Privacy Policy
Last updated: January 25, 2026
This Privacy Policy explains how Radyora processes your personal data when you use the radyora.app website and/or application (the “Service”). Processing is carried out in accordance with the General Data Protection Regulation (GDPR) and other applicable legislation. For information about cookies and similar technologies, please see the Cookie Policy. For rules governing the use of the Service, please see the Terms and Conditions.
1. Data controller
The controller responsible for processing personal data is:
Radyora
2. Personal data we process
Depending on how you use the Service, we may process the following personal data.
2.1. Data provided by the user
Account: name (or username), email address, and password (stored securely using protection mechanisms such as hashing and/or encryption), as well as account-related preferences.
Newsletter: email address and, if provided, name, when you subscribe to communications.
Contacts: email address and the content of the message when you contact us.
2.2. Data collected automatically
Technical data: IP address (or part of the IP address), online identifiers, device type, operating system, browser, language, date, and time of access.
Usage data: pages visited, clicks and interactions, traffic source, and events related to use of the Service, for example actions in the player.
Security and performance data: technical logs to detect failures, prevent abuse, and ensure stability.
2.3. Favourites
When you add radio stations to favourites, we process your account identifier, the identification of the radio station marked as a favourite, and associated information such as date/time, to the extent necessary to provide the feature and protect the Service against abuse.
3. Purposes and legal bases
We process personal data for the following purposes and on the following legal bases.
Account management and authentication (account creation, login, profile management, and account security). Legal basis: performance of a contract.
Provision of the Service and its features, including favourites and preferences. Legal basis: performance of a contract and, where applicable, legitimate interest in ensuring operation, integrity, and abuse prevention.
Measurement and improvement of the Service through statistics and usage analysis (Google Analytics). Legal basis: consent, where required for non-essential cookies/technologies, managed through Complianz.
Advertising and monetisation (Google AdSense). Legal basis: consent, where required for personalised advertising and associated technologies, managed through Complianz, and/or contextual advertising where applicable and permitted.
Campaign measurement and marketing (Meta Pixel and TikTok Pixel). Legal basis: consent, where required, managed through Complianz.
Newsletter and communications (MailPoet). Legal basis: consent. You may withdraw your consent at any time.
Security, fraud prevention, and technical maintenance, including logs. Legal basis: legitimate interest and/or legal obligation, as applicable.
Compliance with legal obligations and responding to requests from authorities. Legal basis: legal obligation.
4. Cookies, consent, and preference management
The Service uses cookies and similar technologies. Preference management and consent collection are carried out through Complianz. Strictly necessary cookies may be used without consent. Statistics, marketing, and advertising cookies will only be used where required by law and after your consent. For more information about cookie categories, durations, and purposes, please see the Cookie Policy.
5. Recipients and processors
We may share data with service providers (processors) who assist us in operating the Service, under our instructions and with appropriate security measures. In particular, we may use:
Google (Google Analytics and Google AdSense) for measurement, analytics, and advertising.
Meta (Meta Pixel) for campaign measurement and remarketing.
TikTok (TikTok Pixel) for campaign measurement and remarketing.
MailPoet for sending newsletters and managing subscriptions.
Cloudflare for content delivery network (CDN), optimisation, and traffic security.
WordPress and Elementor as the website platform and components, including plugins required for operation.
We may also disclose data where necessary to comply with legal obligations, respond to requests from competent authorities, or protect the rights, security, and integrity of the Service.
6. International data transfers
Some service providers may process data outside the European Economic Area. Where this occurs, appropriate safeguards will be adopted, including Standard Contractual Clauses and other measures recognised under applicable law, as applicable to each provider and situation.
7. Retention periods
We keep data only for as long as necessary for the purposes described.
Account data: for as long as the account remains active. After deletion, we may retain minimal information for a limited period to comply with legal obligations, prevent fraud, and defend legal rights.
Favourites: for as long as the account remains active and/or while the feature is used. After account deletion, the data is removed or anonymised, except where temporary and proportionate technical retention is necessary.
Newsletter: until you unsubscribe or withdraw your consent.
Logs and security: for proportionate and limited periods for security and diagnostic purposes.
Cookies: as described in the Cookie Policy and according to the preferences set in Complianz.
8. Data subject rights
Under the GDPR, you may exercise the following rights: access, rectification, erasure, restriction, portability where applicable, objection where the legal basis is legitimate interest, and withdrawal of consent where the legal basis is consent.
To exercise your rights, please contact: [email protected]. We may request additional information to confirm your identity.
You also have the right to lodge a complaint with the supervisory authority in Portugal: CNPD – Comissão Nacional de Proteção de Dados.
9. Security
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, loss, or destruction. However, no system is completely infallible.
10. Minors
The Service is not intended for persons under the age of 16 without the authorisation of their legal representatives. If you become aware of any improper collection, please contact us so that we may take appropriate action.
11. Changes to this policy
We may update this Privacy Policy periodically. The current version will always be available on the Service, together with the date of the latest update.
12. Contact
For any questions relating to privacy and data protection:
Email: [email protected]