RingTime
HomeProductsHow to UseSupportAbout Us
LOG IN / CREATE ACCOUNT

Privacy Policy

Effective Date: April 28, 2026

Last Updated: April 28, 2026

Want to change your cookie choices? Scroll to the footer of any page on this site and click Cookie preferences. You can opt in or out of analytics, performance, and marketing cookies at any time.

What’s new in this version

We expanded our disclosure of website analytics. This version names the specific tools we use on this site (PostHog, Vercel Analytics, Vercel Speed Insights, Sentry, Resend), describes our four-category cookie-consent system, and refreshes our state-privacy-rights section. Nothing about how the RingTime mobile app handles your data has changed.

1. Introduction & Scope

Plain English: We’re RingTime. This policy covers our website, our mobile app, and the data we collect when you use either.

This Privacy Policy describes how Buck Hill Equestrian LLC, doing business as RingTime (“RingTime,” “we,” “us,” or “our”), collects, uses, and shares information when you visit ring-time.com, use the RingTime mobile application (iOS and Android), or interact with the RingTime Live web platform and related services (collectively, the “Service”).

We are the “controller” of personal information collected through the Service for purposes of the EU and UK General Data Protection Regulation, and we are the “business” for purposes of the California Consumer Privacy Act and similar US state privacy laws.

Contact:

Buck Hill Equestrian LLC d/b/a RingTime

New Jersey, USA

Phone: 646-996-2995

Email: help.ringtime@gmail.com

2. Information We Collect

Plain English: Some information you give us directly. Some is collected automatically as you use the Service. Some comes from public sources or service providers.

2.1 Information You Give Us Directly

  • Account information (mobile app): name, email address, password, optional phone number, and your role (e.g., trainer, rider/owner, staff).
  • Equestrian identifiers (mobile app): federation membership numbers (e.g., USEF number), if you choose to provide them.
  • Profile content (mobile app): profile photos you upload.
  • Contact-form submissions (website): when you fill out the contact form on our website, we collect your name, email address, and the message you write. We also record which page on the site the form was submitted from (for example, “Support” or “About Us”) so we can route the message correctly. We do not add submitters to a marketing list.
  • Support communications: the content of any email or message you send to us.

2.2 Information Collected Automatically

When you visit the website, our analytics and error-monitoring tools automatically collect certain technical information about your device and your interaction with the site. The exact categories collected depend on which cookie consent choices you have made (see Section 5).

  • Device and browser information: browser type and version, operating system, device type (desktop / mobile / tablet), screen size, language, time zone, and a truncated/anonymised IP address.
  • Usage information: the pages you view, the time you spend on them, the links and buttons you click, scroll depth, video plays, search queries inside the support page, and the referring URL that brought you to the site.
  • Session interactions (with consent): if you have opted in to Analytics, PostHog records a session replay of your visit so we can see how features are actually used. All form fields are masked — we cannot see what you type into any input, text area, or password field. Replays focus on movement, clicks, and page transitions, not content.
  • Performance data: Core Web Vitals (Largest Contentful Paint, Interaction to Next Paint, Cumulative Layout Shift) and similar performance metrics that help us keep pages fast.
  • Error data: if something on the site throws an error, our error-monitoring tool (Sentry) records the stack trace, the URL where it happened, and basic browser metadata so we can fix it. PII is scrubbed before the report is sent (see Section 7).
  • Anti-spam signals: when you submit a form, we record the originating IP address, count submissions per IP for rate-limiting, and use a hidden form field as an anti-spam tripwire. These signals are kept only as long as needed to filter abuse.

2.3 Information from Other Sources

  • Public show data: we collect publicly available equestrian show schedules, entries, and results from show-management platforms to power the mobile app. This data includes horse names, rider names, class information, and results as published by show organizers.
  • App-store metadata: Apple and Google may share aggregate, non-identifying information about app downloads and crashes when you install RingTime from the App Store or Google Play.

3. Location Information

Plain English: Location data only comes from the mobile app, only with your permission, and only for show-related features. The website does not collect precise location.

