Fresh Soundz DAB Radio

Privacy & Cookie Notice

Last updated: June 2026 · Questions: info@freshsoundzradio.com

This notice explains what information the Fresh Soundz DAB Radio Live Shoutbox collects, why it is collected, how long it is retained, and what rights you have. We collect only the minimum data needed to run the shoutbox safely and fairly.

1. Who we are

The shoutbox is operated by Fresh Soundz DAB Radio. For data queries, contact us at info@freshsoundzradio.com.

2. Data we collect and why

Account data (registered users only)

Username — chosen by you; visible publicly in every message you post.
Email address — used only to verify your account and to send password-reset links. Never shared publicly or with third parties.
Password — stored only as a bcrypt hash. We cannot read your password.
Avatar image — uploaded voluntarily. Stored on our server and visible to all visitors. You can remove it at any time from your account.

Message content

Every shout you post is stored in our database and may be visible to all visitors.
Admin and moderators can read, delete, and retain messages for moderation purposes.
Deleted messages are hidden from the public feed but may remain in our database for a short retention period.

Technical data (all visitors)

IP address — recorded when you post a message or register. Used to enforce rate limits, detect abuse, and apply IP-based access controls. Not shared publicly.
Browser user-agent — a short technical string identifying your browser type. Used only for abuse detection and is truncated to 255 characters.
Session data — a standard PHP session cookie (named sb_sess) is set when you visit. It contains only an anonymous session identifier. It expires when you close your browser.
Device token — a random identifier cookie (named sb_device) set on first visit and stored for 1 year. Used only to enforce moderation restrictions (device bans) in cases of repeated abuse. It is a random string with no link to your identity.

Moderation records

If a message you attempt to post is blocked by our automated filter, we log the blocked text, your IP address, and a device fingerprint hash alongside the moderation category.
This data is used to identify and restrict repeat abusers. It is visible only to admins and moderators.
Moderation records are retained for up to 180 days and then deleted.

Song requests

If you submit a song request, your name, request details, and IP address are stored and visible to the DJ and admin team.

3. Cookies we set

    We set functional cookies only — no advertising, no tracking pixels, no analytics cookies, and no third-party cookies.
  

sb_sess — Session cookie. Keeps you logged in during your visit. Expires when you close your browser. Essential.
sb_device — Device token. A random 64-character string. Used only to enforce access restrictions in cases of severe or repeated abuse. Expires after 1 year. Functional — required for safe moderation.

Because these are strictly functional cookies required for the shoutbox to operate safely, UK and EU cookie rules do not require opt-in consent for them under the "strictly necessary" exemption. No consent banner is shown. If you do not wish these cookies to be set, please do not use the shoutbox.

4. Data retention

Account data — kept until you request deletion.
Messages — kept indefinitely unless deleted by you, a moderator, or an admin. We may implement automatic pruning of messages older than 90 days in the future.
IP addresses in messages — kept alongside the message record.
Moderation events — up to 180 days, then deleted.
Presence data — purged every 90 seconds automatically.
Rate limit records — purged within 2–4 hours automatically.

5. Who can see your data

Other users — can see your username, avatar, and message content.
Moderators and admins — can see all of the above plus your IP address and moderation history.
Our hosting provider — has access to server logs as a matter of infrastructure. We use Fasthosts / a UK-based provider.
Third parties — we do not sell, trade, or share your personal data with any third party.

6. Your rights (UK GDPR)

Right to access — request a copy of the data we hold about you.
Right to erasure — request deletion of your account and associated data.
Right to rectification — request correction of inaccurate data.
Right to object — object to processing where we rely on legitimate interests.
Right to restrict processing — ask us to pause processing of your data.

To exercise any right, email info@freshsoundzradio.com. We will respond within 30 days. Account deletion requests are processed manually; please allow up to 5 working days.

You also have the right to complain to the Information Commissioner's Office (ICO) if you believe we are handling your data unlawfully.

7. Security

Passwords are stored as bcrypt hashes. Database connections use encrypted transport. File uploads are validated, re-encoded through PHP's GD library (which strips embedded metadata), and stored with random filenames. Admin and moderator access is password-protected with rate-limited login. All state-changing requests are protected against cross-site request forgery (CSRF).

8. Children's data

The shoutbox is not directed at children under 13. We do not knowingly collect data from children. If you believe a child has created an account, please contact us immediately.

9. Changes to this notice

We may update this notice occasionally. The "Last updated" date at the top will change when we do. Continued use of the shoutbox after an update constitutes acceptance of the revised notice.

← Back to Shoutbox