— Legal · DrugRepAI

Cookie Policy

Last updated: May 14, 2026

DrugRepAI, an AI platform for drug repurposing based in Amsterdam, the Netherlands, places primary importance on the protection of personal data and the privacy of users who access its corporate website and/or its professional SaaS platform (hereinafter collectively the "Site and the Platform"). This Cookie Policy describes the types of cookies and similar tracking technologies that may be used on the Site and the Platform, the purposes for which they are used, the applicable legal bases, and how users can manage their preferences.

This Cookie Policy is coordinated with the Information on the Processing of Personal Data of DrugRepAI (hereinafter "Privacy Policy"), to which you should refer for all information regarding the processing of personal data, the categories of data processed, the legal bases, recipients, international transfers, and the rights of data subjects. In the event of any conflict or ambiguity, the Privacy Policy prevails over this Cookie Policy with regard to information on the processing of personal data strictly speaking.

1. What are cookies and tracking technologies?

Cookies are small text files that websites and digital platforms store on your device (computer, tablet, smartphone) through your browser when you visit or log in. Cookies allow the website or platform to recognize your device on subsequent visits, maintain an active session, remember your preferences, and collect information about your use of the service.

In addition to cookies in the strict sense, there are other tracking technologies that can operate in a similar way, including:

  • Local storage and session storage: client-side storage mechanisms that allow data to be stored in the user's browser without automatic expiration (local storage) or for the duration of the session (session storage).
  • Pixels and web beacons: small images or pieces of code embedded in web pages or emails that can record viewing or interaction events.
  • Technical session identifiers: tokens or identifiers generated by the server and associated with the user's session, necessary for authentication and service continuity.
  • Access logs and technical telemetry: automatically generated records of access, application events, performance, and service diagnostics generated by the technical infrastructure.

In this Cookie Policy, the term "cookies" is used broadly and includes, unless otherwise specified, all the tracking technologies described above, to the extent they are applicable to the DrugRepAI Site and Platform.

DrugRepAI operates as a professional SaaS platform, and the Site and Platform may be divided into a public institutional and/or commercial area (accessible without authentication) and a private application area (accessible after authentication with credentials). The types of cookies and tracking technologies present and active may differ between the two areas.

2. Types of cookies used

2.1 Based on duration

Cookies can be divided into the following categories based on their duration:

  • Session cookies: temporary cookies that are automatically deleted at the end of the browsing session, i.e., when the user closes the browser. They are typically used to manage authentication, session continuity, and temporary user preferences while using the service.
  • Persistent cookies: cookies that remain stored on the user's device for a specified period of time, even after the browser is closed, until they expire or are deleted by the user. They are typically used to remember user preferences, language, and consent choices, and to facilitate access to the platform in future sessions.

2.2 Based on the purpose

The cookies and tracking technologies used on the DrugRepAI Site and Platform can be divided into the following categories based on the purpose for which they are used:

a) Strictly necessary (technical) cookies

These cookies and similar technologies are essential for the proper technical functioning of the Site and the Platform. Without them, the Site would not function properly and the Platform would not be available. This category includes cookies necessary for:

  • authentication and management of access sessions to professional accounts;
  • security, prevention of unauthorized access and protection of service integrity;
  • load balancing and traffic distribution between servers;
  • storing essential interface preferences (e.g. selected language);
  • cookie consent management (storage of the choices expressed by the user in the banner);
  • continuity of login and access to reserved areas of the SaaS Platform;
  • managing demo requests, onboarding, and customer support to the extent strictly necessary for the operation of the service;
  • technical integrity of APIs and enterprise environments, where applicable.

Strictly necessary cookies do not require user consent and cannot be disabled via the cookie banner without compromising the essential functionality of the service. The legal basis for the use of these cookies is the Data Controller's legitimate interest in the proper functioning of the service or, where applicable, the performance of the contract.

b) Functional cookies

These cookies allow the Site and Platform to remember user preferences and choices in order to offer a more personalized and consistent experience. They are not strictly necessary for the service to function, but they improve the quality of the user experience. This category includes cookies used for:

  • remembering your language preferences and interface settings;
  • storing the user's professional dashboard settings and work configurations;
  • maintaining continuity of experience between subsequent sessions, beyond authentication requirements alone;
  • adapting the display of the Site or Platform to the preferences indicated by the user.

