Back
Legal

Privacy Notice

Version: January 2026

Introduction

At Equipass, we value your trust and are committed to protecting your personal information. Located at HM King Hussein I Building, Chemin de la Joliette 8, 1006 Lausanne, Switzerland (referred to as "Equipass", "we", "us" or similar terms throughout this Notice), we handle your personal data with care and transparency. Our approach prioritizes compliance with applicable privacy laws, including the European Union's General Data Protection Regulation (GDPR), ensuring that your data is managed lawfully, ethically, and confidentially at all times.
Together with our trusted service providers and partners, we employ robust technical and organizational safeguards based on industry best practices to protect your information from unauthorized access, loss, misuse, and unlawful alterations.
This Privacy Notice (referred to as the "Notice" throughout) outlines our practices for handling your personal information in connection with your use of our mobile application (the "App"), including when you download, install, access, or utilize the services we provide through the App.
Equipass is operated by the Fédération Équestre International (FEI). The FEI Privacy Policy is available at https://www.fei.org/privacy-policy.

1. Data Controller

Data controller in the sense of the applicable data protection law:
Fédération Équestre International
HM King Hussein I Building
Chemin de la Joliette 8
1006 Lausanne, Switzerland
Website: https://www.fei.org

2. General

2.1 Categories of data processed

We process different categories of data from you, such as:
  • Contact and identification data such as last name, first name, and email address
  • Personal information such as age, date of birth, and language preferences
  • User account information such as username, password, user ID, profile information, and preferences
  • Device information such as device type, device ID, operating system, device model, manufacturer, mobile network information, and app version
  • Location data such as precise or approximate geolocation information (if you grant permission)
  • Camera and media data such as photos, or other media files (if you grant permission)
  • Communication data such as messages sent through the App, customer support inquiries, and correspondence
  • Technical data such as IP address, browser type, crash logs, performance data, and debug information

2.2 Legal basis for data processing

Our processing of your data relies on different legal bases, including:
  • Contractual necessity – when processing is required to fulfill our services to you or to take pre-contractual steps at your request (Art. 6 para. 1 lit. b GDPR)
  • Legal compliance – when we must process data to comply with applicable laws (Art. 6 para. 1 lit. c GDPR)
  • Your consent – when you have provided explicit permission for specific processing activities (Art. 6 para. 1 lit. a GDPR)
  • Legitimate interests – such as maintaining App security and enhancing our services (Art. 6 para. 1 lit. f GDPR)

2.3 Purposes of data processing

We process your personal data for the following purposes:
  • Operating and maintaining the App and related services
  • Account creation and management
  • Customer support and assistance
  • Delivering service-related notifications and updates
  • Enhancing and optimizing App functionality and user experience
  • Identifying, preventing, and addressing technical problems and security risks
  • Fulfilling legal and regulatory requirements
Certain data is essential for us to provide you with our services. Without this required information, we may be unable to offer full access to the App or specific features may have limited functionality or be unavailable entirely.
We will not process your data for purposes beyond those listed above without obtaining your explicit consent first.

2.4 Our Data Protection Commitments

To safeguard your privacy, we commit to the following limitations:
We will never:
- Sell your personal data to third parties
- Share your data for others' marketing purposes without your consent
- Process your data for purposes not disclosed in this Notice
- Collect more information than necessary to provide our services
- Retain your data longer than required
- Transfer your data internationally without appropriate safeguards
We will always:
- Be transparent about our data sharing practices
- Respect your data subject rights
- Process your data lawfully and fairly
These commitments supplement, and do not replace, your legal rights under applicable data protection laws.

2.5 Duration of data processing

Your personal data is retained only for as long as necessary to fulfill the purposes for which it was collected. When legal, regulatory, or contractual obligations require longer retention periods, we limit processing activities accordingly.
We retain account-related data while your account remains active. Following account deletion, certain information may be preserved to comply with legal obligations or legitimate business needs.
For further inquiries, see all your rights (Chapter 6) and don’t hesitate to contact us (Chapter 7).

3. Data collection and processing in the App

The App uses data from two sources:
  1. From FEI: If you have provided data to FEI through HorseApp or other FEI services, we use this information to provide relevant features in the App. You cannot edit this FEI data within Equipass and any changes must be made through FEI's systems.
  2. From you: Any new data you enter directly into the App stays within Equipass and is not shared outside..

