Privacy Policy

Updated on September 26, 2024

Welcome to the Bedside at Mayo Clinic mobile app and related digital services (“Bedside at Mayo Clinic App” or “App”), an online mobile information and communications service provided by Mayo Clinic and all affiliates (“Mayo Clinic” or “We” or “Us”).

We take your privacy seriously, and we want you to know how we collect, use, share, and protect your information. In addition to this privacy policy (“Privacy Policy”), users of the Bedside at Mayo Clinic App should consult the Bedside at Mayo Clinic App Terms of Use as well as any product-specific terms and conditions that apply. You may review policies specifically related to patient information (protected health information or PHI) submitted through Mayo Clinic’s Patient Portal.

This Privacy Policy applies to the Bedside at Mayo Clinic App. Other Mayo Clinic online properties may have their own privacy policies that apply. You should review those privacy policies in connection with your use of those online properties.

What information we collect

Information you give us: We respect the right to privacy of all visitors to the Bedside at Mayo Clinic App. We receive and store some information that you enter on our App or that you provide to us through the App in any other way.

The information we collect or that you provide on or through our App or by using our services includes:

  • Data that may personally identify you, including your name, postal address, billing address, shipping address, e-mail address, home, work and mobile telephone numbers, age, date of birth, social security number, insurance policy number, physical characteristics that may personally identify you, sexual orientation, IP address, bank account number, credit or debit card number (for payment purposes only), national origin, ancestry, veteran or military status, medical conditions, race, citizenship, information about any physical or mental disabilities you may have, information related to your religious or philosophical beliefs, political opinions, information regarding your gender at birth and how you currently express your gender identity, information related to your sex life, such as pregnancy, child birth and related medical conditions, any history of criminal convictions, biometric information (such as fingerprints, exercise data, psychological characteristics, face prints, gait patterns, genetics, behavioral characteristics, voice, sleep data, and iris/retina scans), and genetic information (including familial genetic information) (collectively, “Personal Data”);
  • Information that you provide by filling in forms on our App, such as consent forms and questionnaires. It also includes information you provide when you register to use our App or use services available through the App or facilities. We may also ask you for information when you report a problem with our App. Some forms collect sensitive information, such as health information, necessary for us to provide our services to you;
  • Records and copies of your correspondence (including email addresses), if you contact us; and
  • Your responses to surveys that we might ask you to complete for research, development, and marketing purposes.

Information we collect automatically: We collect information about you automatically as you navigate through or use our App. Information collected automatically may include usage details, IP addresses, session replay and recording technology (recording your movements, clicks, etc. on our App), and information collected through cookies and other tracking technologies. As you navigate through and interact with our App, we may use automatic data collection technologies (such as auditing and tracking technologies referred to above) to collect certain information about your equipment, browsing actions, and patterns, specifically:

  • Usage Details. Details of your visits to our App, such as traffic data, logs, referring/exit pages, date and time of your visit to or use of our App, error information, clickstream data, and other communication data and the resources that you access and use on or in the App.
  • Device Information. Information about your computer or tablet, mobile device, and Internet connection, specifically your IP address, operating system, browser type, and App version information.
  • Location Data. Information about your location collected through geolocation technology. The Bedside at Mayo Clinic Application does not generally use geolocation. However, the App can collect and use geolocation information only for the limited purpose of suggesting providers that are near you. We will ask for your consent to use your location data when you first set up the app or when you first try to use any features that use your location. The App will not access your location unless you give your consent, and you do not need to give your consent if you do not want the App to access your location data. You may disable this functionality on your mobile device by removing permission for the Bedside at Mayo Clinic App to use location services at any time. We do not store your location data.

The information we collect automatically may include Personal Data or we may maintain or associate information we collect with Personal Data we collect in other ways or receive from third parties. It helps us to improve our App and to deliver a better and more personalized service by enabling us to:

  • estimate our audience size and usage patterns;
  • improve our product and services offering;
  • store information about your preferences, allowing us to customize our App according to your individual interests; and
  • recognize and/or authenticate you when you return to our App.