Functional cookies are optional and require the user's consent, unless they fall within the definition of strictly necessary technical cookies for the specific functionality requested. Disabling these cookies does not compromise access to the service, but may reduce the quality of the user experience.

c) Analytical/statistical cookies

These cookies and similar technologies are used to collect aggregate or anonymous information on the use of the Site and Platform, in order to analyze user behavior, monitor service performance, detect any technical anomalies, and improve product quality. Depending on the implementation method:

  • Anonymized or aggregated analytics cookies: where the data collected is strictly anonymized and does not allow re-identification of the user, these tools can be treated as technical cookies and do not require consent. The Data Controller uses, where possible, IP address anonymization and data aggregation techniques to minimize the impact on privacy.
  • Non-anonymized analytical cookies: where the data collected, even indirectly, allows the user to be re-identified or associated with identifying profiles, these cookies require the user's prior consent.

d) Personalization cookies

To the extent that the Platform provides user experience personalization features that go beyond the mere storage of essential functional preferences — for example, personalized workflow suggestions, advanced analytics configurations, or dynamic dashboard adjustments — the Data Controller may use cookies or similar personalization technologies only with the user's prior consent. At the time of publication of this Cookie Policy, the use of such cookies is [to be confirmed / not yet active: check before publication].

e) Marketing/profiling cookies

DrugRepAI is a professional B2B platform for drug repurposing and, as of the date of update of this Cookie Policy, does not use advertising profiling cookies or remarketing tools on the Site or Platform. Should the Data Controller intend to introduce such tools in the future, it will update this Cookie Policy and obtain explicit consent from users before activating them, in compliance with applicable provisions.

3. Details of the cookies and tracking technologies in use

The following table lists the main cookies and tracking technologies identified on the DrugRepAI Site and Platform as of the date this Cookie Policy was last updated. Some identifiers are indicated with a descriptive name (placeholder) as the exact technical name may vary based on the specific implementation or will need to be verified and updated before the final publication of this policy.

Name / Identifier Supplier Part Duration Purpose
[session_id] / [auth_token] DrugRepAI First party Session / expires on logout Technical session and authentication cookie. Necessary to maintain the authenticated user session in the reserved area of the SaaS Platform. Without it, it is not possible to access the professional account.
[cookie_consent] / [consent_prefs] DrugRepAI First party 6–12 months Consent management cookie. Stores the preferences expressed by the user in the cookie banner (acceptance, rejection, or customization). Necessary to avoid displaying the banner again at each visit and to respect the user's choices.
[lang_pref] / [ui_lang] DrugRepAI First party Persistent / 12 months Functional language and interface preference cookie. Stores the user's selected language and interface display preferences. Optional; does not affect access to the service if disabled.
[ui_settings] / [dashboard_config] DrugRepAI First party Persistent / variable Functional cookie for storing professional dashboard configurations and interface preferences. Optional; improves the user experience but is not essential for providing the service.
[csrf_token] / [xsrf_token] DrugRepAI First party Session Technical security cookie (CSRF protection). Necessary to prevent Cross-Site Request Forgery attacks and ensure the integrity of HTTP requests made by the authenticated user.
[load_balancer_id] / [lb_sticky] DrugRepAI / Infrastructure provider First or third party Session Technical cookie for load balancing and traffic distribution between servers. Necessary for service stability and continuity.
[analytics_id] / [_ga equivalent] [Analytics provider] Third party Up to 24 months Analytical/statistical cookie. Used to collect aggregate data on the use of the Site and Platform (e.g., pages visited, session duration, application events) to monitor performance and improve the service. Requires consent if not anonymized.
[perf_monitor] / [diag_token] DrugRepAI / [Performance monitoring provider] First or third party Session / short duration Cookie or technical identifier for tracking user performance, collecting diagnostic data, and detecting service errors or anomalies. Purpose: security, stability, and quality of the infrastructure.
[demo_form_token] / [crm_session] DrugRepAI / [CRM or form provider] First or third party Session / variable Cookie or technical identifier generated in relation to demo request forms, onboarding or customer support. Necessary for the application process to function properly and to prevent duplicate submissions.

