Cookie Policy

Last updated: April 27, 2026 · Version 1.2

1. What this policy covers

This Cookie Policy explains how Credimed, Inc. ("Credimed," "we," "us") uses cookies and similar storage technologies on credimed.us. It supplements our Privacy Policy.

2. What is a cookie?

A cookie is a small text file that a website stores on your browser. Similar technologies include browser storage mechanisms such as localStorage and sessionStorage, which store data directly in your browser to support application functionality.

3. Cookies and storage we use

All cookies and storage used by Credimed fall into the category of "Strictly Necessary" technologies — they are required for the Service to function, including authentication, security, fraud prevention, and claim-draft recovery.

We do not use any advertising, marketing, or cross-site tracking cookies.

Strictly Necessary (Required for Service)

Name / key	Type	Purpose	Duration
`CognitoIdentityServiceProvider.*`	First-party · cookies/storage	Maintains authentication session via AWS Cognito (tokens and session state).	Until session expiry or sign-out
`credimed.*`	First-party · localStorage	Stores claim draft data so users can resume progress without losing information.	Until submission or manual clear
`credimed.consent`	First-party · localStorage	Records acknowledgement of this Cookie Policy notice.	1 year
Stripe (`__stripe_mid`, `__stripe_sid`)	Third-party · stripe.com	Fraud prevention and security during payment processing (set by Stripe when loaded).	1 year (mid) · 30 min (sid)
`__cf_bm` (if enabled)	Third-party · Cloudflare	Bot detection and abuse prevention where Cloudflare protection is active.	~30 minutes per session

4. What we do NOT use

We do not use:

Advertising cookies
Marketing or retargeting pixels
Cross-site tracking technologies
Third-party data brokers
Behavioral profiling tools

We do not place cookies containing Protected Health Information (PHI).

We do not use analytics that identify individual users. On public pages, we use Plausible Analytics, which is cookieless and collects only aggregated, anonymized traffic data.

5. Your choices

5.1 Blocking or deleting cookies

You can control cookies through your browser settings:

Chrome: chrome://settings/cookies
Safari (macOS): Safari → Settings → Privacy
Safari (iOS): Settings → Safari → Privacy
Firefox: Settings → Privacy & Security
Edge: edge://settings/content/cookies

Blocking or deleting cookies will:

Sign you out of your account
Remove any unsaved claim data

The Service will remain functional, but you may need to re-enter information.

5.2 Global Privacy Control (GPC) and Do Not Track

We do not sell or share personal information for advertising purposes.

We honor:

Global Privacy Control (GPC) signals as required under California and other U.S. state privacy laws
Do Not Track signals by following the practices described in this Policy and our Privacy Policy

5.3 California Residents (CCPA / CPRA)

California residents have the right to:

Know what personal information we collect
Request deletion or correction
Opt out of sale or sharing

We do not sell or share personal information for cross-context behavioral advertising.

To exercise rights: privacy@credimed.us

See our Privacy Policy §7.1 for full details.

5.4 Cookie Banner

When you first visit our public pages, we display a notice informing you of our use of strictly necessary cookies.

Because all cookies we use are strictly necessary for the operation of the Service, no consent mechanism or opt-in toggle is required under applicable law.

The banner serves as a transparency notice only. Dismissing it does not change which cookies are used.

6. Changes to this policy

We may update this Cookie Policy from time to time.

Material changes will be:

Posted on this page
Communicated to active users by email at least thirty (30) days in advance

7. Contact

For questions about this Cookie Policy:

privacy@credimed.us

Credimed, Inc.
Boston, MA
Mailing address: [TO BE PROVIDED]

← Back to Credimed