Cookies & GDPR Policy

• We do not track you, serve ads, or use analytics.
• We do not automatically detect your geographic location.
• We store one cookie only if you manually choose to save your location.
• We do not share data with third parties.
• Space weather data fetched from public APIs (HAMQSL, NOAA) is cached on our server for performance. This cache contains no user-specific data.
• Optional: if you use the "Search City" feature, your search term is sent to OpenStreetMap (Nominatim). This is only invoked when you actively use that feature.

What are cookies?

Cookies are small text files stored on your device by your browser. They are used to remember preferences between visits.

Cookies we use

userLocation Essential (functional)

This cookie stores your manually selected location so you don't have to enter it on every visit.

Contents (JSON-encoded):

Duration: 30 days (then automatically expires and is deleted)
Scope: SameSite=Lax (not sent on cross-site requests)
Created: Only when you explicitly set your location (never automatically)
Purpose: Calculate accurate sunrise/sunset times and ideal propagation hours for each radio band

Session storage (not cookies)

We also use browser sessionStorage (cleared automatically when you close the tab) for:

• locationModalDismissed — remembers that you closed the "set location" popup so it doesn't reappear during the same browsing session.
• lastGeocodeSearch — a timestamp used to rate-limit city searches (max 1 per second) to respect the OpenStreetMap API's usage policy.

How to manage or delete cookies

You can delete cookies through your browser settings at any time. You can also:

• Set a new location from within the app — this overwrites the existing cookie.
• Simply wait — the cookie automatically expires after 30 days.
• Close the browser tab — this clears session storage automatically.

Disabling this cookie will not break the site; you will just need to set your location again on your next visit (or use the default, Athens).

Personal data

None is collected automatically. The only personal data ever stored is:

• Location coordinates — only if you manually provide them (by selecting a city, searching, entering a grid square, or typing coordinates). Stored client-side in a cookie on your device. Never transmitted to our server.

Server-side logs

Our webserver may keep standard access logs (IP address, user agent, timestamp, URL requested) as is common for any website. These logs are used exclusively for security/troubleshooting and are not analyzed for profiling.

Server-side data cache

The application maintains a small file-based cache of public space-weather data in a cache/ directory on the server. This cache:

• Contains only public data from HAMQSL and NOAA (solar flux, K-index, sunspot counts, etc.)
• Contains no user-identifying information
• Exists purely for performance — to avoid hammering the upstream APIs
• Is refreshed every 10 minutes to 24 hours depending on the data type

This site communicates with the following third parties:

HAMQSL.com Server-side

Source of current solar/ionospheric data. Our server fetches XML data. Your browser never connects directly to HAMQSL, and HAMQSL never sees your IP address.

https://www.hamqsl.com/solarxml.php

NOAA Space Weather Prediction Center Server-side

Source of historical solar/geomagnetic indices and the predicted solar cycle. Same as HAMQSL: requests originate from our server, not your browser.

https://www.swpc.noaa.gov

OpenStreetMap / Nominatim Client-side, opt-in

Used for city search and reverse geocoding. Only called when you actively use the "Search City" feature or manually input coordinates/grid square. When this happens, your browser sends:

• Your search term (e.g. "Madrid, Spain"), or your coordinates, to nominatim.openstreetmap.org
• Your IP address, as is standard for any HTTP request

We do not proxy or store these requests. You can avoid this entirely by using the pre-defined city list, the grid square input, or manual coordinate input.

OpenStreetMap Privacy Policy

CDN resources (Bootstrap, FontAwesome, Chart.js) Client-side

Stylesheets and JavaScript libraries are loaded from public CDNs. These CDNs may see your IP address as part of serving static files. We use Subresource Integrity (SRI) hashes where supported to ensure the files have not been tampered with.

• Bootstrap CSS — stackpath.bootstrapcdn.com
• Font Awesome — cdnjs.cloudflare.com
• Chart.js — cdn.jsdelivr.net

A typical page load works as follows:

Your location coordinates never leave your browser unless you actively use the Nominatim-based city search. All ideal-hours calculations happen locally in JavaScript.

Because this site does not collect or process personal data on its servers, most GDPR rights are trivially satisfied:

• Right of Access: We hold no personal data about you on the server. Your location cookie lives only in your browser — you can inspect it via browser devtools.
• Right to Rectification: Simply set a new location in the app.
• Right to Erasure: Delete the userLocation cookie via your browser settings, or wait 30 days for automatic expiry.
• Right to Restriction: Do not set a location; the app will continue to work using the default.
• Right to Object: Simply do not set a location.
• Right to Data Portability: The location cookie is plain JSON; you can copy its contents from browser devtools.

• All external API requests use HTTPS with certificate verification.
• Cookies use SameSite=Lax to mitigate CSRF.
• All dynamic HTML output is escaped against XSS.
• CDN resources use Subresource Integrity (SRI) hashes.
• The server-side cache directory is protected from direct web access.

This policy may be updated occasionally. Material changes will be reflected on this page with an updated modification date below.

Last updated: April 23, 2026

For any questions regarding personal data protection or to exercise your rights, you can contact:

SV5FRI

This website is a free tool for amateur radio operators and does not collect or process sensitive personal data.