Merchant of Record: Payments are processed by Paddle.com Market Limited, who acts as the Merchant of Record for all transactions. Paddle handles payment data, invoicing, and tax compliance. This privacy policy covers the data that BunnyRadio collects and processes directly.
BunnyRadio and Paddle are independent data controllers. Each party independently complies with applicable data protection laws. Paddle shares buyer data (name, email address, purchase history) with BunnyRadio for order fulfillment and product support only. We will not use data received from Paddle for marketing purposes without your separate, explicit consent. See Paddle's Data Processing Addendum for details.
BunnyRadio ("we", "us", "our") operates the website bunnyradio.com and provides a SaaS platform for time-shifted FM radio listening. We are the data controller for the personal data described in this policy.
Contact: support@bunnyradio.com
We do not store credit card numbers, bank details, or billing addresses. All payment data is held by Paddle as Merchant of Record. See Paddle's Privacy Policy for details.
| Purpose | Lawful basis (GDPR Art. 6) | Data used |
|---|---|---|
| Provide the service | Contract (Art. 6(1)(b)) | Email, password, coverages |
| Process subscription | Contract (Art. 6(1)(b)) | Paddle customer ID, coverage selection |
| Security & fraud prevention | Legitimate interest (Art. 6(1)(f)) | IP address, session tokens |
| Improve the product | Legitimate interest (Art. 6(1)(f)) | Usage data (anonymized) |
| Analytics (conversion funnel) | Consent (Art. 6(1)(a)) | Anonymous client ID, page views, conversion events |
| Advertising measurement — engagement signals | Legitimate interest (Art. 6(1)(f)) | Interaction signals from the application (station changes, playback controls, and similar usage events) sent server-side to advertising measurement platforms (Meta, Reddit, Google Ads). No new cookies are set; existing attribution identifiers (fbclid, gclid, rdt_cid) are reused where present. You may object to this processing at any time. |
| Service notifications | Contract (Art. 6(1)(b)) |
We do not use your data for marketing emails unless you explicitly opt in. We do not sell, rent, or trade your personal data to third parties.
| Provider | Purpose | Location |
|---|---|---|
| Paddle.com Market Limited | Payment processing, invoicing, tax compliance | UK / EU |
| Amazon Web Services (AWS) | Hosting, CDN (CloudFront), database (RDS), storage (S3) | EU (Frankfurt) |
| AWS Amplify | Frontend hosting and SSR | EU (Frankfurt) |
| Google LLC (Google Analytics 4) | Pseudonymous usage analytics (opt-in for cookies). Anonymous, cookieless aggregate signals sent to all visitors via Google Consent Mode v2 — no cookies set, no user identification. | US (with EU-US Data Privacy Framework) |
| Meta Platforms Ireland Ltd | Advertising measurement and conversion tracking (opt-in only). Data: pseudonymised browser identifiers (_fbp cookie), page view events, conversion events | US (with EU-US Data Privacy Framework) |
| Reddit Inc. | Conversion attribution and advertising analytics (opt-in only). Sets _rdt_uuid cookie when marketing consent is granted; receives hashed email/IP and user agent server-side for ad-click match-back. Transfer safeguarded by Standard Contractual Clauses (SCCs). | US (SCCs) |
| Google Ireland Limited | Google Ads conversion tracking and Enhanced Conversions (opt-in only). Receives hashed email and billing country/postal code for conversion match-back. Sets _gcl_aw and _gcl_au cookies when marketing consent is granted. Gordon House, Barrow Street, Dublin 4, Ireland. EU-based; any residual US transfer safeguarded by EU-US Data Privacy Framework and SCCs. | EU (Ireland) |
Core infrastructure is hosted in the EU (AWS eu-central-1, Frankfurt). Your account data, listening history, and broadcast content never leave the EU.
When you opt in to analytics, anonymized usage data (page views, conversion events) is sent to Google Analytics via a server-side proxy. No personally identifiable information is included. This transfer is safeguarded by the European Commission's adequacy decision for the EU-US Data Privacy Framework (adopted 10 July 2023), under which Google LLC is a certified participant. Google Ads conversion tracking is provided by Google Ireland Limited (EU), with any residual US transfers safeguarded by the EU-US Data Privacy Framework and SCCs. Transfers to Reddit Inc. (US) are safeguarded by Standard Contractual Clauses (SCCs). No other personal data is transferred outside the EU/EEA.
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
| token | Authentication session (HTTP-only, secure) | 1 day (30 days with Remember Me) | Essential |
| user_display | Display name and role indicator (client-readable, not HTTP-only) | 1 day (30 days with Remember Me) | Essential |
| CloudFront access cookies (3) | Secure access to time-shifted streams via CDN | Session | Essential |
| Paddle cookies | Checkout functionality and fraud prevention | Session | Essential |
rsr_attr | First-party attribution cookie. Consolidates ad-click identifiers (fbclid, gclid, rdt_cid) on first visit to attribute sign-ups and subscriptions to the correct ad campaign. No personal data is stored; the value is the raw click ID from the landing URL. | 90 days | Necessary / Marketing |
We use Google Consent Mode v2 for all visitors. Without analytics consent, Google receives only anonymous, cookieless aggregate signals to help model traffic patterns — no cookies are set and no user is identified. When you grant analytics consent via the cookie banner, Google Analytics sets the following HTTP cookies. These are cleared immediately if you revoke consent.
