Legal
Cookie Policy
Effective Date: March 26, 2026
Last Updated: March 26, 2026
ClinicTitan, Inc. ("ClinicTitan," "we," "us," or "our") uses cookies and similar tracking technologies on our website at clinictitan.com (the "Website") and within the ClinicTitan platform (the "Platform"). This Cookie Policy explains what cookies are, how we use them, and your choices regarding their use.
This Cookie Policy should be read together with our Privacy Policy, which describes our broader data collection and handling practices.
1. What Are Cookies?
Cookies are small text files that are placed on your device (computer, tablet, or smartphone) when you visit a website. Cookies are widely used to make websites work efficiently, provide analytics information, and enable certain features.
References in this Cookie Policy to "cookies" include the following similar tracking technologies unless the context requires otherwise:
Pixels / web beacons: Small transparent images embedded in web pages or emails that track whether content has been accessed
Local storage: Browser-based storage (HTML5 Web Storage API) used by web applications to store data locally on your device, which persists until explicitly cleared
Session storage: Similar to local storage but data is cleared when the browser tab or session ends
2. How We Use Cookies
2.1 Strictly Necessary Cookies
These cookies are essential for the Website and Platform to function properly. They cannot be disabled without affecting core functionality.
Cookie / Technology Provider Purpose Duration
Session cookie ClinicTitan Maintains your login session and authentication state Session or up to 24 hours
CSRF token ClinicTitan Protects against cross-site request forgery attacks Session
Cookie consent preference ClinicTitan Remembers your cookie consent choices 12 months
cf_clearance Cloudflare Indicates successful completion of a security challenge Up to 30 minutes
__cf_bm Cloudflare Bot management and DDoS protection 30 minutes
2.2 Functional Cookies
These cookies enable enhanced functionality and security features.
Cookie / Technology Provider Purpose Duration
reCAPTCHA cookies Google reCAPTCHA Enterprise Distinguishes human users from bots by collecting behavioral signals (mouse movements, keystrokes, browsing patterns) for risk scoring. Used on forms and login pages to prevent automated abuse. Varies (session to 6 months)
reCAPTCHA Enterprise configuration: reCAPTCHA collects hardware and software information (such as device and application data) and sends it to Google for analysis. Data collected by reCAPTCHA is subject to Google's Privacy Policy. reCAPTCHA is used to protect the Platform from spam and abuse and is classified as a functional/security cookie because it is necessary for form and login protection.
2.3 Analytics Cookies
These cookies help us understand how visitors use our Website so we can improve the user experience. Analytics data is aggregated and does not include any protected health information (PHI).
Cookie Provider Purpose Duration
_ga Google Analytics (GA4) Distinguishes unique users for aggregate usage analytics 2 years
_ga_* Google Analytics (GA4) Maintains session state for analytics 2 years
_gid Google Analytics (GA4) Distinguishes users for analytics within a 24-hour period 24 hours
_gat Google Analytics (GA4) Throttles request rate to Google Analytics 1 minute
__hssc HubSpot Tracks session activity for HubSpot analytics 30 minutes
__hssrc HubSpot Determines if a new session has started Session
__hstc HubSpot Tracks visitor identity for HubSpot analytics 13 months
hubspotutk HubSpot Tracks visitor identity across sessions for CRM 13 months
Google Analytics configuration:
IP anonymization is enabled
Data sharing with Google for advertising is disabled
No PHI, medical data, or personally identifiable health information is sent to Google Analytics
HubSpot configuration:
Used for marketing Website analytics and lead tracking only
No PHI or clinical data is shared with HubSpot
Only non-PHI data (name, email, lifecycle stage) is synced with HubSpot CRM
2.4 Advertising Cookies
These cookies are used to measure the effectiveness of marketing campaigns and deliver relevant content. Advertising cookies are disabled by default and are activated only with your explicit opt-in consent.
