Withings Thermo

Withings Thermo

Withings
WiFi Bluetooth

Data da avaliação: 1 de Novembro de 2023

|
A Mozilla investigou por 8 horas
|

Opinião da Mozilla

|
Votos das pessoas: Um pouco assustador

Withings' little smart thermometer lets you take a temperature without coming in contact with the body, which is cool because sick people are sweaty. It's got a brightly lit display that can track the temperature readings of up to eight people. And it will sync temperature readings with the smartphone app automatically over WiFi so no need to Bluetooth sync. Based on your temperature and symptoms the app can recommend when it's time to take action. So, will Withings overshare with the world that you have a fever? Well, actually, their privacy looks pretty decent to us.

O que pode acontecer se algo der errado?

Withings says that “[r]espect for privacy is a core principle that we place at the heart of our strategy for developing our Products and Services.” Better, they seem to sincerely mean it. They actually apply the European Union's stronger privacy regulation GDPR all over the world, even in places they don't have to apply strong privacy laws. That's so cool! If more companies could do this we'd be so happy.

They don't sell your data and have an easy to read privacy policy. They don’t share your data except when they legitimately need to, like to supply you their products and services. They treat health data with extra caution (as they should!) and have the credentials to prove it. It’s super refreshing to see! Especially when ~certain brands~ can sometimes be more focused on marketing the fact that they care about your privacy than on actually protecting it.

We’re kinda speechless honestly since we usually use this space to air our grievances. Withings even created a handy guide about “How to manage and protect your Withings data.” This might be a first. It tells you about all of the health data that’s collected, how you can import more, how you can download it, delete it, and other helpful advice. It seems like Withings genuinely wants to put you in control of your health data which feels, sadly, super rare in the whole health-tracking space. Bravo, Withings! (They’re French.)

This is all great news for a device that takes your temperature because you don't need the world knowing just how hot you are (or if you have a fever).

Dicas para se proteger

  • Check the comprehensive Privacy User guide to check all your options.
  • Be very careful what third party companies you consent to share you health data with. If you do decided to share your health data with another company, read their privacy policy to see how they protect, secure, and share or sell your data.
  • Do not sign up with third-party accounts. Better just log in with email and strong password.
  • Chose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless necessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Pode me bisbilhotar? informações

Câmera

Dispositivo: Não

Aplicativo: Não

Microfone

Dispositivo: Não

Aplicativo: Não

Rastreia localização

Dispositivo: Não

Aplicativo: Sim

O que pode ser usado para se inscrever?

Que dados a empresa coleta?

Como a empresa usa esses dados?

Privacy Policy Withings

"GDPR means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. WITHINGS applies the GDPR all over the world."

"We collect Personal Data from you in order to provide the different purposes listed below. If you do not wish to provide it, you will not be able to access certain parts of the Products and Services, or services offered by our customer support.
LIST OF PROCESSING.
A) USE OF OUR PRODUCTS AND SERVICES [...]
B) COMMUNICATION & SUPPORT [...]
C) SECURITY AND EXERCISING YOUR RIGHTS
D) RESEARCH & DEVELOPMENT
1. Sending out "Research Questionnaires" and analyzing the responses received
PROCESSED DATA: User ID. The content of the questionnaire varies according to the issues addressed
BASIS FOR THE PROCESSING: Consent of the person filling in the questionnaire
RETENTION PERIOD: Pseudonymized Data is retained until the account removal
2. Anonymization of data for research purposes
PROCESSED DATA: Health data needed to conduct the study
BASIS FOR THE PROCESSING: Your consent
3. Product and Service Improvement (including algorithm performance improvement and statistics))
PROCESSED DATA: The relevant data related to the realization of these treatments. It is exclusively pseudonymized data
BASIS FOR THE PROCESSING: Legitimate interest
RETENTION PERIOD: Personal data is kept until the user account is deleted"

" We only share such data in circumstances described below: [...]
c. Use of our subcontractors. We share certain Data with subcontractors, who are experts in their field, in order to supply the Products and Services. Our subcontractors are required to comply with both the GDPR. They process the shared Data only for the intended purpose. Our subcontractors help us to provide you with high quality products and services, please find the list of subcontractors here.
d. Use of ScanWatch in the United States. WITHINGS may share certain personal information (name, date of birth, email, address, phone number) with Heartbeat Health, a U.S. company, which provides you with services such as the prescription necessary for the ECG functionality of the device, the organization of teleconsultations with our health professional partners, the provision of advice on your health. Your consent to receive text messages from Heartbeat Health is required to activate the ECG functionality on your device. Please see Heartbeat Health's privacy policy for more information..."

"Legal reasons. We may share Personal Data relating to you when required by law, upon request of a court, in connection with a legal proceeding, or if we believe in good faith that disclosure is reasonably necessary to (a) investigate, prevent, or take action regarding suspected or actual unlawful activities, or to assist public authorities; (b) investigate and defend against any third-party claims or accusations; or (c) protect our Services’ security or integrity. We will notify you of any legal proceedings that require access to your Data, unless we are prohibited by law from doing so. Where a court order specifies a period of non-disclosure of the request to data subjects, we will send you a deferred notification after the non-disclosure period has expired."

