Privacy Policy

Updated Decemeber 12, 2023

Welcome to the Mini-Eating Assessment Tool (“Mini-EAT”) website and related digital and online services (“Mini-EAT Site” or the “Site”), an internet-based, 9-item rapid dietary screener provided by Mayo Clinic and all affiliates (“Mayo Clinic” or “We” or “Us”).

We take your privacy seriously, and we want you to know how we collect, use, share, and protect your information. In addition to this privacy policy (“Privacy Policy”), users of the Mini-EAT Site should consult the Mini-EAT Terms of Use as well as any product-specific terms and conditions that apply. You may review policies specifically related to patient information (protected health information or PHI) submitted through Mayo Clinic's Patient Online Services.

This Privacy Policy applies to all websites and mobile applications where it is posted. Other Mayo Clinic online properties may have their own privacy policies that apply to those sites. You should review those privacy policies in connection with your use of those sites.

What Information We Collect

Information you give us: We respect the right to privacy of all visitors to the Mini-EAT Site. We receive and store some information that you enter on our Site or that you provide to us through the Site in any other way.

The information we collect or that you provide on or through our Site or by using our services includes:

  • Personal data including your date of birth, characteristics that may personally identify you (including your height and weight), race, ethnicity, information regarding your biological sex at birth, your education level, and your household income (collectively, “Personal Data”); and
  • Your responses to the Mini-EAT screener may be used for research and development purposes.

Information we collect automatically: The Mini-EAT Site does not collect information about you automatically as you navigate through or use the site. The Mini-EAT Site does not collect usage details, IP addresses, session replay and recording technology (recording your movements, clicks, etc.), or any information collected through cookies, web beacons, pixels tags, and other tracking technologies.

How We Use the Information We Collect

In addition to the uses described above, we use the information we collect for things like:

  • Operating, evaluating, and improving our business;
  • Providing healthcare services;
  • Fulfilling requests for services or information; and
  • Conducting research and analysis.

Data Retention

We will retain your information for as long as needed to provide you services, comply with our legal obligations, resolve disputes, and enforce our agreements. You may request that we delete your data by contacting us as provided below. However, we may not be able to honor that request in all instances given the laws and regulations that apply to us. For example, under state and federal law, we may be required to maintain some data that is specific to you and that may identify you, such as your medical records or other information. We may also have a legal basis or obligation to maintain medical or other information about you to provide care and treatment or to comply with our professional, legal, and other obligations.

Disclosure of Your Information

We may share the information we collect about you with third parties who we have engaged to help us provide the Site, as well as the products and services available through our Site. In this regard, we may disclose your Personal Data to affiliates, contractors, service providers, and other third parties we use to support our business. The services provided by these organizations include providing IT and infrastructure support services. In each case, we will ensure that these third parties have agreed to safeguard your data.

We may provide third parties with aggregate statistics about our visitors, traffic patterns, and related site information. These data reflect site-usage patterns gathered during visits to our website each month, but they do not contain information that personally identifies you unless you have given us permission to share that information.

We may also disclose your Personal Data:

  • to a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Data held by Mayo Clinic about our Site users are among the assets transferred;
  • to fulfill the purpose for which you provide it;
  • for any other purpose disclosed by us when you provide the information;
  • with your consent;
  • to comply with any court order, law, or legal process, including to respond to any government or regulatory request;
  • to enforce or apply our Terms of Use and other agreements; and
  • if we believe disclosure is necessary or appropriate to protect the rights, property, or safety of Mayo Clinic, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Choices About How We Use and Disclose Your Information

We do not control third parties’ use of cookies or how they manage the information collected through the use of cookies. In addition, we strive to provide you with choices regarding the Personal Data you provide to us. We have created or you have available mechanisms to provide you with control over your Personal Data:

  • Cookie Settings and Advertising. You can set your browser or operating system to refuse all or some cookies or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of our Site may then be inaccessible or not function properly.
  • Targeted Advertising. To learn more about interest-based advertisements and your opt-out rights and options, visit the Digital Advertising Alliance and the Network Advertising Initiative (NAI) websites (www.aboutads.info and www.networkadvertising.org). Please note that if you choose to opt out, you will continue to see ads, but they will not be based on your online activity. We do not control third parties' collection or use of your information to serve interest-based advertising. However, these third parties may provide you with ways to choose not to have your information collected or used in this way. You can also opt out of receiving targeted ads from members of the NAI on its website.

