Boston Scientific Privacy Notice

Last Updated: April 24, 2026

The Boston Scientific Website Privacy Notice (the "Privacy Notice") explains how Boston Scientific Corporation ("Boston Scientific," "BSC," "we," "our," or "us") collects, uses, discloses, and safeguards your personal data when you access or use our websites and applications that display or link to this Privacy Notice (collectively, the "Sites"), as well as certain products and services where such notice is required (collectively, the "Services").

This Privacy Notice also describes how you can access and update your information, and more generally how to exercise your privacy rights under applicable laws.

Supplemental provisions applicable to specific jurisdictions may be provided at the end of this Privacy Notice. Certain Sites and Services also may be governed by separate or supplemental privacy notices that we make available when we collect your personal data, as necessary.

From time to time, we may change this Privacy Notice. If we do, we will post an amended version on this Site. Please review this Privacy Notice periodically.

 

Data Controllers

The Boston Scientific legal entity that operates the relevant Site or Service and determines the purposes and means of processing your personal data acts as the "data controller" under applicable law. Because Boston Scientific operates globally, personal data may be processed by different controllers depending on the Site or Service, your location, the type of personal data and the nature of your interaction. You can check the contact details of the different Boston Scientific entities here.

When we refer to Boston Scientific or BSC, we mean the Boston Scientific entity acting as the data controller. Additional controller or regional contact information may be provided in supplemental notices where required.

For general inquiries, you may contact:

Global Privacy Office
Boston Scientific Corporation
300 Boston Scientific Way
Marlborough, MA 01752, USA
Email: GlobalPrivacy@bsci.com

Our EEA/UK Data Protection Officer can be contacted at:

EuropePrivacy@bsci.com
Boston Scientific, c/Ribera del Loira, 46 Edificio 2, Madrid, Spain

 

Personal Data We May Collect

Personal data refers to information that identifies (directly or indirectly), relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, with an individual. Personal data includes similar terms such as personal information.

Depending on the nature of your relationship with Boston Scientific and the purpose of the data processing activity, we may collect different types of personal data directly from you, through your use of our Sites (which includes our use of cookies and other tracking technologies on our Sites) or the provision of our Services (which includes related activities such as promotion or marketing), and from other sources described below. This may include (without limitation):

  • Direct identifiers: first name, last name, full name, or preferred/alternative name, government issued identification numbers, username and password
  • Contact details: email address, phone number, postal address, contact preferences
  • Demographic information: date of birth, age, gender
  • Professional data: profession, title, position, interests, location, information about your employer, professional ID number or registration, medical specialty, professional affiliations, and publications
  • Information about your preferences: testimonials, survey responses, responses to market studies in which you have participated
  • Financial information: payment-related information for payments we may need to perform (credit card or account details, bank information, tax-related information, amount to be paid, etc.)
  • Device and browsing information from your use of our Sites: such as those collected through cookies, pixels and tracking technologies, including IP address; hardware or device identifier, model, operating system, and browser; browsing history, such as pages on the Sites you access, the frequency of access, and what you click on while on the Sites, including search terms and quiz results. For further information see our Cookie Notice.
  • User-Generated content that you provide, such as posts you make on public forums or interactive features of our Sites and Services (e.g., testimonials, comments).
  • Health-related information: to the extent necessary and appropriate for specific Services, such as patient ID, model and serial number of the medical device, to fulfill the Services or products you have requested or that were recommended by a healthcare provider.
  • Other information you provide through forms or contact channels: for instance, your experience with our Sites or Services.

Sources of Personal Data That We Collect

We may receive certain personal data about you from the following categories of sources, depending on the nature of your interactions or relationship with us and any applicable consent that you provide:

  • You, your authorized representatives, and caregivers or others assisting you;
  • Third parties with whom you have established a relationship, such as your healthcare provider;
  • Health insurance companies (health plans), payment processors, and other financial institutions;
  • Service providers and vendors who provide services to BSC for the purposes described in this Privacy Notice;
  • Third parties who collect and provide personal data to us in accordance with applicable law, such as through mailing lists;
  • Consumer reporting agencies and other third parties who verify the information you provide to us.

In relation to our Sites, we may also receive information from cookies and tracking technologies (such as Google Analytics) or from social media and advertising platforms, where permitted by your user settings, such as when you access our Sites or Services from other websites or social media channels. For more information, please review our "Cookies and Other Tracking Technologies" section below and our Cookie Notice.

Additionally, if you share someone else's personal data with us, you must ensure you have the authority to do so and that the individual is informed about how we may process their personal data in accordance with this Privacy Notice, as necessary.

