Riti – Terms of Service and Privacy Policy (MVP / Pilot)

Version: 1.0

Last updated: 2026-02-22

Prepared for: Riti (brand) operated by Cynotech AS (Org no. 830 955 372)


Terms of Service

These Terms of Service ("Terms") govern your access to and use of the Riti website and services (the "Service"). By creating an account, browsing, listing a space, creating an event, requesting a booking, or purchasing tickets, you agree to these Terms.


1. Definitions

  • "Riti", "we", "us", "our": the operator of the Service (replace with your legal entity details).
  • "Vendor" / "Space Provider": a user who lists and offers a physical space for booking.
  • "Attendee": a user who registers for or purchases tickets to events.
  • "External Location": a physical location not listed as a Riti space (e.g., private address).

2. The Service and our role

Riti is a marketplace and coordination layer for physical spaces and in-person events. Riti does not own, operate, or control the listed spaces, and is not the organizer of events unless explicitly stated. Vendors and Event Creators are responsible for their offerings, compliance, safety, and customer service.

Communication between users is handled externally via email in the MVP/Pilot. The Service does not provide in-app messaging.


3. Accounts and eligibility

  • You must be at least 18 years old to use the Service.
  • You are responsible for maintaining the confidentiality of your login credentials and for all activity under your account.

4. Listings, rules, and responsibilities

Vendors agree to:

  • Provide accurate listing information (photos, address/area, capacity, amenities, pricing, availability).
  • Review booking requests and approve/decline within the approval window (see Section 5).

Event Creators / Hosts agree to:

  • Comply with the Vendor's house rules and all applicable laws.
  • Leave the space in the agreed condition and cover damages caused by the host, attendees, or invitees.

Attendees agree to:

  • Follow event and venue rules, including safety and behavior guidelines.
  • Arrive on time and comply with capacity and access instructions.

5. Space bookings (approval-first model)

Space bookings require Vendor approval in the MVP/Pilot.

When a user submits a booking request:

  • The request is not confirmed until the Vendor approves it and payment is completed.

Booking requests expire automatically if not approved within 24 hours (or another time window specified in the product UI).

Expired requests are not charged.


6. Events and ticketing

All events listed on Riti must be physical events with a specified location.

Events may be:

  • Linked to a listed Riti space

Riti does not manage booking of external locations.

Event Creators may enable attendee approval.


7. Payments, fees, and Stripe Connect

All transactions are processed via Stripe Connect.

Riti does not hold user funds or act as escrow.

Space bookings

  • Platform fee: 10%

Event ticket payments (Phase 1)

  • Platform fee: 0%

Users must complete Stripe Connect onboarding before accepting bookings or publishing paid events.


8. Receipts and invoices (MVP/Pilot)

Users receive a payment receipt via Stripe and/or email.

Riti may generate invoice documents where required for Norwegian compliance.

Invoice roles

Space bookings

  • Vendor = seller

Events

  • Event Creator = seller

9. Cancellations and refunds (flat policy)

The MVP/Pilot uses a flat cancellation policy.

Default rules

If a Vendor cancels a paid booking:

  • User receives full refund
  • Booking is non-refundable
  • Attendees receive full refund
  • Required by law

Refunds are processed through Stripe.


10. Disputes and support

Users should first attempt to resolve issues directly via email.

Dispute process

A dispute can be opened within 7 days of event or booking end time.

Users may need to provide:

  • Photos
  • Statements

Riti may facilitate resolution or issue decisions where possible.


11. Reviews and user content

Users may post reviews and content.

You may not post content that is:

  • unlawful
  • fraudulent
  • violating others' rights

12. Prohibited activity

Examples include:

  • Misrepresenting spaces, events, identity, or payment status
  • Illegal activities or unsafe events

13. Liability and indemnity

To the maximum extent permitted by law:

Riti is not liable for actions of vendors, hosts, attendees, or third parties.

Users agree to indemnify Riti against claims arising from misuse of the Service.


14. Changes and termination

Riti may update these Terms.

Material changes will be communicated via:

  • Email

Accounts may be suspended for:

  • Policy violations
  • Safety concerns

15. Governing law

These Terms are governed by Norwegian law.

Disputes fall under the courts of Norway unless consumer law states otherwise.


Privacy Policy

This Privacy Policy explains how Riti collects, uses, shares, and protects personal data.


1. Data controller

Controller: Cynotech AS (Org no. 830 955 372)

Replace with official contact details:

  • Address: [INSERT ADDRESS]

2. What data we collect

Account data

  • name
  • phone (optional)

Profile data

  • roles
  • bio
  • space details
  • amenities
  • availability
  • requests
  • dates
  • attendee registrations
  • support emails

Payment metadata

  • Stripe customer IDs
  • payout references

Technical data

  • device identifiers
  • logs

3. How we use data

PurposeLegal Basis
Provide serviceContract
Payments & refundsContract / Legal obligation
Fraud preventionLegitimate interest
Customer supportContract / Legitimate interest
AnalyticsLegitimate interest / Consent
MarketingConsent where required

4. Sharing and processors

Data may be shared with:

  • Stripe (payments)
  • Email providers
  • Authorities if required by law

5. International transfers

Some providers may process data outside Norway/EEA.

Safeguards include Standard Contractual Clauses.


6. Retention

Data is retained as needed.

Typical Norwegian accounting retention:

  • Primary documentation: 5 years

7. Security

Measures include:

  • access controls

Users should use strong passwords.


8. Your rights

Users may request:

  • Access
  • Deletion
  • Portability

9. Cookies

We use:

  • Essential cookies for login

10. Contact

Privacy requests:

Support:


References (Internal)

  • Altinn (invoice requirements)
  • Altinn (retention)
  • Datatilsynet
  • Forbrukertilsynet
  • Forbrukerrådet
  • Stripe Connect fees