The website (ring-time.com) does not request or use your precise location. Location is collected only through the RingTime mobile app, and only as follows:

  • Precise Location (foreground): when you grant location permission and are actively using the app, we may collect your precise GPS coordinates to provide location-based features such as determining whether you are at a show venue.
  • Background Location: with your separate, explicit consent, we may use background location capabilities to detect when you arrive at or depart from supported show venues. Background location is used solely for venue-related features.
  • Coarsened Location for Analytics: if you opt in to analytics within the app, location data shared with our analytics provider is reduced in precision to a neighborhood level.

You may revoke location permissions at any time through your device settings or within the app. See Section 11 for more on your choices.

Retention: Precise location data is automatically deleted after 30 days.

4. How We Use Your Information

Plain English: To run the Service, answer your messages, fix bugs, prevent abuse, and meet our legal obligations.

  • Deliver the Service. Provide, operate, and improve the website and mobile app, including live show tracking, notifications, and scheduling features.
  • Manage your account. Create and authenticate your account, send transactional emails (account verification, password resets, show alerts you subscribe to), and process subscription payments.
  • Respond to you. When you submit the contact form or email us, we use your name and email to reply. We send you an automatic confirmation email so you know your message was received.
  • Improve the product. Generate aggregate usage analytics, watch session replays of common flows, and study Core Web Vitals to make the site faster and easier to use.
  • Keep things working. Detect, debug, and fix errors and crashes through automated error monitoring.
  • Prevent abuse. Apply rate limits and anti-spam heuristics on form submissions to keep bots and spam out.
  • Comply with the law. Meet our legal obligations and enforce our Terms of Use.
  • Defend legal claims. Establish, exercise, or defend legal claims where necessary.

5. Cookie & Consent Choices

Plain English: You decide what gets loaded on this site beyond the essentials. Three categories you can turn on or off, plus “necessary” which is always on.

On your first visit to ring-time.com you are shown a cookie banner with three buttons: Accept all, Reject all, and Customize. The Customize button opens a panel that lets you toggle each category individually. Your choice is saved in your browser’s local storage under the key ringtime-consent. You can change your mind at any time by clicking Cookie preferences in the website footer.

CategoryDefaultWhat it controls
NecessaryAlways onSite essentials: your saved theme preference, the consent record itself, and the cookie-banner state. Without these the site cannot remember basic settings.
AnalyticsOffPostHog and Vercel Web Analytics. Tracks page views, click events, and session interactions so we can see which features and pages work. Includes session replay with all form fields masked.
PerformanceOffVercel Speed Insights. Measures Core Web Vitals so we can tell if the site is getting slower for real users.
MarketingOffReserved for future use. Currently no marketing or advertising cookies are loaded by this site, regardless of how this toggle is set.

Withdrawing consent. When you turn a category off (or click Reject all), we stop loading the SDKs in that category and stop collecting new data. Withdrawing consent does not automatically delete data we previously collected. To delete previously collected data, contact us using the rights process in Section 11.

Always-on error monitoring. Sentry runs in the background to capture JavaScript errors so we can fix bugs. We treat error monitoring as a legitimate interest under GDPR and CPRA because it does not collect content you type, your IP address, or other identifying information — the SDK is configured to scrub those fields before any report is sent (see Section 7). Sentry is not gated by the consent toggles.

Browser-level controls. Most browsers also let you block or delete cookies and local storage. Doing so may affect how the site behaves — in particular, your saved consent record will be removed and the banner will reappear.

Consent versioning. If we materially change the consent categories or the SDKs they gate, we increment the version number stored alongside your record. When that happens, the banner will reappear so you can review and reconfirm your choices.

6. Cookies, Local Storage & SDKs

Plain English: Here is the list of every cookie or storage entry this site can set, who sets it, and why.

The Service uses cookies, browser local storage, and similar technologies. Some are set directly by us; others are set by the third-party services described in Section 7 once you have given consent. The list below is accurate as of the “Last Updated” date at the top of this policy.

