Privacy

We collect as little data as possible. This page describes everything that happens when you visit rebelmedia.network, fill out the contact form, subscribe to the newsletter, or play the live stream.

Controller

The party responsible for data processing on this website is:

Rebel Media Network
Rebenweg 9, 6331 Hünenberg
contact@rebelmedia.network

Overview

Personal data is processed only in the following situations:

  • When you use the contact form — name, email, optional organization, topic, message.
  • A functional cookie to remember your language choice.
  • A cookie stores your cookie preferences both locally and on the server so we know whether to load third-party content.
  • Optional: fonts from Google Fonts only load if you allow it in the cookie banner — your IP is shared with Google.
  • No external libraries are currently loaded — all animation scripts are self-hosted.
  • When you play the live stream, your browser connects directly to laut.fm — we don't see it.

Contact form

When you contact us via the form, the data you provide (name, email, optional organization, topic, message) is collected to handle your request and routed automatically to the appropriate inbox (booking@, press@, demo@, etc.). A confirmation email is sent from no-reply@rebelmedia.network.

Additionally, an internal log records the receipt of the request with ticket number, timestamp, language, and assigned department — without message content. This log serves quality control and response-time tracking.

Legal basis: Art. 6(1)(b) GDPR (pre-contractual measures) and Art. 31(1) of the revised Swiss Federal Act on Data Protection (FADP, in force since 1 September 2023). Data is generally retained for 24 months unless a longer retention period applies, then deleted.

Newsletter

When you subscribe, the following data is stored: email address, subscription timestamp, IP at signup, language, source page (e.g. "publishing-103-7"), and a random confirmation token.

We use the double-opt-in process: after subscribing, you receive an email with a confirmation link. Only when you click it does the subscription become active. This documents and verifies your consent.

You can unsubscribe at any time using the link in any newsletter email. Unsubscription takes effect immediately — the signup data remains stored as documentation of the original consent (status: "unsubscribed"). You may request full deletion via contact@rebelmedia.network.

Legal basis: Art. 6(1)(a) GDPR (consent) and Art. 31(1) FADP. The data is used exclusively for sending the newsletter and is not shared with third parties.

Email delivery

Confirmation and reply emails (e.g. newsletter confirmation, contact form replies) are sent via the SMTP service of our hosting provider Servertown.ch. Your email address and message content are necessarily transmitted to the email server.

Servertown.ch is a Swiss hosting provider based in Switzerland. Data processing is therefore governed by the Swiss Federal Act on Data Protection (FADP). No data is transferred to third countries.

Cookies

We use only strictly necessary cookies. There is no tracking, no analytics, no advertising.

rmn-consent (1 year)
Stores your cookie banner decision. Content: JSON with "thirdparty: true|false". No third parties are currently active; the cookie is kept for backward compatibility.
PHPSESSID (session cookie, admin only)
Set only when you log in to the admin backend — stores your session and is deleted when you close the browser. The public website does not use session cookies.

Third parties

The following third parties are integrated — the first two only after your explicit consent via the cookie banner.

Google Fonts
Loads the "Geist" and "Geist Mono" fonts from fonts.googleapis.com. When the connection is active, your IP is transmitted to Google LLC (USA). Only loaded if you accepted "third party" in the cookie banner — otherwise system fonts are used.
esm.sh (CDN)
This site no longer loads external JavaScript libraries. Lenis, GSAP and SplitType are self-hosted since May 2026 (assets/js/vendor/) and served directly by rebelmedia.network — no third-party connection, no IP transmission to CDNs.
laut.fm
Hosts the live audio stream "Rebel Media Network Radio". When you start the player, your browser connects directly to stream.laut.fm — we don't broker the connection. laut.fm has its own privacy policy at laut.fm/datenschutz.
Servertown.ch (SMTP)
Email delivery for newsletter confirmations, contact form replies, and administrative notifications. Server location: Switzerland. Only data you have entered yourself is processed (your email address as recipient).

Server logs

For security and debugging, three types of logs are kept on the server:

Apache access logs (max. 30 days)
Timestamp, IP, user-agent, requested URL, HTTP status. Created automatically by the hosting provider and deleted after a maximum of 30 days. We don't use these logs for analytics.
Audit log (admin activity, max. 12 months)
Records security-relevant admin events: logins, failed logins, data changes, cover uploads. Contains no visitor data — only admin activity. Auto-rotated at 5 MB (oldest 50% archived) and manually capped at 12 months.
Rate-limit data (max. 24 hours)
To prevent brute-force login attempts and form spam: temporary storage of IP addresses and request counters. Automatically deleted after 24 hours.

Geolocation (artist GPS data)

Some artist setcards optionally store a GPS location (latitude/longitude) showing the artist's home or base on a map. This GPS data is not collected from you as a visitor — it was manually entered by the artist or roster admin and is static content of the setcard.

When editing a setcard in the admin area, the browser Geolocation API can optionally be used to auto-fill the current position. This only happens after explicit consent by the editor user in the browser dialog. The coordinates are saved on the setcard and shown on the frontend — never used for analytics or tracking.

Legal basis: Art. 6 para. 1 lit. f GDPR (legitimate interest: accurate artist presentation) and Art. 31 para. 1 Swiss FADP. When you view a setcard as a visitor, no geolocation data is requested from you.

Your rights

Under GDPR and FADP, you have the following rights regarding your data:

  • Access to data stored about you (Art. 15 GDPR, Art. 25 FADP)
  • Correction of inaccurate data or completion of incomplete data (Art. 16 GDPR)
  • Deletion of your data, unless legal retention obligations apply (Art. 17 GDPR)
  • Restriction of processing, objection to processing, and data portability (Art. 18, 20, 21 GDPR)

To exercise your rights, please contact: contact@rebelmedia.network

Changes

This privacy policy is updated whenever data processing on the site changes. The current version is available here.

Last updated: 2026-04-30