Privacy Policy
Last updated: 2026-07-12
Kavioura respects your privacy. This policy explains what personal data we collect, why we collect it, and the rights you have under the EU General Data Protection Regulation (GDPR).
1. Who we are
Kavioura is an online marketplace for the Nordic equestrian community operated from Finland. For questions about your data or this policy, contact us at kaviourapalvelut@gmail.com.
2. Data we collect
Account data: name, email, password (stored hashed with bcrypt), role, optional location and bio, optional profile photo. Listing data: text, price, photos and attributes you publish. Interaction data: messages, booking requests, reviews, favorites, feedback you send us. Technical data: JWT session token in your browser's local storage, timestamps of account and terms acceptance.
3. How we use your data
To provide the marketplace (show your listings, deliver messages, run bookings and reviews), to keep the service secure and prevent fraud, to respond to your support requests, and to comply with our legal obligations.
4. Legal basis
We process your data under GDPR Article 6(1)(b) — performance of a contract (our Terms) — and Article 6(1)(f) — our legitimate interest in operating and securing a safe marketplace.
5. Sharing
We do not sell your data. Other Kavioura users can see the information you publish on your public profile and listings. Messages are visible only to you and the other party. We may share data with hosting providers who operate under GDPR-compatible contracts, and with authorities when required by law.
6. How long we keep data
We keep your account data for as long as your account exists. When you delete your account, we erase your profile, listings, messages, reviews, bookings, favorites and uploaded photos. Aggregated, non-identifiable analytics may be retained.
7. Your rights
You have the right to access, correct, export and erase your personal data, to object to or restrict processing, and to lodge a complaint with your national data protection authority (in Finland: tietosuoja.fi). You can delete your account and all associated data at any time from your profile page.
8. Cookies and local storage
Kavioura does not use tracking cookies. We store a session token and your language preference in your browser's local storage so you stay signed in and see the site in your language. These are cleared when you log out or delete your account.
9. Security
Passwords are stored hashed with bcrypt. Access to your account requires a signed session token. Please choose a strong password and log out on shared devices.
10. Contact
Data-protection requests and questions: kaviourapalvelut@gmail.com. We reply within one business day.