Effective March 14, 2023

The Website Privacy Policy (“Policy”) describes how the University of Maryland Medical System (“UMMS, we, our, or us”) collects, uses, and discloses personal information about visitors to our websites, umms.org and health.umms.org, and other web properties that link to this Policy (together, the “Sites”).

By accessing or using any of our Sites, you agree that your personal information will be handled as described in this Policy. Your use of the Sites, and any dispute over privacy, is subject to this Policy, including its applicable limitations of liability and the resolution of disputes. 

Note: This Policy does not apply to our collection, use, and disclosure of your protected health information (PHI), as defined by HIPAA (Health Insurance Portability and Accountability Act of 1996). PHI that we receive (for example, when you provide information through MyPortfolio, HIPAA-compliant forms on umms.org, or while you are receiving care from us) is treated in accordance with our Notice of Privacy Practices. If you have any questions about your PHI, please review the Notice of Privacy Practices. Alternatively, you may contact us using the information below in the “Contact Us” section of this Policy.

Personal Information We Collect

We may collect personal information about you directly from you, from third parties, and automatically through your use of our Sites.

Information We Collect From You

We may collect certain information directly from you when you use our Sites, including when you contact us, send us an email or submit information via an online form, register for an account or sign up to receive newsletters or information regarding events, submit a job application, or make a donation through our Sites. The categories of information we may collect directly from you include the following:

  • Identifiers, such as your name, address, phone number, email address, account name, date of birth and other similar identifiers.
  • Demographics, such as your gender, age, veteran status, and disability status.
  • Commercial information, such as credit card information, products or services purchased, or other purchasing or consumption histories or tendencies.
  • Pictures, audio and video, such as photographs for identification, voice recordings of business calls or in the context of your attendance at events or functions we organize.
  • Professional and educational information, such as employer, salary, job title, experience, skill or expertise and education.
  • Other information, found in comments, feedback or questions that you have provided to us via surveys, online forms, email or other communications.

Do not send PHI or confidential information via email. Email is not a secure means of communication and transmitting PHI or other confidential information risks that it will be accessed by a third party.

Information We Automatically Collect About You

We, and our service providers or business partners, may collect information about you automatically when you visit our Sites through the use of cookies, pixels, measurement codes and similar technologies. This includes information about your online activities over time and across different websites or online services. Please review our section below on “Our Use of Cookies and Related Technologies” for additional information. The categories of information we, and our service providers and business partners, may collect automatically include:

  • Identifiers, such as unique browser and device identifiers, cookie numbers, IP addresses, and other electronic identifiers.
  • Geolocation data of the device you are using to access our Sites.
  • Device parameters, such as the type of device you are using and other information related to how your device is interacting with our Sites.
  • Internet or other electronic network activity information, such as the date and time of your access, your browser type, IP address, information regarding your interaction with any websites, applications or devices associated with our Sites.
  • Commercial information, such as products or services purchased, content downloaded from our web properties or other purchasing or consumption history.

Information We Collect From Other Sources About You

We may collect information about you from other sources, including, but not limited to, commercially available sources, such as public databases (where permitted by law) . The categories of information we may collect about you from other sources include:

  • Identifiers. We may collect contact information such as email addresses from marketing vendors.
  • Commercial information. We may collect information on your purchasing history and potential interests from data supplementation services.
  • Public and Government Record Information. We may collect information about you from public sources, including court records and government agencies.
  • Demographics, such as your gender, age, or veteran status provided by data supplementation services or search engines.
  • Professional information, such as employer, salary, or job title from references, recruiters, or employment-related services.

