Welcome to the 29k/Aware wiki
Welcome to the 29k/Aware wiki
/
🔏
Aware Privacy Notice
🔏

Aware Privacy Notice

Privacy Notice

We are 29k, a non-profit organization, funded by private and public donors. There are no fees and no ads in our app, and we do not sell user data to any third parties. We are based in Stockholm Sweden, and you can reach us at privacy@29k.org. This is our privacy notice for users of the Aware app.

Data Controllers

The 29k Foundation (organizational number 802481-5261) and 29k International AB (organizational number 559095–7949) are joint controllers for the processing of your personal data and are responsible for ensuring compliance with applicable legislation.

The joint controllers have appointed a point contact for users of the Aware App and others whose personal data are to be processed (the data subjects). The point of contact is 29k International AB (29k).

Email: privacy@29k.org

Web site: https://wiki.29k.org/aware-privacy-notice

Purpose and processing in short

The Aware app helps you grow and make the most out of life. It includes courses, exercises and sharing groups, all based on the latest psychology research. We have six main processes of processing your data and use your data for the following purposes (in short):

1. The app user process

To give you the basic service of the app we need to process your data, such as which exercises you have done and which you still haven’t, which sessions you are attending etc., to work. This makes you an App user. Without storing this data, we wouldn’t be able to provide you with meaningful app experience. We also store additional data if you want us to, such as your profile picture and display name, that you are in complete control of. To personalize (which is the purpose) you can choose a display name and a profile picture, and you can change it whenever you want (well, not during a session). If you do, you are an App power user.

2. The exercise session and journaling process

The exercise sessions for inner development and to increase psychological well-being is one of the main services in the Aware app and the purpose of the processing of personal data. You can choose to participate in the sessions by yourself (private) or with friends (see private live session process). After the exercise is completed, you can choose to write your reflections, private or public – with your display name or anonymous. This is what we call journaling.

When journaling you might write about your feelings and thoughts about your own health. If so, that is special categories of personal data, and our legal basis for processing is legitimate activities for private journaling, and your explicit consent if you would like to share your self-reflections with others by public journaling in the app.

When you publish self-reflections in the Aware app, we use AI to make sure the text is aligned with our User code of conduct (the purpose of this processing). The journaling text you publish is automatically moderated (using machine learning) first, and if it is flagged as not approved it is often manually moderated by the Aware team.

3. The public live session process

In the Aware app you can participate in live video sessions open to all App users. If you do, sharing a camera and microphone is optional. The purpose is to share your experience of the session with other users and the host in live video and audio feeds. If you don’t already have a display name, a temporary display name is required for the live session. The profile picture (if you have chosen one) is shown when the video camera is off. If you are the host of a public live session, you are an App privileged user, and picture, display name, live video and audio feeds are required processing of your personal data.

During the public live sessions, you may choose to share your feelings and thoughts. This is optional, if you only want to listen it is okay too. If you share feelings and thoughts about your own health these are special categories of personal data, our legal basis for processing is legitimate activities.

4. The private live session process

A private live session is when you invite friends or colleagues for a private session, hosted by one of you (App power user host). To participate you must receive an invitation to the private live session (by link) and for the purpose of access control we are processing user-ids. When you participate in live video sessions, sharing camera and microphone is optional . The purpose of private live sessions is to create peer-to-peer groups for inner development and to increase psychological well-being in a group of invitees only. If you don’t already have a display name, a temporary display name is required for the live session. The profile picture (if you have chosen one) is shown when the video camera is off.

During the private live sessions, you may choose to share your feelings and thoughts. This is optional, if you only want to listen it is okay too. If you share feelings and thoughts about your own health these are special categories of personal data, our legal basis for processing is legitimate activities.

5. The development of the app process

To improve the app and troubleshoot technical issues we ask you for feedback and reporting, follow the aggregated behavior of users from the analytics id, crash and error reporting and use data of app installation attribution (also aggregated).

6. The Collection of data for research and statistic reasons Process

We get free resources from the scientific community, and to contribute back to the science and research we provide anonymized data from our aggregate datasets. We don’t transfer any identifiable information to third parties, and we never share data for profit.

This process is not used right now but we want to give you heads up on the purpose when we collect your information. When we start this process, we will update the information with more details on how we process your personal data here.

Do you want to know more about how we process your personal data?

The processing of personal data for each main process (1-5) is described in more detail further down in our Privacy notice. There is detailed information about the purpose of processing, legal basis for processing and balance of interests, categories of personal data and data subjects, security measures, as well as exceptions, if there are any, from the general information in this section.

