Cookie, Email And Push Policy
How NutriScope uses essential cookies, local storage, service notifications, push controls and non-essential analytics boundaries.
Audience: All NutriScope users and public website visitors
NutriScope should keep cookie, local-storage, email and push behaviour service-focused and PECR-aware. Non-essential analytics or marketing storage should not be activated without a valid consent or preference flow.
Cookies And Similar Storage
| Type | Purpose | Status |
|---|---|---|
| Authentication/session storage | Keeps users signed in and routes them to the right practitioner or client experience | Essential |
| Security and anti-abuse storage | Protects accounts, forms and service integrity | Essential where deployed |
| Interface preference storage | Remembers UI state such as sidebar open or closed state | Functional |
| Transactional email unsubscribe tokens | Lets recipients manage service notification preferences | Service-related |
| Web push subscription mapping | Lets opted-in signed-in users receive service notifications on trusted devices | Service-related, user-enabled |
| Analytics or marketing cookies | Measures marketing or product usage beyond essential service operation | Not enabled unless a compliant consent flow is added |
Service Email And Push
NutriScope sends service-related emails such as account confirmation, magic links, client invites, booking confirmations, booking reminders, tracker reminders, questionnaire notifications, unread-message notices and security emails. Signed-in users may also enable browser push for selected service notifications from Account settings.
- Service emails should stay narrowly related to the user's account or client relationship.
- Push notifications should stay service-related, user-enabled and avoid adding health details beyond the existing notification content.
- Marketing content should not be bundled into required service notifications.
- Non-essential emails should provide unsubscribe or preference controls.
- Security or account-critical emails may still be sent where necessary to provide and protect the service.
Marketing And Analytics
Marketing emails, advertising pixels and non-essential analytics require separate review before launch. If added, NutriScope should provide clear choices before activation and honour opt-outs.