Legal
Privacy Policy
Last updated: March 2026
Information We Collect
RuntimeRebel is a static website that does not require user accounts or store personal data on our own servers. Third-party services integrated into the site (described below) may collect anonymised usage data according to their own privacy policies. We do not collect data via the browser Permissions-Policy features (camera, microphone, or geolocation), which are explicitly disabled at the server level.
Analytics
We use Google Analytics 4 (GA4) to understand general traffic patterns such as page views, referral sources, and device types. GA4 is only activated if you explicitly accept cookies via the consent banner on your first visit. Data collected by Google Analytics is governed by Google's Privacy Policy. You can opt out at any time using the cookie notification on this site, or via Google's Analytics opt-out browser add-on.
Cloudflare
We use Cloudflare as our CDN and edge security provider. Cloudflare sits in front of all traffic to this site and may collect anonymised traffic analytics (such as request counts, bandwidth, and threat scores) as part of its service. Cloudflare does not receive any data you submit through this site — there are no forms or logins. Data handled by Cloudflare is governed by the Cloudflare Privacy Policy.
Advertising
We use Google AdSense to display advertisements. AdSense is only activated if you explicitly accept cookies via the consent banner. When active, AdSense may serve personalised ads based on your browsing activity using cookies and similar technologies. You can opt out of personalised advertising via the cookie notification on this site, or by visiting Google Ads Settings. Opted-out users will still see ads, but they will be non-personalised.
Some articles on this site may be sponsored or contain paid placement. Sponsored articles are clearly labelled as such. Sponsored content does not influence our editorial standards or the accuracy of threat intelligence we report.
Web Fonts
RuntimeRebel loads most display fonts (Space Grotesk, JetBrains Mono) from self-hosted
packages that are bundled into the site at build time — no outbound request is made for
those typefaces. However, the site also loads Material Symbols icons from
fonts.googleapis.com and fonts.gstatic.com. When your browser
fetches those icon resources, Google may log your IP address and browser headers in
accordance with
Google's Privacy Policy.
Cookies & Local Storage
RuntimeRebel stores your cookie consent preference in your browser's
localStorage under two keys:
-
cookie-consent— stores your choice as eitheracceptedordeclined. -
cookie-consent-ts— stores a Unix timestamp of when you made your choice. After 12 months your stored preference is cleared and the consent banner is shown again, in line with GDPR guidance on periodic renewal of consent.
Both values remain entirely in your browser and are never transmitted to our servers. Third-party services (Google Analytics, Google AdSense) may set their own cookies governed by Google's privacy policies, but only after you have explicitly accepted.
We implement Google Consent Mode v2. Before you make a consent choice,
all four consent signals — ad_storage, analytics_storage,
ad_user_data, and ad_personalization — default to
denied. They are only updated to granted if you click
Accept on the consent banner. Declining or ignoring the banner keeps all
signals denied and no tracking scripts are loaded.
How to Opt Out
A cookie consent banner is shown on your first visit. Click Decline
to keep all analytics and advertising scripts disabled. Your preference is saved in your
browser's localStorage and respected on all subsequent visits. To change your choice,
clear your browser's localStorage for runtimerebel.com and reload the page —
the consent banner will reappear.
Content Sources
Articles on RuntimeRebel are generated from publicly available RSS feeds from cybersecurity news sources including The Hacker News, BleepingComputer, SecurityWeek, Krebs on Security, Dark Reading, Schneier on Security, CISA Advisories, CrowdStrike Blog, Google/Mandiant Threat Intel, SANS Internet Storm Center, Google Project Zero, and Recorded Future. All content is processed and rewritten using Google Gemini AI. Original sources are credited via a source URL on each article where applicable.
Third-Party Links
Our articles may contain links to external websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any external sites you visit.
Installed App (PWA)
RuntimeRebel can be installed as a standalone app on supported devices and browsers via the browser's "Add to Home Screen" or "Install" prompt. Installing the site as a PWA does not grant us any additional access to your device. No additional data is collected in standalone app mode compared to normal browser use. The app manifest declares no permissions beyond what the browser already grants to any website you visit.
Email Newsletter
RuntimeRebel offers an optional email newsletter powered by Buttondown. If you choose to subscribe, your email address is submitted directly to Buttondown's servers and is governed by the Buttondown Privacy Policy. We use your email address solely to send you periodic threat intelligence digests. You can unsubscribe at any time via the link in each email. We do not share your email address with any other third party.
Data We Do Not Collect
The following data is never collected by RuntimeRebel:
- User accounts, usernames, or passwords — the site has no account system.
- Geolocation data — the
geolocationbrowser API is blocked via Permissions-Policy. - Camera or microphone data — both APIs are blocked via Permissions-Policy.
- Payment information — the site has no e-commerce or payment flows.
Changes to This Policy
We may update this privacy policy from time to time. Changes will be reflected on this page with an updated revision date.
Contact
For questions about this privacy policy, contact us at privacy@runtimerebel.com.