NOCD

NOCD

NOCD INC
Wi-Fi

Passé en revue le : 2 août 2022

|
Mozilla a effectué 8 heures de recherches
|

L’avis de Mozilla :

|
Vote du public : Super flippant

NOCD is an app designed to help treat Obsessive Compulsive Disorder or OCD. And with a big spike in people reporting OCD symptoms during the COVID-19 pandemic, it's no surprise investors are jumping on board, giving NOCD $33 million in funding at the end of 2021. The app helps users connect with a therapist who specializes in OCD treatment, provides face-to-face therapy, and supports users in between sessions with therapeutic tools and connections to others in the OCD community. It is currently free to download and use. Therapy session are paid for on a per session basis and NOCD says they do partner with many major insurance companies. NOCD is currently available in the US, UK, Australia, and parts of Canada. Unfortunately, we're a bit concerned about NOCD's privacy practices. They do say they can collect a good deal of personal information, combine that information with data gathered from third parties, and use that information for targeted, interest-based advertising and potentially more. Come on NOCD, we don't need another thing to worry about these days!

Que pourrait-il se passer en cas de problème ?

NOCD says they can collect a whole lot of information on their users. Everything from name, address, email address, and telephone number, to age, gender, to health information like your OCD triggers and intensity levels, to your precise location information (Update: NOCD updated their privacy policy August 3, 2022 to indicated they now only collect geolocation data rather than precised location data) when you're using the app and even when you're not. Yikes! NOCD also says they can collect even more information about you from third parties such as social media sites like Facebook, YouTube, and Instagram as well as "Companies that provide information to supplement what we already know about you" (like data brokers?). Double yikes!!! That's a whole lot of information NOCD is collecting on you. And it seems to us like information that goes beyond what they need to help you manage and treat your OCD.

What does NOCD say they can do with all this personal information and app usage data they collect on you? Well, to begin with, they say they can combine the information you give them with information they gather from third parties. Then they say they can use that information for things like learning your interests to better understand what tools interest you and to target you with ads. They actually use the word "might" a whole lot when they talk about how they say they can market you with targeted ads, which is a concern for us when it comes to privacy policies because that word "might" seems to offer a lot of wiggle room. Here's what they actually say, "We might use your information to serve you ads about tools and offers. We might tell you about new features or updates. These might be third party offers or tools, services or studies we think you might find interesting. We may also use your information to send you electronic communications. We and our partners may engage in interest-based advertising using information gathered across multiple websites, devices, or other platforms."

We "might" say this is all quite a bit concerning for an app that collects so much personal information. Ah heck, forget the "might", we do say that concerns us. NOCD says they can collect a whole lot of personal information, can combine that with other information they get from third parties like social media sites and potentially data brokers. They then say they can share that information with a whole host of third parties including business partners and the vague "For Other Reasons We May Describe to You."

What's the worst that could happen? Well, just how many people in the world need to know you are struggling with OCD? And why does NOCD need to say they can gather so much additional information about you from third parties sources such as social media sites and potentially even data brokers? NOCD doesn’t specifically state in their privacy policy that they don’t sell user data, which is something we like to see stated clearly. Not to mention, we couldn't determine if they meet our Minimum Security Standards. For an app that targets people dealing with the struggles of OCD, this all just seems like very very bad privacy practices. With OCD symptoms on the rise these days, an app that can help sounds wonderful. We worry that this app doesn't seem to protect the privacy of their users and potentially even exploits it. That's really not good. Not good at all.

Conseils pour vous protéger

  • Opt out of location-based information collection in the app settings.
  • Limit information you post on social media pages
mobile Confidentialité avertissement Sécurité IA

Ce produit peut-il m’espionner ? informations

Caméra

Appareil : Ne s’applique pas

Application : Oui

Microphone

Appareil : Ne s’applique pas

Application : Oui

Piste la géolocalisation

Appareil : Ne s’applique pas

Application : Non

Que peut-on utiliser pour s’inscrire ?

Google sign-up is available

Quelles données l’entreprise collecte-t-elle ?

Comment l’entreprise utilise-t-elle les données ?

UPDATE: On June 28 2022 NOCD updated their privacy policy to state that "We work with these third parties to serve you with our ads and content only—we do not sell or share Personal Information about you with any third parties for their own advertising or marketing purposes." The policy also says that some of their practices may be considered to be 'sale' under California Consumer Privacy Act: "We do share data with third parties as needed for treatment, and we share limited non-treatment related data with third parties with which we have contracts to help with our marketing and analytics efforts, through cookies and pixels. This practice may be considered ‘selling’ data according to the CCPA’s broad definition, even though it is not a “sale” under the conventional definition of the word or under the laws in Virginia and Utah. Additionally, as further clarification, we do not use cookies to enable third parties to serve ads to our website visitors about their own products or services."

NOCD may receive information about you from other sources with your consent or as permitted by applicable law. For example, this may include receiving information from their business partners, social media sites, including Facebook, Twitter, YouTube, Pinterest and Instagram, and other companies that provide information to supplement what NOCD already know about you.

NOCD may also combine information they get from third parties with information they already have about you.

NOCD may engage in interest-based advertising using information gathered across multiple websites, devices, or other platforms.

In the previous 12 months, NOCD have disclosed identifiers as well as select information in customer records, with NOCD's service providers as well as with third parties to whom you authorize us to disclose your personal information.

Comment pouvez-vous contrôler vos données ?

You can opt-out of receiving NOCD's marketing communications. You may also opt-out of location-based information collection by NOCD if you uninstall all NOCD mobile apps from your devices.

The Privacy Policy lists data subject's rights for all users, including right to access and to erase data.

Quel est l’historique de l’entreprise en matière de protection des données des utilisateurs et utilisatrices ?

Moyen

No known privacy or security incidents discovered in the last 3 years.

Informations liées à la vie privée des enfants

By using the Platform, you represent and warrant that you are at least eighteen (18) years of age;. If you discover that information of anyone under eighteen (18) years of age was submitted to the Services, please contact NOCD and they will remove such information.

Ce produit peut-il être utilisé hors connexion ?

Non

Informations relatives à la vie privée accessibles et compréhensibles ?

Non

Liens vers les informations concernant la vie privée

Ce produit respecte-t-il nos critères élémentaires de sécurité ? informations

Oui

Chiffrement

Oui

Mot de passe robuste

Oui

Mises à jour de sécurité

Oui

Gestion des vulnérabilités

Oui

NOCD says people can report security vulnerabilities [email protected]

Politique de confidentialité

Oui

Le produit utilise-t-il une IA ? informations

Non

*confidentialité non incluse

Pour aller plus loin

Commentaires

Vous avez un commentaire ? Dites-nous tout.