SolBeat — Cookie Notice
Effective date: May 22, 2026 Last updated: June 12, 2026 Version: 1.1 (Pilot)
1. What This Notice Covers
This Cookie Notice explains how SolBeat uses cookies and similar local-storage technologies on https://solbeat.icu and any related domains (the "Service").
This notice is part of, and should be read together with, our Privacy Policy and our Terms of Use.
2. What Are Cookies?
A cookie is a small text file that a website places on your device (computer, tablet, phone) when you visit it. Cookies let the site recognize your browser, keep you signed in, and remember small bits of information across page loads.
Beyond cookies, web applications also use related browser-storage technologies — including local storage, session storage, service worker caches, and IndexedDB — that work in similar ways. In this notice, we use the word "cookies" to cover all of them.
Cookies fall into two broad categories:
- Strictly necessary cookies — required for the site to work. These do not need your consent under Israeli or EU law.
- Optional cookies — used for analytics, personalization, advertising, or other non-essential purposes. These require your consent before they are set.
SolBeat uses only strictly necessary cookies. We do not use third-party advertising cookies, advertising trackers, or cross-site analytics cookies.
3. The Cookies and Storage SolBeat Uses
| Name / Key | Type | Purpose | Lifetime | Strictly necessary? |
|---|---|---|---|---|
authjs.session-token (or __Secure-authjs.session-token over HTTPS) | First-party cookie (HTTP-only, secure) | Keeps you signed in to the application after you authenticate. Without it the app cannot recognize you across page loads. | Up to 7 days, or until you sign out. | ✅ Yes |
authjs.csrf-token (with a __Host- prefix over HTTPS) | First-party cookie (HTTP-only, secure) | Cross-site request forgery (CSRF) protection on authentication forms. Required for sign-in security. | Session. | ✅ Yes |
authjs.callback-url | First-party cookie | Remembers the page you were trying to reach when sign-in was required, so we can return you to it after login. | Session. | ✅ Yes |
pending_invite | First-party cookie | Used only during the invite-based registration flow. Stores the invite token briefly so that, if you sign up via Google, we can match your new account to the invitation. Deleted automatically once registration completes. | Up to 1 hour. | ✅ Yes |
solbeat-cookie-consent | First-party cookie / local storage | Remembers that you have acknowledged the cookie banner so we don't show it on every page. | 12 months. | ✅ Yes |
Service worker caches (solbeat-* / solbeat-static-*, versioned) | Browser cache (Cache Storage API) | Caches static assets (icons, fonts, scripts) so the application loads quickly and works in limited-connectivity situations as a Progressive Web App. Does not store personal data. Old versions are deleted automatically when the app updates. | Until cleared by you or replaced by an updated version of the app. | ✅ Yes |
| Exam answer drafts | Session storage | While you take an MCQ exam, your in-progress answers are kept in your browser's session storage so an accidental page refresh does not lose them. Never sent anywhere except as your normal exam submission. | Until the exam is submitted or the browser tab is closed. | ✅ Yes |
| Dashboard notice dismissals | Local / session storage | Remembers which dashboard notices you dismissed (for example, rotation-exchange offers and decision banners) so they don't reappear on every visit. | Offer dismissals: until the browser tab is closed. Decision-banner dismissals: until you clear site data. | ✅ Yes |
We do not currently use any of the following:
- Third-party advertising cookies
- Cross-site advertising trackers (e.g. Facebook Pixel, Google Ads)
- Third-party analytics with user-identifying tracking
- Social-media share-button trackers
If we add any non-essential cookies in the future (for example, a privacy-respecting product-analytics tool), we will update this notice and present a renewed consent banner before any such cookie is set.
4. Cookies Set by Third Parties During Sign-In
If you sign in using Google, Google may set its own cookies on its own domains as part of the OAuth handshake. These cookies are governed by Google's own privacy and cookie policies, not ours. We do not control them and do not have access to them.
5. Your Choices
Because SolBeat uses only strictly necessary cookies, there is no way to use the Service without them — disabling these cookies would break sign-in and the application would not function.
You can still:
- Sign out to clear your session cookies.
- Use your browser's privacy settings to clear cookies and site data for
solbeat.icu(in most browsers: Settings → Privacy → Clear browsing data → choose "cookies and site data" for this site). Note that this will sign you out and reset your PWA cache. - Use a private/incognito window so that cookies are deleted automatically when you close it.
- Disable the PWA service worker in your browser's developer tools if you do not want offline caching.
If we introduce any optional cookies in the future, we will provide a clear way for you to opt in or out from a settings screen.
6. Changes to This Notice
We may update this notice from time to time — for example, if we add or remove a cookie. We will update the "Last updated" date at the top, and we will surface material changes through an in-app notice or by re-displaying the cookie banner.
7. Contact
Questions about this Cookie Notice? Contact:
SolBeat Israel Email: info@solbeat.icu