Cookie policy

A cookie is a small file stored by the browser. In a SaaS app, it mainly serves to maintain a session, remember a preference or protect a request against abuse.

In this policy, the term cookies includes classic cookies and the storage or identification technologies used by browsers and web apps.

• Local or session storage in the browser.
• Server logs containing date, time, IP address, browser, errors or technical events.
• Session identifiers, security tokens or functional preferences.
• Performance and technical diagnostic measures when needed for the service.

• Session: keeps you signed in, secures access and expires automatically according to service settings.
• Security: helps prevent fraudulent sign-ins, CSRF attacks and unauthorized automated use.
• Preferences: remembers certain interface choices, such as language or strictly functional display settings.
• Performance: measures stability, errors and aggregated service usage to fix defects and improve experience.

To measure our site's audience we use a cookieless, privacy-friendly analytics solution (Cloudflare Web Analytics): no cookie is set, no personal data is collected and no cross-site tracking is performed.

• No advertising cookies.
• No cross-site tracking.
• No resale of browsing data.
• No marketing pixel in the clinic workspace.

Session cookies expire on sign out or after an idle period. Functional preferences may be kept up to 12 months, unless removed by your browser.

You can block or delete cookies from your browser. Blocking strictly necessary cookies may prevent sign-in, session security or some essential features.

• View and delete cookies from your browser settings.
• Block all or part of cookies, with the risk of breaking sign-in or essential features.
• Clear site data at any time from the browser.
• Contact us at hello@cabivet.com for any question about consent or your rights.

• Contractual necessity: cookies essential to authentication, security and service delivery.
• Legitimate interest: performance measurement, abuse prevention, diagnostics and reasonable service improvement.
• Consent: non-essential cookies where law requires prior consent.

Some technical, payment, communication or diagnostic providers may use their own cookies or similar technologies when needed for the service.

For security and operational reasons, we do not publish the identity of all infrastructure providers. The relevant providers are subject to confidentiality and data protection obligations.

• Essential: authentication, security, sessions, fraud prevention. Duration: session or up to 12 months.
• Functional: language, preferences, display. Duration: up to 12 months.
• Performance: errors, stability, aggregated usage. Duration: up to 24 months when enabled.

If we add non-essential analytics cookies or similar technologies, we will update this page and request consent where the law requires it.