Hospitual is currently in pilot/testing phase and is not yet open to the public; no live clinical or medical services are being provided through the platform at this stage.

Cookie Policy

HOSPITUAL LIMITED (trading as “Hospitual”)

Last updated: 22 May 2026

1. Introduction

This Cookie Policy explains how HOSPITUAL Limited (“Hospitual”, “we”, “our”, or “us”) uses cookies, browser storage, and similar technologies across the Hospitual public website and the Hospitual platform (the authenticated web application), and how visitors and users can manage or opt out of them.

This Cookie Policy should be read together with the Hospitual Privacy Notice, which explains how Hospitual processes personal data more generally in accordance with the UK General Data Protection Regulation (“UK GDPR”) and the Data Protection Act 2018.

Hospitual Limited is a company incorporated in England and Wales. For questions about this policy, please use the contact details in Section 11 below.

2. What Are Cookies and Similar Technologies?

Cookies are small text files stored on your device by your browser when you visit a website or use a web application. They let the site remember information about your visit — for example, keeping you signed in between page loads, or remembering your display preferences.

Local storage and session storage are browser features that allow websites to store small amounts of information directly within your browser, similar in purpose to cookies but accessible only by the website that set them.

In this Cookie Policy, the term “cookies” is used to refer collectively to cookies, local storage, session storage, and similar client-side technologies, unless otherwise stated.

3. Our Approach

Hospitual aims to keep the use of cookies and similar technologies to a strict minimum across both the public website and the platform. Specifically:

  • We do not use cookies or similar technologies for advertising, marketing pixels, or cross-site tracking.
  • We do not use analytics platforms such as Google Analytics, Facebook Pixel, Hotjar, or comparable tracking services.
  • We do not sell or share personal data collected through cookies with advertising networks or data brokers.

The cookies and storage described in this notice are limited to those required to operate the website and platform securely, to maintain authenticated sessions, to protect forms from automated abuse, and to remember a small number of visitor preferences.

4. Categories of Cookies and Storage We Use

4.1 Strictly Necessary

Strictly necessary cookies are required for the website or platform to function correctly and to be protected against abuse. This includes cookies that keep you securely signed in to the Hospitual platform and those that protect public-facing forms from automated submissions. These cookies cannot be switched off without affecting the functionality they support.

4.2 Functionality and Preferences

Functionality and preference storage is used to remember choices you make, such as your selected colour scheme on the public website. This storage is only created after you actively make a choice.

4.3 Analytics, Advertising, and Marketing

Hospitual does not currently use analytics, advertising, or marketing cookies on either the public website or the platform. If this changes in the future, this Cookie Policy will be updated and, where required by law, appropriate consent will be sought before any such cookies are set.

5. Why We Do Not Always Ask for Consent

Under the UK Privacy and Electronic Communications Regulations (PECR), consent is not required for cookies that are strictly necessary to deliver a service that the user has explicitly requested. This applies in two contexts on Hospitual:

  • Platform (authenticated app): When you sign in to your Hospitual account, session cookies are set without a consent banner because they are strictly necessary to provide the authenticated service you have requested.
  • Public website: The Cloudflare Turnstile challenge on the specialist application form is treated as strictly necessary to protect the integrity of that form.

Hospitual will ask for your consent before setting any non-essential cookies in the future.

6. Inventory of Cookies and Storage

The following table lists all cookies and browser storage used by Hospitual across the public website and the platform, as at the date shown at the end of this notice. The “Scope” column indicates where each cookie or storage item is active.

