Cookie Notice

Genesis MD, Inc. (a California Professional Corporation), operating under the registered fictitious business name Genesis Sleep MD, Inc. (hereinafter referred to uniformly as “the Company” or “Genesis Sleep MD”)

Website: genesissleepmd.com
Effective Date: June 29, 2026
Version: 1.0
Last Updated: June 29, 2026


THIS COOKIE NOTICE EXPLAINS HOW THE COMPANY USES COOKIES AND SIMILAR TRACKING TECHNOLOGIES ON THE COMPANY’S PUBLIC-FACING WEBSITE, THE CHOICES YOU HAVE, AND HOW THE COMPANY HONORS OPT-OUT PREFERENCE SIGNALS. IT APPLIES TO THE COMPANY’S PUBLIC MARKETING ENVIRONMENT ONLY. NO MARKETING, ANALYTICS, OR ADVERTISING TRACKER IS DEPLOYED WITHIN THE COMPANY’S AUTHENTICATED CLINICAL PORTAL (SEE SECTION 5). THIS NOTICE SHOULD BE READ TOGETHER WITH THE COMPANY’S PRIVACY POLICY.

1. Introduction, Scope, and Definitions

1.1 Scope

This Cookie Notice (this “Notice”) applies to the public-facing, non-clinical website operated by the Company, located at genesissleepmd.com, together with the Sleep Blocker Quiz framework, the masterclass and marketing landing pages, the Tier 1 Foundations Program marketing surfaces, and all other public lead-capture and sales pages the Company manages.


This Notice does not apply to Protected Health Information (“PHI”) or to any activity within the Company’s secure, authenticated clinical environment (the Healthie EHR, including the integrated Zoom for Healthcare platform), which is governed by the Company’s HIPAA Notice of Privacy Practices. The Company’s overall handling of personal information collected through the public environment is described in the Company’s Privacy Policy, which this Notice supplements.


1.2 What Are Cookies and Similar Technologies?

A “cookie” is a small text file placed on your device by a website you visit, which allows the website to recognize your device, remember information about your visit, and operate certain features. Cookies may be “session cookies” (which expire when you close your browser) or “persistent cookies” (which remain on your device for a defined period or until deleted).


“Similar technologies” include web beacons (also called pixels or clear GIFs — tiny image files or code snippets used to record activity and measure engagement), server-side beacons and conversion measurement (event data transmitted from the Company’s server to a partner’s server, rather than directly from your browser), software development kits (SDKs), local storage, and device or browser fingerprinting techniques.


The Company uses these technologies to operate the site, remember your preferences, understand how the site is used, measure marketing performance, and, where you consent, support advertising.


2. The Granular Consent Classification Tree

The Company classifies cookies and similar technologies into the following four categories. Through the Company’s cookie-consent interface, you may accept or decline each optional category. Optional categories (Functional, Analytics, and Marketing) do not load or fire until you provide consent, except where a Strictly Necessary technology is exempt from consent as described below.


2.1 Strictly Necessary Cookies

These are essential to operate the website and to provide features you request. They support core site architecture, page navigation, security, fraud prevention, load balancing, session integrity, and the functioning of the checkout and payment process. Because the site cannot function properly without them, Strictly Necessary cookies do not require your prior consent and cannot be switched off through the Company’s consent interface.


2.2 Functional Cookies

These remember choices you make to provide enhanced, personalized features — for example, remembering your preferences, retaining your progress through Tier 1 course videos, and maintaining chat or interface configurations. Functional cookies are optional and load only with your consent.

2.3 Analytics / Performance Cookies

These help the Company understand how visitors interact with the Company’s public marketing pages — for example, which pages are visited, how users move through the funnel, and where errors occur — so the Company can measure and improve site performance. The Company uses these in a manner intended to evaluate aggregate interaction patterns rather than to build individualized advertising profiles. Analytics cookies are optional and load only with your consent.


2.4 Targeting / Marketing Cookies

These are used to measure the performance of the Company’s advertising and, where applicable, to support the delivery of advertising to you on external networks based on your interests and browsing activity. Because some of these technologies disclose information to advertising partners for cross-context behavioral advertising, their use may constitute “sharing” under California law (see Section 4 and the Company’s Privacy Policy). Marketing cookies are optional and load only with your consent, and are disabled where you opt out or transmit a recognized opt-out preference signal.

3. Third-Party Financing Tags and Tracking Disclosures (Cherry / CareCredit)

When you elect to explore or apply for point-of-sale financing through the Company’s independent third-party consumer lenders — CareCredit and Cherry — those lenders, or the scripts and tags associated with their checkout and application flows, may set their own cookies or tracking technologies on your device and may collect information directly from you. These third-party financing tags are controlled by the respective lender, not by the Company, and the lender’s collection and use of your information is governed by that lender’s own privacy and cookie policies.

For the avoidance of doubt, and consistent with the Company’s Terms of Service and Financial Agreement & Refund Policy, the Company is not a lender, creditor, or financing entity, and the placement or operation of any financing-related tracking technology by CareCredit or Cherry does not create any liability for the Company in connection with those lenders’ data practices. The Company encourages you to review the cookie and privacy policies of CareCredit and Cherry before submitting information to them.

4. Selling / Sharing and Cross-Context Behavioral Advertising

The Company does not sell your personal information for monetary consideration. However, certain Marketing technologies described in Section 2.4 — including server-side conversion measurement used to evaluate advertising performance — may constitute “sharing” of personal information for cross-context behavioral advertising as that term is broadly defined under the California Consumer Privacy Act, as amended by the California Privacy Rights Act (the “CCPA/CPRA”). Where this is the case, you have the right to opt out.


