Mindshift CBT

Waarschuwing: *Privacy niet inbegrepen bij dit product

Apps voor geestelijke gezondheid Meditation Apps Moodlifting Apps

Mindshift CBT

Anxiety Canada Association
Wifi

Beoordelingsdatum: 25 april 2023

|
Mozilla onderzocht 15 uur
|

Mozilla zegt

|
Mensen stemden op: Enigszins griezelig

CBT stands for Cognitive Behavioral Therapy. It is a psychological treatment shown to be effective at helping manage things like anxiety, eating disorders, and phobias. Mindshift CBT is a free app created by the Canadian charitable organization Anxiety Canada that uses evidence-based CBT strategies to help users manage anxiety by reducing worry, stress, and panic. The app offers tools based on these CBT strategies such as thought journals, belief experiments, and coping cards as well as fear ladders and expanding your comfort zone guides. Tools all designed to help better navigate the crazy, messed up world we're living in these days. Couple that with the fact that Anxiety Canada is a non-profit charitable organization that isn't looking to share or sell a bunch of your personal information to make money and you've got yourself a pretty good deal. Did we mention it's free? But you can always donate to support this organization if you want. We do worry a little about the app's security practices, though, so unfortunately, it's not perfect.

Wat kan er gebeuren als er iets misgaat?

First reviewed April 20, 2022. Review updated, April 25, 2023

Not much has changed with non-profit Anxiety Canada's Mindshift CBT app over the last year. Their privacy policy was last update in October, 2021, so no changes there since our last review. And we still have the same concerns about the app from a security perspective that we had last year -- we are unable to confirm if they encrypt their data both in transit and at rest (where they store it online), and they still only require a weak password of "111111".

We see they did start restricting access to their public Community forum where users can share stories and offer peer-to-peer support to only users who turn 18+ in the current calendar year. We consider that a good privacy move, especially since we could find no child-specific privacy information in their privacy policy. This is also a good reminder to only share what you are comfortable being made public in such open community forums, no matter your age (but especially if you are under 18!).

Read our 2022 review:

Anxiety Canada's Mindshift CBT app seems to take their users' privacy fairly seriously, which is nice. They do collect personal information like name, e-mail address, telephone, location, and information about your usage of MindShift. The do not share or sell this information for any targeted marketing or advertising purposes though, so yay! Unfortunately, as we have seen with other apps created by non-profit charitable organizations, we do have some concerns about their security practices. The app accepted the weak password "111111" when we logged in. We also were unable to confirm if and when they use encryption to protect users' data in transit and at rest and if they have a way to manage security vulnerabilities. Emails to the address mentioned in their privacy policy for these privacy related questions went unanswered.

It's great to see the organization take privacy seriously. And we understand that charitable organizations don't always have the same resources as bigger companies to focus on an app's security. Which stinks. Big companies tend to have way worse privacy practices and better security practices where charitable organizations seem to have the best privacy practices and not as strong security practices. We feel a little like Goldilocks out here looking for the rare that manages to do both well.

Tips om uzelf te beschermen

  • Choose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Do not use social media plug-ins.
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless neccessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Kan het me bespioneren? informatie

Camera

Apparaat: Niet beschikbaar

App: Nee

Microfoon

Apparaat: Niet beschikbaar

App: Nee

Volgt locatie

Apparaat: Niet beschikbaar

App: Nee

Wat is er nodig om u aan te melden?

Welke gegevens verzamelt het bedrijf?

Hoe gebruikt het bedrijf deze gegevens?

"We do not generally disclose your personal information to any third party without your specific consent, except as permitted or required by law."

"We use information about you in the following ways: To ensure that Mindshift content is presented in the most effective manner for your mobile device.

To provide you with information related to MindShift that will facilitate your engagement with the MindShift.

To provide you with promotional communications, such as email, where you have provided consent to receive such communications.

To carry out our obligations arising from any agreements entered into between you and us. To allow you to participate in interactive features of MindShift when you choose to do so. To notify you about changes to MindShift.

To understand your location to help us identify groups of users by general geographic market (such as postal code, province, or country)."

Hoe kunt u uw gegevens beheren?

"You may request access to, make corrections to, or delete the personal information we hold about you at any time, subject to certain exceptions."

"We will retain the personal information we collect from or about you only for so long as we require it to satisfy the purposes for which we collected the information. We will also retain your personal information for as long as is required to meet our various legal and business obligations, which in some cases might be for a longer period than is necessary to satisfy the purposes for collection.

In particular, if we use any of your personal information to make a decision that directly affects you (e.g., to decide whether you are eligible to participate in a MindShift CBT Group of the Mindshift CBT Community), we will retain that information for at least one year after the date we use the information to make the decision. This is so you have time to request access to your personal information.

Once there is no longer a legal requirement or business purpose to retain your personal information we will securely delete, destroy, or anonymize it."

Hoe staat het bedrijf bekend als het gaat om het beschermen van gebruikersgegevens?

Gemiddeld

No known privacy or security incidents discovered in the last 3 years.

Privacyinformatie voor kinderen

Mindshift CBT's privacy policy does not mention child privacy information.

They do say that as of November, 2022 "Access to Community is now restricted to users who are 18+ at the start of the calendar year."

They also state in their privacy policy that:

"f you apply to become a participant in our MindShift CBT Group, we will also collect personal information, including information about the nature and severity of your anxiety symptoms, directly from you for the following purposes...

"If you are a minor, to determine whether you are able to consent on your own behalf to participate in the MindShift CBT Group, or whether consent from your parent/guardian is required;"

Kan dit product offline worden gebruikt?

Nee

Gebruikersvriendelijke privacy-informatie?

Nee

Koppelingen naar privacy-informatie

Voldoet dit product aan onze minimale beveiligingsnormen? informatie

Nee

Versleuteling

Kan niet bepalen

Sterk wachtwoord

Nee

The app has accepted '111111' as a password.

Beveiligingsupdates

Ja

Beheert kwetsbaarheden

Ja

"To deal with security vulnerabilities, we would escalate reported potential vulnerabilities to our contracted developer, EY, and request a corresponding update to the MindShift app. The contact would be [email protected]."

Privacybeleid

Ja

Gebruikt het product AI? informatie

Kan niet bepalen

Is deze AI onbetrouwbaar?

Kan niet bepalen

Wat voor soort beslissingen neemt de AI over u of voor u?

Is het bedrijf transparant over hoe de AI werkt?

Kan niet bepalen

Heeft de gebruiker controle over de AI-functies?

Kan niet bepalen

*Privacy niet inbegrepen

Dieper duiken

Opmerkingen

Hebt u een opmerking? Laat het ons weten.