KeySet byTypePurposeCategoryDuration
ringtime-themeRingTimeLocal storageRemembers your selected color theme (light, dark, or system).NecessaryPersistent, until you clear browser storage
ringtime-consentRingTimeLocal storageStores your cookie consent choices, the timestamp, and a version number.NecessaryPersistent, until you clear browser storage or we increment the version
ph_*_posthogPostHogCookie + local storageAnonymous device identifier used to stitch a session together for analytics and session replay.AnalyticsUp to 12 months (PostHog default)
_vercel_* familyVercelCookieMay be set by our hosting provider for routing, deployment, or anonymous Web Analytics. No personal identifiers.Necessary / AnalyticsSession to up to 12 months, depending on the cookie
Vercel Speed Insights IDVercelIn-memory / sessionAnonymous identifier used to attribute Web Vitals samples to a single visit.PerformanceSession
Sentry scopeSentryIn-memoryHolds error context in memory while the page is open. Sentry does not set tracking cookies on this site.Always on (legitimate interest)Session

Third-party providers may set additional cookies or storage entries that are not listed here. We disclose categories rather than maintaining an exhaustive vendor catalog. For the most current vendor-side cookie list, see each provider’s privacy policy linked in Section 7.

7. Third-Party Service Providers

Plain English: We use a small number of trusted services to host the site, understand how it’s used, deliver email, and process payments. They’re named below.

These providers are processors acting on our behalf under written agreements (or, in the case of payment processors, are independent controllers for the limited purpose of processing payments). They are contractually limited to the purposes listed.

7.1 Hosting & Infrastructure

  • Vercel — hosts ring-time.com, runs our serverless API routes, and serves static assets. Processes server logs and IP addresses transiently for routing and abuse prevention. Region: United States. Privacy policy →
  • RingTime backend — our own application servers at api.ringtimeapp.com that handle the mobile app and the password-reset flow. Region: United States.

7.2 Analytics (loaded only with consent)

  • PostHog — product analytics and session replay. Captures pageviews, autocaptured click events, page-leave events, scroll depth, video plays, FAQ interactions, outbound link clicks, form submission outcomes, and a session replay of your visit. Replays have a 3-second minimum duration. All form inputs are masked (we cannot see what you type), and elements marked [data-private] are masked from text capture. PostHog stores person profiles only when we explicitly identify a user, which we currently do not do on the marketing site. Region: United States. Privacy policy →
  • Vercel Web Analytics — aggregate, anonymous pageview metrics. Does not track users across sites. Privacy policy →

7.3 Performance Monitoring (loaded only with consent)

  • Vercel Speed Insights — collects Core Web Vitals samples (LCP, INP, CLS, TTFB, FCP) so we can monitor real-user performance. Region: United States. Privacy policy →

7.4 Error Monitoring (always on, PII-scrubbed)

  • Sentry — captures JavaScript errors and a 10% sample of performance traces for debugging. Configured with sendDefaultPii: false; we explicitly strip ip_address, email, Cookie, and Authorization headers from every event before it is sent. Stack traces and basic browser metadata are retained for debugging. Region: United States. Privacy policy →

7.5 Email Delivery

  • Resend — delivers contact-form emails to our team and sends you the automatic confirmation that we received your message. Resend processes the name, email, and message you submit solely to deliver these transactional emails. Region: United States. Privacy policy →

7.6 Payments & App Distribution (mobile app only)

Payment processors receive your payment information directly. We do not store full credit-card or bank-account numbers on our servers.

8. How We Share Your Information

Plain English: We do not sell your information. We share it only with the providers above, and only when the law requires it or when we’re going through a corporate change.

