This policy was last updated on February 27, 2021.
What information we collect
Information you give us: We respect the right to privacy of all visitors to the Mayo Clinic sites. We receive and store information you enter on our sites or give us in any other way, such as name, email address and phone number. This includes information you submit on forms, such as appointment request forms. Some forms collect sensitive information, such as health information, necessary for us to provide our services to you.
Information we collect automatically: When you interact with our sites and email newsletters, certain information about your use of our sites and interaction with our email newsletters is automatically collected. This information includes computer and connection information, such as statistics on your page views, traffic to and from our sites, referral URL, ad data, your IP address, and device identifiers. This information also may include your transaction history, and your web log information, how you search for our sites, the websites you click on from our sites or emails, whether and when you open our emails, and your browsing activities across other websites.
Much of this information is collected through cookies, web beacons and other tracking technologies, as well as through your web browser or device (e.g., IP address, MAC address, browser version, etc.).
Email communications, newsletter and related services
MayoClinic.org provides you with the opportunity to receive communications from us or third parties. You can sign up for a free Mayo Clinic email newsletter. You can unsubscribe from this newsletter at any time.
Email communications that you send to us via the email links on our site may be shared with a customer service representative, employee, medical expert or agent that is most able to address your inquiry. We make every effort to respond in a timely fashion once communications are received. Once we have responded to your communication, it is discarded or archived, depending on the nature of the inquiry.
The email functionality on our site does not provide a completely secure and confidential means of communication. It's possible that your email communication may be accessed or viewed by another internet user while in transit to us. If you wish to keep your communication private, do not use our email.
You may decide at some point that you no longer wish to receive communications from our site. To stop receiving communications, send an email message to firstname.lastname@example.org or send regular mail to the following postal address:
We occasionally survey visitors to our site. The information from these surveys is used in aggregated, de-identified form to help us understand the needs of our visitors so that we can improve our site. The information may be shared with third parties with whom we have a business relationship. We generally do not ask for information in surveys that would personally identify you; if we do request contact information for follow-up, you may decline to provide it. If survey respondents provide personal information (such as an email address) in a survey, it is shared only with those people who need to see it to respond to the question or request, or with third parties who perform data management services for our site. Those third parties have agreed to keep all data from surveys confidential.
How we use the information we collect
We use the information we collect for things like:
- Optimizing the performance and user experience of our sites
- Operating, evaluating and improving our business
- Fulfilling orders and requests for products, services or information
- Processing returns and exchanges
- Tracking and confirming online orders
- Delivering or installing products
- Marketing and advertising products and services, including identifying you on our websites and tailoring advertisements and offers to you (both on our websites and on other websites) based on your interactions with us in our stores and online.
- Conducting research and analysis
- Communicating with you about your account, special events and surveys
- Establishing and managing your accounts with us
We may combine this information with any other information we have about you, including, if you are a Mayo Clinic Patient, any PHI we have about you. If we combine this information with your PHI, we will treat all of that information as PHI, and will only use or disclose that information as set forth in our notice of privacy practices.
We will retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.
We may share information with third parties
We may share the information we collect about you with third parties who we have engaged to help us provide the services. In certain circumstances, these third parties may be permitted to use this data to improve the products and services they provide to Mayo Clinic or other customers.
Third parties may be provided with information such as IP addresses, traffic patterns and related site information. This data reflects site-usage patterns gathered during visits to our website each month. EU residents should refer to the section below entitled "Users in the European Economic Area (EEA) and Switzerland" for additional information.
We may also use or disclose your personal information if required to do so by law or on the good-faith belief that such action is necessary to (a) conform to applicable law or comply with legal process served on us or our sites; (b) protect and defend our rights or property, the sites, or our users; or (c) act to protect the personal safety of us, users of the sites or the public.
Interest-based advertising and your choices
If you click on an advertisement on MayoClinic.org and visit a site maintained by one of our sponsors or advertisers, please be aware that we are not responsible for the privacy practices of that site. You should read the privacy policies of each site you visit to determine what information that site may be collecting about you.
Our partner, Everyday Health, may use a third-party ad network provider, Collective Media, to help present advertisements on this website.
Your browser or device may include "Do Not Track" functionality. At this time, we do not respond to browser "Do Not Track" signals.
Whether you are visiting the Mayo Clinic site or in one of our clinic locations, we use reasonable security measures to protect the confidentiality of personal information under our control and appropriately limit access to it. We use a variety of information security measures to protect your online transactions with us. The Mayo Clinic site uses encryption technology, such as Secure Sockets Layer (SSL), to protect your personal information during data transport. SSL protects information you submit via our website, such as ordering information including your name, address and credit card number. That being said, Mayo Clinic cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. We have taken reasonable steps to ensure the integrity and confidentiality of personally identifiable information that you may provide. You should understand, however, that electronic transmissions via the internet are not necessarily secure from interception, and so we cannot absolutely guarantee the security or confidentiality of such transmissions.
Users in the European Economic Area (EEA) and Switzerland
If you are a resident of the EEA or Switzerland, the following information applies with respect to personal data collected through your use of our site.
Purposes of processing and legal basis for processing: As explained above, we process personal data in various ways depending upon your use of the services. We process personal data on the following legal bases: (1) with your consent; (2) as necessary to provide the services; and (3) as necessary for our legitimate interests in providing the services where those interests do not override your fundamental rights and freedom related to data privacy.
Transfers: Personal data we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or processors maintain facilities. We will ensure that transfers of personal data to a country or an international organization outside the EEA or Switzerland are subject to appropriate safeguards.
Your rights: You are entitled to the rights under Chapter III of the EU General Data Protection Regulation or Section 2 of the Swiss Federal Act on Data Protection with respect to the processing of your personal data, which include the right to access and rectify and to request erasure of personal data. In order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you.
Protecting children's privacy
We are committed to protecting children's privacy on the internet, and we do not knowingly collect personal information from children.
Links to other websites
Your California privacy rights
We do not share your personal information with unaffiliated third parties for their direct marketing purposes. We may, however, share your personal data with any Mayo entity or affiliate. You have the right to contact us and opt-out of such sharing for marketing purposes.
If you have a question or concern regarding your privacy, please contact Mayo Clinic's Privacy Officer using the contact information below:
Feb. 27, 2021