Last updated: 9/15/21
We, Even Mental Health, Inc. (“Even”, “We”, or “Us”) collect and process your personal data related to the Even Mind App (“App”).
The protection and confidentiality of your data is very important to us. We therefore only process your data to the extent that
- It is necessary to provide the Even Mind services you are requesting
- you have given your consent to the processing, or
- we are otherwise authorized to do so under the data protection laws.
What information we collect
Personal data is specifically protected by law. Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.
Personal data for the creation of a personal account
In order to create a personal account that allows you to easily access your history even when you change your smartphone, we collect and process the following personal data in the way you provide it to us:
- email address
For an extra layer of privacy, the App provides Sign in with Apple functionality. When using Sign in with Apple you can choose to hide your email address.
This is data that tells us what hardware and software you are using to access our app:
- Data about the mobile platform (iOS/Android)
- The version of the app
- Device model
- System version
Anonymized app usage data
We collect aggregate, anonymous statistics, such as the percentage of users who use particular features.
How we process your data
We use the information we collect to operate and improve our website, apps, and customer support.
Your data will be stored by us as long as this is necessary for your use of our App and the services associated with it. The anonymized data can also be stored indefinitely for research and product improvement purposes.
With whom we share your information
We do not, and will never sell your data. We do not pass on your data to third parties, unless we are legally entitled or obliged to do so, or you have given us your consent.
How we protect your data
We take significant precautions to protect your data and to prevent misuse.
Data and metadata is encrypted under the 256-bit Advanced Encryption Standard, and each encryption key is itself encrypted with a regularly rotated set of master keys.
The app communicates with our server via encrypted connections using SSL (Secure Socket Layer), which prevents third parties from accessing your data without authorization.
We use third-party tools in order to deliver our services to you.
In detail we use the following tools:
a. Google Firebase
In the mobile app we use Firebase (https://www.firebase.com/), a framework from Google’s subsidiary Firebase, based in San Francisco, CA, USA, through which we use the following services
- We use Firebase Crashlytics to track app crashes as they occur and to prevent future crashes. In the event of an app crash, a report is generated that includes the type and operating system of the device and recent activity in the app, and is sent to Crashlytics. For information on the functionality of Crashlytics, please visit https://firebase.google.com/products/crashlytics/.
- We use Firebase Cloud Firestore to store your data such as mood and energy logs. For information on the functionality of Cloud Firestore, please visit https://firebase.google.com/products/firestore/.
b. Google Cloud Identity Platform
For extra security, we use a HIPAA-compliant authentication system named Google Cloud Identity Platform. For information on the functionality of Google Cloud Identity Platform, please visit https://firebase.google.com/products/firestore/.
Accessing, changing, or deleting information
You may access or change your information or delete your account from the “Settings” page in the app. We delete all of your saved data when you delete your account.
Deleted information may be kept in backups for up to 90 days. Backups are encrypted and are only accessed if needed for disaster recovery.
We may delete your information at any time and for any reason, such as technical needs, legal concerns, abuse prevention, removal of idle accounts, data loss, or any other reason.
Links to other sites
This App is not intended for use by anyone under the age of 13. We do not knowingly collect personal identifiable information from children under 13. In the case we discover that a child under 13 has provided us with personal information, we immediately delete this from our servers. If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to take necessary actions.
Information for European Union Customers
By using the App and providing your information, you authorize us to collect, use, and store your information outside of the European Union.
International Transfers of Information
Information may be processed, stored, and used outside of the country in which you are located. Data privacy laws vary across jurisdictions, and different laws may be applicable to your data depending on where it is processed, stored, or used.
We reserve the right to change this policy in compliance with data protection regulations. The current version can be found here.
For help with this policy and any other question, please contact us at firstname.lastname@example.org