Cookie Policy

A plain-English explanation of every cookie Medocrate uses.

Last updated: January 1, 2026

1. What Are Cookies

Cookies are small text files placed on your device by websites you visit. They are widely used to make websites work efficiently, remember your preferences, and provide analytics information to site owners.

2. Cookies We Use

  • rt (httpOnly, Secure) — Authentication refresh token. Set when you log in. Expires after 7 days of inactivity. This cookie is strictly necessary for keeping you signed in and cannot be disabled.
  • user_role (httpOnly, Secure) — Stores your account role (DOCTOR, ADMIN) to enable role-based access control in the middleware. Expires with session.
  • MEDOCRATE_LOCALE — Stores your preferred display language (en, es, fr, zh, ar). Persists for 1 year. Can be changed at any time via the language switcher.

3. Third-Party Cookies

We do not use advertising cookies, social media tracking cookies, or third-party analytics cookies. If we add third-party services in future (e.g., an analytics provider), we will update this policy and request your consent where required.

4. Strictly Necessary Cookies

The authentication cookies (rt, user_role) are strictly necessary for the platform to function. Without them you cannot log in or access protected content. These cannot be disabled — disabling them means you cannot use the platform in authenticated mode.

5. Preference Cookies

MEDOCRATE_LOCALE is a preference cookie that remembers the language you selected. It is non-essential and you can disable it in your browser settings, though the platform will then default to English.

6. Managing Cookies

  • Browser settings: All major browsers allow you to view, manage, block, or delete cookies. Visit your browser's help section for instructions.
  • Chrome: Settings → Privacy and security → Cookies and other site data.
  • Firefox: Settings → Privacy & Security → Cookies and Site Data.
  • Safari: Preferences → Privacy → Manage Website Data.
  • Note: blocking the authentication cookies will prevent you from logging in to Medocrate.

7. Do Not Track

We respect Do Not Track (DNT) browser signals. When DNT is enabled, we do not load any non-essential tracking scripts. Essential authentication and preference cookies are still set as they are required for the service to operate.

8. Changes to This Policy

If we introduce new cookies or change our cookie practices materially, we will update this policy and notify you via in-app banner at least 14 days before the change takes effect.

9. Contact

Questions about cookies? Email privacy@medocrate.com and we'll respond within 5 business days.

Questions about this policy? Contact us at legal@medocrate.com