Cookie Policy
Every cookie and browser-storage key we set on medrecords.ai and app.medrecords.ai, named and explained. The list is short: sign-in, security, your preferences, analytics, and marketing — all under your control, none of it on the platform, and marketing is always off on our Solutions and Test-a-File pages no matter what.
What cookies are, and how we approach them
Cookies are small files a website places on your device; "first-party" cookies are set by us, "third-party" cookies by services we use. Browsers also offer localStorage and sessionStorage — persistent and tab-scoped storage we use for interface preferences. This policy, issued by AI Health Studio LLC d/b/a Medrecords AI, covers all of them on medrecords.ai (the marketing site) and app.medrecords.ai (the platform).
Two rules govern everything below: marketing and analytics cookies run only on this public website, never on app.medrecords.ai — and marketing cookies are additionally always off, for every visitor, on any Solutions page or the Test a File page, regardless of settings chosen anywhere else on the site — and no PHI or record content is ever placed in a cookie or browser storage, full stop. Turn either category off any time via Cookie settings, in the footer.
Essential cookies — always on; the Services can't work without them
Analytics cookies — on by default; turn off any time; marketing site only
Decline analytics and the site works identically. The platform at app.medrecords.ai carries no third-party analytics at all — usage metering there is first-party Service Data, described in the DPA.
Marketing cookies — on by default; always off on Solutions & Test-a-File pages; never the platform
No marketing or advertising cookie is active today. When we turn one on — for example a Meta Pixel, a Google Ads tag, or a LinkedIn Insight Tag, to measure which channels bring visitors to this site — it will be named here first, with its provider, purpose, and lifetime, exactly like the tables above, and it will run by default rather than waiting for an opt-in.
It will only ever run on medrecords.ai, never on app.medrecords.ai, and never based on anything in a medical record — and it will be automatically suppressed, for every visitor, on any page under /solutions/ and on /test-a-file/, since those pages can reveal the specific kind of claim or matter a visitor is dealing with. That suppression is a fixed rule, not a preference — it applies whether or not you've turned marketing on elsewhere. Global Privacy Control and "Turn off non-essential" in the cookie panel both apply immediately, everywhere, the moment you choose them.
Browser storage — stays on your device; we never transmit it
No record text, patient data, or PHI is ever written to cookies, localStorage, or sessionStorage — record content renders from the encrypted platform session only.
Controlling cookies
- Cookie notice: a short disclosure on first visit, plus "Cookie settings" in the site footer any time after — turn analytics or marketing off there, and the change applies immediately.
- Global Privacy Control: we honor GPC signals as an opt-out of any sale or sharing — of which we do neither — and as a decline of analytics consent.
- Browser controls: view, block, or delete cookies in Chrome, Firefox, Safari, or Edge. Blocking essential cookies will break sign-in.
- Google Analytics opt-out: the GA opt-out browser add-on works across all sites using GA.
Updates & contact
If our cookie use changes, this page changes first — with a new effective date, and fresh consent requested for any new non-essential category. Questions or deletion requests for cookie-collected data: [email protected]. This policy is part of the Privacy Notice.