diff --git a/pages/_app.tsx b/pages/_app.tsx
index f9fe17f7..83301b18 100644
--- a/pages/_app.tsx
+++ b/pages/_app.tsx
@@ -291,11 +291,6 @@ MyApp.getInitialProps = async (
   const initialProps = (await App.getInitialProps(
     appContext,
   )) as AppInitialProps<{}> // force type of props to empty object instead of any so TS will properly require MyAppProps to be returned by this function
-  // set cache control header
-  appContext.ctx.res?.setHeader(
-    'Cache-Control',
-    'public, max-age=20, s-maxage=20, stale-while-revalidate=20',
-  )
   const jwt = appContext.ctx.req?.cookies?.[COOKIE_JWT_TOKEN] || null
   // Generate the now time, rounded to the second to avoid re-rendering on the client
   // TOFIX: find a better way to share the time between the app and document
diff --git a/pages/_document.tsx b/pages/_document.tsx
index 275c5809..f8f60e46 100644
--- a/pages/_document.tsx
+++ b/pages/_document.tsx
@@ -62,14 +62,18 @@ class MyDocument extends Document {
       req?: { cookies?: COOKIES }
     },
   ): Promise<DocumentInitialProps & MyDocumentProps> {
-    // set cache control header
-    // context.res?.setHeader(
-    //   'Cache-Control',
-    //   'public, max-age=10, s-maxage=10, stale-while-revalidate=10',
-    // )
-
     invariant(context.req)
     const jwt = context.req?.cookies?.[COOKIE_JWT_TOKEN] || null
+
+    // set cache control header
+    context.res?.setHeader(
+      'Cache-Control',
+      `${
+        // make the cache private if user is logged in
+        jwt ? 'private' : 'public'
+      }, max-age=10, s-maxage=10, stale-while-revalidate=10`,
+    )
+
     const environment = await getEnvironment()
     // the `getClient` needs to be reset on every request as early as possible and before any rendering
     const apolloClient = getClient(