NameScopeTypeProviderPurposeDurationCategory
refresh_tokenPlatform (app)HTTP cookie (first-party, HttpOnly, Secure)HospitualKeeps you signed in by allowing Hospitual to renew your session without asking you to log in on every request. Set as HttpOnly and Secure so it cannot be read by JavaScript and is only sent over HTTPS.30 days. Cleared upon log out.Strictly necessary
trusted_devicePlatform (app)HTTP cookie (first-party, HttpOnly, Secure)HospitualSet only if you choose “remember this device” during multi-factor authentication, so Hospitual does not prompt you for an MFA code again on the same device for a limited time.7 daysStrictly necessary
Cloudflare Turnstile cookiesPublic website (/work-with-us only)Third-party cookies (challenges.cloudflare.com)Cloudflare, Inc.Detects automated or abusive form submissions on the specialist application form at /work-with-us. The cookies are set by Cloudflare during the challenge and are not readable by Hospitual.Short-lived (typically minutes to 30 days, set by Cloudflare)Strictly necessary
themePublic websiteBrowser local storage (first-party)HospitualRemembers the visitor’s preferred colour scheme (light or dark) so the site renders consistently across visits. Stored only after the visitor uses the theme toggle.Until the visitor clears it or selects “System” in the theme toggleFunctionality / preferences

7. Third-Party Services

7.1 Cloudflare Turnstile (Public Website)

Cloudflare Turnstile is loaded only on the specialist application form at /work-with-us to detect automated or abusive submissions. The service is provided by Cloudflare, Inc. and may set short-lived cookies on the challenges.cloudflare.com domain during the challenge.

Further information about Cloudflare’s use of cookies and the data Cloudflare processes is available in the Cloudflare Privacy Policy and the Cloudflare Turnstile documentation.

Cloudflare Turnstile is treated as strictly necessary for the protection of the specialist application form. Visitors who do not wish to interact with Cloudflare Turnstile may choose not to submit the specialist application form, or contact Hospitual using the contact details below to enquire about alternative submission methods.

7.2 Stripe (Platform — Payments)

Hospitual does not set third-party advertising, analytics, or social-media cookies on the platform. If you make a payment, Hospitual’s payment provider (Stripe) may set its own cookies on the Stripe-hosted payment page. Those cookies are governed by Stripe’s own cookie policy.

8. How to Manage or Opt Out

You can manage cookies and similar technologies in the following ways.

8.1 Platform Session Cookies

The refresh_token cookie is cleared automatically when you log out of the Hospitual platform. The trusted_device cookie expires automatically after 7 days. Blocking either cookie will prevent you from remaining signed in, meaning core features of the platform will not work.

8.2 Theme Preference (Public Website)

The theme preference stored in browser local storage can be removed at any time by selecting “System”on the theme toggle in the website header. Selecting “System” clears the stored value and returns the site to following your operating system’s colour scheme. The value is also removed when you clear browser storage for this site.

8.3 Cloudflare Turnstile (Public Website)

Cloudflare Turnstile is only loaded on the specialist application page at /work-with-us and is not present elsewhere on the website. Visitors who do not wish to load Cloudflare Turnstile can avoid visiting that page, or contact Hospitual using the contact details below to enquire about alternative submission methods.

8.4 Browser-Level Controls

Most modern browsers allow you to view, manage, block, or delete cookies and browser storage for individual websites. The relevant controls are usually found within browser settings under sections such as “Privacy”, “Cookies and site data”, or “Clear browsing data”.

Guidance for the most common browsers is available at:

Please note that blocking strictly necessary cookies or browser storage may affect the functionality of certain parts of the website and the platform, including the ability to remain signed in and to use the specialist application form.

9. Do Not Track and Global Privacy Control

Because Hospitual does not use analytics, advertising, or marketing cookies on either the public website or the platform, no additional tracking occurs that would need to be disabled in response to “Do Not Track” (DNT) or Global Privacy Control (GPC) signals. If analytics or similar technologies are introduced in the future, this position will be reviewed and this notice updated accordingly.

10. Changes to This Cookie Policy

Hospitual may update this Cookie Policy from time to time to reflect changes to the cookies and similar technologies used, operational changes, or changes in legal or regulatory requirements. If a change introduces non-essential cookies, we will ask for your consent before setting them.

The most recent version of this Cookie Policy will always be available at this page.

This Cookie Policy was last updated on 22 May 2026.

11. Contact Us

If you have any questions regarding this Cookie Policy, the cookies and browser storage used by Hospitual, or how to exercise your data protection rights, please contact:

Data Protection: [email protected]

General Enquiries: [email protected]

Postal Address:
HOSPITUAL Limited
Flat 1 Windsor House
Heathfield Gardens
London, W4 4JT
United Kingdom