Your Rights Regarding Your Information and Accessing and Correcting Your Information

For non-patient information, you can Contact Us through the Contact Information below to access and/or find out what information we have about you and to correct that information. You may also notify us through the Contact Information below of any changes or errors in any Personal Data we have about you to ensure that it is complete, accurate, and as current as possible. We may not be able to accommodate your request if we believe it would violate any law or legal requirement or if we have a legal basis or obligation to maintain it, or if it would cause the information to be incorrect.

If you are a patient of Mayo Clinic, you can access the patient-related information that we maintain about you through Patient Online Services or through our health information management department. For more information about requesting your medical records, ask us or go online to the Patient and Visitor Guide for the location where you receive your care, then explore the release of information options: http://www.mayoclinic.org/patient-visitor-guide.You also can request a correction to your patient information through our Patient Online Services or health information management department. In our mobile app, you can request to deactivate your account; however, we are still required maintain your patient-related information under the Health Insurance Portability and Accountability Act (HIPAA) and other federal and state law.

Security

Whether you are visiting the Mini-EAT Site or a Mayo Clinic location, we use reasonable security measures to protect the confidentiality of personal information under our control, and we appropriately limit access to it. We use a variety of information security measures to protect your online transactions with us. The Mini-EAT Site uses encryption technology to protect your personal information during data transport. This encryption technology protects information you submit via our website. That being said, Mayo Clinic cannot ensure or warrant the security of any information you transmit to us, and you do so at your own risk. We have taken reasonable steps to ensure the integrity and confidentiality of Personal Data that you may provide. You should understand, however, that electronic transmissions via the internet are not necessarily secure from interception, and so we cannot absolutely guarantee the security or confidentiality of such transmissions.

Users in the European Economic Area (EEA), the United Kingdom, and Switzerland

If you are a resident of the EEA, the United Kingdom, or Switzerland, the following information applies with respect to personal data collected through your use of our Site.

Purposes of processing and legal basis for processing: As explained above, we process personal data in various ways depending upon your use of the services. We process personal data on the following legal bases: (1) with your consent; (2) as necessary to provide the services; (3) to comply with our legal obligations; and (4) as necessary for our legitimate interests in providing the services where those interests do not override your fundamental rights and freedoms related to data privacy.

Transfers: Personal data we collect may be transferred to, and stored and processed in, the United States or any other country in which we or our affiliates or processors maintain facilities. We will ensure that transfers of personal data to a country or an international organization outside the EEA, the United Kingdom, or Switzerland are subject to appropriate safeguards.

Your rights: You are entitled to the rights under Chapter III of the EU General Data Protection Regulation, the United Kingdom General Data Protection Regulations and Data Protection Act 2018, or Section 2 of the Swiss Federal Act on Data Protection with respect to the processing of your personal data, which include the right to access and rectify and to request erasure of personal data. In order to verify your identity, we may require you to provide us with personal information prior to accessing any records containing information about you. To exercise these rights, please contact Mayo's Data Protection Officer at INTLcompliance@mayo.edu.

Complaints or concerns: You are welcome to raise any complaints or concerns to Mayo Clinic by contacting Mayo's Data Protection Officer at INTLcompliance@mayo.edu. You also have the right to lodge a complaint with a supervisory authority.

Protecting Children's Privacy

Our Site are available for users aged 18 years of age or older. No one under age 18 may provide any information to or through the Site. We do not knowingly collect Personal Data from users under 18. If you are under 18, do not use or provide any information on or in our Site or on or through any of their features. If we learn we have collected or received Personal Data from a user under 18, we will delete that information. If you believe we might have any information from a user under 18, please contact us at the contact information below.

Links to Other Websites

Our Site may link to other websites, many of which have their own privacy policies. Be sure to review the privacy policy on the site you're visiting.

Privacy Policy Updates

We may need to update our Privacy Policy as technology changes and Mayo Clinic evolves. If we make significant changes to this Privacy Policy, we'll post a prominent message on our websites.

California Residents

Mayo Clinic is a not for profit exempted from the California Consumer Privacy Act (CCPA).

California Civil Code Section 1798.83 (California’s “Shine the Light” law) permits users of our Site that are California residents and who provide Personal Data in obtaining products and services for personal, family, or household use to request certain information regarding our disclosure of Personal Data to third parties for their own direct marketing purposes. If applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with which we shared your Personal Data with for the immediately prior calendar year. You may request this information once per calendar year. To make such a request, please contact us using the information below.

Contact Information

Contact Information If you have a question or concern regarding your privacy, please contact Mayo Clinic's Privacy Officer using the contact information below:
    Mayo Clinic Privacy Officer 200 First St.
    SW Rochester, MN 55905
    507-266-6286
    PRIVACYOFFICE@mayo.edu