ContractBeam

Last updated: May 31, 2026

Cookie Policy

This Cookie Policy explains how ContractBeam ("we", "us") uses cookies on https://contractbeam.com. It is written to be readable by a non-lawyer and to be honest about exactly what we do and do not do.

ContractBeam helps you discover federal contract and grant opportunities. You do not need an account, a login, or a password to use it. Because there is no login, the way we remember and personalize your experience relies on a single cookie, described below.

What cookies are

Cookies are small text files that a website asks your browser to store on your device. When you return to the site, your browser sends the cookie back, which lets the site recognize that the same browser has visited before. Cookies can be "first-party" (set by the site you are visiting) or "third-party" (set by another company, often for advertising or cross-site tracking).

Some cookies are strictly necessary for a site to function. Others — like the one we use — are not strictly necessary; they enable personalization and let us understand how the product is used.

The cookie we set

We set exactly one cookie. It is a first-party cookie, meaning it is set by ContractBeam and is not shared with advertisers or other websites.

CookiePurposeCategoryDuration
tvA randomly generated, anonymous visitor id (a UUID). It lets us remember your saved opportunities, tailor rankings and recommendations to you, and measure how the product is used (for example, which searches and results lead to saves).Functional / personalization and product analytics — not strictly necessaryAbout 2 years

Technical details: the tv cookie is HttpOnly and SameSite=Lax, and it is marked Secure in production.

Honest classification. Although the tv cookie is first-party and we use it for our own product personalization and analytics rather than advertising, it is not a strictly-necessary cookie. The site can still load and show opportunities without it; the cookie's job is to personalize your experience and to power our analytics. For that reason, in the EU and UK we treat the tv cookie as a non-essential / analytics cookie that requires your consent before we set it.

How we use the cookie

The anonymous id in the tv cookie is the key that ties together:

  • Saved opportunities — the opportunities you bookmark, so they persist for you. These remain stored until you unsave them.
  • Your behavior on the site — events such as searches, impressions, views, saves, unsaves, dismissals, bid clicks, filters, and profile actions, along with truncated query text and facets like NAICS code, agency, set-aside, state, source, and opportunity type. We use this to improve ranking and recommendations and to understand how the product's funnel works.
  • Your self-declared business profile — if you voluntarily fill it in (NAICS codes, set-asides, states, keywords), it is associated with your visitor id to provide the strongest personalization. We store the latest version you submit; it is overwritten when you update it.

The id is pseudonymous: it is not linked to your name or email, because we do not collect those.

Legal basis (EU/UK)

For people in the EU and UK, our legal bases under the GDPR are:

  • Placing the tv cookie: your consent, collected through the cookie consent banner, as required by the ePrivacy rules for a non-essential cookie.
  • Personalization, ranking, recommendations, and product analytics (the visitor id, behavior events, and saved opportunities): our legitimate interests in operating and improving the product, balanced against your privacy.
  • Your self-declared business profile: your consent, given by voluntarily filling in the optional form.
  • Rate-limiting from your IP address: our legitimate interests in security and abuse prevention. We use the IP address only as an in-memory rate-limit key and never store it.

How long we keep this data

We are honest that retention here is open-ended:

  • The anonymous visitor id persists in the cookie for about 2 years (or until you clear it).
  • Behavior events and the visitor id linkage are retained indefinitely to support ongoing ranking and analytics.
  • Saved opportunities are kept indefinitely until you unsave them.
  • Your business profile is kept indefinitely and is overwritten each time you update it.
  • The IP address used for rate-limiting is ephemeral and held only in memory; it is never written to storage.

Clearing the tv cookie severs the link between your browser and this stored data; see "Consent and how to withdraw it" and "Your rights" below.

