Cookie Policy
Effective date: 2026-05-03 Version: 1
This page lists every cookie or similar storage mechanism that MathSimulation uses, why we use it, and how long it lasts. We use only essential cookies — there are no analytics, advertising, or social-media trackers.
What is a cookie
A cookie is a small text file stored in your browser by a website. It allows the website to remember information about you between page loads (for example, that you are signed in).
Cookies we set
| Name | Purpose | Type | Expiration |
|---|---|---|---|
__Secure-next-auth.session-token (production) or next-auth.session-token (local development) | Keeps you signed in. Without it you would have to enter your password on every page. | Strictly necessary | At end of session if you don't pick "Remember me", otherwise 30 days |
__Host-next-auth.csrf-token | Protects sign-in and other state-changing requests from cross-site request forgery (CSRF) attacks. | Strictly necessary | Session |
__Secure-next-auth.callback-url | Remembers which page to send you back to after you complete OAuth (Google) sign-in. | Strictly necessary | Session |
__Secure-next-auth.pkce.code_verifier | Used by NextAuth's OAuth flow to confirm that the response from Google is for the request you started. | Strictly necessary | A few minutes during sign-in |
All cookies in the __Secure- and __Host- families are set with
the Secure, HttpOnly, and SameSite attributes when running on
HTTPS, which protects them from being read by client-side JavaScript
or sent to third-party domains.
Cookies we DO NOT set
We do not use:
- Google Analytics, Mixpanel, Plausible, or any analytics platform.
- Facebook Pixel, LinkedIn Insight Tag, or any advertising trackers.
- Hotjar, Fullstory, or session-replay tools.
- Third-party social media sharing widgets.
If we ever add any non-essential cookie or tracker, we will notify existing users and require you to opt in before the new tracking starts.
Local storage
Certain user-interface preferences are stored in your browser's local storage (not as cookies). These never leave your device and are not transmitted to our servers:
- The active tab in the project tree (Geometry / Mesh / Cases).
- Whether the residual chart is visible.
- Recently used colors / display settings in the 3D viewer.
- The expanded/collapsed state of tree branches.
Clearing your browser's local storage will reset these preferences but will not affect your account or project data.
Third-party cookies
When you choose to sign in with Google, Google sets its own cookies on its own domain as part of the OAuth flow. Those cookies are governed by Google's privacy policy; we do not control them.
When you load the Service, AWS S3 and Vercel may set short-lived caching cookies on their own domains. These are operational and do not identify you.
Your choices
Because all our cookies are strictly necessary, blocking them in your browser will prevent you from signing in or using the Service. We do not support a "cookie banner" or opt-out flow for essential cookies because no opt-out is technically meaningful — you cannot use the Service without them.
Contact
For questions about this Cookie Policy, contact us at the email address listed in our Privacy Policy.