Skip to main content
Legal

Cookie Policy

Last updated: May 28, 2026

1. What Are Cookies

Cookies are small text files that are placed on your device (computer, tablet, or mobile phone) when you visit a website. They are widely used to make websites function efficiently, provide a better user experience, and supply usage information to site operators. Cookies may be set by the website you are visiting ("first-party cookies") or by third-party services that appear on the page ("third-party cookies"). Cookies can persist for varying periods of time: "session cookies" are deleted when you close your browser, while "persistent cookies" remain on your device until they expire or you delete them.

2. How We Use Cookies

HealthHaven.ai uses cookies and similar technologies for several purposes:

  • Authentication: To keep you logged in and maintain your session as you navigate the Platform.
  • Preferences: To remember your settings such as language, theme (light/dark mode), accessibility preferences, and search filters.
  • Security: To detect fraudulent activity, prevent abuse, and protect your account.
  • Analytics: To understand how visitors use our Platform using limited, privacy-filtered event metadata. Analytics events are designed to exclude health-related booking details and contact information.
  • Performance: To monitor Platform performance, load times, and error rates so we can improve reliability.

3. Types of Cookies We Use

Strictly Necessary Cookies

These cookies are essential for the Platform to function. They enable core features such as authentication, session management, and security. Without these cookies, services you have requested (such as logging in or making a booking) cannot be provided. These cookies cannot be disabled.

Examples: session ID, CSRF token, authentication state

Functional Cookies

These cookies remember your preferences and choices to provide enhanced and personalized features. They may be set by us or by third-party providers whose services we use on our pages. If you disable these cookies, some or all of these features may not function properly.

Examples: theme preference, language, saved search filters, accessibility settings

Analytics Cookies

These cookies collect limited information about how visitors use public pages after consent, including coarse page categories, sanitized page paths, session duration, and privacy-filtered traffic sources. We do not send full URLs, query strings, page titles, referrers, booking notes, hospital names, procedure details, accessibility needs, or contact information to analytics tools.

Examples: Google Analytics 4 with Google Signals and ad personalization disabled; page category counts; privacy-filtered traffic sources

Marketing Cookies (Optional)

These cookies may be used for broad campaign measurement only after your consent and a privacy review. They are disabled by default. Sensitive booking details, health-related fields, hospital or procedure information, and contact information must not be sent to marketing pixels or retargeting tools.

Examples: consented conversion counting using privacy-filtered event metadata; no retargeting pixels on authenticated health-adjacent workflows

4. Other Tracking Technologies

In addition to cookies, we may use the following technologies:

  • Web Beacons (Pixel Tags): Small transparent images embedded in emails or web pages that help us track whether content has been viewed or an email has been opened.
  • Local Storage: Browser-based storage used to save theme preferences, accessibility settings, and temporary UI state. This data remains on your device and is not transmitted to our servers.
  • Session Storage: Similar to local storage but cleared when the browser tab or window is closed. Used for temporary search state and form progress.

5. Current Vendor and Cookie Details

  • HealthHaven consent storage: `hh_cookie_consent` is stored in your browser's local storage to remember whether you accepted or declined optional cookies.
  • HealthHaven campaign storage: `hh_utm` is stored in session storage only when consent-safe campaign fields are present. Sensitive values are filtered before storage.
  • Google Analytics 4: Loaded only after optional-cookie consent on public pages. Default GA4 page views are disabled, Google Signals and ad personalization are disabled, and HealthHaven sends only sanitized `page_path` and `page_type` for page-view measurement.
  • Marketing pixels: Not active by default. They must not be placed on authenticated booking, payer, provider-referral, or support pages unless reviewed for applicable privacy and partner-contract requirements.

You can also use browser-level controls or provider tools such as Google's Analytics opt-out browser add-on where available.

6. Your Cookie Choices

You have several options for managing cookies:

  • Cookie Consent Banner: When you first visit our Platform, a cookie consent banner allows you to accept or reject non-essential cookies. You can change your preferences at any time by clicking the "Cookie Settings" control in the footer.
  • Browser Settings: Most web browsers allow you to control cookies through their settings. You can set your browser to refuse all cookies, accept only first-party cookies, or delete cookies when you close the browser. Note that disabling cookies may affect the functionality of the Platform.
  • Opt-Out Links: For analytics cookies, you can use provider-specific opt-out tools.

7. Health Data and Cookies

Cookies and tracking technologies must not store or transmit PHI, diagnosis, treatment, procedure, hospital, special request, accessibility need, insurance, medication, or contact information. Analytics code sends coarse page categories and sanitized paths instead of full URLs, strips query strings and free-text values, excludes sensitive UTM terms, and drops sensitive field names before sending an event. The backend analytics intake also rejects PHI-like keys or values if they are submitted directly.

8. Updates to This Policy

We may update this Cookie Policy from time to time to reflect changes in technology, regulation, or our business practices. When we make changes, we will update the "Last updated" date at the top of this page. For significant changes, we will provide a more prominent notice, such as displaying a new cookie consent banner. We encourage you to review this page periodically.

9. Contact Us

If you have questions about our use of cookies, please contact us:

HealthHaven, Inc.

Attn: Privacy Team

Email: privacy@healthhaven.ai

Web: Contact Form