The technologies we use for this automatic data collection may include:

  • Cookies (or browser cookies). We and our service providers may use cookies, web beacons, and other technologies to receive and store certain types of information whenever you interact with our App through your computer, tablet, or mobile device. A cookie is a small file or piece of data sent from a website or mobile app and stored on the hard drive of your computer, tablet, or mobile device. On your computer, you may refuse to accept browser cookies by activating the appropriate setting on your browser, and you may have similar capabilities on your mobile device in the preferences for your operating system or browser. However, if you select this setting you may be unable to access or use certain parts of our App. Unless you have adjusted your browser or operating system setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website or use our App.
  • Do Not Track Signals. Some web browsers permit you to broadcast a signal to websites and online services indicating a preference that they “do not track” your online activities. At this time, we do not honor such signals. However, we do not track your online activities on or across third party websites or other online services for any purpose, including advertising, unless you specifically opt-in to a program or campaign that authorizes such tracking.

Email communications, newsletter, and related services

While the Bedside at Mayo Clinic App does not provide you with a direct opportunity to receive email communications from us or third parties, you may receive email communications from us in relation to your care at Mayo Clinic. For example, you can sign up for a free Mayo Clinic email newsletter. You can unsubscribe from this newsletter at any time. You may use the unsubscribe mechanism or link in our marketing emails if you wish to stop receiving marketing emails from us.

Email communications that you send to us may be shared with a customer service representative, employee, medical expert, or agent that is most able to address your inquiry. We make every effort to respond in a timely fashion once communications are received. Once we have responded to your communication, it is discarded or archived, depending on the nature of the inquiry. Note, that email communications that you send us are not automatically encrypted, and it is possible that unencrypted email communications with us may be accessed or viewed by another internet user while in transit to us.

Surveys

We occasionally survey visitors to our App. The information from these surveys is used in aggregated, de-identified form to help us understand the needs of our visitors so that we can improve our App. The information may be shared with third parties with whom we have a business relationship. We generally do not ask for information in surveys that would personally identify you; if we do request contact information for follow-up, you may decline to provide it. If survey respondents provide personal information (such as an email address) in a survey, it is shared only with those people who need to see it to respond to the question or request, or with third parties who perform data management services for our App. Those third parties have agreed to keep all data from surveys confidential.

How we use the information we collect

In addition to the uses described above, we use the information we collect for things like:

  • Optimizing the performance and user experience of our App;
  • Operating, evaluating, and improving our business;
  • Providing healthcare services;
  • Marketing and advertising products and services, including by inferring your interests from your interactions with our App and newsletters and tailoring advertisements, newsletters, and offers to you (both on our App and on other websites and online services) based on your interactions with us;
  • Sending you email newsletters;
  • Conducting research and analysis;
  • Communicating with you about your account, special events, and surveys; and
  • Establishing and managing your accounts with us.

We may combine this information with any other information we have about you, including any protected health information we have about you. If we combine this information with your protected health information, we will treat all of that information as protected health information and will only use or disclose that information as set forth in our Notice of Privacy Practices.

Texting

If you sign up to receive text messages from us through your Mayo Clinic Patient Portal, you are consenting to receive text messages related to your relationship with Mayo Clinic, including updates related to your visits, your Mayo Clinic Patient Portal account, one-time passcodes, billing notifications, prescription reminders, and care management. These texts are unencrypted, and message and data rates may apply. Message frequency may vary.

You can opt-out of SMS messages by texting STOP to the respective short code. Your opt-out request will generate one final message confirming that you have been unsubscribed. You will no longer receive SMS messages from the short code you opted out from. If you want to join again, sign up using your Mayo Clinic Patient Portal account or text HELP to the short code for instructions.

