their duties, and they are subject to confidentiality obligations. We also regularly review our information collection, storage, and processing practices to prevent unauthorized access. However, please note that no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security. You are also responsible for keeping your account credentials secure – please choose a strong password and do not share it. If you believe your EquiLink account has been compromised, contact us immediately.

International Data Transfers

EquiLink is a global platform. Depending on where you are located, your personal data may be transferred to, and processed in, countries other than your own. In particular, our main operations are in Canada (as a Canadian incorporation), so your data will likely be stored on servers in Canada or other jurisdictions. Data protection laws in these countries may be different from those in your country (and may not be deemed "adequate" under EU law, for example).

However, we take steps to ensure appropriate safeguards when we transfer data internationally. If you are in the European Economic Area (EEA) or UK, whenever we transfer your personal data outside of the EEA/UK, we will do so under EU-approved Standard Contractual Clauses or other lawful transfer mechanisms to ensure your data is protected. Our agreements with service providers include data protection clauses as needed. By using EquiLink, you understand that your information may be transferred to our facilities and those third parties with whom we share it, as described in this Policy.

If you have questions about our transfer mechanisms or specific countries where your data might be processed, feel free to contact us.

Children's Privacy

EquiLink is not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13. If you are under 13, please do not use our Service or provide any information to us. If we become aware that we have collected personal data from a child under 13, we will take steps to delete such information promptly. In some jurisdictions, such as in the European Union, the minimum age may be higher (for example, 16). We will abide by those age restrictions and obtain parental consent if required by applicable law. Parents or guardians: if you learn that your child under the applicable age has provided us with personal information without your consent, please contact us and we will delete it.

Third-Party Websites

Our Service may contain links to external websites or services that are not operated by us (for example, a link to a partner's site, or an embedded YouTube video in the Knowledge Hub). This Privacy Policy does not apply to those third-party sites. We recommend you review the privacy policies of any third-party site or service that you visit or use. We are not responsible for the content or privacy practices of websites not under our control.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we update it, we will revise the "Last Updated" date at the top. If changes are significant, we will provide a more prominent notice (e.g., by email or an in-app notification). We encourage you to review this Policy periodically to stay informed about how we are protecting your information. Your continued use of EquiLink after any update to this Privacy Policy constitutes your acceptance of the changes, to the extent permitted by law.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us at:

  • Email: legal@equilink.com
  • Postal Mail: EquiLink, Attn: Legal, 235 ch du Cap aux Rets, Baie Saint Paul, G3Z 1C1, Qc, Canada

We will address your inquiry as promptly as possible. If you are in the EU/EEA or UK and need to contact a local representative or our Data Protection Officer (if we appoint one), please mention that in your inquiry and we will direct you accordingly. You also have the right to lodge a complaint with a data protection authority (for example, your local supervisory authority in the EU, or the UK Information Commissioner's Office, or the appropriate regulator in your jurisdiction) if you believe we have infringed your privacy rights. We would, however, appreciate the chance to deal with your concerns directly, so please consider reaching out to us first.

Thank you for trusting EquiLink with your equestrian journey and your personal data. We are committed to keeping that trust and helping you connect with confidence in our community.