Medly AI Cookie Policy
Last updated: July 2025
1. Scope & Relationship to Other Policies
1.1. Who we are
Medly AI Limited ("Medly AI", "we", "us", "our") is a company registered in England and Wales (Company No. 15110302) and the controller responsible for any personal data collected through cookies and similar technologies operated in connection with our services.
1.2. What this Cookie Policy covers
This policy explains how we deploy and allow our select partners to deploy cookies, software development kits (SDKs), pixels, local- storage objects and other technologies that store or access information on your device (collectively "Cookies") when you: • visit www.medlyai.com or any sub-domain that links to this notice ("Site"); • use the Medly AI mobile or tablet app downloaded from an official app store ("App"); and • interact with embedded Medly AI content (for example, our payment pages or support pop-ups) that may appear on third-party sites [and our communications with you].
The Privacy and Electronic Communications (EC Directive) Regulations 2003 (as amended) ("PECR") apply to all of these delivery channels, not just traditional websites, whenever information is written to or read from a user's equipment.
When you use or interact with our Site, App, content and communications (and where required by applicable law), you have the option to accept, reject or adjust most of the categories of Cookies through our cookie consent management tool. You can modify these settings or withdraw your consent at any time at this link. Details of the cookies which we use (including third-party cookies and the partners with whom we may share your data) and their purposes are described via the link [and as set out below in section 3]:
1.3. How this policy fits with our other legal documents
This Cookie Policy supplements and should be read together with: • our Privacy Policy, which explains in detail how Medly AI processes personal data (including the personal data processed by Cookies); and • our Terms of Use, which set out the contractual rules for accessing our platform.
The Privacy Policy remains the primary document for matters such as lawful bases, data-subject rights and international transfers, whereas this notice focuses on the specific technologies that trigger consent or information duties under PECR.
1.4. Personal-data context
Under UK GDPR, identifiers like cookie IDs, advertising IDs and device fingerprints qualify as personal data whenever they can be combined with other information to single out or profile an individual. Consequently, where a Cookie allows us—or any third party working on our behalf—to recognise you, the processing principles in our Privacy Policy apply alongside the PECR rules summarised here.
1.5. How to contact us
If you have any questions about this Policy or our wider use of cookies, you can reach our Data Protection Officer at contact@medlyai.com or write to 85 Great Portland Street, London, W1W 7LT, United Kingdom.
2. What are cookies and "similar technologies"?
Cookies are only one of several ways an online service can store or read information from a user's device. Under PECR the same rules apply to any such "storage and access technologies," whether they sit in a web page, an email, a mobile app or a connected-TV SDK. The definitions below explain the main techniques you will meet on Medly AI.
2.1. HTTP cookies
Small text files sent by a website and returned by the browser on subsequent requests. They may be session‑based (deleted when the browser closes) or persistent, and may be first‑party (.medlyai.com) or third‑party.
2.2. Web storage & other browser APIs
localStorage, sessionStorage, IndexedDB and Service‑Worker caches hold larger values than cookies and do not accompany every HTTP request, but are regulated in the same way.
2.3. Tracking pixels
A 1 × 1 transparent image embedded in a page or email that records the device details, IP address and any associated IDs when it is fetched.
2.4. Mobile‑app SDKs & advertising IDs
Third‑party SDKs in native apps may read or write local data or access platform advertising identifiers (IDFA, GAID) for analytics or marketing.
2.5. Device fingerprinting
Combining browser or hardware attributes to derive a statistically unique identifier without writing to storage. The ICO treats this as tracking technology requiring consent.
3. Cookie inventory, purpose & retention
You can find more information about the individual Cookies we and our partners use, the purposes for which we use them and how long they are stored for [in the table below/link].
If you have given consent through our Cookie settings (where available), we may share information from our Cookies with select partners for the purposes of performance metrics, audience selection and targeted advertisement. More information can be found in our Privacy Policy.
Key purpose labels: • Strictly Necessary – these Cookies are essential to make the Site/App or your preference centre work. Without these Cookies, functionality you have requested —e.g. authenticating your account, remembering items in a basket, or honouring your Cookie choices cannot be provided. If you disable these Cookies, certain parts of our Site/App will not function for you. • Functional – these Cookies are not essential but enable various helpful features on our Sites/Apps (e.g. A/B tests, live-chat); • Analytics – these Cookies are not essential but help us to improve or optimise the experience we provide by allowing us to measure how users interact with our Site, App, content and communications - for example, by measuring the number of pages visited, whether or not email communications are opened or which parts of our App are used; • Advertising – these Cookies are used to collect information about your browsing habits in order to make advertising more relevant to you and your interest. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. We may share this information with other parties who help manage online advertising. • Social media – these Cookies are used when you share information using a social media platform or "like" button on our Site/App, or when you engage with our content on or through a social mediate site such as [Snap, TikTok or Instagram]. These Cookies collect information about your social media interaction with the Site/App such as whether or not you have an account with the social media site and whether you are logged into it when you interact with content on our Site/App. This information may be linked to targeting/advertising activities.
