Cookie Policy
Cookie Policy
Effective Date: December 8, 2025 Last Updated: December 8, 2025
1. Introduction
This Cookie Policy explains how Bioscope AI Inc. (“Bioscope,” “we,” “us,” or “our”) uses cookies and similar tracking technologies across our digital properties. We operate two distinct online environments with different cookie practices:
bioscope.ai - Our marketing and informational website that uses various types of cookies including analytics, marketing, and functional cookies to enhance user experience and provide relevant content.
app.us.bioscope.ai - Our HIPAA-compliant healthcare platform that uses only strictly necessary cookies to maintain security, authentication, and essential functionality. This platform operates under enhanced privacy and security standards to protect Protected Health Information (PHI).
This policy describes what cookies are, how we use them, what choices you have regarding cookies, and how to manage your cookie preferences. By using our websites and services, you consent to the use of cookies as described in this policy, subject to applicable law and your consent choices.
2. What Are Cookies?
Cookies are small text files that are placed on your computer, smartphone, or other device when you visit a website. They are widely used to make websites work more efficiently and provide information to website owners.
Types of Cookies
Session Cookies: These are temporary cookies that expire when you close your browser. They allow websites to link your actions during a single browsing session.
Persistent Cookies: These cookies remain on your device for a set period specified in the cookie or until you manually delete them. They help websites remember your preferences and actions across multiple visits.
First-Party Cookies: These cookies are set directly by the website you are visiting. Only that website can read and use these cookies.
Third-Party Cookies: These cookies are set by a domain other than the one you are visiting. They are commonly used for advertising and analytics purposes across multiple websites.
3. Cookie Usage on bioscope.ai (Marketing Website)
Our marketing website uses various types of cookies to provide an optimal user experience, understand how visitors interact with our site, and deliver relevant marketing messages. We obtain your consent before placing non-essential cookies on your device, in compliance with applicable laws including GDPR and CCPA.
3.1 Strictly Necessary Cookies
These cookies are essential for the website to function properly and cannot be disabled in our systems. They are usually set in response to actions you take, such as setting your privacy preferences, logging in, or filling out forms. Our website is hosted on Webflow, which may set additional session and security cookies.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
__cf_bm | Cloudflare bot management to distinguish humans from bots | 30 minutes | First-party | Cloudflare |
cf_clearance | Cloudflare security verification to prove visitor passed security challenge | 1 year | First-party | Cloudflare |
CookieConsent | Stores user’s cookie consent preferences | 1 year | First-party | Bioscope AI |
cookie_notice_accepted | Records whether user has acknowledged cookie notice | 1 year | First-party | Bioscope AI |
3.2 Analytics Cookies
These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. This data helps us improve our website performance and user experience.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
__hstc | Main tracking cookie to track visitors and sessions | 6 months | First-party | HubSpot |
hubspotutk | Keeps track of visitor identity for analytics and form submissions | 6 months | First-party | HubSpot |
__hssc | Keeps track of sessions for analytics purposes | 30 minutes | First-party | HubSpot |
__hssrc | Determines if visitor has restarted their browser (used with __hssc) | Session | First-party | HubSpot |
HubSpot Analytics Configuration: We use HubSpot for website analytics and form tracking to:
- Track visitor sessions and page views
- Analyze website traffic patterns and user behavior
- Connect form submissions to visitor analytics
- Measure content effectiveness and engagement
- Generate reports on website performance
3.3 Marketing and Advertising Cookies
These cookies track your browsing habits to deliver advertising that is relevant to you and your interests. They also help us measure the effectiveness of our marketing campaigns and limit the number of times you see an advertisement.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
__hstc | Tracks visitors across sessions for marketing attribution | 6 months | First-party | HubSpot |
hubspotutk | Links form submissions and conversions to marketing campaigns | 6 months | First-party | HubSpot |
