(320) 639-2229 | medical@babysonbroadway.com


Privacy Policy for Medical by Baby's On Broadway

Effective Date: Sep 23, 2023


Medical by Baby’s On Broadway (“we”, “us”, “our”) is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

Information We Collect

Directly Provided Information:


  • Account Registration: When you create an account with us, we collect details such as your name, email address, contact number, and password. This allows us to create a personalized user profile, ensuring a tailored experience.
  • Purchases and Transactions: For processing orders and transactions, we gather information like shipping address, billing details, and payment method. This ensures timely delivery and secure payment processing.
  • Inquiries and Support: When you reach out with questions or for assistance, the information you provide helps us address your concerns effectively and maintain a record for future reference.


Automatically Collected Information:


  • Browsing Data: As you explore our site, we track pages visited, time spent on each page, and the sequence of navigation. This helps us understand user behavior and preferences.
  • Technical Details: Information such as your IP address, browser type, device type, and operating system helps us optimize the site’s performance and layout for different devices and browsers.
  • Session Information: Data like session duration, bounce rate, and login frequency provide insights into user engagement and site usability.


Comments and User Interactions:


  • Community Engagement: Comments, reviews, and other user-generated content contribute to a dynamic community where users can share experiences, tips, and feedback.
  • Feedback Analysis: By analyzing user comments and reviews, we identify areas of improvement, popular products, and common concerns.
  • User Profiles: For users who choose to create profiles or avatars, interactions help build a sense of community and encourage more active participation.


Information from Third Parties:


  • Affiliate Data: We may integrate data from partners or affiliates, such as purchase history or preferences, to provide you with personalized offers and recommendations.
  • Social Media Integrations: If you choose to link or log in using social media accounts, we may receive data like your profile picture, friend list, or posts, enhancing the social aspect of our platform.
  • Market Research: Collaborating with research firms or analytics providers, we may integrate demographic data, market trends, or user behavior insights to refine our strategies and offerings.


By being transparent about the information we collect and its purpose, we aim to foster trust and ensure users that their data is handled with care and responsibility.

Purpose and Use of Collected Information

Service Delivery:


  • Order Processing: When you make a purchase or request a service, we use the information you provide to process and deliver your order efficiently. This includes sharing necessary details with logistics partners, payment gateways, and suppliers.
  • Customer Support: We use your information to address any concerns, answer queries, and resolve issues you might encounter while using our services. This ensures that you receive timely and effective assistance.
  • Account Management: For users with registered accounts, we use collected information to manage account settings, track order history, and provide personalized offers.




  • Newsletters and Updates: With your consent, we send periodic newsletters and updates to keep you informed about new products, services, and developments related to Medical by Baby’s On Broadway.
  • Promotions: We may use your information to send you promotional offers, discounts, and event invitations tailored to your preferences and purchase history.
  • Feedback and Surveys: Your feedback is invaluable to us. We may reach out to gather your opinions, reviews, and suggestions to understand your needs better and improve our offerings.
  • Notifications: For any changes to our terms of service, privacy policy, or other vital updates, we use your contact details to send notifications ensuring you’re always informed.


Site Improvement:


  • User Behavior Analysis: By analyzing how users navigate our site, which sections they visit most, and how much time they spend, we gain insights into user preferences and behavior.
  • Content Refinement: Based on user interactions and feedback, we continuously refine our content, ensuring it remains relevant, engaging, and informative.
  • Technical Performance: We monitor site performance metrics like page load times, server response times, and error rates to ensure our website remains fast, reliable, and user-friendly.
  • Feature Development: Understanding user needs helps us introduce new features, tools, and functionalities that enhance the overall user experience.


By understanding the purpose behind collecting information, we aim to build trust with our users, ensuring they know their data is used responsibly and to their benefit.

Cookies, Tracking, and Site Interactions

What are Cookies?


Cookies are small text files stored on your device when you visit a website. They help websites remember information about your visit, like your preferred language and other settings, making your next visit more convenient.


Types of Cookies We Use:


  • Session Cookies: These are temporary cookies that expire once you close your browser. They enable the website to keep track of your movement from page to page, ensuring that you don’t get asked for the same information you’ve already given.
  • Persistent Cookies: These remain on your device for a set period or until you delete them. They are used to remember your preferences and actions within the website.


User Preferences:


  • Personalized Experience: Cookies store user preferences like language, location, and browsing history, allowing us to tailor the browsing experience to each user.
  • Login and Authentication: For users with accounts, cookies help with secure login and remember account settings.


Site Analytics:


  • Behavior Analysis: We use cookies to gather data on how users navigate our site, which pages they visit, how much time they spend, and what they click on. This helps us understand user behavior and preferences.
  • Performance Metrics: Cookies help us measure the website’s performance, identify slow-loading pages, and ensure content loads quickly and efficiently.
  • Improvements and Optimization: Based on the analytics, we refine content, layout, and user pathways to provide a better user experience.


