Please wait...

Cookie Policy

Cookie Policy – Part 1
1. Introduction
This Cookie Policy explains how Clinical Audit Compass Ltd uses cookies and similar technologies in accordance with the UK GDPR, the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR). 
This Part 1 outlines the purpose of cookies, the categories used, and the legal basis for non-essential cookies.

2. Scope of This Policy
This Policy applies to all users of the Clinical Audit Compass platform, including web and mobile interfaces. 
Cookies may be deployed through our website, authentication services, analytics systems, and third-party integrations such as Firebase.

3. What Are Cookies?
Cookies are small data files placed on your device to store information, maintain session functionality, and help improve user experience. 
Cookies may be set directly by Clinical Audit Compass (“first‑party cookies”) or by authorised third parties such as Firebase analytics (“third‑party cookies”).

4. Categories of Cookies We Use
We classify cookies into the following categories:

• **Essential Cookies** – Required for secure login, session management, and maintaining user authentication. Cannot be disabled.  
• **Functional Cookies** – Store preferences such as interface settings.  
• **Analytics Cookies** – Provide aggregated usage data through Firebase Analytics.  
• **Performance Cookies** – Help identify crashes or performance issues through Firebase Crashlytics.  
• **Security Cookies** – Assist in detecting malicious activity and preventing unauthorised access.

No cookies are used for advertising or behavioural profiling.


Cookie Policy – Part 2
5. How We Use Cookies
Cookies are used to maintain secure sessions, enhance user experience, and analyse performance. 
Essential cookies are required for the platform to function, while analytics and performance cookies help us refine and improve the Service.
We do not use cookies for advertising, tracking across third‑party websites, or behavioural profiling.

6. Firebase Analytics & Crashlytics Cookies
Firebase may deploy cookies or device identifiers. These assist in:
• measuring how users interact with the platform  
• identifying common navigation patterns  
• diagnosing errors and crashes  
• improving overall performance and stability  

Examples of Firebase-related identifiers include:  
• _ga (analytics)  
• _gid (session identification)  
• Crashlytics installation UUID  

These third‑party tools do not provide us access to personal user identities and only supply aggregated analytics.

7. Legal Basis for Non‑Essential Cookies
Under PECR and UK GDPR, non‑essential cookies require user consent. 
Consent may be collected through:
• a cookie banner (for website use)  
• in‑app prompts where analytics tracking is optional  

Essential cookies do not require consent as they are necessary for the platform to function safely.

8. Third‑Party Cookies
Third‑party cookies or technologies may be set by:
• Firebase Analytics  
• Firebase Crashlytics  
• Authentication providers  
• Payment processors (Stripe/Apple/Google)  

These third parties are obligated to comply with strong privacy and security standards and may process data subject to their own policies. 
We only work with GDPR‑compliant processors and maintain Data Processing Agreements where required.


Cookie Policy – Part 3
9. Managing Cookies
Users can manage cookie preferences through:
• Browser settings (Chrome, Safari, Firefox, Edge)  
• Device‑level privacy controls (iOS/Android)  
• In‑app analytics consent toggles (where implemented)  

Disabling essential cookies may result in limited functionality or inability to log in securely.

10. Browser-Level Cookie Controls
Most browsers allow users to:
• block cookies  
• delete stored cookies  
• receive alerts when cookies are being placed  
• restrict third‑party cookies  

Guidance links:
• Chrome: https://support.google.com/chrome/answer/95647  
• Safari: https://support.apple.com/guide/safari/manage-cookies  
• Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer  
• Edge: https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge

11. Cookie Lifespan
Cookies may be:
• Session cookies – deleted when the browser or app session ends  
• Persistent cookies – stored for predefined periods (e.g., 1–12 months)  

Firebase may generate persistent identifiers used solely for aggregated analytics and diagnostics. 
Persistent cookies never store user account details or confidential information.

12. Changes to This Cookie Policy
We may update this Cookie Policy periodically to reflect technological changes, regulatory updates, or developments to the platform. 
Material updates will be communicated through the platform or by email. Continued use of the Service constitutes acceptance of any updated Policy.

Contact Information:
For questions relating to this Cookie Policy, please contact:

Clinical Audit Compass Ltd (SC871235)  
Clyde Offices  
2nd Floor, 48 West George Street  
Glasgow  
G2 1BP  
privacy@clinicalauditcompass.co.uk