Cookies & Tracking Policy
Understanding how we use cookies, pixels, and tracking technologies
Introduction
Owner/Operator: Spyface Tech Company, LLC (ClinicBooking.com), 30 N Gould St Ste N, Sheridan, WY 82801, USA.
This Cookies & Tracking Policy explains how ClinicBooking.com ("ClinicBooking," "we," "us," "our") uses cookies, pixels, SDKs, local storage, and similar technologies (collectively, "cookies") on our websites and apps (the "Services"). It also explains how you can manage your choices, including withdrawing consent.
Manage Your Cookie Preferences
You can control your cookie settings and manage your consent preferences at any time.
(opens your consent preferences)
Quick Navigation
What are cookies, pixels, and web beacons?
Cookies
Small text files stored on your browser or device that uniquely (but typically pseudonymously) identify that browser/device.
Web Beacons
Tiny images or code (clear GIFs/pixel tags) that help measure usage (e.g., visits, conversions, email opens).
These tools let us remember your preferences, secure the Services, measure performance, and personalize content/ads.
Lifespan & source
Session
Stored only while your browser is open; deleted when you close it.
Persistent
Stays after you close the browser until it expires or you delete it.
First-party
Set by ClinicBooking on our domain(s).
Third-party
Set by partners/service providers (e.g., analytics, advertising) on their domains.
| Type | Definition |
|---|---|
| Session | Stored only while your browser is open; deleted when you close it. |
| Persistent | Stays after you close the browser until it expires or you delete it. |
| First-party | Set by ClinicBooking on our domain(s). |
| Third-party | Set by partners/service providers (e.g., analytics, advertising) on their domains. |
Why we use cookies
Essential
Required to operate core site/app features, security, load balancing, fraud prevention, and to honor your privacy choices. Cannot be disabled.
Functional
Remembers preferences (e.g., locale), improves speed/UI, and supports optional features. Can be declined.
Performance/Analytics
Measures usage, diagnostics, and experiments to improve the Services (e.g., pages viewed, clicks, dwell time). Can be declined/opted out.
Advertising/Targeting
Delivers relevant ads on our Services and elsewhere; measures ad performance. Can be declined/opted out.
Ad Personalization
If allowed, we may share hashed contact data with ad partners (e.g., Google Ads) for more relevant ads. Fully optional.
| Category | Purpose |
|---|---|
| Essential | Required to operate core site/app features, security, load balancing, fraud prevention, and to honor your privacy choices. Cannot be disabled. |
| Functional | Remembers preferences (e.g., locale), improves speed/UI, and supports optional features. Can be declined. |
| Performance/Analytics | Measures usage, diagnostics, and experiments to improve the Services (e.g., pages viewed, clicks, dwell time). Can be declined/opted out. |
| Advertising/Targeting | Delivers relevant ads on our Services and elsewhere; measures ad performance. Can be declined/opted out. |
| Ad Personalization | If allowed, we may share hashed contact data with ad partners (e.g., Google Ads) for more relevant ads. Fully optional. |
What data may be collected via cookies
Device and usage data such as: browser type/language, IP address, advertising ID, device IDs, referring/exit URLs, pages viewed, clicks, session length, timestamps, app version, and approximate geolocation. Where legally required, we collect/activate only with your consent.
For details on personal data, see our Privacy Policy.
Representative cookie inventory
The specific cookies in use may change over time (e.g., vendor updates, feature changes). Your current, precise list is always available via the panel.
5.1 First-party cookies (examples)
Name
cb_session
Category
Essential (Session)
Purpose
Maintains session state for secure navigation and forms (e.g., booking flow).
Lifespan
Session
Name
cb_consent
Category
Essential
Purpose
Stores your consent choices to honor them across visits.
Lifespan
Up to 6 months
Name
cb_locale
Category
Functional
Purpose
Remembers language/region to localize content (e.g., currency/phone formatting).
Lifespan
30 days
Name
cb_auth
Category
Essential
Purpose
Keeps you signed in securely (hashed). Not used for tracking outside the site.