4. Third-party services

Some cookies or tracking technologies present on the DrugRepAI Site and Platform may be managed by third parties (e.g., providers of technical analysis, performance management, authentication, CRM, customer support, API portal, or other technical services) independent of the Data Controller.

Third-party entities that manage their own cookies are independent controllers of users' personal data and operate in accordance with their own privacy and cookie policies, which users are encouraged to consult directly. DrugRepAI is not responsible for the data processing performed by these entities using their own cookies or tracking technologies.

Providers of IT, cloud, analytics, authentication, performance monitoring, and other technical services that process personal data on behalf of the Data Controller are appointed as data processors pursuant to Art. 28 GDPR and are contractually bound to process personal data exclusively on the Data Controller's instructions and in compliance with applicable data protection safeguards.

To the extent that cookies or tracking technologies managed by third parties involve the transfer of personal data to third countries outside the European Economic Area (EEA), the Data Controller ensures that such transfers take place in compliance with the provisions of Chapter V of the GDPR, in the presence of one of the following adequate guarantees:

  • an adequacy decision by the European Commission pursuant to Art. 45 GDPR;
  • the standard contractual clauses adopted by the European Commission pursuant to Article 46, paragraph 2, letter c), GDPR;
  • other appropriate guarantees pursuant to Art. 46 GDPR.

Upon user request, the Data Controller will provide information regarding the specific safeguards adopted in relation to existing transfers. For information on personal data transfers outside the context of cookies, please refer to Section 5 of the DrugRepAI Privacy Policy.

The following third-party service providers may be associated with the use of cookies or tracking technologies within the DrugRepAI Site and Platform:

  • Possible use for the collection of aggregated usage data, diagnostics and performance monitoring.
  • Possible use for managing demo requests, onboarding, and customer support.
  • Possible use for managing authentication and single sign-on.
  • Possible generation of technical cookies for load balancing, security, and session management.

5. Consent management and cookie banners

In compliance with the provisions of the GDPR, the EDPB transparency guidelines (Guidelines 05/2020), and the guidelines of the European and Dutch supervisory authorities (Autoriteit Persoonsgegevens) regarding cookies and tracking tools, the DrugRepAI Site and Platform adopt a transparent and granular consent management system.

When first accessing the Site or the Platform, the user is informed of the use of cookies through a cookie banner (Consent Management Platform), which allows you to express your preferences in an informed and granular manner. The banner offers the following options:

  • "Accept all": the user consents to the use of all cookies and tracking technologies listed in this Cookie Policy, including functional, analytical, and personalization cookies (where active), as well as strictly necessary cookies.
  • "Reject all except technical" (or "Continue without accepting"): the user rejects all cookies that are not strictly necessary. Only technical/essential cookies that are essential for the service to function will be active. Access to the Site and Platform remains guaranteed; some optional features may not be available.
  • "Personalize" (or "Manage preferences"): the user can granularly select the categories of cookies they wish to accept or reject, choosing between functional cookies, analytical cookies, and, where applicable, personalization cookies. Strictly necessary cookies cannot be deactivated as they are essential for the functioning of the service.

The consent given through the cookie banner is:

  • Free: the user does not suffer any detrimental consequences relating to access to the essential service if they refuse non-essential cookies.
  • Specific: consent is required separately for each category of non-necessary cookies.
  • Informed: the banner provides clear and accessible information on the use of cookies and their purpose.
  • Unambiguous: consent is expressed through a positive and deliberate action by the user (no pre-selected boxes for non-essential cookies).
  • Revocable: consent can be revoked or modified at any time with the same ease with which it was given.

The user can revoke or modify their cookie preferences at any time through the following channels:

  • the "Manage cookie preferences" link available in the footer of the Site and/or in the dedicated section of the Platform;
  • your browser settings.

