Cookie Policy
Effective Date: April 23, 2025
Introduction and Legal Overview
Our SaaS platform uses cookies to ensure secure, efficient access to Medicare claims data. In the United States, there is no comprehensive federal cookie law, but various state privacy laws regulate cookies and tracking as part of personal data protection. Generally, U.S. privacy laws (e.g. California's CCPA/CPRA and similar laws in Virginia, Colorado, etc.) follow an "opt-out" model – prior consent for cookies is not strictly required, but users must be given transparency and the ability to opt out of certain data uses.
For example, California law requires companies to provide a clear "Notice at Collection" of personal information and a "Do Not Sell My Personal Information" link if cookies or other means are used to sell/share data, even though an explicit cookie banner is not mandated.
Best Practices: In line with U.S. best practices and emerging regulations, we provide this Cookie Policy to explain what cookies we use and why. We focus on transparency about cookie use (as required by laws like GDPR in Europe and state laws in the U.S.). Even though U.S. laws do not yet demand a banner for cookies, many organizations apply the strictest standards (e.g. GDPR-style consent) to all users as a precaution. We are committed to clarity and will inform you of how cookies function on our site. Importantly, we do not use any cookies for advertising, telemarketing, or selling personal data. Our cookies are used only for the purposes described below, in support of our service to licensed insurance agents and Medicare beneficiaries.
(Note: "Cookies" in this policy also covers similar technologies like local storage or pixels, which we currently do not use beyond the stated purposes.)
What Are Cookies and Why We Use Them
Cookies are small text files stored on your device when you visit websites. They serve various functions, from keeping you logged in to remembering your preferences and tracking site usage. Cookies on our platform help enable essential site features, enhance your experience, and collect analytics to improve our services. Because our platform handles sensitive Medicare claims information, we design our cookie usage with privacy and security in mind – we do not store any protected health information (PHI) or Medicare claims data in cookies. Cookies generally contain anonymous unique identifiers or small pieces of data, not your personal details. For instance, a cookie might store a random session ID or remember that you prefer to stay logged in, but it will not contain your name, claim details, or health information.
There are two types of cookies by lifespan:
- Session cookies – temporary cookies that last only while your web browser is open. These are used for things like managing your login session and expire when you close your browser.
- Persistent cookies – cookies that remain on your device for a set period after your session (unless you delete them). These can be used to remember your preferences or credentials for future visits.
Our platform uses a few carefully selected cookies which fall into the following categories: Essential, Functional, and Analytics (Tracking).
Detailed Breakdown of Cookie Categories
| Cookie Type | Purpose | Examples on Our Site |
|---|---|---|
| Essential Cookies | Necessary for core functionality – they enable you to log in, navigate secure areas, and use our platform's basic features. These cookies are required for the service to work properly. They do not collect personal information beyond what is needed to operate the site. | Session ID cookie (keeps you logged in and maintains your session state); Security cookies (for fraud prevention or to enforce access controls). |
| Functional Cookies | Improve your experience by remembering choices and preferences. While not strictly necessary, they provide convenient features such as remembering your login on return visits or other settings. These may save some personal data if you choose to use those features (e.g. a persistent login token when you click "remember me"). | "Remember Me" cookie (stores a token so licensed agents don't have to log in every time, if selected); UI preference cookie (e.g. remember dashboard layout or language, if applicable). (Our platform's current use of functional cookies is minimal and primarily limited to login preferences.) |
| Analytics Cookies | Collect information about how users interact with our site – which pages are visited, how often, and any errors encountered – to help us understand usage and improve performance. These cookies (such as those from Google Analytics) assign a random ID to your browser to distinguish users, but do not identify you personally; the data is aggregated and used anonymously. We use this data to see overall platform usage trends, not to track individual behavior. | Google Analytics cookies (e.g. _ga, _gid) – used to gather site visitation statistics, such as number of visitors and popular pages. For example, Google Analytics may log that "User X (anonymous ID) visited page A and B" which helps us improve content. We have configured Analytics in line with privacy best practices (such as IP anonymization). |
1. Essential Cookies (Strictly Necessary)
These cookies are critical for the operation of our platform. They enable basic functions like user authentication, session management, and security. Without them, services you expect – logging into your account, navigating secure areas, or submitting claims data – would not be possible. For example, when a licensed insurance agent logs into our site, an essential cookie will store a unique session identifier to keep the agent logged in as they move from page to page, so they don't have to re-enter credentials on every click. Essential cookies also help enforce security measures (for instance, by detecting suspicious login activity or requiring re-authentication for sensitive actions).