User Generated Content

We may invite you to post content on the Sites and Services or on third-party or social media platforms, including your comments, recommendations, or testimonials that may be available to the public ("User Generated Content"). Such platforms may include Facebook, Instagram, Yelp, or other social media channels. We may use and disclose User Generated Content to the extent permitted by law.

To request removal of your User-Generated Content, please follow the instructions provided by the third-party or social media platform to delete or remove your comment, or contact us at webmaster@bostonscientific.com.

 

How We Use Personal Data

We may use personal data for the following business purposes and applicable legal basis, to the extent permitted by applicable local law:

  • Fulfilling and supporting the Services or products you have requested, including responding to your questions and requests; based on the need to perform a contract to which you are party or to take steps at your request, or if applicable, for a public interest in the provision of healthcare services.
  • Creating and administering your account; based on the need to perform a contract to which you are party or to take steps at your request to that end.
  • Sending you product updates, newsletters, programs, promotions, or marketing communications about Sites and Services that you have used or shown your interest; based on our legitimate interests to promote our business, or with your consent. We may use profiling to personalize our relationship and information that we make available, such as to manage the type, content and frequency of our communications to you.
  • Understanding your interests and preferences to optimize your user experience;
  • Offering and facilitating your participation in virtual or in-person events (e.g., workshops, trainings, meetings, webinars); based on our legitimate interest to make suggestions that may be of interest to you based on Sites and Services that you have used or shown your interest, or with your consent.
  • Conduct a survey or market research; based on our legitimate interest to understand and improve our business, or based on your consent if applicable.
  • Market our products or services or the products and services of our subsidiaries or affiliates; based on your consent.
  • Engaging in regulatory monitoring and reporting obligations related to adverse events, product complaints, post-market surveillance, recalls, and patient safety, and similar quality assurance or safety measures; please also see our privacy notice for Adverse Events and Product Complaints; based on the need to comply with a legal obligation.
  • Testing and analysis to maintain the effectiveness, quality and safety of our Sites and Services, and to identify and repair errors or bugs that impair intended functionality; based on our legitimate interest in effectively providing and operating the Sites, and ensuring the stability and security of the Sites.
  • Chatbot interactions may be recorded and retained for quality assurance, training, analytics, and compliance purposes; based on our legitimate interest to ensure its correct functioning and improvement, and where applicable, on the need to comply with legal obligations.
  • Exercising or defending legal claims, including enforcing our contractual rights; based on our legitimate interests to defend our rights.
  • Protecting the safety and security of our property, workforce, your health and safety, or the health and safety of others; based on our legitimate interest to ensure safety.
  • Protecting against fraudulent, illegal or unethical activity, detect and prevent fraud, including monitoring activities in our facilities, devices, networks, communications and resources; performing identity verification; and conducting risk and security control and monitoring; based on our legitimate interest to ensure safety.
  • Evaluating or conducting a commercial transaction, acquisition, merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets; based on our legitimate interests to manage our business structure and ownership.
  • Conducting our business, such as vendor management, accounting, auditing, conducting internal investigations, maintaining records, and as necessary to comply with industry standards and our internal policies; based on the need to perform a contract to which you are party; or otherwise based on our legitimate interest to adequately operate our business.
  • Complying with this Privacy Notice or our legal obligations; based on the need to comply with a legal obligation.
  • Enforcing our Terms of Use; based on the need to perform such contractual obligations, or otherwise, based on our legitimate interest to defend our rights.
  • For any purpose that is reasonably necessary to or compatible with the original purposes for which you provide your personal data to us; we will inform you about these when appropriate.

 

Data Sharing and Transfers

We and our third parties may disclose your personal data for the purposes described above and under the same legal bases, as permitted by applicable law and to the following categories of recipients:

  • Our Affiliated Entities, including our U.S. headquarters and our current or future parent companies or subsidiaries. Please click here for a list of our relevant legal entities in each country.
  • Your authorized representatives such as your caregivers or others assisting you, in situations where you consent, where we believe disclosure is necessary to avoid a serious and imminent threat of physical harm, or as permitted by law.
  • Service providers, suppliers or vendors that provide services to us for the purposes described in this Privacy Notice and the Cookie Notice, such as those that provide IT or technical support, tax advice, auditing, accounts payable, legal services, communication tools, customer relationship management systems, survey tools or platforms, event organization management tools, website management and cloud hosting services. We enter into a contractual agreement that contains appropriate safeguards, including that the service provider, supplier or vendor must implement appropriate technical and organizational measures to protect personal data;
  • Site analytics vendors that collect and process certain personal information when you use our Sites, such as Google Analytics. Web analytics vendors use cookies to help us analyze how users interact with the Sites, compile reports on their activity, and provide other services related to their activity and usage. The information generated by web analytics vendors may be transmitted to and stored by the vendor and may be subject to the vendor's privacy policies and applicable laws and contractual obligations. To learn more about Google Analytics' privacy policies and how to control your information collected by Google, please see Google's Business Data Responsibility Site.
  • Healthcare providers including your physician, hospital, clinic and other provider(s) who are involved with the management of your care or related healthcare services.
  • Legal and Regulatory Authorities: This may include law enforcement authorities, regulatory agencies, courts and others as necessary to meet national security requirements, as part of a legal process, in order to protect our property, enforce Site terms of use, and to support audits, investigations, and inspections.
  • Other Partners: External organizations that we partner with to provide products and services, such as research partners or collaborators.
  • Interested parties in corporate transactions such as disclosures to prospective buyers in connection with a sale, merger, reorganization, corporate dissolution, or similar event, or to a successor company in the event of insolvency, bankruptcy or receivership.
  • With other persons or third parties with whom you have consented to receiving your personal data or as necessary to protect against fraud, illegal activity, and exercise or defend legal claims.