You may exercise that right through the Company’s cookie-consent interface, through the “Do Not Sell or Share My Personal Information” link anchored in the Company’s global website footer, and through a recognized opt-out preference signal as described in Section 6.

5. The Zero-Pixel Clinical Firewall

THE COMPANY DOES NOT DEPLOY ANY MARKETING, TARGETING, ANALYTICS, OR OTHER OPTIONAL ADVERTISING PIXEL, TAG, BEACON, OR TRACKING SCRIPT BEHIND ANY AUTHENTICATION GATE, WITHIN THE COMPANY’S SECURE PATIENT INTAKE SYSTEMS, OR ON ANY SUB-PAGE THAT HANDLES SPECIFIC MEDICAL CONDITIONS OR SLEEP-PATHOLOGY ENTRIES. ALL DATA COLLECTED WITHIN THE COMPANY’S AUTHENTICATED CLINICAL PATIENT PORTAL IS MANAGED WITHIN THE COMPANY’S SECURE, HIPAA-COMPLIANT HEALTHIE EHR AND IS FULLY INSULATED FROM CLIENT-SIDE COMMERCIAL TRACKING NETWORKS.

This “zero-pixel” boundary is a deliberate component of the Company’s compliance architecture. It maintains a structural separation between the Company’s public, non-clinical marketing environment (where consent-based cookies operate) and the Company’s authenticated clinical environment (where they do not), consistent with guidance from the U.S. Department of Health and Human Services, Office for Civil Rights (OCR), and Federal Trade Commission (FTC) enforcement activity concerning health-related online trackers. To further reduce risk, on health-related public pages the Company favors server-side conversion measurement with personal identifiers stripped over client-side third-party pixels.

6. Global Privacy Control (GPC) and Opt-Out Preference Signals

The Company recognizes and honors the Global Privacy Control (“GPC”) and other legally recognized opt-out preference signals. When you visit the Company’s public website using a browser or device configured to transmit a GPC signal, the Company’s systems are configured to treat that signal as a valid request to opt out of the “sale” or “sharing” of personal information associated with that browser or device, and to disable applicable Marketing and targeting technologies for that interaction, to the extent required by law. Because GPC operates at the browser and device level, you may need to enable it separately on each browser and device you use. The GPC signal does not affect Strictly Necessary cookies.


7. Cookie Lifecycle and Retention Parameters

The technologies described in this Notice have differing lifespans:

(a) Session cookies are temporary and are automatically deleted when you close your browser.

(b) Persistent cookies remain on your device for a defined retention period that varies by purpose — for example, analytics identifiers are generally retained for up to twelve (12) months, and functional-preference cookies for the period reasonably necessary to remember your settings — or until you delete them through your browser or withdraw consent through the Company’s consent interface, whichever occurs first.

(c) Server-side conversion and measurement records are retained for the period reasonably necessary to measure advertising performance and are then deleted or de-identified, consistent with the retention principles in the Company’s Privacy Policy.

You can delete or block cookies at any time through your browser settings; doing so may affect the functionality of certain features. Disabling Strictly Necessary cookies may prevent parts of the site from working.


8. Managing Your Choices and the 12-Month Re-Consent Schedule

8.1 Cookie-Consent Interface

On your first visit, the Company’s cookie-consent banner allows you to accept all, reject all optional categories, or set granular per-category preferences. Optional cookies (Functional, Analytics, Marketing) do not fire until you make a selection. You may revisit and change your choices at any time through the persistent cookie-preferences link and the “Do Not Sell or Share My Personal Information” and “Limit the Use of My Sensitive Personal Information” links in the Company’s global footer.

8.2 12-Month Re-Consent Prompt

The Company will re-prompt you to confirm or refresh your cookie preferences at least once every twelve (12) months, and additionally upon any material change to the Company’s tracking technologies or the purposes for which they are used. Refreshing your preferences allows you to reaffirm or change your prior selections.


8.3 Consent Records

The Company maintains a record of your cookie-consent choices — including an anonymized record of the consent event, a session identifier, the selections made, and a timestamp — as an audit trail to demonstrate compliance.

9. Changes to This Notice

The Company may update this Notice from time to time to reflect changes in the technologies the Company uses, the Company’s practices, applicable standards, or the law. The “Last Updated” date above reflects the most recent revision, and a versioned archive is available upon request. Material changes will be reflected in the Company’s consent interface and, where appropriate, will trigger a renewed consent prompt as described in Section 8.2.

10. Contact

For questions about the Company’s Cookie Notice or your cookie choices, or to exercise your privacy rights, contact:


Privacy / General Inquiries and Privacy Requests: [email protected]
HIPAA Privacy Officer (clinical / PHI matters): Dr. Meneena Bright
Mailing Address: Genesis MD, Inc., operating as Genesis Sleep MD, 510 Superior Avenue, Suite 200A, Newport Beach, California 92663
Registered Agent (Service of Process): 500 North Brand Boulevard, Suite 890, Glendale, California 91203


This Notice should be read together with the Company’s Privacy Policy (which describes your full California privacy rights and how to exercise them) and the Company’s HIPAA Notice of Privacy Practices (which governs PHI in the clinical environment).

Copyright © Genesis MD, Inc. 2026. All rights reserved. “Genesis Sleep MD,” “Genesis MD,” and “Genesis Protocol” are trademarks or service marks of Genesis MD, Inc.


Follow Us on Instagram

Get daily insights, sleep tips, and behind-the-scenes content from Dr. Bright

Facebook
Instagram
Twitter
LinkedIn
YouTube
TikTok