RadioRoxi
Legal

Privacy Policy

Last updated: June 2025  ·  Effective date: June 2025

Summary: RadioRoxi only collects what it needs to run the website and chat. We do not sell your data, run adverts against it, or share it with third parties for marketing. Chat messages are automatically deleted after 7 days.

1. Who We Are

RadioRoxi is an online radio station based in London, United Kingdom. We operate the website at radioroxi.com and the associated live chat service.

Data Controller: RadioRoxi
Contact: hello@radioroxi.com
Address: London, United Kingdom

As data controller, we determine how and why personal data is processed. This policy explains what data we collect, how we use it, and the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. What Data We Collect and Why

2.1 Live Chat

When you use the RadioRoxi live chat, we collect:

  • Display name — the username you choose before joining the chat. This is user-chosen and need not be your real name.
  • Chat messages — the text you send in the chat room.
  • Timestamp — the date and time each message was sent.

We do not collect your IP address, email address, device identifiers, or any other personal information when you use the chat as a regular listener.

2.2 Contact Form

When you submit the contact form, we collect:

  • Your name
  • Your email address
  • Your message

This data is used solely to respond to your enquiry. Contact form submissions are handled via Formspree (see Section 5 on third parties).

2.3 Presenter Authentication

The station presenter logs into the chat using an email address and password, processed via Supabase Auth. This data is used solely to verify the presenter's identity and is not accessible to listeners.

2.4 Technical / Server Logs

Like all web servers, our hosting provider automatically records standard server log data including IP addresses, browser type, and pages accessed. This data is retained for a maximum of 30 days for security and performance purposes and is not linked to your chat activity.

3. Lawful Basis for Processing

Activity Data Lawful Basis
Running the live chat service Username, messages, timestamp Legitimate interests (providing the chat service you actively choose to use)
Responding to contact form enquiries Name, email, message Legitimate interests (responding to your direct request)
Presenter authentication Email, password hash Legitimate interests (securing the presenter function)
Server security & performance IP address, server logs Legitimate interests (keeping the service secure and available)

4. How Long We Keep Your Data

Data TypeRetention Period
Chat messages (username & content)7 days — automatically deleted
Contact form submissionsUntil the enquiry is resolved, and no longer than 12 months
Presenter login credentialsUntil the account is deleted on request
Server logsMaximum 30 days

5. Who We Share Data With

We do not sell or rent your personal data. We use the following third-party services to operate the website:

  • Supabase — our database and authentication provider. Chat messages and presenter credentials are stored on Supabase infrastructure hosted in the EU (London, eu-west-2 region). Supabase is ISO 27001 certified and processes data under standard contractual clauses. See Supabase Privacy Policy.
  • Formspree — processes contact form submissions and forwards them to our email. Formspree is GDPR-compliant. See Formspree Privacy Policy.
  • Google Fonts — we load fonts from Google Fonts, which may involve your browser making a request to Google's servers. See Google Privacy Policy.

We do not share your data with any other third parties and do not use your data for advertising or profiling.

6. International Data Transfers

Chat data is stored on Supabase's London region (eu-west-2), which is located in the United Kingdom. No international transfer of chat data takes place.

Contact form data is processed by Formspree, which may store data in the United States. Formspree maintains standard contractual clauses to ensure an adequate level of protection in accordance with UK GDPR requirements.

7. Cookies and Local Storage

We use no advertising cookies and no tracking cookies. We use browser localStorage (not cookies) for the following essential purposes:

  • rr_username — stores your chosen chat display name so you don't need to re-enter it each visit. Stored locally on your device only; never transmitted except as part of chat messages you send.
  • rr_cookie_ok — records that you have acknowledged our cookie notice. Stored locally on your device only.

The presenter login uses a Supabase Auth session, which is stored in localStorage on the presenter's device only.

You can clear all localStorage data at any time through your browser's developer tools or privacy settings (usually under "Clear site data" or "Clear cookies and storage").

8. Your Rights Under UK GDPR

Under UK GDPR, you have the following rights:

  • Right of access — you can request a copy of any personal data we hold about you.
  • Right to rectification — you can ask us to correct inaccurate data.
  • Right to erasure ("right to be forgotten") — you can ask us to delete your personal data. Note that chat messages are automatically deleted after 7 days regardless.
  • Right to restriction of processing — you can ask us to restrict how we process your data in certain circumstances.
  • Right to data portability — you can ask for your data in a structured, machine-readable format.
  • Right to object — you can object to processing based on legitimate interests. Where we rely on legitimate interests, we will consider your objection carefully.
  • Rights related to automated decision-making — we do not carry out any automated decision-making or profiling.

9. How to Exercise Your Rights

To exercise any of your rights, please contact us at hello@radioroxi.com. We will respond within one calendar month as required by UK GDPR.

Please note that because chat usernames do not need to be real names, it may not always be possible for us to identify which messages belong to you without additional information.

If you are not satisfied with our response, or believe we are processing your data unlawfully, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

  • Website: ico.org.uk
  • Helpline: 0303 123 1113
  • Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

10. Children's Privacy

RadioRoxi is not directed at children under the age of 13. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal data, please contact us at hello@radioroxi.com and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date at the top of this page will reflect any changes. For significant changes, we will post a notice on the website. Continued use of our services after changes are posted constitutes acceptance of the updated policy.

12. Contact and Complaints

For any privacy-related questions or to exercise your rights, please contact:
Email: hello@radioroxi.com
Post: RadioRoxi, London, United Kingdom

We take all privacy concerns seriously and will respond promptly to your enquiry.