Some of our affiliates, subsidiaries and third parties to whom we transfer personal data are located outside the country or region where you reside or the data was collected, such as those located in the United States. To ensure your personal data will still be processed in compliance with our policies and applicable law, BSC uses contractual and technical safeguards as appropriate based on the nature of the personal data and local requirements.

For EEA residents, transfers outside the EEA are protected through appropriate safeguards, such as EU Standard Contractual Clauses and additional technical and organizational measures based on the nature of the processing activity.

If you have any questions regarding a third party's processing of your data, please refer to the request form available on this Privacy Notice to determine whether this information is accessible in your jurisdiction.

 

Chatbots and Automated Assistance

We may offer an AI-powered chatbot or virtual assistant feature on certain Sites. When you interact with our chatbot, we collect the information you choose to provide in your messages, which may include identifiers, contact information, and other information relevant to your inquiry.

We use and share this information with service providers and third-parties for the purposes described in this Privacy Notice, such as to:

  • Respond to your questions and provide customer support;
  • Improve our customer service operations;
  • Monitor and enhance the performance of our chatbot technology;
  • Support the chatbot functionality; and
  • Maintain the security and integrity of our systems.

Chatbot interactions may be recorded and retained for quality assurance, training, analytics, and compliance purposes.

Note that specific chatbots or virtual assistants may caution you against providing certain personal data when you engage with them, and you should carefully adhere to such instruction.

 

Security

We take the security of personal data seriously. We maintain reasonable administrative, technical, and physical safeguards to protect the personal data we collect and store from loss, misuse, destruction, or unauthorized access. However, no security measure or method of transmitting data is 100% secure and we cannot guarantee that the measures we maintain will ensure the security of your personal data.

We encourage you to take reasonable precautions to safeguard your personal data. This includes maintaining the security of your login credentials, password, username, or other forms of accessing password protected or secure areas of the Sites and Services.

 

Third-Party Links and Embedded Media

Our Sites may provide links to websites or apps that are managed by third parties, such as links to our social media pages.

Some of our Sites also may include embedded features such as videos or "plug-ins" offered by YouTube or other third parties. When you access a page containing embedded video content, your browser may automatically transmit certain information to the third-party provider, such as your IP address, device information, browser type, and information about your interactions with the content.

We do not control the privacy practices of those websites, apps or apps that are managed by third parties, and they are not covered by this Privacy Notice. We encourage you to review the privacy policies of any third party that you interact with to learn about their policies.

 

Minors

This website or mobile application is intended for adults and does not knowingly collect personally identifiable information from children. If you believe this website or mobile application might collect information from children, please contact us as described in this Notice.

 

Data Retention

We will retain your personal data for as long as necessary or appropriate to fulfill the purposes for which it was originally collected (as described above). Afterwards, we may retain personal data for additional time to comply with applicable contractual, regulatory, or legal obligations. We will take reasonable steps to delete personal data or we may anonymize personal data in accordance with applicable law.

See our Cookie Notice for information about the duration we retain personal data collected from cookies or tracking technologies.

 

Cookies and Other Tracking Technologies

We use cookies, pixels, web beacons, and similar tracking technologies (collectively, "technologies") based, where appropriate, on your consent as required by applicable regulations to:

  • Operate our Sites, through the use of technical and preference cookies and similar technologies;
  • Understanding your interests and preferences to optimize your user experience, including by analyzing how you interact with the Sites (e.g., through Google Analytics by identifying the number of visits or average time spent on a webpage) to understand which features and contents will be most relevant to you;
  • Analyze your browsing habits using targeting and advertising cookies and similar technologies (sometimes with the assistance of third-party partners) to create a user profile and provide more personalized content to you, including deliver ads on other websites or social media channels.

