Warning: *privacy not included with this product
What could happen if something goes wrong?
First reviewed April 20, 2022. Review updated, April 25, 2023
On top of that, 7 Cups took a step backward and now does not require a strong password to protect their app. We were able to log in with the weak password "11111111". That's not good. And we still can't confirm if the company has a way to manage security vulnerabilities. These are questionable security practices for an app where users can share super sensitive personal information.
Read our 2022 review:
Here's what we do know. 7 Cups says they can collect a whole lot of personal information, including your first name, last name, email address, location, phone number, age, gender, race ethnicity, sexual orientation, disabilities, and veteran status, and information about your health and medical history if you choose to give it.
What about those chats you have with their unpaid volunteer listeners and paid therapists? 7 Cups says, "While we generally do not monitor transcripts of chats between users and Listeners and Therapists, we may occasionally review the chat transcripts to conduct quality control, address potential safety issues, and prevent misuse of our platform, if certain suspicious or potentially harmful activity is detected. We may also use aggregated data from chat transcripts to conduct research and development. In reviewing this information, 7 Cups will maintain all applicable confidentiality/HIPAA/privacy standards." Which sounds like your chat transcripts can be reviewed by employees of 7 Cups and also aggregated for research and development purposes. You may or may not be comfortable with this. We're not sure we would. And also remember, while chats with a licensed therapist are covered under stricter HIPAA privacy laws, chats with volunteer listeners might not be.
Finally, 7 Cups says they may de-identify your personal information and that anonymized, aggregated data is no longer considered personal information and maybe be shared in lots more ways with lots more people. This is a pretty common practice but we also must remind you that it has been found to be relatively easy to re-identify such data, especially if location is included.
What's the worst that could happen with 7 Cups? We sure hope those unpaid, volunteer trained listeners value the privacy of all the stuff you just needed to get off your chest. Because if even one of them took your private conversations and shared them publicly, that could be pretty traumatic, even if they don't know your identity.
Tips to protect yourself
- Do not share personal sensitive information in apps' chats, forums or other non-private locations. Anything users post in the public forums, chats, or other features of the app will be accessible to other users and may not be able to be deleted.
- Check the Community Guidelines for tips "to promote safe, warm, comfortable, supportive atmosphere."
- Choose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (e.g. on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
- When starting a sign-up, do not agree to tracking of your data if possible.
What can be used to sign up?
What data does the company collect?
First name, last name, email address, location, phone number, certain demographic information such as age, gender, race ethnicity, primary language spoken, sexual orientation, disabilities, and veteran status.
Information about your health and medical history that you may input while using or communicating through the Services.
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In 2018, blogger Jim Hannery posted an investigation into coercive digital marketing practices of 7 Cups.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
Links to privacy information
Does this product meet our Minimum Security Standards?
Standard SSL encryption
Allowed "11111111" for a password.
Three vulnerabilities disclosed at openbugbounty remain unpatched.
The AI Chatbot, Noni, can help you navigate the website or app, or it can guide you through various activities in its own chat room.
Is this AI untrustworthy?
What kind of decisions does the AI make about you or for you?
Is the company transparent about how the AI works?
Does the user have control over the AI features?
I discovered that 7cups.com is “hacking” their own website to trick depressed people into using their serviceJim Flannery
7cups.com Cross Site Scripting VulnerabilityOpen Bug Bounty
Mental health app privacy language opens up holes for user dataThe Verge
The Toxic Truth About 7 Cups: And Why It Is Dangerous To Use ItA 7 Cups Listener and Therapist
Peace of Mind...Evaluating the Privacy Practices of Mental Health AppsConsumer Reports
The Digital Standard Case Study: Mental Health AppsThe Digital Standard
Mental Health Apps Aren't All As Private As You May ThinkConsumer Reports
Privacy warning: Do mental health apps share your data?The Kim Komando Show
7 Cups Online Therapy ReviewVerywell Mind
2022 7 Cups Review: Features, Benefits, Costs, and MoreHealthline
7 Cups App Review 2022: Pros & Cons, Cost, & Who It’s Right ForChoosing Therapy
7 Cups: Anxiety & Stress Chat App ReviewCommon Sense Media
The top 8 mental health appsMedical News Today
7 Cups Online Therapy ReviewForbes
7 therapy apps for when you really need to talk to someoneMashable
Digital Peer-Support Platform (7Cups) as an Adjunct Treatment for Women With Postpartum Depression: Feasibility, Acceptability, and Preliminary Efficacy StudyNational Center for Biotechnology Information
Got a comment? Let us hear it.