Shine

Warning: *privacy not included with this product

Shine

Shine, Inc
Wi-Fi

Review date: April 20, 2022

|
|

Mozilla says

|
People voted: Super creepy

Shine was built by two women of color to focus on groups too often underrepresented in wellness conversations -- women of color. The app features daily meditations, self-care courses, personalized support, and monthly virtual workshops. With a majority of teachers being people of color, Shine is able to focus more specifically on the causes of stress, anxiety, and depression in the Black, Indigenous, and people of color communities, especially among women. Meditation topics focused on specific communities -- AAPI, Black, LGBTQ+, Latinx for example -- are designed to help users manage work frustrations, navigate relationships, and find joy. With a staff that is 80% BIPOC, Shine believes that fighting for the mental health of marginalized people helps fights for their lives and rights too. Yay for caring for and about marginalized communities! But how does Shine's privacy and security practices look? Well, unfortunately, they don't really shine.

What could happen if something goes wrong?

Shine's privacy policy is rather hard to decipher at times (honestly, all privacy policies kinda are, but Shine's made our brain hurt just a little bit more). They lead off their privacy policy with what they call the company's privacy assurances. This includes statements like, "We do not sell your Personal Information to any nonaffiliated third parties." and "We do not share your Personal Information with nonaffiliated third parties that would use it to contact you about their own products and services, unless you have allowed us to do so and as permitted pursuant to a joint marketing agreement."

But what do those statements actually mean? Does that mean that they could sell data to any affiliated third parties. Yes, it seems so. Does it mean they may share personal data with marketing and advertising providers. Again, yes it does. And what does you giving them permission pursuant of a joint marketing agreement etc etc. actually look like? It's rather confusing legalese that doesn't make us feel great about their overall privacy practices.

Shine says they can collect a fair amount of personal information on you including first and last name, postal address, email address, and other "identifying information that you choose." They can also collect information such as your annual revenue, gender, and certain demographic information they say they don't consider personal info but rather anonymized statistical data. Shine also says they can receive information about your from third parties including business partners, data brokers, or credit reporting agencies. So much data from so many places! We don't like it.

What does Shine do with all that data they collect? Well, quite a bit of promoting, advertising, marketing, market research and even "to provide you with information about third parties that may be of interest to you" according to their privacy policy. They say they can share your personal information with a whole host of people including marketing or advertising providers, professional advisors, and even Rakuten Advertising, an ad company that can collect their own personal information on you when you interact with Shine. So much data sharing! Again, we don't like it.

They go on to say, as so many mental health app companies we reviewed do, "We may disclose aggregated, anonymized, statistical data and/or non-identifying information about our Users without restriction." And here is where we must remind you that it has been found to be relatively easy to de-anonymize this data.

Shine collects a lot of personal information, shares a lot of personal information with a lot of people and on top of all that, they don't meet our Minimum Security Standards (we were able to log into the app with the weak password "111111". ) All in all, Shine leaves us concerned about their privacy and security practices. Which is a bummer, because we here at *Privacy Not Included firmly believe protecting the privacy of marginalized communities is very important. Here's hoping Shine will step up and do better for the communities they work to help.

Tips to protect yourself

  • Do not give consent for sharing of personal data for marketing and advertisement.
  • Do NOT use your Facebook account to login.
  • Chose a strong password. Unfortunately, the app will not prompt you to do it.
  • Email [email protected] to opt out of having your email and other contact information used for marketing and advertising.
mobile Privacy warning Security warning A.I.

Can it snoop on me? information

Camera

Device: N/A

App: No

Microphone

Device: N/A

App: No

Tracks location

Device: N/A

App: No

What can be used to sign up?

Facebook or Apple accounts can be used

What data does the company collect?

How does the company use this data?

Shine's privacy policy states they do not sell your Personal Information to any nonaffiliated third parties.

Shine says they do not share your Personal Information with nonaffiliated third parties that would use it to contact you about their own products and services, unless you have allowed them to do so and as permitted pursuant to a joint marketing agreement."

If you allow, Shine may share your personal data with marketing or advertising providers, including Rakuten Advertising." We could not confirm if consent happens in an Opt-in or Opt-out fashion.

"If we receive Personal Information about you from a third party (for example, our business partners, data brokers, or credit reporting agencies), we will protect it as set out in this Privacy Policy." Shine may receive personal information from third parties including data brokers.

How can you control your data?

Shine's privacy policy says, "If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can review and change your Personal Information by logging into your account profile on the Websites and navigating to the appropriate settings page or sending us an email at [email protected] to request access to, correct, or delete any Personal Information that you have provided to us. We cannot delete some of your Personal Information except by also deleting your User account."

However, no data retention details are provided in the Policy.

What is the company’s known track record of protecting users’ data?

Average

No known privacy or security incidents discovered in the last 3 years.

Child Privacy Information

"Shine does not knowingly collect Personal Information from children under 13."

Can this product be used offline?

Yes

You can download your Shine meditations

User-friendly privacy information?

No

Links to privacy information

Does this product meet our Minimum Security Standards? information

No

Encryption

Can’t Determine

Strong password

No

We were able to sign up with '111111'.

Security updates

Yes

Manages vulnerabilities

Can’t Determine

Privacy policy

Yes

Does the product use AI? information

Can’t Determine

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Is the company transparent about how the AI works?

Can’t Determine

Does the user have control over the AI features?

Can’t Determine

*privacy not included

Dive Deeper

  • This Wellness App Shines a Light on Black Mental Health
    PCMag
  • Top 10 Free Mental Health Apps in 2022
    Psych Central
  • Most Meditation Apps Are Voiced by White People, but the Founders of ‘Shine’ Are Changing That
    Pure Wow
  • Shine brings its female-focused self-care app to Android
    TechCrunch
  • Meet the Women Founders Behind Shine and Wysa, Two Apps Focused on Mental Health and Self-Care
    Yahoo!
  • The Best Meditation Apps to Help With Anxiety
    Oprah Daily
  • Shine App Founders Give a Master Class in Mindfulness
    Psych Central
  • The Best Mental-Health Apps for POC, According to Experts
    The Strategist

Comments

Got a comment? Let us hear it.