If you are experiencing issues with the messaging program, you can reply with the keyword HELP for more assistance. You can also contact Mayo Clinic Customer Assistance via phone at 507-738-4014 or email at PrivacyOffice@mayo.edu.

Note that carriers are not liable for delayed or undelivered messages.

Data retention

We will retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements. You may request that we delete your data by contacting us as provided below. However, we may not be able to honor that request in all instances given the laws and regulations that apply to us. For example, under state and federal law, we may be required to maintain some data that is specific to you and that may identify you, such as your medical records or other information. We may also have a legal basis or obligation to maintain medical and other information about you to provide care and treatment or to comply with our professional, legal, and other obligations.

Disclosure of your information

We may share the information we collect about you with third parties who we have engaged to help us provide the App, such as Epic, as well as the products and services available through our App. Your Personal Data may be disclosed to affiliates, contractors, service providers, and other third parties we use to support our business; any such use of Personal Data that includes protected health information will comply with our Notice of Privacy Practices and any authorization you have provided. The services provided by these organizations include providing IT and infrastructure support services, advertising, marketing, and payment processing services. Advertising and marketing partners may receive and use your Personal Data to assist us with our advertising and marketing efforts. In each case, we will ensure that these third parties have agreed to safeguard your data.

We may provide third parties with aggregate statistics about our visitors, traffic patterns, and related App information. These data reflect App-usage patterns gathered during visits to our App each month, but they do not contain information that personally identifies you unless you have given us permission to share that information.

We may also disclose your Personal Data:

  • to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Mayo Clinic about our App users are among the assets transferred;
  • to fulfill the purpose for which you provide it;
  • for any other purpose disclosed by us when you provide the information;
  • with your consent;
  • to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
  • to affiliates of Mayo Clinic to market their products or services to you if you have purchased one of our products and if you have not opted out of these disclosures. For more information, see Choices About How We Use and Disclose Your Information;
  • to enforce or apply our Terms of Use and other agreements, including for billing and collection purposes; and
  • if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Mayo Clinic, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices about how we use and disclose your information

Our sponsors and advertisers have agreed that they will not collect any personally identifiable information from our App visitors while using our App. To opt out of receiving advertising from our affiliates, you may use the unsubscribe link in the email or you can contact us using the Contact Information below.

The App may collect information using certain features, such as through your mobile device’s microphone, camera, or camera roll, for the purposes described in this policy. The App does not use these features without your permission. When you first try to use these features, we will ask for your consent. You do not need to provide your consent if you do not want the App to access your Personal Data through these features. You may disable the App’s access to these features on your mobile device by removing permission within your mobile device’s settings at any time.

Please review the information below regarding additional rights you may have regarding your Personal Data.

Your app store (such as the Apple App Store or the Google Play Store) may collect certain information in connection with your use of the App, such as Personal Data and other usage-based data. We do not control the collection of such information by a third-party app store, and any collection or use of such data will be subject to that third party’s applicable privacy policies.

Your rights regarding your information and accessing and correcting your information

For information in your Bedside at Mayo Clinic App, you can Contact Us through the Contact Information below to access and/or find out what information we have about you and to correct that information. You can also review and change your Personal Data by logging into our App and visiting either the Settings or Account Preferences sections. You may also notify us through the Contact Information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible or to delete your account. We cannot completely delete your personal information except by also deleting your account with us. We may not be able to accommodate your request if we believe it would violate any law or legal requirement or if we have a legal basis or obligation to maintain it, or if it would cause the information to be incorrect.

If you are a patient of Mayo Clinic, you can access the patient-related information that we maintain about you through your Mayo Clinic Patient Portal or through our health information management department. For more information about requesting your medical records, ask us or go online to the Patient and Visitor Guide for the location where you receive your care, then explore the release of information options: https://www.mayoclinic.org/patient-visitor-guide. You also can request a correction to your patient information through your Patient Portal or the Mayo Clinic health information management department. In our mobile app, you can request to deactivate your account; however, we are still required maintain your patient-related information under the Health Insurance Portability and Accountability Act (HIPAA) and other federal and state law.