What we do NOT use

We want to be clear about what is not happening on this site:

  • No third-party advertising cookies. We do not run ad networks and we do not set or allow advertising cookies.
  • No cross-site tracking. We do not track you across other websites, and we do not allow others to do so through our site.
  • No advertising SDKs or cross-site analytics. Our only analytics are Vercel Web Analytics and Speed Insights, provided by our hosting provider — they are cookieless, aggregate-only, and do not identify you or track you across other sites. We also keep an anonymous search log (search terms + result counts, no identifier).
  • No fingerprinting. We do not use device or browser fingerprinting.
  • No selling or sharing of data for advertising. We do not sell your personal information, and we do not share it for cross-context behavioral advertising.
  • No accounts, passwords, names, emails, payment data, or precise geolocation. We do not collect any of these from visitors. (Any contact name or email shown on an opportunity is a public government point of contact, not visitor data.)

The only cookie on the site is the first-party tv cookie described above; our analytics set no cookies at all.

Where opportunity data comes from

The opportunities you browse are aggregated from public federal sources — SAM.gov (contract solicitations), Grants.gov (grants), and USASpending.gov (awarded contracts), plus sample seed data. This is public government data, not data about you. The data about you is limited to the anonymous visitor id, your on-site behavior, your saves, and any profile you choose to fill in, as described above.

Service providers

ContractBeam runs on infrastructure operated by service providers who process requests and store data on our behalf. They are not advertisers and do not set tracking cookies through our site:

  • Vercel — hosting, edge proxy, and serverless functions; handles incoming requests (including IP addresses, which we use only to rate-limit and never store).
  • Neon — serverless Postgres database that stores opportunities, behavior events, saves, and profiles.

Consent and how to withdraw it

In regions where consent is required (including the EU and UK), we ask for your consent through a cookie consent banner before setting the non-essential tv cookie. You can accept or decline.

You can change your mind or withdraw consent at any time:

  • Clear the cookie. Deleting the tv cookie in your browser removes the anonymous id. This severs the link between your browser and any saved opportunities, behavior history, or profile tied to that id. The next time you visit, you will appear as a brand-new, unrecognized visitor.
  • Use your browser controls. Most browsers let you block or delete cookies for a specific site or for all sites. You can use these controls to refuse the tv cookie. Note that if you block it, personalization and your saved opportunities will not persist between visits.

Do Not Track and Global Privacy Control

Some browsers can send a "Do Not Track" (DNT) signal or a Global Privacy Control (GPC) signal. There is no industry-wide standard for how sites must respond to DNT. Because we do not sell personal information, do not share it for cross-context behavioral advertising, and do not use third-party advertising or cross-site tracking cookies, there is no sale or cross-context behavioral advertising to opt out of. You can still control the tv cookie at any time using the consent banner, by clearing the cookie, or through your browser settings as described above.

Your rights

Depending on where you live, you may have rights over your data.

If you are in the EU or UK (GDPR): you have the right to access your data (Art. 15), to rectify it (Art. 16), to erase it (Art. 17), to data portability (Art. 20), and to object to processing based on legitimate interests (Art. 21). Your self-declared business profile is editable on the site (rectification).

If you are in California or a similar US state (CCPA/CPRA and equivalents): you have the right to know what we collect, to delete it, and to correct it. We do not sell your personal information or share it for cross-context behavioral advertising, so there is no opt-out of sale or sharing to exercise.

Because there is no login, deletion and most data-subject requests are handled manually rather than through self-service. To exercise any of these rights, or to ask a question, contact us using the details below. Clearing the tv cookie is also an immediate, self-service way to disconnect your browser from your stored data.

Changes to this policy

We may update this Cookie Policy from time to time, for example if our practices or providers change. When we do, we will update the "Last updated" date at the top of this page.

Contact

If you have questions about this Cookie Policy or about cookies on ContractBeam, contact us at frank.yang@nexarionflux.ai.

This policy is governed by the laws of the State of Michigan.

Note: This document is a plain-language template provided for convenience, not legal advice — have a qualified attorney review it before you rely on it.