Key characteristics of our essential cookies:
- Authentication: Remember your login state during your session, so only authorized users can access the Medicare claims data and you stay logged in securely.
- Session continuity: Preserve context as you navigate; e.g., if you're filling out a form or reviewing multiple pages, the cookie keeps the connection to our server active and associated with your account.
- Security: Protect against unauthorized access. We may use cookies to implement features like load balancing (ensuring the website loads reliably) or CSRF protection tokens to prevent malicious requests. These cookies contain no sensitive personal details – typically just a random ID or token. They do not identify you as an individual beyond recognizing your device/browser for the current session, and they are not used for marketing or tracking beyond the service.
Because essential cookies are necessary for our site to function, they are set without requiring prior consent. Privacy laws (including GDPR in the EU and U.S. state laws) recognize that strictly necessary cookies can be used as long as users are informed about them. We include them here for transparency. You cannot disable these cookies via our settings without also disabling core site functions (for example, if you blocked them in your browser, the site's secure login would likely not work).
Examples of Essential Cookies we use:
- Session Cookie (example: SessionID or similar): A first-party cookie set by our platform when you log in, containing a unique random identifier for your session. It ensures that as you move through different pages, our system knows you are the same authenticated user. This cookie is typically a session cookie (temporary) that expires when you log out or close your browser. It does not store personal data or Medicare information — only a reference ID that our servers interpret.
- Security Cookie (example: XSRF-TOKEN): A token to protect against cross-site request forgery attacks, ensuring that actions you take on the site are actually initiated by you. This cookie is essential for security; it contains a random value and no personal info.
- Load Balancer Cookie (example: AWSALB if we used AWS, as an illustration): This kind of cookie might be used to direct your requests to the same server in our cluster for consistency. It's purely technical and ensures site stability.
(Note: The exact cookie names and details may change as we update our security practices, but they will always fall under this essential category if their purpose is fundamental operation.)
2. Functional Cookies (Preferences & Convenience)
Functional cookies are used to enhance the usability of our platform by remembering your preferences and choices. These are not strictly required for the basic operation, but they make your experience smoother. For instance, if a licensed agent opts to "Remember Me" on the login screen, a functional cookie will save a secure token so that on the next visit the agent can be logged in automatically or skip certain verification steps. This cookie saves time and is provided for convenience.
Other potential functional cookies could remember interface settings – for example, if our platform allows you to choose a preferred dashboard view or notification settings, a cookie might store that preference so you don't have to reset it each time. Currently, our platform's use of functional cookies is limited, since the interface is straightforward and used primarily for viewing secure data rather than extensive customization. The primary functional cookie in use is the login retention cookie:
- Persistent Login Cookie (example: RememberUser): If you select a "keep me signed in" or similar feature, this cookie stores a hashed identifier that lets us recognize your device on your next visit. It may contain or reference your user ID in an encrypted form. This is considered personal data because it links to your account (only our system can decode it), so we treat it with care. For instance, it might have a long expiration (e.g. 30 days or 90 days) to facilitate periodic visits without re-login. We do not recommend using this on public computers. If you do not use the "remember me" feature, this cookie will not be set at all.
Privacy note: Most of our functional cookies do not individually identify you – they often store generic settings or a random ID. In cases where they might carry an identifier (like the remember-me token), it's solely for the purpose you requested and not shared elsewhere. These cookies are there to improve your experience, for example by saving you from repetitive tasks, but the platform will still work if you disable them (you might just have to log in manually each time or reset your preferences).
