NOCD

NOCD

NOCD INC
WiFi

Data da avaliação: 2 de Agosto de 2022

|
A Mozilla investigou por 8 horas
|

Opinião da Mozilla

|
Votos das pessoas: Assustador demais

NOCD is an app designed to help treat Obsessive Compulsive Disorder or OCD. And with a big spike in people reporting OCD symptoms during the COVID-19 pandemic, it's no surprise investors are jumping on board, giving NOCD $33 million in funding at the end of 2021. The app helps users connect with a therapist who specializes in OCD treatment, provides face-to-face therapy, and supports users in between sessions with therapeutic tools and connections to others in the OCD community. It is currently free to download and use. Therapy session are paid for on a per session basis and NOCD says they do partner with many major insurance companies. NOCD is currently available in the US, UK, Australia, and parts of Canada. Unfortunately, we're a bit concerned about NOCD's privacy practices. They do say they can collect a good deal of personal information, combine that information with data gathered from third parties, and use that information for targeted, interest-based advertising and potentially more. Come on NOCD, we don't need another thing to worry about these days!

O que pode acontecer se algo der errado?

NOCD says they can collect a whole lot of information on their users. Everything from name, address, email address, and telephone number, to age, gender, to health information like your OCD triggers and intensity levels, to your precise location information (Update: NOCD updated their privacy policy August 3, 2022 to indicated they now only collect geolocation data rather than precised location data) when you're using the app and even when you're not. Yikes! NOCD also says they can collect even more information about you from third parties such as social media sites like Facebook, YouTube, and Instagram as well as "Companies that provide information to supplement what we already know about you" (like data brokers?). Double yikes!!! That's a whole lot of information NOCD is collecting on you. And it seems to us like information that goes beyond what they need to help you manage and treat your OCD.

What does NOCD say they can do with all this personal information and app usage data they collect on you? Well, to begin with, they say they can combine the information you give them with information they gather from third parties. Then they say they can use that information for things like learning your interests to better understand what tools interest you and to target you with ads. They actually use the word "might" a whole lot when they talk about how they say they can market you with targeted ads, which is a concern for us when it comes to privacy policies because that word "might" seems to offer a lot of wiggle room. Here's what they actually say, "We might use your information to serve you ads about tools and offers. We might tell you about new features or updates. These might be third party offers or tools, services or studies we think you might find interesting. We may also use your information to send you electronic communications. We and our partners may engage in interest-based advertising using information gathered across multiple websites, devices, or other platforms."

We "might" say this is all quite a bit concerning for an app that collects so much personal information. Ah heck, forget the "might", we do say that concerns us. NOCD says they can collect a whole lot of personal information, can combine that with other information they get from third parties like social media sites and potentially data brokers. They then say they can share that information with a whole host of third parties including business partners and the vague "For Other Reasons We May Describe to You."

What's the worst that could happen? Well, just how many people in the world need to know you are struggling with OCD? And why does NOCD need to say they can gather so much additional information about you from third parties sources such as social media sites and potentially even data brokers? NOCD doesn’t specifically state in their privacy policy that they don’t sell user data, which is something we like to see stated clearly. Not to mention, we couldn't determine if they meet our Minimum Security Standards. For an app that targets people dealing with the struggles of OCD, this all just seems like very very bad privacy practices. With OCD symptoms on the rise these days, an app that can help sounds wonderful. We worry that this app doesn't seem to protect the privacy of their users and potentially even exploits it. That's really not good. Not good at all.

Dicas para se proteger

  • Opt out of location-based information collection in the app settings.
  • Limit information you post on social media pages
  • mobile

Pode me bisbilhotar? informações

Câmera

Dispositivo: Não aplicável

Aplicativo: Sim

Microfone

Dispositivo: Não aplicável

Aplicativo: Sim

Rastreia localização

Dispositivo: Não aplicável

Aplicativo: Não

O que pode ser usado para se inscrever?

Google sign-up is available

Que dados a empresa coleta?

Como a empresa usa esses dados?

UPDATE: On June 28 2022 NOCD updated their privacy policy to state that "We work with these third parties to serve you with our ads and content only—we do not sell or share Personal Information about you with any third parties for their own advertising or marketing purposes." The policy also says that some of their practices may be considered to be 'sale' under California Consumer Privacy Act: "We do share data with third parties as needed for treatment, and we share limited non-treatment related data with third parties with which we have contracts to help with our marketing and analytics efforts, through cookies and pixels. This practice may be considered ‘selling’ data according to the CCPA’s broad definition, even though it is not a “sale” under the conventional definition of the word or under the laws in Virginia and Utah. Additionally, as further clarification, we do not use cookies to enable third parties to serve ads to our website visitors about their own products or services."

NOCD may receive information about you from other sources with your consent or as permitted by applicable law. For example, this may include receiving information from their business partners, social media sites, including Facebook, Twitter, YouTube, Pinterest and Instagram, and other companies that provide information to supplement what NOCD already know about you.

NOCD may also combine information they get from third parties with information they already have about you.

NOCD may engage in interest-based advertising using information gathered across multiple websites, devices, or other platforms.

In the previous 12 months, NOCD have disclosed identifiers as well as select information in customer records, with NOCD's service providers as well as with third parties to whom you authorize us to disclose your personal information.

Como você pode controlar seus dados?

You can opt-out of receiving NOCD's marketing communications. You may also opt-out of location-based information collection by NOCD if you uninstall all NOCD mobile apps from your devices.

The Privacy Policy lists data subject's rights for all users, including right to access and to erase data.

Qual é o histórico conhecido da empresa na proteção de dados dos usuários?

Médio

No known privacy or security incidents discovered in the last 3 years.

Informações de privacidade infantil

By using the Platform, you represent and warrant that you are at least eighteen (18) years of age;. If you discover that information of anyone under eighteen (18) years of age was submitted to the Services, please contact NOCD and they will remove such information.

Este produto pode ser usado offline?

Não

Informações de privacidade fáceis de entender?

Não

Links para informações de privacidade

Este produto atende aos nossos padrões mínimos de segurança? informações

Sim

Criptografia

Sim

Senha forte

Sim

Atualizações de segurança

Sim

Gerencia vulnerabilidades

Sim

NOCD says people can report security vulnerabilities [email protected]

Política de privacidade

Sim

O produto usa inteligência artificial? informações

Não

*privacidade não incluída

Mergulhe mais fundo

Comentários

Tem um comentário a fazer? Nos diga.