li_sugr | Browser identifier for LinkedIn Insights (Partner ID: 8219476) | 90 days | First-party | |
bcookie | Browser identifier cookie for LinkedIn advertising | 1 year | Third-party | |
lidc | Used for routing and security on LinkedIn platform | 1 day | Third-party | |
UserMatchHistory | LinkedIn Ads ID syncing for cross-device targeting | 30 days | Third-party | |
AnalyticsSyncHistory | Stores information about time sync took place with LinkedIn Marketing Solutions | 30 days | Third-party |
Marketing Cookie Usage: We use these cookies to:
- Track conversions from advertising to website visits or form submissions
- Measure the effectiveness of our marketing campaigns
- Attribute leads and conversions to specific marketing sources
- Retarget visitors who have shown interest in our services on LinkedIn
- Build custom audiences and lookalike audiences for targeted advertising
- Analyze marketing ROI and campaign performance across multiple channels
3.4 Functional Cookies
These cookies enable enhanced functionality and personalization, such as videos, forms, and remembering your preferences. They may be set by us or by third-party providers whose services we use on our pages. Our website uses Webflow for forms and content management.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
lang | Remembers user’s language preference | Session | First-party | Bioscope AI |
timezone | Stores user’s timezone for displaying localized times | 1 year | First-party | Bioscope AI |
viewed_demo_video | Tracks if user has watched product demo video | 90 days | First-party | Bioscope AI |
newsletter_dismissed | Records if user dismissed newsletter signup prompt | 30 days | First-party | Bioscope AI |
webflow_session | Maintains form submission state and user interaction with Webflow-powered forms | Session | First-party | Webflow |
4. Cookie Usage on app.us.bioscope.ai (HIPAA-Compliant Healthcare Platform)
Our HIPAA-compliant healthcare platform operates under strict privacy and security requirements to protect Protected Health Information (PHI). Unlike our marketing website, this platform uses only strictly necessary cookies required for security, authentication, and essential platform functionality.
4.1 Strictly Necessary Cookies Only
The healthcare platform uses only essential cookies that are technically necessary for the platform to function securely. These cookies enable critical security features, maintain authenticated sessions, and ensure the integrity of healthcare data. Our platform uses Auth0 for secure authentication and session management.
| Cookie Name | Purpose | Duration | Type | Provider |
|---|---|---|---|---|
auth0 | Encrypted session identifier for authenticated users (HttpOnly, Secure) | Session (max 24 hours, idle timeout: 15 minutes) | First-party | Auth0 / Bioscope AI |
auth0_compat | Compatibility cookie for Auth0 authentication across browsers | Session | First-party | Auth0 / Bioscope AI |
auth0.<client-id>.is.authenticated | Authentication status flag to indicate active user session | Session | First-party | Auth0 / Bioscope AI |
_legacy_auth0.<client-id>.is.authenticated | Legacy authentication status for backward compatibility | Session | First-party | Auth0 / Bioscope AI |
did | Device identifier for security monitoring and anomaly detection (HttpOnly, Secure) | Persistent (long-lived) | First-party | Auth0 / Bioscope AI |
did_compat | Device identifier compatibility cookie for cross-browser support | Persistent (long-lived) | First-party | Auth0 / Bioscope AI |
Security Characteristics:
- All cookies are transmitted only over HTTPS with Secure flag enabled
- HttpOnly flag prevents JavaScript access to sensitive authentication cookies (
auth0,did) - SameSite=Lax attribute balances security and functionality for authentication flows
- Auth0 encrypts and signs all sensitive cookie values to prevent tampering
- Short session expiration times reduce exposure window for compromised credentials
- Automatic session termination after 15 minutes of inactivity
- Device identifiers enable detection of suspicious login patterns and account takeover attempts
4.2 No Analytics or Marketing Cookies
Important: The app.us.bioscope.ai platform does NOT use:
- Analytics cookies (no Google Analytics, no tracking pixels)
- Marketing or advertising cookies (no remarketing, no conversion tracking)
- Social media cookies (no Facebook Pixel, no LinkedIn Insights)
- Third-party tracking cookies of any kind
- Cross-site tracking or fingerprinting technologies
This restriction is intentional and critical to maintaining HIPAA compliance and protecting patient privacy. We do not track user behavior, build user profiles, or share any usage data with third parties on our healthcare platform.