For more detailed information about the cookies and tracking technologies that we use, please review our Cookie Notice.

Depending on your country and relationship to Boston Scientific, we may request your consent before collecting personal data through these technologies. Even if you do consent, in some situations we may not collect or use your personal data unless it is necessary to operate the Site. You may manage your consent choices at any time through our Cookie Preference Center.

 

Your Privacy Rights

Depending on the country where the data was collected or where you reside, you may have the following rights:

Your right What this means
Right of access You can ask us for a copy of the personal data we hold about you and information about how we use it.
Right to rectification If any of your personal data is inaccurate or incomplete, you can ask us to correct it.
Right to erasure You can ask us to delete your personal data in certain circumstances. We may need to keep certain data to comply with our obligations as a medical device company or to defend legal claims.
Right to restriction You can ask us to limit how we use your personal data — for example while a query about accuracy is being resolved.
Right to data portability Where we process your data based on your consent or a contract, you can ask us to provide it in a format that you or another organisation can use, although there may be limitations on our ability to do so.
Right to object You can object to our processing in certain circumstances.
Right to withdraw consent If we process your data based on your consent, you can withdraw that consent at any time. This does not affect anything we did before you withdrew it.
Right to complain You have the right to complain to your local data protection authority. See your regional section at the end of this notice for contact details.

In addition, depending on the applicable region or country, you may have the following privacy choices:

  • Cookie Preferences: You may manage your preferences at any time through our Cookie Preference Center.
  • Browser Settings: You also can change your Internet browser settings to refuse all or some technologies. You can consult the instructions offered by different browsers using the following links:
    Firefox
    Chrome
    Microsoft Edge
    Safari
    For more information in this regard, please visit our Cookie Notice.
  • Universal Opt-Out Mechanisms: Our Sites recognize the Global Privacy Control ("GPC") signal. If you are using a browser setting or plug-in that sends an opt-out preference signal to each website you visit, we will treat that as a valid request to opt out of non-essential cookies. To download and use a browser supporting the GPC browser signal, click here: https://globalprivacycontrol.org/orgs. If you choose to use the GPC signal, you will need to turn it on for each supported browser or browser extension you use.
  • Do Not Track: Certain browsers offer a "Do Not Track" feature that sends signals to websites indicating that you do not want your online activities tracked. The Do Not Track feature does not work for every website or webpage and is separate from Global Privacy Control. To learn more about DNT, please visit http://www.allaboutdnt.com.
  • Geolocation Data linked to a specific Site or Service: Delete the mobile application or disable the location settings on your browser or device if you do not wish to share this information through our Sites. You may not be eligible to use certain Sites or Services if we cannot identify your geolocation.
  • Marketing Communications: We may periodically send you newsletters, e-mails, or similar communications about our products and services, requests for your feedback, or other information. If you no longer wish to receive such communications, please follow the directions in the communication to unsubscribe (such as email), stop (such as SMS text message), or log into your account to update your communication preferences.
  • Opt-Out of Internet-Based Ads: We work with advertising networks and ad service providers to display our ads on third-party websites or platforms. Many participate in industry self-regulatory programs that allow you to opt-out of Internet-based advertising, such as the Digital Advertising Alliance ("DAA") and the Network Advertising Initiative ("NAI"). To learn more, visit: http://www.aboutads.info/choices, http://www.aboutads.info/appchoices (mobile apps), http://www.networkadvertising.org/choices

Please note that exercising your privacy choices may not eliminate all ads or communications. Your choices also may not be effective if you block or delete cookies on your browser, use a different device or browser, or access services through other methods, such as mobile applications.

 

Contact Us

Please see contact details for individual countries or regions below. In addition, you may contact Global Privacy through the following channels if you have questions or complaints related to our privacy practices. When doing so, please include information about your identity, your relationship with us, and other relevant details.

  • Data Subject Rights request form
  • Global Privacy
    Boston Scientific Corporation
    300 Boston Scientific Way
    Marlborough, MA 01752-1234 (USA)
    E-mail: GlobalPrivacy@bsci.com
  • Our EEA/UK Data Protection Officer can be contacted at:
    EuropePrivacy@bsci.com
    Boston Scientific, c/Ribera del Loira, 46 Edificio 2, Madrid, Spain

 

Supplemental Information for the European Economic Area

The following information supplements the Privacy Notice above with respect to individuals located in the European Economic Area (EEA). Where this Supplement conflicts with the Global Notice, this Supplement prevails for individuals located in the EEA.

Supervisory Authority

You have the right to complain to your national data protection authority. All EEA supervisory authority contact details are at: https://edpb.europa.eu/about-edpb/about-edpb/members_en.

Top