Privacy Policy

The Museum of Fine Arts, Boston, (MFA), is committed to protecting your privacy when you visit our Web site, shop at the MFA Store, purchase tickets or an MFA membership, make a donation, or visit the MFA. The MFA does not collect personally identifiable information about individuals, such as names, addresses, e-mail addresses, telephone numbers, and credit/debit card numbers (“Personal Information”), unless the individual visiting the MFA, the MFA Web site, or Online Store (collectively referred to as the “MFA”) voluntarily provides it. By visiting the MFA and using the MFA Web Site, you agree to be bound by the terms and conditions of MFA’s Privacy Policy. By providing Personal Information, you consent to our collection and use of it, as described in this Privacy Policy, as it may be revised from time to time. The MFA Privacy Policy governs our use and disclosure of Personal Information. The MFA Privacy Policy is outlined below.

1. The MFA’s Policy on Collecting Information

Non-Personal Information on the MFA Web Site

When you log into the MFA Web Site, the MFA automatically collects information about your Internet connection, including but not limited to: (i) the name of the Internet domain you used to access the Internet; (ii) the IP address of the web site from which you linked directly to the MFA Web Site; (iii) the date and time you accessed the MFA Web Site; and, (iv) the pages you visited. This information (“Non-Personal Information”) does not identify you personally. We use this Non-Personal Information to monitor the effectiveness of the MFA Web Site and to consider potential improvements to the MFA Web Site.


When you purchase a ticket or product on the MFA Web Site or over the phone, we need to know your name, billing and shipping addresses, telephone number, e-mail address, and credit card information to process your order. Your credit card information will be used only as needed to process your transaction. When you purchase a ticket or product in person at the MFA, we may also request that you provide us with certain other Personal Information, such as your zip code and e-mail address. You may decide whether or not to provide such information. If you purchase a ticket to an event or promotion that we conduct jointly with another organization or company, we may share certain Personal Information about you, such as your name, address and e-mail address, with the relevant organization or company.

Memberships and Donations

When you purchase an MFA membership or make a donation to the MFA, we will ask you to provide us with the Personal Information we need to process your membership and/or to acknowledge your contribution. This information includes your name, billing and shipping addresses, telephone number, e-mail address, and credit card information. Your credit card information will be used only as needed to process your transaction.


From time to time, the MFA may invite you to participate in surveys. You may decide whether or not you wish to complete such surveys, which may ask about your background, occupation, or similar questions. We use this information to help us better understand our visitors’ needs and interests, which in turn allows us to better meet your expectations. Our online surveys are powered by SurveyGizmo.


The MFA will occasionally offer visitors the opportunity to participate in contests or sweepstakes. If you choose to enter, you will need to provide your name and e-mail address so that we may contact you in connection with the contest. We may also request that you provide us with certain other information, such as your zip code, state of residence and grade in school.

MFA E-mail (MFA Mail)

As a service, the MFA offers the opportunity to subscribe to our e-mails. If you choose to subscribe, you will receive MFA Mail on the topics you choose. You may subscribe or unsubscribe at any time by following the simple instructions at the bottom of each e-mail. On occasion, the MFA may send e-mails to individuals who have provided us with their e-mail address, informing them of Museum events or promotions we think may be of interest.

MFA E-Cards

The MFA offers the opportunity to send e-cards featuring works in the MFA collection. If you choose to use our e-card service, you will need to provide your name and e-mail address, as well as the recipient’s name and e-mail address.

2. How the MFA Uses Information Provided by Visitors

Use of Personal Information

The MFA uses the Personal Information you provide to us for internal purposes, such as filling and tracking your purchases, analyzing trends and collecting statistics. The MFA may also compile and provide aggregate statistics about our visitors, customers, sales, traffic patterns and related site information to third parties, but these statistics will not include any Personal Information.

The MFA may contact you by mail, phone or e-mail to inform you of an event or promotion that we believe would interest you. We may combine Personal Information you give to us online, in our stores or at the Museum. We may also combine this information with publicly available information and information we received from or cross-reference with our third-party vendors and others. We may use this combined information to enhance and personalize your shopping experience with us, to communicate with you about products or events that may be of interest to you, or for other promotional purposes. You may opt out of receiving communications from the MFA by contacting us at

We do not make your Personal Information available to third parties except as permitted by this Privacy Policy. Your e-mail address will not be shared with any third party unless you specifically allow it at the time of purchase. Notwithstanding the foregoing, the MFA may disclose Personal Information when such disclosure is reasonably necessary to comply with the law; enforce the terms of any of our user agreements; or protect the rights, property, and safety of MFA, the users of its site, or others.