Security

Whether you are visiting the Bedside at Mayo Clinic App or one of our clinic locations, we use reasonable security measures to protect the confidentiality of personal information under our control, and we appropriately limit access to it. We use a variety of information security measures to protect your online transactions with us. The Bedside at Mayo Clinic App uses encryption technology, such as Secure Sockets Layer (SSL), to protect your personal information during data transport. SSL protects information you submit via our App, such as your name and your health information. That being said, Mayo Clinic cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. We have taken reasonable steps to ensure the integrity and confidentiality of personally identifiable information that you may provide. You should understand, however, that electronic transmissions via the internet are not necessarily secure from interception, and so we cannot absolutely guarantee the security or confidentiality of such transmissions.

Users in the European Economic Area (EEA), the United Kingdom, and Switzerland

If you are a resident of the EEA, the United Kingdom, or Switzerland, the following information applies with respect to personal data collected through your use of our App.

Purposes of processing and legal basis for processing: As explained above, we process personal data in various ways depending upon your use of the services. We process personal data on the following legal bases: (1) with your consent; (2) as necessary to provide the services; (3) to comply with our legal obligations; and (4) as necessary for our legitimate interests in providing the services where those interests do not override your fundamental rights and freedoms related to data privacy.

Transfers: Personal data we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or processors maintain facilities. We will ensure that transfers of personal data to a country or an international organization outside the EEA, the United Kingdom, or Switzerland are subject to appropriate safeguards.

Your rights: You are entitled to the rights under Chapter III of the EU General Data Protection Regulation, the United Kingdom General Data Protection Regulations and Data Protection Act 2018, or Section 2 of the Swiss Federal Act on Data Protection with respect to the processing of your personal data, which include the right to access and rectify and to request erasure of personal data. In order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you. To exercise these rights, please contact Mayo’s Data Protection Officer at INTLcompliance@mayo.edu.

Complaints or concerns: You are welcome to raise any complaints or concerns to Mayo Clinic by contacting Mayo’s Data Protection Officer at INTLcompliance@mayo.edu. You also have the right to lodge a complaint with a supervisory authority.

Protecting children’s privacy

Our App is not intended for users under 18 years of age. No one under age 18 may provide any information to or through the App. We do not knowingly collect Personal Data from users under 18. If you are under 18, do not use or provide any information on or in our App or on or through any of their features, including your name, address, telephone number, email address, or any screen name or username you may use. If we learn we have collected or received Personal Data from a user under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from a user under 18, please contact us at the contact information below.

Our Patient Portal is available to patients 18 years of age and older. It is also available to patients who are between the ages of 13 years old and 17 years old with the permission of their parents or legal guardians.

Links to other websites

Our App may contain links to third-party websites. We have no control over the privacy practices or the content of these third-party websites. You should review the applicable third-party Privacy Policy and Terms of Use when visiting any other websites.

Privacy policy updates

We may need to update our Privacy Policy as technology changes and Mayo Clinic evolves. If we make significant changes to this Privacy Policy, we’ll post a prominent message on our App.

California residents

Mayo Clinic is a not for profit exempted from the California Consumer Privacy Act (CCPA).

California Civil Code Section 1798.83 (California’s “Shine the Light” law) permits users of our App that are California residents and who provide Personal Data in obtaining products and services for personal, family, or household use to request certain information regarding our disclosure of Personal Data to third parties for their own direct marketing purposes. If applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with which we shared your Personal Data with for the immediately prior calendar year. You may request this information once per calendar year. To make such a request, please contact us using the information below.

Contact information

If you have a question or concern regarding your privacy, please contact Mayo Clinic’s Privacy Officer using the contact information below:

Mayo Clinic Privacy Officer
200 First St. SW
Rochester, MN 55905
507-266-6286
PRIVACYOFFICE@mayo.edu

Sept. 30, 2024