Privacy policy
What data we collect
SolarStormAlert has no accounts, email addresses, passwords, or payment data. When you visit the dashboard, the server issues an anonymous, opaque session token. No personally identifiable information is collected at any point.
Session token
A 256-bit cryptographically random token is generated server-side on your first visit
and transmitted to your browser as an HttpOnly, Secure, SameSite=Strict cookie named ssa_session. The token is stored as a SHA-256 hash — the raw token is never
persisted. The session has no expiry. Clearing your browser cookies removes it.
The session token carries no personal data. It is used solely to gate access to the dashboard API and to enable future server-side revocation if required. The raw token value is never logged, emailed, or shared with any third party.
Analytics
This site uses PostHog EU analytics, loaded only after consent, with data processed
in the EU. No personally identifiable information is collected. Do Not Track is honored —
if your browser sends DNT:1, no analytics are loaded.
If you decline analytics, no PostHog library is loaded and no analytics requests are made.
Your choice is stored in your browser's localStorage under the key ph_consent so the consent banner does not reappear on return visits.
Cookies in use
| Name | Purpose | Type | Storage |
|---|---|---|---|
ssa_session | Anonymous session identity — gates dashboard API access | HttpOnly, Secure, SameSite=Strict | Cookie — persistent (no expiry date) |
ph_consent | Stores your analytics consent choice (accepted or declined) | Not a cookie | localStorage — persists until cleared |
Your rights
Under GDPR and applicable data-protection law you have the right to access, rectify, erase, restrict, or object to processing of personal data, and the right to data portability. Given the anonymous model — no account, no email, no name — there is typically no personal data linked to a real-world identity. Your session token is opaque and non-identifying.
To exercise any of these rights, email hello@solarstormalert.com.
Data export and deletion
To request export or deletion of any data associated with your session, email hello@solarstormalert.com.
Because the session token is anonymous and hashed at rest, there is typically
little to export. You can also delete your session immediately by clearing the ssa_session cookie in your browser settings.
Data controller
SolarStormAlert (Lars Meier)
hello@solarstormalert.com
Policy last updated
2026-06-07