Currently, because we have a focused feature set, you may not encounter many cookies in this category beyond the login-related one. As we add features (for example, if we introduce user interface customization or integrate a chat support widget in the future), those features might come with additional functional cookies which we will document here.
3. Analytics Cookies (Tracking and Performance)
We use a limited set of analytics cookies to understand how our platform is used and to help us improve it. Specifically, our platform uses Google Analytics – a widely used analytics tool – to collect information about how users (primarily insurance agents, and occasionally beneficiaries) navigate and use the site. These cookies allow us to gather aggregate data such as: how many users login in a given week, which pages or features are used most, how long users spend on certain pages, and whether any error messages or performance issues occur. This insight is crucial for a SaaS platform like ours to ensure we are meeting user needs and to pinpoint areas that need improvement or additional training for users.
Data Collected: Analytics cookies may collect data like your device type, browser type, IP address (which may be used to infer general location, though we have configured Google Analytics to anonymize IP information), pages visited, time spent on pages, and interactions like clicking a link or downloading a document. Importantly, this data is not used to identify you by name or to contact you, and we do not feed any of your account-specific information (like your personal details or any Medicare claim content) into Google Analytics. The information collected is reported to us in aggregate or statistical form – for example, we see that "100 users logged in this month, 60% of them accessed the Claims Overview page, average session duration was 5 minutes," etc. Individual usage is tracked by Google via an anonymous unique identifier (the Google Analytics cookie ID), but we do not combine that with your personal account data on our side. In other words, analytics cookies help us understand user behavior patterns generally, without profiling any specific named user.
Third-Party Involvement: Google Analytics cookies are set via our site's code but are considered third-party cookies, since the data is sent to Google's servers for analysis. Google acts as a service provider for us in this context. We have taken steps to align with privacy best practices using Google Analytics, such as enabling features that enhance privacy (e.g., IP masking) and disabling any data sharing features that we do not need. According to Google's policies, the Google Analytics cookies do not allow Google to personally identify you; they use the data to provide us with analytics and may use it to improve their services. Google does not get to use our analytics data for advertising on other sites unless we explicitly allowed it (we have not). However, note that Google may set its own additional cookies or use the data in accordance with its own privacy policy. We recommend reviewing Google's Privacy Policy for more details on their handling of analytics data.
Examples of Analytics Cookies in use:
- _ga: This cookie is set by Google Analytics to distinguish unique users by assigning a random unique ID. It helps count how many people visit our site. For instance, if you visit the site on two different days from the same browser, this cookie lets us (and Google) recognize it's the same user (without knowing who you are) so we count you once rather than twice in certain statistics. This cookie typically persists for 2 years unless cleared.
- _gid: Another Google Analytics cookie, which is used to distinguish users on a shorter timescale (it usually lasts 24 hours). It helps with day-to-day visit tracking.
- _gat: Google Analytics may use this cookie to throttle request rates (manage the amount of data collected on high-traffic sites). It usually lasts a minute.
Why we use analytics: The information from analytics cookies is used internally, to benefit our users and improve our service. For example, if we find that certain pages are rarely used or causing users trouble, we can simplify or enhance them. If many users spend a lot of time on a particular report page, we might provide additional guidance or training materials for that page. Analytics also help us gauge system performance (so we know if pages are loading slowly) and plan for capacity. We do not use analytics data to make decisions about individual users, and certainly not for marketing – remember, we don't run ads on our platform or sell this data.
Opt-Out for Analytics: Since these cookies are not essential, you are free to block or delete them (see "Your Choices" below). In the future, we plan to implement a cookie consent tool that will allow you to formally opt out of analytics cookies if you prefer not to be tracked at all beyond essentials. Even today, if you have enabled a browser-level Do Not Track setting or use browser extensions to block analytics, our use of Google Analytics will respect those (Google provides some opt-out options as well). Blocking analytics cookies will not affect the core functionality of our site; it will only limit our insight into how we can improve the service.
