Cookie Policy

This Cookie Policy explains how [REPLACE: registered legal entity name] ("Revan", "we", "us", "our") uses cookies and similar technologies on https://revan.app and inside the logged-in product. It is published in line with Article 5(3) of Directive 2002/58/EC (the "ePrivacy Directive"), as transposed in each EU member state, and the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR").

On this page

1. Scope of this policy

This policy covers any storage of information on, or reading of information from, your device when you use Revan. That includes HTTP cookies and equivalent technologies such as browser `localStorage` and `sessionStorage`.

Where the data we store or read also qualifies as personal data, the Privacy Policy applies in addition to this Cookie Policy.

2. What cookies and similar technologies are

A cookie is a small text file that a site sends to your browser and that your browser returns on later requests. `localStorage` and `sessionStorage` are similar mechanisms that let a site keep small values on your device between page loads.

We treat all of these the same way for consent purposes. Strictly necessary entries are set by default. Everything else is set only after you opt in.

3. What we set, and why

All entries below are first-party. They are set by Revan domains. We do not load third-party advertising or cross-site tracking technologies on any page.

Optional entries described in section 3.2 are set only after you turn them on under Account settings. They are not pre-ticked at sign-up.

3.1 Strictly necessary

These entries are required for the product to function or for security. Under Article 5(3) of the ePrivacy Directive they are exempt from prior consent. You can still erase them through your browser at any time, with the consequences noted in section 6.

  • `revan_auth` (HTTP cookie, HttpOnly, Secure when served over HTTPS). Keeps you signed in. Lifetime tied to your active session.
  • `revan_browser` (HTTP cookie, HttpOnly). Recognises a browser you have previously verified, so we can reduce repeated step-up checks at sign-in. Lifetime up to 365 days.
  • `revan_locale` (HTTP cookie). Stores the interface language you selected (English, Hebrew, Hungarian). Set as a direct result of your language choice. Lifetime up to 365 days.
  • `revan_telemetry_consent` and `revan_optional_cookies_consent` (`localStorage`). Record whether you accepted or declined optional analytics, so we do not ask again. Kept until you clear browser storage or change your decision.
  • `revan_onboarding_*` (`localStorage`). Short-lived sign-up state used to resume an onboarding flow you started. Removed automatically when onboarding completes.

3.2 Optional, set only after you opt in

Inside the logged-in product (`/app`) we use first-party scripts from Vercel Web Analytics and Vercel Speed Insights to measure aggregate usage and real-user performance. They are loaded only after you turn the control on under Settings → Account. They are not loaded on the marketing site or in this docs site.

If you have not made a choice, or you have declined, those scripts are not loaded and no related identifiers are stored on your device. Vercel processes the resulting data on our behalf as a processor under Article 28 GDPR.

For the entries listed in section 3.1 we rely on the strict-necessity exemption in Article 5(3) of the ePrivacy Directive. To the extent personal data is involved, our GDPR legal basis is performance of the contract with you (Article 6(1)(b)) and our legitimate interest in keeping the service secure (Article 6(1)(f)).

For the optional analytics described in section 3.2 we rely on your prior consent under Article 5(3) of the ePrivacy Directive, and Article 6(1)(a) GDPR. Consent is opt-in, specific, informed, and as easy to withdraw as it is to give.

You can accept or decline optional analytics during onboarding, and at any later time under Settings → Account. Switching the control off records your decision as declined and stops the optional scripts from loading on future page visits.

Withdrawing consent is as straightforward as giving it, and does not affect the lawfulness of processing carried out before withdrawal.

6. Controlling cookies through your browser

Most browsers let you view, block, or delete cookies and clear local site storage from their settings menu. You can also set the browser to warn you before a cookie is set.

Blocking or deleting strictly necessary entries will sign you out, and may require you to repeat security checks the next time you sign in.

7. Changes to this policy

We may update this policy to reflect changes to the product or to the law. If we add a new category of optional cookies or similar technologies, we will ask for your consent before it is used. The current version is always available at https://revan.app/docs/cookies. This version was last updated on May 15, 2026.

8. Contact and complaints

Questions about this policy can be sent to privacy@revan.app. For broader data protection requests, see the Privacy Policy.

If you are in the EU, you have the right to lodge a complaint with the supervisory authority in your member state of residence, place of work, or alleged infringement. Our lead supervisory authority is [REPLACE: lead supervisory authority in your member state].