  • Service providers. The providers named in Section 7, for the limited purposes described there.
  • No sale, no cross-context behavioral advertising. We do not sell your personal information for money or other valuable consideration, and we do not share it for cross-context behavioral advertising as those terms are defined under the California Consumer Privacy Act.
  • Legal and safety disclosures. We may disclose your information if we believe in good faith that disclosure is necessary to (i) comply with applicable law, regulation, or legal process; (ii) protect the rights, property, or safety of RingTime, our users, or the public; (iii) detect, prevent, or address fraud or security issues; or (iv) enforce our Terms of Use.
  • Business transfers. If RingTime is involved in a merger, acquisition, financing, reorganisation, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change via the Service or email, and the receiving entity will be bound by terms at least as protective as this Privacy Policy.
  • With your direction. We will share information at your request — for example, when you choose to share a show schedule or result with a teammate.

9. Data Retention

Plain English: We keep your information for as long as we need it for the purpose we collected it. Specifics below.

  • Account data (mobile app): retained until you delete your account.
  • Precise location data (mobile app): automatically deleted after 30 days.
  • Contact-form submissions: retained as long as the email thread exists in our inbox so we can answer your question and follow up. We do not move submissions into a separate database or marketing list.
  • Analytics events and session replays (PostHog): retained according to PostHog’s default retention (currently 12 months for events; 30 days for session replays). We may delete data sooner.
  • Performance samples (Vercel Speed Insights): retained according to Vercel’s default retention.
  • Error reports (Sentry): retained for up to 90 days (Sentry default).
  • Server logs: retained for a short rolling window (typically up to 30 days) for abuse-prevention and debugging.

When you delete your account, we remove your account information from our primary database. Some data already shared with third-party processors may persist in their systems for the retention windows listed in their own privacy policies.

10. Data Security

Plain English: We use HTTPS, scoped API keys, and standard security practices. No system is 100% secure.

We implement reasonable administrative, technical, and physical safeguards designed to protect your personal information from unauthorized access, use, or disclosure. These include HTTPS for all traffic, scoped API keys, server-side rate limiting on form endpoints, anti-spam heuristics, automatic PII scrubbing in our error-monitoring tool, and access controls on internal systems. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

11. Your Rights & Choices

Plain English: You can ask us what we have, get a copy, correct it, or delete it. Contact us at help.ringtime@gmail.com.

11.1 Universal Choices

  • Cookie preferences: change your consent at any time via the Cookie preferences link in the website footer.
  • Mobile-app permissions: manage location, notification, and other device-level permissions through your device settings.
  • Account access & deletion: view and update your account information through the in-app Settings page, and delete your account from the same screen.
  • Email us. For any other request, write to help.ringtime@gmail.com in plain language. You don’t need a special form. We will ask for reasonable verification — typically replying from the email address on your account — before acting on a request.

11.2 California Residents (CCPA / CPRA)

If you are a California resident, you have the following rights under the California Consumer Privacy Act, as amended by the California Privacy Rights Act:

  • Right to know: the categories and specific pieces of personal information we have collected about you, the sources, the purposes, and the categories of third parties with whom we share it.
  • Right to delete: request deletion of your personal information, subject to certain exceptions.
  • Right to correct inaccurate personal information.
  • Right to portability: receive a copy of your personal information in a portable, readily usable format.
  • Right to opt out of sale or sharing: we do not sell your personal information and we do not share it for cross-context behavioral advertising. There is therefore no sale or share to opt out of, but the right is preserved.
  • Right to limit the use of sensitive personal information: we do not use sensitive personal information to infer characteristics about you, so this right does not currently apply to data we collect on the website.
  • Right to non-discrimination: we will not deny you service, charge you a different price, or provide a different level of quality because you exercised these rights.

Categories of personal information collected (CCPA categories): identifiers (name, email, IP address, device identifier); internet or other electronic network activity (browsing history within our site, interactions with the Service); commercial information (transaction history, where you have purchased a subscription); geolocation data (mobile app only, with consent); inferences (only at an aggregate level for product improvement). We do not collect biometric data, precise geolocation through the website, or sensitive personal information unless you choose to share it (for example, in a support message).

Authorized agents. You may designate an authorized agent to make a request on your behalf. We will require written proof of the agent’s authority and may still verify your identity directly.