| Cookie | Domain / Provider | Purpose | What it does & typical data collected | Expiry | Party |
|---|---|---|---|---|---|
| CookieScriptConsent | medlyai.com | Strictly Necessary | Remembers whether you accepted or rejected non-essential cookies (stores consent string & time-stamp) | 1 month | 1st |
| X-AB | sc-static.net (Snap/Adobe Target CDN) | Functional (A/B testing) | Stores a variant ID so we can show you one version of a page and measure which version performs best | 1 day | 3rd |
| _ScCbts | medlyai.com | Functional | Snapchat Pixel timing helper that decides whether to fire certain Snap tags (stores a short-lived boolean/timestamp) | 7 days | 1st |
| _ttp | tiktok.com & medlyai.com | Advertisement | Assigns a unique TikTok ID to measure and optimise ad campaigns and personalise content; collects pseudonymous ID, page views, ad-event metadata | 3 months | 3rd / 1st |
| _scid | medlyai.com | Advertisement | Saves the Snapchat Pixel user ID so Snap can link on-site actions to ads; data = unique ID & event data | 1 year + 1 month | 1st |
| _scid_r | medlyai.com | Advertisement | Same as _scid, used across sub-domains for consistent Snap attribution | 1 year + 1 month | 1st |
| _fbp | medlyai.com | Advertisement | Facebook/Meta pixel identifier used to deliver, measure and retarget ads; holds a unique browser ID & time-stamp | 3 months | 1st |
| _tt_enable_cookie | medlyai.com | Advertisement | Flags that TikTok Pixel cookies are enabled; allows subsequent tracking of conversions | 3 months | 1st |
| ttcsid / *ttcsid_ ** | medlyai.com | Advertisement | TikTok Pixel session ID that stitches together events from the same browser session for attribution | 3 months | 1st |
| u_sclid | medlyai.com | Advertisement | Snap "cross-domain linker" ID to recognise a visitor across multiple domains for ad bidding | 13 months | 1st |
| u_sclid_r | medlyai.com | Advertisement | Read-only mirror of u_sclid used by Snap on some sub-domains | 13 months | 1st |
| u_scsid | medlyai.com | Advertisement | Snap cookie that records session-level behaviour for internal analysis/optimisation | Session | 1st |
| u_scsid_r | medlyai.com | Advertisement | Read-only replica of u_scsid for sub-domains | Session | 1st |
| _gcl_ls | medlyai.com | Advertisement | Google Ads Conversion-Linker local-storage key that stores ad-click info so conversions can be matched to clicks | 13 months | 1st |
| topicsLastReferenceTime | medlyai.com | Advertisement | Stores when Chrome's Topics API last provided interest segments for this browser, to limit how often topics are refreshed | 13 months | 1st |
| tt_sessionId | medlyai.com | Advertisement | Holds the TikTok Pixel session identifier so conversions in one visit can be linked together | Session | 1st |
| ph_phc_*_posthog | medlyai.com | Analytics | PostHog product-analytics cookie that keeps an anonymous distinctId, session count, feature-flag status to analyse usage across visits | 1 year | 1st |
| lastExternalReferrer | medlyai.com | Analytics | Captures the full URL of the external page that brought you to Medly AI (used for traffic-source reporting) | 13 months | 1st |
| lastExternalReferrerTime | medlyai.com | Analytics | Records the time-stamp of the above referrer event | 13 months | 1st |
| ph_phc_*_window_id | medlyai.com | Analytics | PostHog helper that distinguishes activity in multiple open tabs/windows during one visit | Session | 1st |
| ph_phc_*_primary_window_exists | medlyai.com | Analytics | Prevents duplicating events when a second tab is opened; expires when the tab closes | Session | 1st |
| tt_appInfo | medlyai.com | Analytics | TikTok Pixel storage key that caches app/pixel configuration to speed up subsequent loads | Session | 1st |
| tt_pixel_session_index | medlyai.com | Analytics | Index counter used by TikTok Pixel to label sequential events inside one session | Session | 1st |
Medly AI is designed for users aged 13 and over. We do not knowingly deploy cookies or similar technologies to profile children under 13, and our platform is not marketed to them. If you believe we have inadvertently collected information relating to a child, please contact contact@medlyai.com so we can delete it promptly.
4. How do you manage these Cookies
When you use or interact with our Site, App, content and communications (and where required by applicable law), you have the option to accept, reject or adjust most of the categories of Cookies through our cookie consent management tool. You can modify these settings or withdraw your consent at any time at this link. Consent is not required for Strictly Necessary Cookies.
We will prompt you to review or renew your preferences the earlier of: • 12 months which have passed since you last gave consent; or • we introduce a new purpose, category or third-party vendor; or • we materially change the way an existing cookie operates.
You may be able to set your browser to block all Cookies (apart from Strictly Necessary Cookies). For more information, please refer to your browser settings. Note that by disabling certain categories of Cookies, you may be prevented from accessing some features of our Site/App or certain content or functionality may not be available.
Web beacons can be rendered ineffective in some circumstances by opting out of Cookies or amending your Cookie settings in your browser. If you have further questions regarding how to stop the use of web beacons, please contact us using the details above.
Privacy policy
Terms of use
© 2025 Medly AI