Cookies
Effective: June 5, 2026
Cyber+ uses a deliberately small number of first-party cookies. We do not use third-party advertising or analytics cookies. Below is the complete list — if you find one on gocyberplus.com that isn't listed here, please email privacy@gocyberplus.com.
Strictly necessary
These cookies are required for the site to work. You can't opt out and use Cyber+ at the same time.
| Name | Purpose | Expires |
|---|---|---|
sb-access-token / sb-refresh-token | Authentication session (Supabase Auth). Lets you stay logged in. | 30 days |
cyberplus-csrf | CSRF protection on form submissions. | Session |
Preferences
Saves UI choices. You can clear these at any time in your browser settings.
| Name | Purpose | Expires |
|---|---|---|
cyberplus-theme | Your preferred theme (light, dark, sepia, auto). | 1 year |
cyberplus-accent | Your accent color choice. | 1 year |
Third-party
We use Cloudflare for DDoS protection. On signup, we use Cloudflare Turnstile (a CAPTCHA alternative that doesn't track users across the web). On payment pages, Stripe places its own cookies for fraud detection — see stripe.com/cookie-settings.
What we do NOT use
- Google Analytics
- Facebook Pixel
- Any advertising network cookies
- Any cross-site tracking
- Session-replay or behavioral-recording tools
Do Not Track
We honor the browser-level Global Privacy Control (GPC) header where it's sent. Because we don't track or sell data, GPC mostly has nothing to opt out of.
If you operate inside the EU/UK you should also consider whether you need an active consent banner under ePrivacy / PECR for non-essential cookies. The current Cyber+ cookie set is essential-only or based on user action (theme choice), which most regulators interpret as not requiring a banner — but check with your counsel.