Third-Party Cookies:


  • Enhanced Features: Some cookies are set by third parties to enable enhanced features on our site, like videos or social media sharing.
  • Advertising and Marketing: We may use third-party cookies to show you relevant advertisements on other websites based on your browsing history on our site.


Managing Cookies:


  • Browser Settings: Most browsers allow you to manage cookies, including accepting or rejecting them and deleting existing ones. The method to do this varies by browser, but you can usually find instructions in the ‘Help’ section of your browser.
  • Opting Out: If you don’t want to be tracked by cookies, you can opt-out using tools provided by some third-party analytics companies.


We believe in being transparent about our use of cookies and ensuring users have the information and tools they need to make informed decisions about their data.

Embedded Content and Third-Party Integrations

Embedded Content:


  • Nature of Embedded Content: Our website may feature content such as videos, images, articles, widgets, and other multimedia that is embedded from third-party platforms.
  • User Experience: This embedded content provides users with a richer, more interactive experience without having to leave our website.
  • Data Collection by Third Parties: When you interact with embedded content, the third-party platform from which the content originates may collect data about your interaction, even if you don’t have an account or are not logged into that platform.


Third-Party Integrations:


  • Integration Purpose: We may integrate tools, plugins, or other software solutions from third-party providers to enhance website functionality, such as analytics tools, payment gateways, or customer support widgets.
  • Data Sharing with Third Parties: These integrations may require sharing certain user data with the third-party provider to function correctly. For instance, a payment gateway will need transaction details to process a payment.
  • User Consent: Before sharing any sensitive information with third-party integrations, we seek user consent and ensure that the third-party provider adheres to robust data protection standards.


User Precautions:


  • Awareness: We encourage users to be aware that when they engage with embedded content or third-party integrations, they may be subject to the privacy policies and terms of use of those third-party platforms.
  • Privacy Settings: Some third-party platforms allow users to adjust their privacy settings. We recommend users review and adjust these settings based on their comfort level.
  • Links to Third-Party Privacy Policies: Whenever possible, we provide links to the privacy policies of third-party platforms whose content is embedded on our site, allowing users to make informed decisions.


In our commitment to transparency, we aim to clearly communicate the nature of embedded content and third-party integrations, ensuring users are aware of potential data collection by external platform

HIPAA Compliance and Patient Information

The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal law that sets standards for the protection of sensitive patient health information. Medical by Baby’s On Broadway is committed to upholding these standards to ensure the utmost protection and confidentiality of patient health information.


What is HIPAA? HIPAA, enacted in 1996, provides data privacy and security provisions to safeguard medical information. It has become synonymous with healthcare data protection in the U.S.


Protected Health Information (PHI): Under HIPAA, PHI refers to any information about health status, provision of healthcare, or payment for healthcare that can be linked to a specific individual. This includes a wide range of identifiable health and demographic data.


Our Commitment: We ensure that any PHI we handle is kept confidential and secure. This includes both electronic records and any traditional paper records.


  • Data Sharing and Disclosure: We only disclose PHI when necessary for patient care or if required by law. Any third parties we share PHI with are required to adhere to HIPAA standards.
  • Patient Rights under HIPAA: Patients have the right to access their PHI, correct any inaccuracies, and get a record of disclosures. We are committed to upholding these rights and providing patients with the necessary means to exercise them.
  • Security Measures: We employ rigorous security measures, both electronic and physical, to protect PHI against unauthorized access, use, or disclosure. This includes encrypted storage, secure data transmission, and regular security audits.
  • Training and Awareness: All our staff undergo regular training on HIPAA compliance to ensure they understand and uphold these standards in their daily work.

Data Retention, Security, and Rights



  • Purpose of Retention: We retain user data to provide continued service, fulfill our legal obligations, resolve disputes, and enforce our agreements.
  • Duration: Data is stored for periods that adhere to legal requirements, industry standards, and best practices. The exact duration depends on the nature of the data and the purpose for which it was collected.
  • Data Archiving: In some cases, we may archive data for analytical or historical purposes, ensuring it remains inaccessible for general use.




  • Infrastructure: Our digital infrastructure employs state-of-the-art security measures to ensure data integrity and protection against unauthorized access.
  • Encryption: Data, both at rest and in transit, is encrypted using advanced encryption algorithms, ensuring it remains confidential and secure.
  • Regular Audits: We conduct regular security audits and assessments to identify and rectify potential vulnerabilities.
  • Incident Response: In the unlikely event of a security breach, we have an incident response plan in place to address and mitigate risks promptly.


User Rights:


  • Access: Users have the right to access their personal data to verify its accuracy and completeness.
  • Modification: If users find inaccuracies in their data, they can request modifications or corrections.
  • Deletion: Users can request the deletion of their data, subject to certain legal or operational retention requirements.
  • Data Portability: Users have the right to request a copy of their data in a structured, commonly used, and machine-readable format.
  • Objection: Users can object to the processing of their data for specific purposes, such as direct marketing.
  • Consent Withdrawal: If data processing is based on user consent, users can withdraw this consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

Data Sharing, Transfers, and International Considerations

Third-Party Sharing:


  • Trusted Partners: We collaborate with a select group of partners, such as payment processors, logistics providers, and marketing agencies. Any data shared with these entities is strictly for the purpose of enhancing our services and offerings.
  • Data Protection Agreements: Before sharing any data, we ensure that third-party partners enter into data protection agreements, committing them to maintain the confidentiality and security of the shared data.
  • Limited Access: Only necessary data is shared with third parties, and they are prohibited from using the data for any purpose other than what is explicitly agreed upon.
  • Regulatory Compliance: Any third-party partners we collaborate with are required to comply with relevant data protection laws and regulations, ensuring that your data remains protected under all circumstances.


