Cookie Policy

This page covers both traditional browser cookies and adjacent technologies like localStorage and session storage. Together we’ll just call them “cookies” for simplicity, since the privacy expectations are similar.

We group cookies into three categories. You can change your preferences on the Cookie Settings page at any time.

• Strictly necessary. These make the Service work and cannot be turned off. They include:
  • bsc:history:v1: your past analyses and Q&A turns, stored locally so you can revisit them.
  • bsc:medications:v1: the medications you’ve added to the tracker (drug, dose, schedule, your personal notes), so the list is still there next time you visit.
  • bsc:symptoms:v1: your symptom journal entries (mood, symptoms, seizures, notes) and the data needed to render the 30-day trends view.
  • bsc:symptomPatternsDismissed:v1: the IDs of rule-based pattern callouts (e.g. “headaches worse on Mondays”) you have dismissed on /symptoms. Used so the same pattern doesn’t re-prompt; you can restore dismissed patterns from the strip above the trend chart.
  • bsc:appointment:v1: your pre-appointment prep details: next visit date, provider/clinic name, visit kind, any custom questions you’ve added, any generated questions you’ve dismissed, and any post-visit debriefs (what the doctor said, what changed, what’s next, and any “wish I’d asked” lines). Used to render the prep packet at /prep and the post-visit affordance on the home countdown widget.
  • bsc:starredQuestions:v1: questions you have starred on saved analyses (pathology decode, scan-report explanation, or scan-report comparison). Starred questions are pulled into your next prep packet at /prep so they carry into the visit. Unstarring removes the entry.
  • bsc:careTeam:v1: the contacts you’ve added on the Care team page: names, roles (neuro-onc, pharmacy, etc.), phone numbers, emails, and notes, plus which one is marked as your primary contact and which one is the after-hours line.
  • bsc:searchRecent:v1: the last five queries you typed into the universal-search palette (e.g. “temozolomide”), kept so we can show them as one-click chips next time you open search. Local-only, never uploaded. You can clear individual entries or the whole list from the empty state of the search palette.
  • bsc:analysisFeedback:v1: the per-analysis “was this helpful?” ratings (helpful / not helpful) plus any one-line note you added (e.g. “the AI said midline shift but my doctor said no”). Keyed by the history entry id so the indicator shows up on the right row in /history. Local-only, never uploaded. Cleared automatically when you delete the underlying analysis or clear all history.
  • bsc:emergencyCard:v1: the user-entered fields on the Emergency wallet card page: full name, year of birth, primary language, allergies, free-text emergency note, and an optional personal emergency contact (name, relationship, phone). The card’s diagnosis + medication + care-team rows are pulled at render time from the other storage keys, not duplicated here.
  • bsc:carePhase:v1: your explicit choice on the beyond-treatment view: either “set up my surveillance view” (surveillance) or “not yet, tuck this away for now” (unsure). We never infer this from other data.
  • bsc:survivorship:v1: your surveillance rhythm (next/last MRI date, cadence, imaging facility) and your late-effects monitor entries (category, severity, notes, and which items you’ve flagged for your next visit). Used to render the beyond-treatment view and its printable care plan at /beyond-treatment.
  • bsc:consent:v1: your current consent preferences, so we remember your choices.
  • Session cookies set by the hosting platform (Vercel) to deliver the page and prevent abuse.
• Analytics: we do not run any. No page-view tracking, no usage statistics, no behavioral data, no advertising pixels.
• Error tracking (opt-in, planned). We may add an opt-in error-tracking provider in a future release to help us catch crashes. It is not running today, no error-tracking scripts are loaded, and no error reports are being collected.

We do not currently use any third-party analytics or error-tracking provider. If we ever enable error tracking in a future release, we intend to use a privacy-respecting provider configured to strip personal data from stack traces (e.g. Sentry or similar). The chosen provider would be listed here once wired in.

When a provider is live, its scripts would only be loaded after your consent. You could revoke consent at any time; scripts would stop loading on your next page view, and you could clear any existing cookies they had set using your browser’s controls.

• We do not use advertising cookies.
• We do not use cross-site tracking cookies.
• We do not sell or share your data for advertising.
• We do not set non-essential cookies before you make a choice in the banner.

The easiest way to update your choices is the Cookie Settings page. You can also use your browser’s built-in controls:

• Chrome: Settings → Privacy and security → Cookies and other site data.
• Safari: Settings → Privacy → Manage Website Data.
• Firefox: Settings → Privacy & Security → Cookies and Site Data.
• Edge: Settings → Cookies and site permissions.

Deleting strictly-necessary storage (like bsc:history:v1) will clear your past analyses, which is fine, it’s your data. You can also clear your entire local history from the Past analyses page.

We honor the Global Privacy Control (GPC) signal where we detect it, by defaulting any opt-in tracking (currently just error-tracking) to off. The older “Do Not Track” signal is inconsistently implemented by browsers; we default to privacy-protective settings regardless.

Questions about cookies? Email info@gliowise.ai.