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
_ga | Google Analytics client identifier. Distinguishes unique users across sessions. | 180 days | Analytics (opt-in) |
_ga_<ID> | Per-stream variant of the Google Analytics client identifier. Same purpose, scoped to a specific data stream. | 180 days | Analytics (opt-in) |
_gid | Google Analytics session identifier. Distinguishes unique users within a 24-hour window. | 24 hours | Analytics (opt-in) |
_gat | Google Analytics throttle cookie. Limits the rate of requests sent to Google. | 1 minute | Analytics (opt-in) |
When you grant marketing consent via the cookie banner, Meta Pixel, Reddit Pixel, and Google Ads set the following HTTP cookies. These are cleared immediately if you revoke consent.
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
_fbp | Meta Pixel browser identifier. Used to measure ad effectiveness and attribute conversions. | 90 days | Marketing (opt-in) |
_rdt_uuid | Reddit Pixel visitor identifier. Used to measure ad effectiveness and attribute conversions from Reddit advertising campaigns. | 90 days | Marketing (opt-in) |
_gcl_aw | Google Ads click attribution. Stores the Google Click Identifier (gclid) from an ad click to attribute conversions. | 90 days | Marketing (opt-in) |
_gcl_au | Google Analytics/Ads first-party measurement. Used to improve ad targeting and measure conversion events across Google services. | 90 days | Marketing (opt-in) |
When you grant marketing consent via the cookie banner, we send hashed (SHA-256) versions of your email address and name to Meta via their Conversions API for conversion measurement. This one-way hashing means the original values cannot be recovered. This server-side data is used alongside the Meta Pixel to measure advertising effectiveness. This transfer is governed by Meta's Data Processing Terms. If you revoke marketing consent, no further hashed personal data is sent.
In addition, interaction signals from within the application (such as station changes, playback controls, and similar engagement interactions) are sent server-side to Meta, Reddit, and Google Ads under legitimate interest (GDPR Art. 6(1)(f)) for advertising measurement purposes. No new cookies are set by this processing; existing attribution identifiers are reused where present. You may object to this processing at any time by contacting support@bunnyradio.com.
We use Google Ads Enhanced Conversions. When you grant marketing consent (GDPR Art. 6(1)(a)), we send a hashed (SHA-256) version of your email address and your billing country and postal code to Google Ireland Limited for conversion match-back. This one-way hashing means the original values cannot be recovered. Additionally, the gclid URL parameter (present on Google Ads click-through URLs) and your IP address and user agent are processed server-side under legitimate interest (GDPR Art. 6(1)(f)) solely to attribute ad clicks to conversions — they are never used for advertising targeting. If you revoke marketing consent, no further hashed data is sent; gclid/IP/UA processing under legitimate interest continues.
The rdt_cid URL parameter (present on Reddit Ads click-through URLs) is processed server-side for ad-click attribution under legitimate interest (GDPR Art. 6(1)(f)). It is never stored in a cookie and is never used for advertising targeting — it is used solely to measure whether an ad click led to a sign-up or subscription.
When you grant analytics consent via the cookie banner, we store the following in your browser's localStorage:
| Key | Purpose | Duration | Type |
|---|---|---|---|
| bunnyradio_cid | Anonymous client identifier (random UUID, not linked to your account). Removed when analytics consent is revoked. | Until consent revoked | Analytics (opt-in) |
| bunnyradio_consent_v2 | Keeps your cookie preference and consent timestamp | 6 months (auto-renewal prompt) | Essential |
Analytics and marketing data is only collected after you grant explicit opt-in consent via our cookie banner. You can withdraw consent at any time, after which all associated cookies are cleared immediately and no further data is collected.
Under the General Data Protection Regulation, you have the right to:
To exercise any of these rights, email support@bunnyradio.com. We will respond within 30 days.
You also have the right to lodge a complaint with your local data protection supervisory authority.
We protect your data with industry-standard measures including encrypted connections (TLS 1.3), hashed passwords (bcrypt), HTTP-only secure cookies, and access controls. All data is stored in encrypted-at-rest AWS RDS and S3 instances within the EU.
BunnyRadio is not directed at anyone under the age of 16 (or the minimum age for digital consent in your EU member state, if lower). We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@bunnyradio.com. We will promptly delete the data from our systems.
We may update this privacy policy from time to time. Material changes will be communicated via email to registered users. The "last updated" date at the top reflects the most recent revision.
Questions? Contact us at support@bunnyradio.com.