Cookies

Effective: June 5, 2026

Cyber+ uses a deliberately small number of first-party cookies. We do not use third-party advertising or analytics cookies. Below is the complete list — if you find one on gocyberplus.com that isn't listed here, please email privacy@gocyberplus.com.

Strictly necessary

These cookies are required for the site to work. You can't opt out and use Cyber+ at the same time.

NamePurposeExpires
sb-access-token / sb-refresh-tokenAuthentication session (Supabase Auth). Lets you stay logged in.30 days
cyberplus-csrfCSRF protection on form submissions.Session

Preferences

Saves UI choices. You can clear these at any time in your browser settings.

NamePurposeExpires
cyberplus-themeYour preferred theme (light, dark, sepia, auto).1 year
cyberplus-accentYour accent color choice.1 year

Third-party

We use Cloudflare for DDoS protection. On signup, we use Cloudflare Turnstile (a CAPTCHA alternative that doesn't track users across the web). On payment pages, Stripe places its own cookies for fraud detection — see stripe.com/cookie-settings.

What we do NOT use

  • Google Analytics
  • Facebook Pixel
  • Any advertising network cookies
  • Any cross-site tracking
  • Session-replay or behavioral-recording tools

Do Not Track

We honor the browser-level Global Privacy Control (GPC) header where it's sent. Because we don't track or sell data, GPC mostly has nothing to opt out of.


If you operate inside the EU/UK you should also consider whether you need an active consent banner under ePrivacy / PECR for non-essential cookies. The current Cyber+ cookie set is essential-only or based on user action (theme choice), which most regulators interpret as not requiring a banner — but check with your counsel.