Attention : *Confidentialité non incluse avec ce produit


Passé en revue le : 25 avril 2023

Mozilla a effectué 16 heures de recherches

L’avis de Mozilla :

Vote du public : Très flippant

Sanvello says they have "everything you need to feel better." That includes self-care practices, coaching, online therapists, and a peer support community. This mental health app offers wellness strategies based on the principles of cognitive behavioral therapy (CBT) and mindfulness meditation to help users work on their stress, anxiety, and depression. And holy cow, there's a lot of stress, anxiety, and depression out there these days. A walk around their website shows they have celebrity influencers supporting their app like author John Green and gymnast Aly Raisman. The app is free to download, with many features only available through a subscription of around $54 a year. Insurance and employer coverage is also an option. All that sounds great, but what about their privacy practices? From what we can tell from their rather confusing privacy policy, those maybe aren't so great. Sanvello does collect a good amount of personal information and may share that information with third parties for personalization, advertising, marketing, and research purposes. For an app that works to help those with stress and anxiety, we think having a better privacy policy would decrease some of our stress and anxiety about how they handle their users' personal data.

Que pourrait-il se passer en cas de problème ?

First reviewed April 20, 2022. Review updated, April 25, 2023 2023 Sanvello presents us with an interesting conundrum. When reviewing their privacy policy, we notice they say it is a "Web And Mobile Privacy Policy." Which, OK, that's fine. They then go on to say "Our Privacy Policy explains how we handle information collected from or in the course of receiving Services. Additional privacy policies (such as our notice of privacy practices) may apply depending on the specific product or service and outline how we handle information collected in other ways." All of those words make it seems like their privacy policy could cover their mobile app as well as their website and mobile site. But it's not 100% clear to us that this privacy policy does cover their app as it is not explicitly stated. Note to anyone reading this, you should absolutely be able to tell if the privacy policy you are reading specifically covers the app, website, device, or services you are using. There should be zero question here. Unfortunately, we have questions.

So, assuming their privacy policy does cover the app (which is an assumption we have to make because we aren't 100% clear), how does it look? Well, the good news is, they have both a privacy policy for information collected when using their website, and they have a separate notice of privacy practices that covers how they handle the privacy and disclosure of medical information specifically. This is good. The bad news is, both their privacy policy and their notice of privacy practices for medical information outline a whole lot of ways they could share your personal information if you use their services. They outline enough information sharing or have enough confusing or vaguely worded statements in their privacy policy that we have concerns. And because they never responded to questions emailed to them at the email address listed on their website, we were unable to get the clarification needed to do anything but assume the worst with Sanvello. In 2023, they still receive our *Privacy Not Included warning label.

Read our 2022 review:

Sanvello says they can collect a lot of personal information, including name, email, gender, location, birth date, mood, health and biometric data, thought records, messages with your coach, and more. And they say the may combine all this personal data with information they get from other sources, such as potentially data brokers and advertising companies. And they say they may use and disclose de-identified and aggregated data for any purpose (here's where we remind you such de-identified data has been found to be relatively easy re-identify, especially if location data is included.) Red flags for us.

How do they say they can use all this data they collect on you? Sanvello says they can share your personal information with third party researcher partners for health or behavioral research purposes. They can share information about your use of Sanvello with health insurers or health plan administrators to evaluate your care (they say they won't share your thought records with health insurers). And Sanvello says they can use your personal information for advertising and promotional purposes. Finally, Sanvello adds that they can use your personal information "as otherwise necessary or useful for us to conduct our business, so long as such use is permitted by law or for any other purpose with your consent." That last part feels kinda broad and vague to us. Guess what, more red flags. 🚩 🚩 🚩

One last red flag with Savello. We emailed them multiple times as the email listed in their privacy policy for privacy-related questions and Savello didn't respond with answers to our privacy and security questions. So, we can't confirm if Sanvello meets our Minimum Security Standards.

What's the worst that could happen with Sanvello? Well, we suppose it's possible you could think it normal for a mental health app (or any app, but especially one that collects so much personal information) to collect and share so much of your personal information and get used to that as the norm in the world and completely give up on having any privacy at all. That's sounds terrible. Let's never let that happen.

Conseils pour vous protéger

  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Do not use social media plug-ins.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (e.g. on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Ce produit peut-il m’espionner ? informations


Appareil : Ne s’applique pas

Application : Oui


Appareil : Ne s’applique pas

Application : Oui

Piste la géolocalisation

Appareil : Ne s’applique pas

Application : Oui

Que peut-on utiliser pour s’inscrire ?

Quelles données l’entreprise collecte-t-elle ?

Comment l’entreprise utilise-t-elle les données ?

We ding this product as their sharing practices are unclear. They may be sharing or selling data to third parties incl. for their marketing purposes. They may be also combinining data collected about you with data from third parties. "We will not disclose, share, sell, or otherwise disclose your information to unaffiliated third parties for their own marketing unless so authorized by you, your employer or association, group or benefit program sponsor."

"We may use Personal Information for a number of purposes such as:


As otherwise necessary or useful for us to conduct our business, so long as such use is permitted by law."

"We may also share Personal Information within the Company, and we may combine Personal Information that you provide us through this website with other information we have received from you, whether online or offline, or from other sources such as from our vendors."

"We may disclose De-Identified Information. “De-Identified Information”, means information that is neither used nor intended to be used to personally identify an individual."

Comment pouvez-vous contrôler vos données ?

It is not clear if all users regardless of location can get their data be deleted, and how users outside of California jurisdiction can get their data deleted.

"This section applies solely to the personal data of users who reside in the State of California <...> You have the right to request that Sanvello delete any of your personal information that we collected from you and retained, subject to certain exceptions. <...> Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information."

Quel est l’historique de l’entreprise en matière de protection des données des utilisateurs et utilisatrices ?


No known privacy or security incidents discovered in the last 3 years.

Informations liées à la vie privée des enfants

Sanvello says they will not intentionally collect any Personal Information from children under the age of 13 through this website without receiving parental consent.

Ce produit peut-il être utilisé hors connexion ?


Sanvello offers offline meditation options.

Informations relatives à la vie privée accessibles et compréhensibles ?


Liens vers les informations concernant la vie privée

Ce produit respecte-t-il nos critères élémentaires de sécurité ? informations




Data is sent over SSL (Secure Sockets Layer) and any persistent data is encrypted and stored on secured servers

Mot de passe robuste


Mises à jour de sécurité


Gestion des vulnérabilités

Impossible à déterminer

Politique de confidentialité

Impossible à déterminer

Could not confirm their privacy policy covers their app as it mentions only "Web And Mobile Privacy Policy". We are unclear if mobile is the mobile site or if mobile also covers their app.

Le produit utilise-t-il une IA ? informations

Impossible à déterminer

Cette IA est-elle non digne de confiance ?

Impossible à déterminer

Quel genre de décisions l’IA prend-elle à votre sujet ou pour vous ?

L’entreprise est-elle transparente sur le fonctionnement de l’IA ?

Impossible à déterminer

Les fonctionnalités de l’IA peuvent-elles être contrôlées par l’utilisateur ou l’utilisatrice ?

Impossible à déterminer

*Confidentialité non incluse

Pour aller plus loin


Vous avez un commentaire ? Dites-nous tout.