Lifespan
Up to 30 days
| Name | Category | Purpose | Lifespan |
|---|---|---|---|
| cb_session | Essential (Session) | Maintains session state for secure navigation and forms (e.g., booking flow). | Session |
| cb_consent | Essential | Stores your consent choices to honor them across visits. | Up to 6 months |
| cb_locale | Functional | Remembers language/region to localize content (e.g., currency/phone formatting). | 30 days |
| cb_auth | Essential | Keeps you signed in securely (hashed). Not used for tracking outside the site. | Up to 30 days |
5.2 Third-party cookies & similar tech (examples)
Provider
Google Analytics (GA4)
Category
Analytics
Purpose
Site usage metrics; A/B tests. Examples: _ga, _ga_XXXX, _gid. Legacy: __utma, __utmz.
Lifespan / Opt-out
~24 months. Opt-out: Add-on.
Provider
Google Ads / DoubleClick
Category
Advertising
Purpose
Ad delivery & measurement. Examples: IDE, DSID; hashed list matching if you allow Ad Personalization.
Lifespan / Opt-out
Up to 24 months. Ads Settings.
Provider
Facebook / Meta Pixel
Category
Advertising
Purpose
Ad attribution/retargeting. Example: _fbp.
Lifespan / Opt-out
Up to 90 days. Controls in Facebook settings.
Provider
New Relic
Category
Performance
Purpose
Performance diagnostics and error tracking.
Lifespan / Opt-out
Varies; see provider policy.
Provider
LaunchDarkly
Category
Functional/Testing
Purpose
Feature flags & experimentation.
Lifespan / Opt-out
Varies; see provider policy.
Provider
Cloudflare
Category
Essential (Security)
Purpose
Bot mitigation, DDoS protection, and load balancing. Examples: __cf_bm, cf_clearance.
Lifespan / Opt-out
Short-lived/session. Cannot be disabled (security).
| Provider | Category | Purpose / Example Cookies | Typical Lifespan / Opt-out |
|---|---|---|---|
| Google Analytics (GA4) | Analytics | Site usage metrics; A/B tests. Examples: _ga, _ga_XXXX, _gid. Legacy: __utma, __utmz. | ~24 months. Opt-out: Add-on. |
| Google Ads / DoubleClick | Advertising | Ad delivery & measurement. Examples: IDE, DSID; hashed list matching if you allow Ad Personalization. | Up to 24 months. Ads Settings. |
| Facebook / Meta Pixel | Advertising | Ad attribution/retargeting. Example: _fbp. | Up to 90 days. Controls in Facebook settings. |
| New Relic | Performance | Performance diagnostics and error tracking. | Varies; see provider policy. |
| LaunchDarkly | Functional/Testing | Feature flags & experimentation. | Varies; see provider policy. |
| Cloudflare | Essential (Security) | Bot mitigation, DDoS protection, and load balancing. Examples: __cf_bm, cf_clearance. | Short-lived/session. Cannot be disabled (security). |
How long we keep cookies & logs
- Cookies: See lifespans above; exact durations may vary by vendor/version.
- Server access logs: Typically retained up to 12 months for security, troubleshooting, and audit.
Your choices: consent, control & opt-out
- Consent Manager: Use to accept/decline categories or withdraw consent anytime. Essential cookies are always on.
- Browser controls: You can block/delete cookies in your browser. Instructions: Chrome, Firefox, Safari, Edge.
- Analytics: Google Analytics opt-out add-on: download.
- Advertising choices: Google Ads settings: here. Meta/Facebook ad settings: within your Facebook account.
- Industry pages: EU: youronlinechoices.eu; US: aboutads.info.
Do Not Track (DNT) & Global Privacy Control (GPC)
- DNT: Browsers may send "Do Not Track" signals; there is no consistent industry standard. We currently do not respond to DNT.
- GPC: Where required by law (e.g., CPRA), we treat a valid Global Privacy Control signal as a request to opt out of "sale"/"sharing" for cross-context behavioral advertising.
Ad personalization (optional)
If you allow "Ad Personalization," we may share your email/phone in hashed form with ad partners (e.g., Google Ads) to deliver more relevant ads and measure performance. You can decline or withdraw this at any time in .
Regional notices
- EU/EEA/UK (GDPR & ePrivacy): We seek consent for non-essential cookies. You can withdraw consent at any time via the consent manager.
- California (CCPA/CPRA): You can opt out of "sale" or "sharing" of personal information used for cross-context behavioral advertising via our Do Not Sell or Share My Personal Information link and by adjusting .
Updates to this policy
We may update this policy from time to time. Material changes will be posted here and reflected in the Effective Date above.
Contact us
Additional Privacy Options
Do Not Sell or Share My Personal Information