Categories of personal data

We process these categories of personal data that are system generated

  • User-id, usage analytics id, log data of accessed session, timestamp, app language, completed exercises, app navigations, anonymous user or not, public session host or not, app events logging, phone time zone, phone language, phone brand and model, OS type and version, app version, app installation source (UTM).

We process these categories of personal data that are from you (as data subject)

  • Display name (optional) or temporary display name (required when participating in live sessions), picture (optional), video live feed (optional), audio live feed (optional), email (optional or required when hosting sessions), journaling text (optional), free text feedback (optional), report and free text in email may include personal data (optional).

Special categories of personal data

  • Feelings and thoughts about your own health may be shared with participants and the host during the session (audio live feed and video live feed).
  • Feelings and thoughts about your own health may be shared when you choose to publish your journaling in the app (text entry).

Categories of Data Subjects

  • App user (has a unique user-id)
  • App power user (adds picture and displayed username)
  • App power user host (private session host)
  • App privileged user (public session host)

Our basis for processing your data

We use the lawful basis consent and legitimate interests for processing your personal data, and legitimate activities and explicit consent for processing special categories of personal data.

Consent for optional processing

We use consent for optional processing when you share your camera and microphone during a session, and when you share display name and/or a picture as an App user or an App power user. When consent is the lawful basis, you can recall your consent by choosing to not share your display name, picture, microphone or video, or contact 29k to get help to delete this personal data form the Aware app (read more about that in the section on Data subject rights).

Legitimate interests as basis for processing and balance of interests

When we use the lawful basis of legitimate interests for processing your personal data, we do a balance of interest to make sure we handle your data with sufficient care. A balance of interest is a risk assessment exercise that includes three tests:

  1. The necessity test (consider if the processing is necessary)
  2. The purpose test (identify the legitimate interest)
  3. The balancing test (consider the individual’s interests)

Legal basis for processing special categories of personal data

During the public live sessions, you may choose to share your feelings and thoughts. This is optional, if you only want to listen it is okay too. If you share feelings and thoughts about your own health these are special categories of personal data, which is only allowed to be processed under certain circumstances. We meet these requirements and process your health data under the legal basis Legitimate activities.

In the section “More about how we process your personal data” you can read more about our legal basis for processing your data.

Source of personal data

29k uses only system generated personal data and the personal data that you as a user of the Aware App have chosen to share with us. We do not gather information about you from publicly accessible sources.

We use your email for communication

If you choose to share your email address with us, we will use it to answer your reporting of system problems or feedback about the Aware App. On some rare occasions we communicate with you, about the Aware App. If you don’t want emails from 29k, there is an opt-out at the end of each email.

You are in control of how long we will save your data

You choose if you want to share a display name and picture, and you may change or delete it, unless you are in an ongoing session. Your completed sessions and private journaling are saved on your device, but you need the Aware app to access it. If you publish your journaling, it will be anonymized when the app is deleted.

Live video feed and audio, and temporary display name is only possessed during the live session. No recording options are available. Session access control information is deleted on request but will, in the future, automatically be removed for past sessions, every 24h.

If you don’t have any activity in the Aware app for 365 days, the user-id and all personal data will be deleted. If you want your personal data deleted earlier, we will remove it on request. Read more about your right to be forgotten (right to erasure) in the section on Data subject rights.

We use a little bit of AI to help us keep a nice tone

When you publish feedback or journaling that is shown to other users in the app, we use AI to make sure it is aligned with our User code of conduct. We have chosen this way to both have a fast publication in the Aware app and keep the content moderated. It is either automatically moderated (using machine learning), manually moderated or a combination of both. Feedback is hidden by default and requires manual moderation, and public journaling text is automatically moderated and optional for manual moderation.

Automatic moderation is done with the help of Open AI Chat Completion API by classifying if the content contains any "religion, illegal drug use, threat, high risk of physical harm, adult, profanity, racist, gibberish, non-English, mostly capital letters, names, persons". When the automatic moderation classifies what a user has written with any of the classifications above, the content becomes disapproved and hidden. It can later be manually moderated. Manual moderation is done by reviewing incoming content in the internal Aware administration system. When we manually moderate your User-id, display name or picture is not shown. The reviewing is done by a small group in the Aware team.