Use of Outside Vendors

The MFA may from time to time retain qualified third-party vendors in order to help us manage the MFA Web Site and allow us to better serve our visitors and customers. These may include third-party vendors we engage to analyze the information we collect on the MFA Web Site. The MFA requires its vendors to maintain the security of the Personal Information to which they are provided access and restricts third-party vendors from using Personal Information in any way not expressly authorized by MFA.

 We may contract with third parties who use Cookies to collect information on our behalf. These parties are required to maintain the confidentiality of this information. If you would like to opt out of this use of your information, you can change the preferences of your browser so that it does not accept Cookies. We may contract with companies or others to provide certain services, including credit card processing, data management, promotional services, etc. We provide these service providers with the information they need to perform these services, but we restrict them from using the information in any way not expressly authorized by MFA.

Transfer of Ownership of Collected Information

MFA is the sole owner of the Personal Information collected on or through the MFA Web Site, in our stores or at the Museum. Personal Information collected from you may be transferred to a third party as a result of a sale, acquisition, merger or bankruptcy involving MFA.

3. Use of Cookies


Cookies are small files of information that are stored on your computer’s hard drive by your Web browser. The cookies we use do not contain any Personal Information. We place cookies on visitors’ computers to collect aggregate information for site traffic analysis, such as the number of visitors and the number of pages viewed. Most Web browsers automatically accept cookies, but you can change the preferences of your browser so that it does not accept them. In order to use all the features of the MFA Online Store, we recommend that you accept cookies.

4. Linked Sites


The MFA Web Site may include links to web sites operated by third parties over which we have no control. MFA is not responsible for the privacy practices of such other sites and encourages you to be aware when you leave the MFA Web Site and to read the privacy policies of each and every web site that collects Personal Information. Once you leave the MFA Web Site, the MFA Privacy Policy will not apply, and you access such sites at your own risk.

5. Children and Parents

Children Twelve and Under

MFA does not solicit Personal Information from children. Visitors twelve years of age and under should remember that they are required to obtain an adult’s permission before submitting any Personal Information to this or any other Web site. If your child has submitted Personal Information and you would like to request that such information be removed, you may contact us via one of the contact methods described on the MFA Web Site and we will promptly remove such information and shall not use such information or include it in our database. Users twelve and under and their parents or guardians are advised that any Personal Information voluntarily entered by children may be available for use until MFA becomes aware that a user is under the age of thirteen and has had a reasonable opportunity to remove the information from the MFA Web Site.

6. Security Measures


MFA uses commercially reasonable security standards to protect your Personal Information. MFA secure server software uses industry-standard Secure Socket Layer (SSL) encryption technology. SSL encodes your Personal Information as it travels over the Internet so that all transactions are secure. If you prefer, you may also place a MFA Store order by phone at (617) 369-3575 or by fax at (617) 859-9903. For membership gifts, please call (617) 369-3395; for donations, please call (617) 369-3004.


The MFA takes commercially reasonable precautions to protect your Personal Information both online and off-line, but absolute security cannot be guaranteed. It is important for you to protect against unauthorized access to your password and to your computer. The MFA shall not be liable for the transfer or use of any Personal Information resulting from loss or distribution of data, the corruption of storage media, power failures, natural phenomena, riots, acts of vandalism, sabotage, terrorism or any other event beyond the MFA’s reasonable control.

7. Revisions to the MFA Privacy Policy

Revisions to our Privacy Policy

Please note that MFA may revise its privacy policy at any time, without notice. Any such change is effective immediately upon posting it on the MFA Web Site. Such revisions may arise in response to changes in the law, policy, or other factors. You agree to be bound by this Privacy Policy and any modifications to this Privacy Policy occurring prior to your continued use of the MFA Web Site, visiting the Museum or attending events to which you may have purchased tickets. We encourage you to periodically visit this page to review our most current policy. Certain provisions of this Privacy Policy may be superseded by expressly designated legal notices or terms located on particular pages on the MFA Web Site.

8. MFA’s Contact Information for Privacy Questions

Contact the MFA

E-mail us your questions, comments, or concerns about our privacy policy or any other aspect of our Web site.