Cookie / Technology Provider Purpose Duration
_fbp Meta Pixel (Facebook) Tracks website visits for Meta advertising measurement and optimization 3 months
_fbc Meta Pixel (Facebook) Stores click identifiers from Meta ad clicks 3 months
_gcl_au Google Ads Links Google Ads clicks to on-site activity for conversion tracking 3 months
_gcl_aw Google Ads Stores Google Ads click information for conversion measurement 3 months
li_sugr LinkedIn Insight Tag Identifies LinkedIn members for advertising analytics off LinkedIn 3 months
UserMatchHistory LinkedIn Insight Tag Syncs LinkedIn ad targeting identifiers 30 days
bcookie LinkedIn Insight Tag LinkedIn browser identifier for analytics 1 year
Advertising cookies are never activated on medical intake pages, clinical consultation pages, prescription pages, patient portals, patient care workflows, or any page that collects, displays, or transmits protected health information (PHI) --- regardless of your consent preferences. This restriction is enforced at the application level and cannot be overridden by user consent settings. Advertising tracking is limited to the corporate marketing Website and non-clinical Platform pages where you have affirmatively opted in.
3. Platform-Specific Storage (Not Cookies)
Within the patient-facing Platform (not the marketing Website), we use browser local storage for functional purposes only:
Item Purpose Data Stored
intakeId Tracks the patient's current intake session Anonymous intake session identifier (no PHI)
currentStep Tracks progress through multi-step intake forms Step number only (no medical data or answers)
No PHI, medical data, intake answers, or personally identifiable health information is stored in cookies or browser local storage.
4. Your Choices
4.1 Cookie Consent Banner
When you first visit our Website, you will be presented with a cookie consent banner that allows you to:
Accept all cookies: Enables analytics and advertising cookies
Accept only necessary cookies: Enables only strictly necessary and functional cookies
Manage preferences: Choose which categories of cookies to enable or disable
You can change your cookie preferences at any time by clicking the "Cookie Preferences" link in the Website footer.
4.2 Browser Settings
Most web browsers allow you to control cookies through their settings:
Block all cookies: This may prevent certain features of the Website from functioning properly
Block third-party cookies: This will prevent analytics and advertising cookies while allowing essential cookies
Delete cookies: You can delete cookies at any time through your browser settings
Common browser cookie settings:
Chrome: Settings > Privacy and Security > Cookies and other site data
Firefox: Settings > Privacy & Security > Cookies and Site Data
Safari: Preferences > Privacy > Cookies and website data
Edge: Settings > Privacy, search, and services > Cookies and site permissions
4.3 Google Analytics Opt-Out
You can opt out of Google Analytics tracking by installing the Google Analytics Opt-Out Browser Add-on.
4.4 Global Privacy Control (GPC)
ClinicTitan recognizes and honors Global Privacy Control (GPC) signals as defined by the GPC specification (globalprivacycontrol.org). When your browser sends a GPC signal, advertising cookies are automatically denied and analytics tracking is limited to strictly necessary, anonymized metrics. We treat GPC signals as a valid opt-out of the sale or sharing of personal information as required by the California Consumer Privacy Act / California Privacy Rights Act (Cal. Civ. Code 1798.100 et seq.) and the Colorado Privacy Act (Colo. Rev. Stat. 6-1-1301 et seq.), as well as any other applicable state law that requires honoring universal opt-out mechanisms.
We also recognize Do Not Track (DNT) browser signals; however, because there is no uniform industry standard for DNT, we treat DNT signals equivalently to GPC signals as described above.
For more details, see Section 9a of our Privacy Policy.
5. Changes to This Cookie Policy
We may update this Cookie Policy from time to time to reflect changes in the cookies we use, changes in applicable law, or improvements to our practices. Changes will be posted on this page with a revised "Last Updated" date. Material changes to the categories of cookies used or how we use cookies will be communicated via a new cookie consent prompt, and your prior consent preferences will be reset so that you may make an informed choice under the updated policy.
6. Contact Us
If you have questions about our use of cookies, please contact us:
ClinicTitan, Inc.
Email: support@clinictitan.com
Website: clinictitan.com/contact