Privacy Policy

Last updated: May 14, 2026 · Midasco (midasco.co)

HIPAA Notice: Midasco is a marketing agency, not a covered entity under HIPAA. However, because we serve healthcare practices, we take privacy seriously and ensure that all advertising strategies, audience targeting methods, and data practices are designed to be compliant with HIPAA marketing provisions. We do not collect, process, or store Protected Health Information (PHI) about patients.

1. Who We Are

Midasco ("we," "us," "our") is a performance marketing agency operating at midasco.co. We provide patient acquisition, paid media management, CRM automation, and related digital marketing services exclusively to US healthcare practices. Our registered business operates under the domain midasco.co.

2. Information We Collect

We collect information in two ways:

Information you provide directly: When you complete our contact or audit request form, we collect your name, email address, phone number, practice name, specialty, location, and details about your marketing challenges. This information is used solely to deliver the requested audit and communicate with you about our services.

Information collected automatically: We use Google Tag Manager (GTM-KQVCP6NR) to manage tracking tags on our website. Through GTM, we may collect standard web analytics data including pages visited, time on site, device type, browser, and referring source. This data is aggregated and anonymized — we do not identify individual visitors from this data.

Live chat: We use Tawk.to for live chat support. Conversations initiated through our chat widget may be recorded for quality and training purposes. Please do not share sensitive patient information through the chat.

3. How We Use Your Information

To deliver your requested free practice audit
To contact you about Midasco's services (you may opt out at any time)
To improve our website and services
To comply with legal obligations
To respond to your enquiries and provide 24/7 support

We do not sell your personal information. We do not share your information with third parties for their own marketing purposes.

4. Marketing Compliance for Healthcare Clients

When we run advertising campaigns on behalf of our healthcare clients, we adhere to the following practices:

No PHI-based targeting: We do not use Protected Health Information to target ad audiences. All audience targeting is based on geographic location, interests, and demographics — never medical records or health history.
HIPAA-compliant retargeting: We structure retargeting campaigns to avoid creating audiences based on condition-specific page visits that could constitute PHI.
Compliant ad copy: We review all ad creative for healthcare claims compliance, avoiding testimonials, guaranteed outcomes, or statements that could violate FTC or state medical advertising rules.
BAAs: Where required by our healthcare clients, we are prepared to discuss and enter into appropriate Business Associate Agreements.

5. Cookies

Our website uses cookies to improve your experience and track website performance. These include:

Essential cookies: Required for basic site functionality
Analytics cookies: Managed through Google Tag Manager to understand how visitors use our site
Third-party cookies: Tawk.to live chat may set cookies for chat session management

You can control cookies through your browser settings. Disabling cookies may affect some functionality.

6. Data Retention

We retain contact form submissions and audit request data for up to 24 months, after which they are securely deleted unless an ongoing client relationship requires longer retention. You may request deletion of your data at any time by contacting us.

7. Your Rights

Depending on your location, you may have rights to access, correct, delete, or restrict the processing of your personal data. To exercise these rights, contact us at: privacy@midasco.co

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our website uses HTTPS encryption. Third-party services (Google, Tawk.to) maintain their own security standards and certifications.

9. Third-Party Services

We use the following third-party services that may process data on our behalf:

Google Tag Manager & Google Analytics: Website analytics (Google Privacy Policy: policies.google.com/privacy)
Tawk.to: Live chat support (Tawk.to Privacy Policy: tawk.to/privacy-policy)
GoHighLevel (GHL): CRM and automation for client campaigns (GoHighLevel Privacy Policy available on request)

10. Children's Privacy

Our website is directed at healthcare professionals and business owners. We do not knowingly collect personal information from anyone under the age of 18. If we become aware that we have inadvertently collected such information, we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify active clients of material changes via email. The "Last updated" date at the top of this page indicates when changes were made.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Midasco
midasco.co
Email: privacy@midasco.co
LinkedIn: linkedin.com/company/midas-co-health