Insight Timer

Warning: *privacy not included with this product

Insight Timer

Insight Network, Inc.
Wi-Fi Bluetooth

Review date: April 25, 2023

|
|

Mozilla says

|
People voted: Very creepy

Insight Timer bills itself as the "#1 free app for sleep, anxiety, and stress". Groovy. With over 100,000 guided meditations, a handy dandy meditation timer, thousands of calm sounds and music tracks, and discussion pages to chat with others trying to calm down, it is chock-full of meditation goodies. However, you know what they say, "When something is free, you're the product." Yup, Insight Timer is collecting tons of your personal information, including things like your political and religious beliefs because having that insight about you helps Insight Timer keep you on the app longer and potentially is data they can share with advertisers to sell you more stuff. Also, did you know that just by simply visiting their website, you agree for them to track you around the web using cookies? You're given no option to opt-out. Bad form! And good insight to know before you decide to give Insight Timer a try.

What could happen if something goes wrong?

Insight Timer, it’s gonna be a “meh” from us. Why aren’t we thrilled? So glad you asked. It’s time to have a look at what insights this app has about you. Aside from your registration details, they collect any information you feed the app while you’re poking around and joining meditation sessions — including your DMs. Then they collect data about what you do on the app, including what time and where you are when you do it.

And like we mentioned earlier, that also means they keep your responses to those pretty intimate-sounding in-app surveys that ask “about your health, mood, religious beliefs, race, gender, ethnicity, ancestry, physical disabilities, marital status, or sexual orientation.” Yeesh. But then they — wait what? Collect some more personal information about you like your “mailing address, your gender, your age, your household income, and other demographic data” from “privately owned databases” and combine it with what they already know about you. That's a whole lot of personal information Insight Timer is collecting on you. Does Russell Brand know about this?

When it gets to the part about what they do with the information, let’s say we could have benefited from some guided deep breathing exercises. Besides reasons like targeted ads, personalizing your experience and administrative tasks, they included one that's pretty vague (but also pretty commonly found in privacy policies) for our taste: for their “legitimate interests, or those of a relevant third party” like “improv[ing] the Services and for other business and commercial purposes.” We like that they say they won’t combine your health data with the rest of your information. But they do reserve the right to share that health data with research partners so long as it’s "anonymized." And if you want to erase your data? It’s not clear whether you can unless that’s your legal right where you live, which unfortunately, it mostly isn’t.

Lastly the app’s security practices leave something to be desired. Though they suggest using a strong password, they don’t really give users a hand in doing that. The registration form will accept a super simple one like "111111" and that makes us worry about the breachability of their accounts.

What's the worst that could happen with Insights Timer? Well, aside from your data being used to target you with more ads, just imagine if your very personal health data contributed to the publication of one of those awful studies that overgeneralizes about some generation or broad demographic. Like, Bisexual Zillenials Prefer Whispers to Raindrops For Sleeping. The world does not need any more of that!

Tips to protect yourself

- Do not give access to your photos and video or camera
- Do not log in using third-party accounts
- Do not connect to any third party via the app, or at least make sure that a third party employs decent privacy practices
- Do not give consent for sharing of personal data for marketing and advertisement.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Do not use social media plug-ins.
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
- When starting a sign-up, do not agree to tracking of your data if possible.

  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: Yes

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

Google sign-in available

What data does the company collect?

How does the company use this data?

We ding this product for combining your data with data from third parties, potentially sharing it with third parties for "business and commercial purposes."

"We may combine your information with information we collect from other sources and use your information when the law allows us to. Most commonly we will use your information in the following circumstances:
Where it is necessary for our legitimate interests, or those of a relevant third party like our Service Providers, (such as to improve the Services and for other business and commercial purposes) and your fundamental rights do not override those interests"

"We will not share your information with third parties in order for that third party to provide their own direct marketing communications to you."

"Audio and Video Data: We collect audio and video information if you choose to participate in any of our Services offered via a tele- or video-conferencing platform. For example, we create and collect recordings of workshops that Insight Timer makes available on the Services. We may use non-audio data for additional purposes like analytics in accordance with this Policy."

"We use analytics services, like Google Analytics, to help us understand how users access and use the Services. In addition, we work with agencies, advertisers, ad networks, and other technology services to place ads about our products and services on other websites and services. "

"Notwithstanding the above, we may share information that does not identify you (including information that has been aggregated or de-identified) except as prohibited by applicable law."

How can you control your data?

It is not clear if all users regardless of location can get their data be deleted.

"This section is not applicable to you if you do not reside in one of the regions described above. If you are a resident of one of the regions described above then you have the following rights in relation to your personal data held by us. <...>"

"We may retain your information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you."

What is the company’s known track record of protecting users’ data?

Average

No known privacy or security incidents discovered in the last 3 years.

Child Privacy Information

"The Services are intended for general audiences and not directed to children. We do not knowingly collect personal information (as defined by the U.S. Children’s Privacy Protection Act, or “COPPA”) from children. If you are younger than thirteen, please do not provide any personal information to us. If a person 13 years of age or younger has provided personal information to us, a parent or guardian of such person should contact us at https://insight-timer.freshdesk.com/en/support/tickets/new so that we can remove such personal information from our database in accordance with COPPA.

We reserve the right to limit participation in particular programs, offers, surveys, or events to those over 18 years of age.

We do not knowingly “sell”, as that term is defined under the CCPA, the personal information of minors under 16 years old who are California residents.

If you are a California resident under 18 years old and registered to use the Services, you can ask us to remove any content or information you have posted on the Services. To make a request, email us at the email address set out in “Contact Details” section with “California Under 18 Content Removal Request” in the subject line, and tell us what you want removed. We will make reasonable good faith efforts to remove the post from prospective public view in accordance with applicable law, although we cannot ensure the complete or comprehensive removal of the content and may retain the content as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements."

Can this product be used offline?

Yes

User-friendly privacy information?

No

Links to privacy information

Does this product meet our Minimum Security Standards? information

No

Encryption

Can’t Determine

Strong password

No

"111111" allowed as a password.

Security updates

Yes

Manages vulnerabilities

Can’t Determine

Privacy policy

Can’t Determine

Does the product use AI? information

Can’t Determine

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*privacy not included

Dive Deeper

  • The Odd Story Of How A Massive Meditation App Is Growing In Spite Of Disavowing Normal Growth Methods
    Forbes Link opens in a new tab
  • The Best Meditation Apps
    Wirecutter Link opens in a new tab
  • 10 Best Meditation Apps Of 2023
    Forbes Link opens in a new tab
  • How the Insight Timer App Can Improve Your Well-Being
    Make Use Of Link opens in a new tab

Comments

Got a comment? Let us hear it.