Como você pode controlar seus dados?

Privacy Policy Withings

This Policy applies uniformly to all Users of the Withings App, regardless of where you live. We take into consideration the regulations on the protection of personal data applicable to the markets in which WITHINGS sells its Products and Services.

"You may exercise your rights by contacting us at [email protected].
7.1. YOUR RIGHTS. You may exercise the following rights independently or with our assistance.
a. Right of Access. ou can access the Personal Data about you processed, collected or stored by WITHINGS. You can find this information directly from your account or via Customer support.
b. Right of rectification. If you find that the data about you is inaccurate, you have the right to request its correction. Some personal data can be changed directly from your Withings App account.
c. Right of Limitation and Right to Object. If you find that any data about you is inaccurate, you may ask us to stop processing that data until the situation is corrected. You may also ask Us to stop processing Data relating to you.
d. Right to Erasure. You may request the deletion of Personal Data relating to you. We will assist you in deleting Personal Data your account or Customer Support."

"The retention period indicated in the list of treatments depends on the type of data, the purpose or our legal obligations. If you ask us to do so, WITHINGS will delete your data from its servers and will ask its subcontractors involved in the processing to perform the same operation. We use subcontractors to manage backup data. This data will be used in case of operational problems to ensure the continuity of our services and products. Please note that, for security reasons, we are not able to reflect the deletion or modification of data on backups already made, in order to protect the integrity of the backup data."

"If you have chosen to share your data from WITHINGS Products and Services with third parties, we cannot ensure the deletion or anonymization of such data. We invite you to contact the third party for more information. "

"At any time, you can withdraw your consent. To do so, simply:
Delete your account (here) ;
Uncheck "Research Center" in your notification center (Android / iOS) ;
Remove the connection with third-party applications ;
Remove double authentication in your account settings (Android / iOS) ;
Uncheck "Promotional offer" in your notification center (Android / iOS)."

Privacy guide
"Once your Withings account has been deleted, all data from all users of the account will be lost. We recommend that
you export your data before deleting your account. Refer to “Exporting your data” on page 22 for more information.
You can delete your account anytime you want. To do so, perform the following steps:
1. Navigate to the Web Dashboard.
2. Select your avatar in the top right corner and select “Settings.”
3. Select the user you want to delete.
4. Select “Delete user” at the bottom of the page.
The account management screen is displayed.
5. Select any users that you want to delete and select “Delete.”
Note: Make sure you delete all secondary users before trying to delete the main user. If you change your mind at this
stage, simply select “Reactivate.”
6. Select “Delete Account.”
At this stage, you have the option of exporting the data of each user by selecting “Download.” Make sure you export
the data before all your data is lost. If you change your mind at this point, you can also select “I don’t want to delete my
account. Take me back!”
7. Select “Delete My Account.”

Qual é o histórico conhecido da empresa na proteção de dados dos usuários?

Médio

Withings was heavily criticized in 2023 for presenting the new product: Withings’ U-Scan, an in-home, WiFi-connected urinalysis device meant to soon read one’s urine composition for health factors regarding pH balance, nutrition, and even users’ menstrual cycles.

The product earned the CES ‘Worst in Show 2023’ award in 'Privacy' nomination - from PIRG, JerryRigEverything, iFixit, Repair.org, EFF, Consumer Reports, and SecuRepairs.

“The U-Scan is a body surveillance device that indefinitely stores your private health data, including information about pregnancy and fertility,” writes Caitlin Seeley George, campaign director for the digital privacy rights advocacy group, Fight for the Future.On Withings’ legal policy page, the company notes that they “may be compelled by the law to disclose your personal data to some authorities or other third parties, such as the the law enforcement or legal authorities.”

Informações de privacidade infantil

No children-related privacy information found.

Este produto pode ser usado offline?

Não

You will need either WiFi or Bluetooth to use this device.

Informações de privacidade fáceis de entender?

Sim

Links para informações de privacidade

Este produto atende aos nossos padrões mínimos de segurança? informações

Sim

Criptografia

Sim

Senha forte

Sim

Atualizações de segurança

Sim

Gerencia vulnerabilidades

Sim

Política de privacidade

Sim

O produto usa inteligência artificial? informações

Não foi possível determinar

Esta inteligência artificial não é confiável?

Não foi possível determinar

Que tipo de decisões a inteligência artificial faz sobre você ou por você?

A empresa é transparente sobre como funciona a inteligência artificial?

Não foi possível determinar

O usuário tem controle sobre os recursos da inteligência artificial?

Não foi possível determinar

*Privacidade não incluída

Mergulhe mais fundo

  • Withings raises $60m for AI-enabled wearables
    eeNews O link é aberto em uma nova aba
  • ‘And the winner is…’ CES ‘Worst in Show 2023’ recipients
    PIRG O link é aberto em uma nova aba
  • Privacy advocates are worried about a newly unveiled pee-analysis gadget
    Popular Science O link é aberto em uma nova aba

Comentários

Tem um comentário a fazer? Nos diga.