5. Similar Technologies
In addition to cookies, we use other tracking technologies that serve similar purposes:
Web Beacons (Pixels)
Web beacons are tiny graphics with a unique identifier, similar in function to cookies. Unlike cookies, which are stored on your device, web beacons are embedded invisibly on web pages or in emails.
Usage on bioscope.ai:
- Email open tracking to measure newsletter engagement
- Conversion tracking for marketing campaigns
- Page view analytics and user flow analysis
Usage on app.us.bioscope.ai:
- Not used for any purpose
Local Storage and Session Storage
HTML5 local storage and session storage allow websites to store data in your browser with no expiration date (local storage) or for a single session (session storage).
Usage on bioscope.ai:
- Storing user interface preferences (theme, layout settings)
- Caching static resources for faster page loads
- Temporary storage for form data to prevent loss
Usage on app.us.bioscope.ai:
- Encrypted storage of UI state for clinical workflows
- Temporary caching of non-PHI interface elements
- Session-scoped storage for in-progress form data (automatically cleared)
- All local storage is encrypted and subject to same security controls as cookies
Server Logs
Our web servers automatically collect certain information in log files, including:
- IP addresses
- Browser type and version
- Operating system
- Referring URLs
- Pages visited and time spent on pages
- Date and time stamps
bioscope.ai: Standard web server logging with 90-day retention for security and analytics purposes.
app.us.bioscope.ai: Enhanced logging with 7-year retention for HIPAA compliance, including comprehensive audit trails of all access to PHI. All log data is encrypted and access-controlled.
6. Your Cookie Choices and Controls
You have several options to manage and control cookies on your device. Please note that restricting cookies may impact your ability to use certain features of our websites.
6.1 Cookie Consent (bioscope.ai)
When you first visit bioscope.ai, you will see a cookie consent banner that allows you to:
- Accept all cookies
- Reject non-essential cookies
- Customize your cookie preferences by category
- Change your preferences at any time via the cookie settings link in our footer
Your consent choices are stored in a cookie (CookieConsent) so we remember your preferences on future visits.
Important: Strictly necessary cookies cannot be disabled as they are essential for the website to function. Analytics, marketing, and functional cookies require your consent and can be disabled at any time.
6.2 Browser Controls
Most web browsers allow you to manage cookies through their settings. You can typically:
- View what cookies are stored and delete them individually
- Block third-party cookies
- Block cookies from specific sites
- Delete all cookies when you close your browser
- Browse in “private” or “incognito” mode
Browser-Specific Instructions:
- Chrome: Settings > Privacy and security > Cookies and other site data
- Firefox: Options > Privacy & Security > Cookies and Site Data
- Safari: Preferences > Privacy > Cookies and website data
- Edge: Settings > Cookies and site permissions > Cookies and site data
- Opera: Settings > Privacy & security > Cookies
For detailed instructions, visit your browser’s help pages or see www.allaboutcookies.org.
Impact of Blocking Cookies:
- bioscope.ai: Blocking cookies may prevent you from accessing certain features, customizing preferences, or receiving personalized content. The website will still function for basic browsing.
- app.us.bioscope.ai: Blocking strictly necessary cookies will prevent you from logging in and accessing the platform. The healthcare platform cannot function without these essential security cookies.
6.3 Third-Party Opt-Outs
You can opt out of third-party advertising cookies through industry opt-out programs:
- Network Advertising Initiative (NAI): www.networkadvertising.org/choices
- Digital Advertising Alliance (DAA): www.aboutads.info/choices
- European Interactive Digital Advertising Alliance (EDAA): www.youronlinechoices.eu
Platform-Specific Opt-Outs:
- HubSpot: Manage your HubSpot tracking preferences by adjusting your cookie consent settings on our website or contacting us at privacy@bioscope.ai
- LinkedIn: Control advertising preferences at www.linkedin.com/psettings/advertising
Please note that opting out of advertising cookies does not mean you will no longer see advertisements; it means the ads you see will not be targeted based on your browsing behavior.