International Transfers:


  • Global Reach: Given the global nature of our operations and collaborations, data may be transferred across international borders.
  • U.S. Data Processing: For users accessing our services from outside the U.S., please be aware that your data may be transferred to, stored, and processed in the U.S., where our primary data centers and servers are located.
  • Stringent Measures: Regardless of where your data is processed, we apply the same stringent data protection measures. This includes encrypting data during transit, ensuring secure storage, and implementing strict access controls.
  • Legal Frameworks: We adhere to international data transfer frameworks, such as the EU-U.S. Privacy Shield, ensuring that data transfers are compliant with international data protection laws.
  • User Consent: By using our services, users outside the U.S. consent to the transfer and processing of their data in the U.S. We always aim to be transparent about where and how data is processed and take steps to ensure its protection.


By being clear about our data sharing and transfer practices, we aim to provide users with the assurance that their data is handled with the utmost care, regardless of where they access our services from.

Policy Updates and Modifications

Adapting to Change: As the digital landscape evolves, and as our services and operations grow, it becomes necessary to review and update our Privacy Policy to reflect these changes. We are committed to ensuring that our policy remains current and in line with best practices and legal requirements.


Notification Mechanism:


  • Transparent Communication: Whenever there are significant modifications to our Privacy Policy, we will make efforts to communicate these changes to our users. This could be through email notifications, pop-up alerts on our website, or announcements on our main page.
  • Accessible Updates: Any updates or modifications will be incorporated into this Privacy Policy, which is accessible on our website. We encourage users to periodically review this policy to stay informed.


User Engagement:


  • Feedback on Changes: We value user feedback and are open to receiving comments or concerns about any changes made to the policy. This helps us ensure that our decisions align with user expectations and needs.
  • Ensuring Informed Consent: By continuing to use our services after any updates, users implicitly agree to the revised terms. However, we aim to make any significant changes clear, giving users an opportunity to understand and, if necessary, adjust their interactions with our platform.

Limitation of Liability

Inherent Risks of Online Platforms:


  • Nature of the Internet: The internet, by its nature, is an open environment. While we implement advanced security measures, data transmitted over the internet can be potentially accessed by unauthorized parties.
  • External Threats: Despite our best efforts, online platforms are susceptible to cyber threats, such as hacking, malware, and phishing attacks. We continuously monitor and update our systems to counter these threats, but complete immunity is challenging to achieve.


Our Commitment:


  • Proactive Measures: We invest in state-of-the-art security infrastructure, conduct regular security audits, and stay updated with the latest in cybersecurity to protect user data.
  • Incident Response: In the unlikely event of a security breach, we have a robust incident response plan in place. This includes immediate action to contain the breach, assess the impact, notify affected users, and take corrective measures.
  • Continuous Improvement: We learn from any security incidents and feedback, refining our security protocols and systems to prevent future breaches.


User’s Role:


  • Shared Responsibility: Data security is a shared responsibility. We urge users to protect their account credentials, use strong passwords, and be cautious of suspicious communications or requests.
  • Stay Informed: We recommend users stay informed about potential online threats and best practices for online security. This includes updating software, using trusted antivirus solutions, and being cautious about sharing personal information.


Liability Statement:


While we are committed to the highest standards of data protection, we cannot guarantee absolute security due to the inherent risks associated with online platforms. We shall not be liable for any indirect, incidental, consequential, or punitive damages resulting from unauthorized access to or use of user data unless such breach is a direct result of our negligence or willful misconduct.

Contacting Us

We value open communication with our users and are committed to addressing any concerns or inquiries related to our Privacy Policy and data protection practices.


How to Reach Us:


  • Phone: For immediate assistance, please call us at (320) 639-2229. Our representatives are available during regular business hours.
  • Email: For written inquiries, feedback, or concerns, you can reach out to us via email at medical@babysonbroadway.com. We aim to respond to all email communications within 48 hours.


What to Expect:


  • Prompt Response: We prioritize user communications and strive to address all inquiries in a timely manner.
  • Resolution: Whether you have a question, feedback, or a concern, our goal is to provide clarity and address issues to the best of our ability.


Feedback and Continuous Improvement:


Your feedback is invaluable to us. It helps us understand user perspectives and refine our practices. We encourage users to share their experiences and suggestions related to our privacy practices.


Physical Address:


For written correspondence or official communications, you can also reach us at:


47 E Broadway, Little Falls, MN 56345


710 W St Germain St, St Cloud, MN 56301

Skip to content