Moodfit

Moodfit

Fecha de la reseña: 25 de abril de 2022

|
|

Mozilla dice

|
La gente votó: Algo siniestro

Moodfit is a mood tracking, cognitive behavioural therapy using, mindfulness meditation, breathing, medication and sleep tracking app that users seem to really like. Verywell Mind named it their best mental health app so far in 2022. The app is free to download and use some features. To unlock all features, users will need to pay $10 a month or $40 for a yearly subscription to Moodfit Premium. Their privacy policy is much like their website -- short and relatively straightforward. Their security practices raised our eyeballs pretty high though when we were able to login with the password of "1" in 2022. We're happy to report they have since updated that to a strong password requirement here in 2023.

We did really appreciate their blog post discussing how the war in Ukraine can impact mental health (one of your *Privacy Not Included researchers is Ukrainian). Thank you to everyone supporting Ukraine.

¿Qué podría pasar si algo falla?

First reviewed April 20, 2022. Review updated, April 25, 2023

In 2022, we were able to use the super weak password "1" to login to Moodfit. This earned them our *Privacy Not Included warning label. This year when we reached out to Moodfit with our concerns, they agreed to update their password requirement. Now their password requirement is much strong and they meet our Minimum Security Standards. Thanks Moodfit! Moodfit also updated their privacy policy on March 29, 2023, and while it is rather short and vague, it doesn't raise too many red flags for us. Overall, Moodfit has improved since we reviewed them in 2022 and that is something we love to see.

Read our review from 2022:

Moodfit kinda really messed up when they allowed weak passwords like the one number password of "1" to protect all the sensitive personal information you can store in their app. This is a terrible security practices we can't overlook. We did email them multiple times at the email address listed in their privacy policy with questions about their privacy and security practices but received no response. So, yeah, we have concerns about Moodfit's security. Please, if you use this app, use a much stronger password than "1" to protect your personal information.

As for privacy, Moodfit does seem to do a bit better there. Their privacy policy, last updated a good while ago in 2018, says that registration is optional, however, you may not be able to use many of the features offered by the app unless you register with Moodfit. When you register, Moodfit collects data such as email address, app usage information like when you use the app and what features you use, and mood-related data you enter. Moodfit says they can use this data to, among other things, contact you with marketing promotions. Moodfit also collects data such as IP address and your mobile devices unique device ID.

Moodfit does say they can share the personal and app usage information you provide with "our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement." That's a rather vague statement of who they share your information with and how that information is used. Although it is pretty common to share you data with service providers, it's nice when a privacy policy outlines who those providers are. We really don't like vague statements in privacy policies.

Moodfit doesn't specifically state in their privacy policy that they don't sell user data, which is something we like to see stated clearly. They do say only aggregated, anonymized data may be periodically transmitted to external services to help Moodfit improve the app, so hopefully no personal information is being sold. We do have to mention here that it has been found to be relatively easy to de-anonymize user data, especially if location or device ID data is included.

What's would happen if something goes wrong with Moodfit? Well, you could use a terrible password to protect all the sensitive, personal information Moodfit can collect. Your 10-year old could easily guess your terrible password and learn you have huge anxiety they'll grow up to be an Instagram influencer. This results in your 10-year old only dreaming of becoming an Instagram influencer. No one wants that. Use a strong password people!

Consejos para protegerte

  • Do not log in using third-party accounts
  • Do not connect to any third party via the app, or at least make sure that a third party employs decent privacy practices
  • Do not give consent for sharing of personal data for marketing and advertisement.
  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc - Do not use social media plug-ins.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated - Limit ad tracking via your device (e.g. on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

¿Me puede espiar? Información

Cámara

Dispositivo: No aplica

Aplicación: No

Micrófono

Dispositivo: No aplica

Aplicación:

Rastrea la ubicación

Dispositivo: No aplica

Aplicación: No

¿Qué se puede usar para registrarse?

Facebook sign-up available

¿Qué datos recopila la empresa?

¿Cómo utiliza la empresa estos datos?

"We do not sell your User Provided data to third parties. Only aggregated, anonymized data may be periodically transmitted to external services to help us improve the Application and our service. We will share your information with third parties only in the ways that are described in this privacy statement."

"We may disclose User Provided and Automatically Collected Information:

- as required by law, such as to comply with a subpoena, or similar legal process;

- when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

- with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement.

- if the Company is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of this information, as well as any choices you may have regarding this information."

¿Cómo puedes controlar el uso de tus datos?

"We will retain User Provided data until you either delete it from within the Application or request us to delete it. We will retain Automatically Collected information in perpetuity. If you’d like us to delete User Provided Data that you have provided via the Application, please contact us at [email protected]."d Data that you have provided via the Application, Moodfit says to contact them at [email protected]. Unfortunately, our emails to that address went unanswered.

¿Qué historial tiene la compañía en cuanto a la protección de los datos de los usuarios?

Promedio

No known privacy or security incidents discovered in the last 3 years.

Información sobre privacidad infantil

"We do not use the Application to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at [email protected]. We will delete such information from our files within a reasonable time."

¿El producto se puede usar sin conexión?

Most features require online connection however.

¿La información de privacidad es fácil de entender?

No

Enlaces a información de privacidad

¿El producto cumple nuestros estándares mínimos de seguridad? Información

Cifrado

Contraseña fuerte

Moodfit updated their password requirment to require a strong password on our request. Thank you Moodfit!

Actualizaciones de seguridad

Gestiona las vulnerabilidades

You can contact [email protected].

Política de privacidad

¿El producto usa IA? Información

No se puede determinar

¿Es poco confiable esta IA?

No se puede determinar

¿Qué tipo de decisiones toma la IA acerca de ti o por ti?

¿La empresa es transparente acerca del funcionamiento de la IA?

No se puede determinar

¿Tiene el usuario control sobre las características de la IA?

No se puede determinar

*Privacidad no incluida

Profundiza más

Comentarios

¿Tienes algún comentario? Queremos escucharte.