6.4 Do Not Track Signals
Some browsers include a “Do Not Track” (DNT) feature that signals to websites that you do not want your online activity tracked. Currently, there is no industry standard for how websites should respond to DNT signals.
Our Response:
- bioscope.ai: We do not currently respond to DNT signals but respect your cookie consent choices made through our cookie banner.
- app.us.bioscope.ai: The platform does not use tracking cookies, so DNT signals are not applicable.
For users in jurisdictions with specific privacy laws (such as GDPR or CCPA), we provide additional controls as described in our Privacy Policy.
7. Mobile Applications
Currently, Bioscope AI does not offer mobile applications. This Cookie Policy applies only to our web-based platforms accessed through browsers.
If we develop mobile applications in the future, we will update this policy to describe how we use cookies and similar technologies in mobile contexts, including:
- Mobile device identifiers
- SDK-based tracking
- In-app analytics
- Push notification tokens
- App-specific storage mechanisms
We will provide appropriate notice and obtain required consents before implementing any tracking technologies in mobile applications.
8. International Users
Bioscope AI operates primarily in the United States, and our servers are located in the United States. However, we serve users globally and comply with applicable international privacy laws.
European Union (GDPR)
For users in the European Economic Area (EEA), United Kingdom, or Switzerland:
Legal Basis for Cookie Processing:
- Strictly Necessary Cookies: Processed based on legitimate interests (Article 6(1)(f) GDPR) to ensure website security and functionality.
- Analytics, Marketing, and Functional Cookies: Processed based on your explicit consent (Article 6(1)(a) GDPR), which you can withdraw at any time.
Your Rights:
- Right to withdraw consent for non-essential cookies
- Right to access data collected through cookies
- Right to erasure (deletion) of cookie data
- Right to object to processing for direct marketing purposes
- Right to lodge a complaint with your local data protection authority
Data Transfers: When we use third-party services (HubSpot, LinkedIn) that may transfer data outside the EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses or adequacy decisions.
California (CCPA/CPRA)
For California residents:
Your Rights:
- Right to know what personal information is collected through cookies
- Right to delete personal information collected through cookies
- Right to opt out of the “sale” or “sharing” of personal information (which may include certain cookie-based advertising)
- Right to limit use of sensitive personal information
How to Exercise Rights:
- Use our cookie consent banner to manage cookie preferences
- Contact us at privacy@bioscope.ai to request deletion or access to cookie data
- Use our “Do Not Sell or Share My Personal Information” link for CCPA opt-out rights
No Discrimination: We will not discriminate against you for exercising your privacy rights.
Other Jurisdictions
If you have questions about how cookie laws apply to you based on your location, please contact us at privacy@bioscope.ai.
9. Contact Us
If you have questions, concerns, or requests regarding this Cookie Policy or our cookie practices, please contact us:
Bioscope AI Inc. Email: privacy@bioscope.ai Privacy Officer: Chief Privacy Officer
Response Time: We strive to respond to all privacy inquiries within 30 days (or within applicable legal timeframes for formal privacy rights requests).
Escalation: If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection authority or seek other legal remedies available under applicable law.
10. Related Policies
This Cookie Policy should be read in conjunction with our other privacy and security policies:
- Privacy Policy - Comprehensive information about how we collect, use, and protect your personal information across all Bioscope AI services.
- Business Associate Agreement (BAA) - For healthcare providers and covered entities using app.us.bioscope.ai, our BAA governs the handling of Protected Health Information.
- Data Processing Agreement (DPA) - For enterprise customers, our DPA covers data processing activities including cookie data.
- Master Services Agreement (MSA) - Master services agreement for Bioscope AI services.
Thank you for taking the time to understand our cookie practices. Your privacy and security are our top priorities, and we are committed to transparency in how we use cookies and similar technologies across our platforms.