3.1 Security of data processing

We deploy suitable technical and organizational safeguards to protect your data, consistently following current industry standards and best practices.
Data transmission within the App is secured using industry-standard encryption protocols. We maintain comprehensive security controls designed to prevent unauthorized access, modification, disclosure, or deletion of your personal information.

3.2 Registration and account creation

To use certain features of the App, you may need to create an account. During registration, the following data is required:
  • Email address
  • Username
  • Password
  • First name
  • Last name

3.3 App permissions

The App may request the following permissions on your device:
  • Camera: To take photos or to scan QR codes within the App (optional, only when you use camera features)
  • Photo library: To upload or share photos (optional, only when you choose to upload media)
  • Location services: To provide location-based features
You can manage these permissions through your device settings at any time.

3.4 Location data

If you grant permission, the App may collect location data to provide location-based features such as "finding nearby locations", "retrieve location adresse" and "retrieve GPS coordinates longitude and latitude".
Location data may include:
  • Precise GPS location (if you enable precise location)
  • Approximate location based on IP address or mobile network
You can enable or disable location services through your device settings at any time. Disabling location services may limit certain features of the App.

3.5 Camera and photo library access

The App may request access to your device camera and photo library to enable features such as:
  • Horse identification
  • Health record
Photos captured or selected through the App are processed only for the purposes you intend. We do not access your photo library without your explicit permission.

4. Third-party services

4.1 Crash reporting

To improve the stability and performance of the App, we use crash reporting services "Firebase Crashlytics".
When the App crashes, diagnostic information is automatically collected, including:
  • Device model and operating system version
  • App version
  • Stack traces and error logs
  • Device state at the time of crash
This information does not include personally identifiable information and is used solely to identify and fix bugs.
Provider: Firebase Crashlytics
Privacy Policy: https://firebase.google.com/support/privacy

4.2 Cloud storage services

We use cloud storage services to store and synchronize your data across devices. The provider we use is ELCA Cloud Services.
Data stored in the cloud may include:
  • User account information
  • User-generated content
  • App settings and preferences
Provider: ELCA Cloud Services
Data location: Geneva and Lausanne, Switzerland
Privacy Policy: https://www.elca.ch/privacy-notice
Data is encrypted in transit. We have entered into data processing agreements with our cloud service provider to ensure GDPR compliance.

6. Data subjects rights

Under applicable data protection laws, you have certain rights regarding your personal data. To exercise any of these rights, please reach out to our data protection officer.

6.1 Right to information

You may request confirmation of whether we are processing your personal data. When we are, you have the right to access that data and receive the additional information specified in Article 15 of the GDPR.

6.2 Right to rectification

You may request correction of inaccurate personal data we hold about you at any time. Additionally, you can update certain information directly within your App settings.

6.3 Right to erasure

You may request deletion of your personal data at any time. We will fulfill your request unless legal, regulatory, or contractual obligations require us to retain the information. When deletion is not possible, we will restrict further processing of your data.

6.4 Right to data portability

You have the right to obtain your data that we process based on consent or contract performance in a structured, commonly used, and machine-readable format.

6.5 Right to object

You may object to our processing of your personal data based on grounds related to your specific situation at any time.
Upon receiving your objection, we will cease processing your data unless we can demonstrate compelling legitimate reasons for continued processing that outweigh your interests, rights, and freedoms, or when the processing is necessary for establishing, exercising, or defending legal claims.

6.6 Revocation of consent

You may withdraw previously given consent at any time by contacting our data protection officer or by modifying your App settings (such as notification preferences, or location access).

6.7 Right of complaint to the supervisory authority

If you believe our processing of your data violates applicable data protection laws, you have the right to file a complaint with the relevant supervisory authority.

7. Questions to our data protection officer

If you have any questions about data protection, or to claim any of your rights here above mentioned, please contact our data protection officer and we will act upon request:
Email: dpo@fei.org
Address: HM King Hussein I Building, Chemin de la Joliette 8, 1006 Lausanne, Switzerland

8. Changes

We periodically update this Privacy Notice as part of our ongoing commitment to improvement and regulatory compliance. Any such changes will not diminish your rights as a data subject.
Material modifications to this Notice will be communicated to you through the App or by email. Each updated version will display its effective date.
The current version of this Notice is always available in the App and on our website at https://www.equipass.org.
Last updated: January 2026
Equipass
c / o FEI HM King Hussein I Building
Chemin de la Joliette 8
1006 Lausanne, Switzerland
Website: https://www.equipass.org
Email: dpo@fei.org