No Advertising or Marketing Cookies
To reiterate, we do not use any advertising cookies or tracking for commercial marketing on our platform. Marketing or targeting cookies are those that profile users' browsing habits across different sites to show targeted ads. Our platform's purpose is to facilitate access to Medicare claim information, and our users are typically engaged in professional tasks (or personal review of their claims data), not targeted for product advertising. Thus, we have zero cookies in this category on our site. You will not find cookies from ad networks (like Google Ads, Facebook Pixel, etc.) in our service. You will also not see third-party social media "like" buttons or embedded videos that set their own cookies (we currently do not embed such content). If this ever changes (for example, if we added an educational video hosted on YouTube, which could set tracking cookies), we would update this policy and, if necessary, obtain consent before enabling those cookies.
Because we don't use marketing cookies, your information is not being shared or sold to advertisers through cookie data. We do not use cookies for telemarketing either (telemarketing usually doesn't involve cookies, but to avoid doubt: no part of our cookie usage involves calling or emailing you for sales). Any communication you receive from us (like email notifications about a new document available) is triggered by your use of the platform and not by cookie-based tracking.
Your Choices and Control Over Cookies
Managing your cookie preferences is important, and we want you to feel in control. Here are the ways you can manage cookies on our platform:
- Browser Settings: You can at any time adjust your web browser's settings to block or delete cookies. All major browsers allow you to refuse new cookies, delete existing cookies, or notify you when cookies are set. For example, you can usually find these options under the "Privacy" or "Security" section of your browser's settings or preferences. If you choose, you can configure your browser to refuse all cookies or to remove cookies when you close the browser. Please note that if you disable cookies entirely, essential functions of our site may not work – for instance, you won't be able to log in or stay logged in without the session cookie. (If you delete cookies, you will also need to re-enter your login credentials on your next visit, as no "remember me" cookie will be present to autofill them.) Most browsers let you set exceptions – so you could block third-party tracking cookies while still allowing first-party essential cookies, for example. Refer to your browser's help documentation for specific instructions.
- Do Not Track (DNT): Some browsers have a "Do Not Track" feature that sends a signal to websites indicating you do not wish to be tracked. Our platform honors Do Not Track signals for analytics – if we detect a DNT signal, we will not load our analytics cookies for that session. (DNT is not a universally enforced standard, but we respect it as a user preference.) Keep in mind, DNT or not, we do not have third-party ads, so DNT mainly affects analytics in our case.
- Future Cookie Consent Tool: As mentioned, once we implement our cookie consent banner/tool, you will have direct on-site controls. You'll be able to accept or decline non-essential cookies with a click. We will include a persistent control (for example, an icon or a link "Cookie Settings" in the footer) that lets you open the preferences and change them anytime. This means if you initially accept analytics cookies but later change your mind, you can easily revoke that consent, and vice versa.
- Google Analytics Opt-Out: If you specifically want to opt-out of Google Analytics tracking across all websites (not just ours), Google provides an opt-out browser add-on. Installing this add-on will prevent Google Analytics from collecting your data on any site that uses it. This can be an alternative if you prefer a global solution.
In all cases, you have the choice of how cookies are handled. Our site will function best with essential and functional cookies enabled, and we appreciate being able to use analytics to improve our service. But we want you to be comfortable: feel free to opt out of analytics or functional cookies if you prefer. We will respect your preferences, and we've designed the platform to be as usable as possible even in privacy-maximized settings.
Contact Information
Thank you for taking the time to read our Cookie Policy. We realize this is a lot of information, but we believe that transparency is the foundation of trust. In summary, our U.S.-based Medicare claims SaaS platform uses cookies primarily to support secure login sessions, remember user preferences, and gather anonymous usage analytics. We do not use cookies for advertising or share your information for marketing purposes. We comply with applicable U.S. laws and follow industry best practices in handling cookies, and we're preparing to meet future requirements (like consent banners and international privacy standards) proactively.
If you have any questions or concerns about our use of cookies, or if you need any assistance with managing your cookies on our site, please contact us:
Email: [email protected]
Address: 1034 N. Madison Ave. Pasadena CA, 91104
We also recommend reviewing our Privacy Policy for a broader understanding of how we protect user data.