bye acne← Back to home

Cookie Policy

How ByeAcne uses cookies and similar technologies on our website.

Last updated: April 1, 2025

1. What Are Cookies

Cookies are small text files placed on your device when you visit a website. They help the site remember your preferences, keep you signed in, and understand how you use the site. We also use similar technologies such as local storage and session tokens.

2. How We Use Cookies

Because ByeAcne is a HIPAA-regulated telehealth platform, we take a minimal approach to cookies. We do not use advertising cookies, third-party tracking pixels, or behavioral analytics that involve PHI.

We use cookies and session storage only for the following purposes:

3. Types of Cookies We Use

Strictly necessary
These cookies are required for the platform to function. They manage your authenticated session, maintain security tokens, and prevent cross-site request forgery. You cannot opt out of these cookies while using the platform.
Functional
These remember your preferences such as language and display settings so you do not have to reset them each visit.
Analytics (anonymized)
We use anonymized, aggregated analytics to understand how visitors use our public marketing pages (not the authenticated patient portal). No PHI or personally identifiable information is involved.

4. Authentication Tokens

For HIPAA compliance, we do not store authentication tokens in cookies. Instead, access tokens are held in memory only and refresh tokens are stored in an HttpOnly, Secure, SameSite=Strict cookie that is inaccessible to JavaScript. This prevents unauthorized access to your session through cross-site scripting.

5. Your Choices

You can control non-essential cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when a cookie is set. Note that disabling strictly necessary cookies will prevent you from using the authenticated portions of our platform.

To opt out of anonymized analytics on our marketing pages, you can enable "Do Not Track" in your browser settings or use a browser extension that blocks analytics scripts.

6. Updates to This Policy

We may update this Cookie Policy from time to time. Changes will be reflected in the "Last updated" date at the top of this page.

7. Contact

Questions about our use of cookies? Contact us at privacy@byeacne.co.