Do Not Sell or Share My Personal Information. We do not sell your personal information and we do not share it for cross-context behavioral advertising. To exercise other CCPA rights, email help.ringtime@gmail.com.

11.3 EU / UK Residents (GDPR / UK GDPR)

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the following rights under the General Data Protection Regulation and equivalent laws:

  • Access to your personal data (Art. 15).
  • Rectification of inaccurate or incomplete data (Art. 16).
  • Erasure — the “right to be forgotten” (Art. 17).
  • Restriction of processing (Art. 18).
  • Data portability (Art. 20).
  • Objection to processing based on legitimate interests (Art. 21).
  • Withdrawal of consent at any time, where processing is based on consent (Art. 7).
  • Right to lodge a complaint with your national supervisory authority.

Lawful bases for processing. We rely on the following lawful bases under Article 6 GDPR:

  • Consent (Art. 6(1)(a)) for analytics, performance monitoring, and any future marketing tools.
  • Performance of a contract (Art. 6(1)(b)) when we provide the Service to you under our Terms of Use.
  • Legitimate interests (Art. 6(1)(f)) for security, error monitoring, fraud prevention, and replying to your support messages. We have weighed these interests against your rights and consider them proportionate.
  • Legal obligation (Art. 6(1)(c)) where required by law.

Controller and contact. The controller is Buck Hill Equestrian LLC d/b/a RingTime, contactable at help.ringtime@gmail.com. We have not appointed a Data Protection Officer because we do not meet the GDPR’s designation criteria.

11.4 Other US State Privacy Laws

Residents of states with comprehensive consumer privacy laws — including Virginia (CDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Iowa (ICDPA), Delaware (DPDPA), New Hampshire (NHDPA), New Jersey (NJDPA), Minnesota (MCDPA), Maryland (MODPA), Tennessee (TIPA), Indiana (ICDPA), Florida (FDBR), and others as enacted — generally have the right to:

  • Access the personal information we hold about you.
  • Delete personal information.
  • Correct inaccurate personal information.
  • Receive a portable copy of your personal information.
  • Opt out of targeted advertising, the sale of personal information, and certain forms of profiling. As noted above, we do not engage in any of these activities, but the right is preserved.

To exercise any applicable right, email help.ringtime@gmail.com. If we deny your request, we will explain why and (in jurisdictions that provide one) tell you how to appeal that decision.

12. Children’s Privacy

Plain English: The Service isn’t for kids. We don’t collect data from anyone under 16.

The Service is intended for individuals who are at least 16 years of age. We do not knowingly collect personal information from anyone under 16, and we do not direct any of the Service to children under 13 within the meaning of the Children’s Online Privacy Protection Act (COPPA). If we learn that we have collected personal information from someone under 16, we will take steps to delete it promptly. Parents or guardians who believe a child has provided us with personal information may contact us at help.ringtime@gmail.com.

13. International Data Transfers

Plain English: Our servers and providers are in the US. If you visit from outside the US, your data crosses a border to reach us.

RingTime is based in the United States, and our processors (Vercel, PostHog, Sentry, Resend) primarily process data in the United States. If you access the Service from the European Economic Area, the United Kingdom, Switzerland, or another jurisdiction with different data-protection laws, your information will be transferred to and processed in the United States. Where required, we rely on the European Commission’s Standard Contractual Clauses (and the UK International Data Transfer Addendum where applicable) as the lawful mechanism for such transfers. By using the Service you understand that your information will be processed in the United States in accordance with this Privacy Policy.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The version is identified by the “Last Updated” date at the top of this page. If we make a material change — in particular one that expands what we collect or how we use it — we will give you advance notice through the Service (for example, via an in-app notice or a banner on the website) and, where required, ask you to reconfirm your cookie consent. Your continued use of the Service after the effective date of the revised Privacy Policy constitutes your acceptance of the changes.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, contact us at:

Buck Hill Equestrian LLC d/b/a RingTime

New Jersey, USA

Phone: 646-996-2995

Email: help.ringtime@gmail.com