Moodfit

Moodfit

Passé en revue le : 25 avril 2022

|
Mozilla a effectué 16 heures de recherches
|

L’avis de Mozilla :

|
Vote du public : Moyennement flippant

Moodfit is a mood tracking, cognitive behavioural therapy using, mindfulness meditation, breathing, medication and sleep tracking app that users seem to really like. Verywell Mind named it their best mental health app so far in 2022. The app is free to download and use some features. To unlock all features, users will need to pay $10 a month or $40 for a yearly subscription to Moodfit Premium. Their privacy policy is much like their website -- short and relatively straightforward. Their security practices raised our eyeballs pretty high though when we were able to login with the password of "1" in 2022. We're happy to report they have since updated that to a strong password requirement here in 2023.

We did really appreciate their blog post discussing how the war in Ukraine can impact mental health (one of your *Privacy Not Included researchers is Ukrainian). Thank you to everyone supporting Ukraine.

Que pourrait-il se passer en cas de problème ?

First reviewed April 20, 2022. Review updated, April 25, 2023

In 2022, we were able to use the super weak password "1" to login to Moodfit. This earned them our *Privacy Not Included warning label. This year when we reached out to Moodfit with our concerns, they agreed to update their password requirement. Now their password requirement is much strong and they meet our Minimum Security Standards. Thanks Moodfit! Moodfit also updated their privacy policy on March 29, 2023, and while it is rather short and vague, it doesn't raise too many red flags for us. Overall, Moodfit has improved since we reviewed them in 2022 and that is something we love to see.

Read our review from 2022:

Moodfit kinda really messed up when they allowed weak passwords like the one number password of "1" to protect all the sensitive personal information you can store in their app. This is a terrible security practices we can't overlook. We did email them multiple times at the email address listed in their privacy policy with questions about their privacy and security practices but received no response. So, yeah, we have concerns about Moodfit's security. Please, if you use this app, use a much stronger password than "1" to protect your personal information.

As for privacy, Moodfit does seem to do a bit better there. Their privacy policy, last updated a good while ago in 2018, says that registration is optional, however, you may not be able to use many of the features offered by the app unless you register with Moodfit. When you register, Moodfit collects data such as email address, app usage information like when you use the app and what features you use, and mood-related data you enter. Moodfit says they can use this data to, among other things, contact you with marketing promotions. Moodfit also collects data such as IP address and your mobile devices unique device ID.

Moodfit does say they can share the personal and app usage information you provide with "our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement." That's a rather vague statement of who they share your information with and how that information is used. Although it is pretty common to share you data with service providers, it's nice when a privacy policy outlines who those providers are. We really don't like vague statements in privacy policies.

Moodfit doesn't specifically state in their privacy policy that they don't sell user data, which is something we like to see stated clearly. They do say only aggregated, anonymized data may be periodically transmitted to external services to help Moodfit improve the app, so hopefully no personal information is being sold. We do have to mention here that it has been found to be relatively easy to de-anonymize user data, especially if location or device ID data is included.

What's would happen if something goes wrong with Moodfit? Well, you could use a terrible password to protect all the sensitive, personal information Moodfit can collect. Your 10-year old could easily guess your terrible password and learn you have huge anxiety they'll grow up to be an Instagram influencer. This results in your 10-year old only dreaming of becoming an Instagram influencer. No one wants that. Use a strong password people!

Conseils pour vous protéger

  • Do not log in using third-party accounts
  • Do not connect to any third party via the app, or at least make sure that a third party employs decent privacy practices
  • Do not give consent for sharing of personal data for marketing and advertisement.
  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc - Do not use social media plug-ins.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated - Limit ad tracking via your device (e.g. on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Ce produit peut-il m’espionner ? informations

Caméra

Appareil : Ne s’applique pas

Application : Non

Microphone

Appareil : Ne s’applique pas

Application : Oui

Piste la géolocalisation

Appareil : Ne s’applique pas

Application : Non

Que peut-on utiliser pour s’inscrire ?

Facebook sign-up available

Quelles données l’entreprise collecte-t-elle ?

Comment l’entreprise utilise-t-elle les données ?

"We do not sell your User Provided data to third parties. Only aggregated, anonymized data may be periodically transmitted to external services to help us improve the Application and our service. We will share your information with third parties only in the ways that are described in this privacy statement."

"We may disclose User Provided and Automatically Collected Information:

- as required by law, such as to comply with a subpoena, or similar legal process;

- when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request;

- with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement.

- if the Company is involved in a merger, acquisition, or sale of all or a portion of its assets, you will be notified via email and/or a prominent notice on our Web site of any change in ownership or uses of this information, as well as any choices you may have regarding this information."

Comment pouvez-vous contrôler vos données ?

"We will retain User Provided data until you either delete it from within the Application or request us to delete it. We will retain Automatically Collected information in perpetuity. If you’d like us to delete User Provided Data that you have provided via the Application, please contact us at [email protected]."d Data that you have provided via the Application, Moodfit says to contact them at [email protected]. Unfortunately, our emails to that address went unanswered.

Quel est l’historique de l’entreprise en matière de protection des données des utilisateurs et utilisatrices ?

Moyen

No known privacy or security incidents discovered in the last 3 years.

Informations liées à la vie privée des enfants

"We do not use the Application to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at [email protected]. We will delete such information from our files within a reasonable time."

Ce produit peut-il être utilisé hors connexion ?

Oui

Most features require online connection however.

Informations relatives à la vie privée accessibles et compréhensibles ?

Non

Liens vers les informations concernant la vie privée

Ce produit respecte-t-il nos critères élémentaires de sécurité ? informations

Oui

Chiffrement

Oui

Mot de passe robuste

Oui

Moodfit updated their password requirment to require a strong password on our request. Thank you Moodfit!

Mises à jour de sécurité

Oui

Gestion des vulnérabilités

Oui

You can contact [email protected].

Politique de confidentialité

Oui

Le produit utilise-t-il une IA ? informations

Impossible à déterminer

Cette IA est-elle non digne de confiance ?

Impossible à déterminer

Quel genre de décisions l’IA prend-elle à votre sujet ou pour vous ?

L’entreprise est-elle transparente sur le fonctionnement de l’IA ?

Impossible à déterminer

Les fonctionnalités de l’IA peuvent-elles être contrôlées par l’utilisateur ou l’utilisatrice ?

Impossible à déterminer

*Confidentialité non incluse

Pour aller plus loin

Commentaires

Vous avez un commentaire ? Dites-nous tout.