Cookie Policy
Last updated: 4 June 2026
This policy explains how Soneam uses cookies and similar technologies (including browser localStorage) — collectively “storage”. Under the EU ePrivacy Directive (Art. 5(3)) and equivalent rules, storing or accessing information on your device is assessed the same way whether it is a cookie or another mechanism.
1. Strictly necessary cookies
These are required for the Service to work and do not track you across other sites. They are exempt from consent.
| Name | Purpose | Expiry |
|---|---|---|
| sessionid | Keeps you signed in / holds review-link access | Up to 90 days (sliding); cleared on sign-out |
| csrftoken | Security — protects against cross-site request forgery | ~12 months |
2. Functional / preference storage
For convenience we also store a few small values in your browser’s localStorage. These stay on your device, are not transmitted to us as cookies, and are not used for tracking or advertising — but they are not strictly necessary to provide the Service:
| Key | Purpose |
|---|---|
| soneam_view | Remembers your list/grid layout preference |
| soneam_reviewer_name / _email | Pre-fills your name/email on a review link so you don’t retype it |
Because these are functional rather than strictly necessary, if and when we introduce a consent banner for EU/EEA/UK visitors (see §3), we will include this functional storage in the choices offered there.
3. Analytics & what we don’t use
We use privacy-first, cookieless analytics — Plausible for aggregate web statistics and PostHog (server-side) for product-usage events. These set no cookies, store no identifiers on your device, and do not track you across other sites; because they place no non-essential information on your device, no consent banner is required. We do not use advertising or cross-site tracking cookies, and we do not sell your data.
If we ever add a technology that stores non-essential information on your device (e.g. cookie-based analytics), we will first:
- request your consent via a cookie banner for EU/EEA/UK visitors (ePrivacy);
- comply with Japan’s External Transmission Rules under the Telecommunications Business Act (電気通信事業法の外部送信規律, in force June 2023) by disclosing the transmission destination and the information sent, and providing a means to review it;
- address any confirmation duties for “personal-related information” (個人関連情報) under APPI where applicable; and
- update this page accordingly.
Our own session and CSRF cookies are first-party and out of scope of the External Transmission Rules.
4. Managing storage
You can clear or block cookies and site data in your browser settings, though the Service may not function correctly without the strictly necessary cookies above. See the instructions for Chrome, Safari, Firefox and Edge.
5. Contact
Questions: [email protected].
Operated by ITB Consulting Inc. (ITBコンサルティング株式会社). See also our Privacy Policy, Terms of Service and Specified Commercial Transactions Act disclosure.