How and Why We Use Your Personal Information

We may use your personal information for the following purposes:

  • Operating our business: We use your personal information to provide you with our products or services, to process and fulfill your requests, and for other customer service and business administration purposes.
  • Communicating with you: We may use your personal information to communicate with you.
  • Marketing: We may use your personal information to understand your preferences better and to appropriately personalize our marketing, to tailor the content and information that we may send or display to you, and to otherwise personalize your experiences while using the Sites. We may also use your personal information to send you news and newsletters, event updates, and to communicate with you about new features, events, or products offered by us or our business partners.
  • Exercising our rights: We may use your personal information to exercise our legal rights where it is necessary to do so. For example, we may use it to detect, prevent and respond to fraud claims, intellectual property infringement claims or violations of law or our terms and conditions.
  • Complying with our obligations: We may process your personal information to comply with legal or regulatory requirements, where this is required by law or regulation. This could include using it in response to court orders, to comply with privacy or financial regulations or to cooperate with law enforcement, other government entities or lawful investigations.
  • Protecting against harm: We may use personal information as we deem necessary to protect the rights and safety of us, you or others.

We may aggregate or de-identify any information collected about you, and we may use that aggregated or de-identified information for any purpose.

Personal Information We Share With Other Parties

For business purposes, we may disclose the personal information collected about you in the following circumstances:

  • Service providers and business partners: We engage service providers and business partners to assist us with operating and providing you our services. These service providers or business partners may perform marketing services, help us process orders, support email and messaging services and analyze information. Some of our service providers or business partners may engage their own service providers or business partners to further assist us.
  • Our affiliates: Our affiliates work closely with each other to provide you access to our services. We may share your personal information among our affiliates for marketing purposes, security, optimization of products and services and internal reporting. Unless otherwise specified, our affiliates will only use your information in the ways described in this Policy.
  • To comply with law or cooperate with reasonable requests: We may share your personal information with law enforcement agencies, courts, other government authorities or other third parties where we believe necessary to comply with a legal or regulatory obligation. We may share personal information as we deem reasonably necessary to support lawful investigations or otherwise to protect our rights or the rights of you or any other party. 
  • In the context of a transaction: We may share your personal information with potential transaction partners, service providers, advisors and other third parties in connection with the consideration, negotiation or completion of a corporate transaction in which we are acquired by or merged with another organization or we sell or transfer all or a portion of our assets or business.
  • Aggregate and Deidentified Information: We may disclose aggregate, anonymized, or deidentified information about you for any purpose permitted under applicable law.
  • Consent: We may disclose your personal information with your consent.

Our Use of Cookies And Related Technologies

We, and our service providers and business partners, use cookies and other tracking mechanisms to track information about your use of our Sites. We may combine this information with other personal information we collect about you (and our service providers and business partners may do so on our behalf).

  • Cookies. Cookies are small text files containing a string of alphanumeric characters. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to our Sites.
  • Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on your computer’s hard drive, clear GIFs are embedded invisibly on web and app pages. We may use clear GIFs (a.k.a. web beacons, web bugs or pixels tags) to, among other things, track the activities of Sites visitors, help us manage content, and compile statistics about Sites usage. We, and our service providers and business partners, also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded. 

You may be able to limit our ability to automatically collect certain types of information by adjusting the cookie settings on your web browsers, although if you do this you may not be able to use the full functionality of our Sites.  Please note that our Sites do not support Do Not Track requests at this time. Do Not Track (DNT) is a privacy preference that you can set in your web browser to automatically indicate that you do not want certain information about your webpage visits collected across websites when you have not interacted with that service on the page. 

Children’s Privacy

The Sites are not directed at and we do not knowingly collect information from children under the age of 13.

Third Party Links

Our Sites may contain links to other websites operated by third parties. This Policy does not apply to such websites, and we do not control and are not responsible for their privacy practices. These links do not imply endorsement or credibility of the service, information or product offered through the linked sites.

Contact Us

If you have questions about this Policy or our use of your personal information, please contact us via this secure online form.

Changes to the Statement

We may modify or update this Policy from time to time. We encourage you to visit this page and read this Policy at least once per year to learn about any changes to the way we collect, use, or disclose your personal information. If we make a material change to this Policy, we will take reasonable steps to notify you, as required by applicable law.