Withdrawing your consent does not affect the lawfulness of processing based on your consent before its withdrawal. Withdrawing consent to cookies that are not strictly necessary may limit the availability of some optional features of the Site or Platform.

The preferences expressed by the user in the cookie banner are stored using a technical consent management cookie and remain valid for the indicated period, unless modified or revoked by the user.

6. How to disable cookies via browser

Regardless of the cookie banner and consent management options provided by the Data Controller, the user always has the option to set their browser to block all cookies or to receive a notification before a cookie is stored on their device. Instructions for accessing cookie settings in major browsers are provided below:

  • Google Chrome: Menu → Settings → Privacy and security → Cookies and other site data → Manage cookies. More information.
  • Mozilla Firefox: Menu → Settings → Privacy and security → Cookies and website data. Learn more.
  • Microsoft Edge: Menu → Settings → Cookies and site permissions → Cookies and stored data. More information.
  • Apple Safari (macOS): Preferences → Privacy → Manage website data. More information.
  • Apple Safari (iOS/iPadOS): Settings → Safari → Privacy & Security → Block all cookies. Learn more.
  • Opera: Menu → Settings → Advanced → Privacy and security → Cookies. Learn more.

Please note that completely disabling cookies via your browser may compromise the proper functioning of the DrugRepAI Site and Platform, including access to the reserved area and use of the professional features of the SaaS Platform, as even strictly necessary cookies may be blocked.

For more information on cookie management in general, the user can consult the website www.allaboutcookies.org or the resources made available by the Autoriteit Persoonsgegevens (AP) at www.autoriteitpersoonsgegevens.nl.

7. User rights and contact details

In relation to the use of cookies and tracking technologies that involve the processing of personal data, the user is entitled to all the rights recognized by the GDPR to data subjects, including:

  • the right to access your personal data (Article 15 GDPR);
  • the right to rectification of inaccurate or incomplete data (Article 16 GDPR);
  • the right to erasure (the "right to be forgotten") in the cases provided for by Article 17 GDPR;
  • the right to limit processing in the cases provided for by Article 18 GDPR;
  • the right to object to processing based on the Data Controller's legitimate interest, pursuant to Article 21 GDPR;
  • the right to data portability in the cases provided for by Article 20 GDPR;
  • the right to withdraw consent at any time, without prejudice to the lawfulness of the processing carried out before the withdrawal (Article 7, paragraph 3, GDPR);
  • the right to lodge a complaint with the competent supervisory authority.

To exercise your rights regarding cookies or for any other matter relating to this Cookie Policy, you may contact the Data Controller:

Data controller:
Registered office: Spinozastraat 47C, 1018 HJ Amsterdam, Netherlands
E-mail: info@moodglobalservices.com

As of the date of this Cookie Policy update, DrugRepAI has not appointed a DPO pursuant to Article 37 of the GDPR.

The competent national supervisory authority for DrugRepAI, located in Amsterdam, the Netherlands, is the Autoriteit Persoonsgegevens (AP), accessible at www.autoriteitpersoonsgegevens.nl. This does not affect the data subject's right to lodge a complaint with the supervisory authority of the European Union Member State in which they habitually reside or work, or where the alleged infringement occurred.

8. Cookie Policy updates

The Data Controller reserves the right to modify or update this Cookie Policy at any time, in particular to adapt it to regulatory changes, evolving guidelines from supervisory authorities, technical developments of the Site and Platform, or the introduction of new cookies or tracking technologies.

Substantial changes to this Cookie Policy will be communicated to users using the methods deemed most appropriate, including, where appropriate, via a prominent notice on the Site and/or Platform, or via email to registered customers.

The date of the last update is indicated at the top of this Cookie Policy. Users are advised to periodically consult this Cookie Policy to stay up-to-date on how DrugRepAI uses cookies and tracking technologies.

If you have any questions or requests for clarification regarding this Cookie Policy, please contact the Data Controller at the contact details indicated in Section 7.

← Back to home