7 Cups

Warning: *privacy not included with this product

7 Cups

Review date: April 20, 2022

|
|

Mozilla says

|
People voted: Super creepy

Ever just need someone to listen to you? Sure, you can talk to your kitty or your plant or that stranger at the bus stop (who probably isn't all that interested in your problems as they have their own). Sometimes, though, you just need someone to stop and listen to you. That's what 7 Cups says they offer with their trained volunteer listeners, AI-chat bots, licensed therapists, and community support pages. Free to download, access to text-only chat therapy costs $150 a month. How does 7 Cups look from a privacy perspective? Well, we found things in their privacy policy rather unclear. That's not good for a mental health app there to listen to your problems.

What could happen if something goes wrong?

7 Cups is an app for listening. Which is great, we all need to be heard. However, it also seems 7 Cups is an app that likes to collect a lot of personal information. And we had real trouble telling just how exactly 7 Cups uses and shares that personal information based on their privacy policy. Lack of clarity in privacy policies stinks, especially with a mental health apps that can collect so much data.

Here's what we do know. 7 Cups says they can collect a whole lot of personal information, including your first name, last name, email address, location, phone number, age, gender, race ethnicity, sexual orientation, disabilities, and veteran status, and information about your health and medical history if you chose to give it.

How does 7 Cups use this personal information? Here's where things get vague for us. They don’t specifically state in their privacy policy that they don’t sell user data, which is something we like to see stated clearly. 7 Cups' privacy policy is unclear on if they share your data with third parties for advertising and marketing purposes. They do say the use your personal information for promotions and they share data with third parties "that assist us in providing the Services and which are bound by duties of confidentiality." All this leaves us with too many questions to feel confident about how all that personal information they collect is used.

What about those chats you have with their unpaid volunteer listeners and paid therapists? 7 Cups says, "While we generally do not monitor transcripts of chats between users and Listeners and Therapists, we may occasionally review the chat transcripts to conduct quality control, address potential safety issues, and prevent misuse of our platform, if certain suspicious or potentially harmful activity is detected. We may also use aggregated data from chat transcripts to conduct research and development. In reviewing this information, 7 Cups will maintain all applicable confidentiality/HIPAA/privacy standards." Which sounds like your chat transcripts can be reviewed by employees of 7 Cups and also aggregated for research and development purposes. You may or may not be comfortable with this. We're not sure we would. And also remember, while chats with a licensed therapist are covered under stricter HIPAA privacy laws, chats with volunteer listeners might not be.

Finally, 7 Cups says they may de-identify your personal information and that anonymized, aggregated data is no longer considered personal information and maybe be shared in lots more ways with lots more people. This is a pretty common practice but we also must remind you that it has been found to be relatively easy to re-identify such data, especially if location is included.

What's the worst that could happen with 7 Cups? We sure hope those unpaid, volunteer trained listeners value the privacy of all the stuff you just needed to get off your chest. Because if even one of them took your private conversations and shared them publicly, that could be pretty traumatic, even if they don't know your identity.

Tips to protect yourself

  • Do not share personal sensitive information in apps' chats, forums or other non-private locations. Anything users post in the public forums, chats, or other features of the app will be accessible to other users and may not be able to be deleted.
  • Check the Community Guidelines for tips "to promote safe, warm, comfortable, supportive atmosphere."
  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: No

Microphone

Device: N/A

App: No

Tracks location

Device: N/A

App: No

What can be used to sign up?

What data does the company collect?

How does the company use this data?

7 Cups shares Personal Information with certain third-party service providers that assist them in providing the services and which are bound by duties of confidentiality.

It is unclear if 7 Cups shares personal information with third parties for marketing or advertising purposes

It is unclear if 7 Cups sells users personal information

7 Cups may share anonymized aggregated data with the sponsors of programs that facilitate your access to the services, such as government health agencies, researchers or healthcare providers.

How can you control your data?

Anything users post in the public forums, chats, or other features of the app will be accessible to other users and may not be able to be deleted.

7 Cups will retain your Personal Information for as long as your account or profile is active, or for the length of time needed to fulfill the purposes outlined in the Privacy Policy unless a longer retention period is required or permitted by law. Private messages are stored for up to one year. Group messages (in chat rooms, group chat) are stored for up to 30 days. Posts in community forums (including subcommunities) are maintained on community forums at the discretion of Community admins. 7 Cups will store your user account and associated Personal Information if your account is active. After a period of inactivity greater than 1 calendar year, 7 Cups may, at its discretion, purge Personal Information related to inactive accounts.

Users can request a download of their own Personal Information that 7 Cups currently stores, and also request deletion of their account and associated Personal Information. We reserve the right to prevent a User from exercising such rights in certain circumstances, as permitted by law.

What is the company’s known track record of protecting users’ data?

Average

In 2018, blogger Jim Hannery posted an investigation into coercive digital marketing practices of 7 Cups.

Child Privacy Information

7 Cups complies with the Children’s Online Privacy Protection Act and Our Site and clearly specifies that users must be at least 18 years old. Children between the ages of 13-17 years old may only participate in the service with parental consent.

Can this product be used offline?

No

User-friendly privacy information?

No

Links to privacy information

Does this product meet our Minimum Security Standards? information

Unknown

Encryption

Yes

Standard SSL encryption

Strong password

Yes

Security updates

Yes

Manages vulnerabilities

Can’t Determine

Three vulnerabilities disclosed at openbugbounty remain unpatched.

Privacy policy

Yes

Does the product use AI? information

Yes

Their AI technology connects people to listeners in one-on-one chat.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*privacy not included

Dive Deeper

Comments

Got a comment? Let us hear it.