Processors

Processor
Service
Country
Privacy Policy
Cloudinary Ltd
Digital Asset Management
Israel
https://cloudinary.com/privacy
Daily.co
Video streaming platform
USA
https://www.daily.co/legal/privacy/
Functional Software, Inc. /Sentry
Sentry Error Monitoring
USA
https://sentry.io/security/
Google Cloud Platform
Cloud infrastructure
Ireland, EU
https://policies.google.com/privacy
OpenAI OpCo
Chat Completion API
USA
https://openai.com/policies/data-processing-addendum/
PostHog
User behavior analytics
USA
https://posthog.com/privacy
Salesforce
Slack
USA
https://slack.com/trust/privacy/privacy-policy
Twilio
SendGrid Email API
USA
https://www.twilio.com/en-us/privacy

Transfers to Third Country or International Organization

We use service providers based in the USA, Israel and EU (see processors above). As an appropriate safeguard for international transfers, we have for each of the processors, entered Standard Contractual Clauses that have been approved by the EU Commission. As an additional safeguards to those Standard Contractual Clauses, we minimize the amount of data we process , anonymize as much of it as we can and where possible, we make sure your data stays on your device. All providers but one (OpenAI) also have an active adequacy decision as a basis for transfer to a third country.

We don’t share your personal data

We do not share your personal data. In all our tools we have made the setting to opt out of all services that require that we share data with recipients. Even the Analytics-id we use is separated to prevent us from disclosing any other personal data.

Data Subject Rights

You (as a data subject) have the right to request access to your personal data, and rectification, erasure of personal data, restriction of processing or to object to processing as well as the right to data portability, from the joint controllers by contacting 29k International at: privacy@29k.org

Right of access: You can always ask us about what personal data we process about you.

Right to rectification: If your data is inaccurate, you can ask us to correct or amend your data.

Right to erasure (right to be forgotten): Just delete your account in your profile and we’ll delete your data. If you want us to delete something specific (and not everything), please contact us.

Right to restrict processing: If you believe we’re processing your data in ways that are unlawful or that you don't agree with, you can ask us to stop processing that data until we finish an investigation.

Right to data portability: You can ask for your data in .json format that you can save or send to anyone. (This is only required in the GDPR when the lawful basis is consent or contract, but we will help you with our best effort if you want more information).

Right to object: You have the right to object to how we process your data (when we do so on the lawful basis of legitimate interest).

Right to withdraw consent: You have the right to recall your consent for future processing of your personal data at any point. The fastest and maybe easiest way for you to recall consent is to delete the data you no longer wish us to process (display name, picture or in the case of an active session end audio or video live feed). You are also welcome to contact us to withdraw your consent. The same is true for explicit consent, if you have given your explicit consent to publish journaling and you change your mind, please contact us to exercise your right to erasure.

Right to complain to a regulator: You have the right to submit a formal complaint about how we process your data to the supervisory authority.

Data Protection Officer

We have a Data Protection Officer that helps us ensure the right level of data protection for your personal data and compliance with the GDPR. If you want to contact our DPO on questions about data protection, please send an email to: dpo@29k.org

Complain to supervisory authority

You have the right to lodge a formal complaint about how we process your personal data, with a supervisory authority. As a data subject you are always able to choose which country's supervisory authority you wish to contact. The supervisory authority that you contact will be your contact point in the matter.

Find the contact details of your national data protection regulator here.

Read more about your digital rights on the European Commission’s website

IMY in Sweden is the lead supervisory authority

For 29k the so-called lead supervisory authority is IMY in Sweden, Integritetsskyddsmyndigheten.

How to contact IMY

Phone number: +46 (0)8 657 61 00

E-mail: imy@imy.se

Postal address: Integritetsskyddsmyndigheten, Box 8114, 104 20 Stockholm, Sweden

Website: https://www.imy.se/en/

Privacy Pledge

Do we anonymize your data after one year of inactivity?
Yes
Question
Answer
Do we track your device location?
No
Do we track your device location while you aren't using the app?
No
Do we use cookies?
No
Do we track your browsing activities on other sites?
No
Do we listen to you using your device microphone?
No
Do we record and store video and audio of you?
No
Do we sell your personal information?
No
Do we sell any anonymized information?
No
Do we share your data with third parties?
No
Are you required to register with personal information?
No
Do we track your usage of the app?
Yes
Do we anonymize your data when you delete your account?
Yes
Can you retrieve a copy of all your data from us?
Yes
Do we share anonymized data for research purposes?
Yes

Questions or Comments?

To ask questions or comment on this information contact us at: privacy@29k.org

More about how we process your personal data

We describe, in more detail for each main process how we process your personal data below.

‣

1. More about the App User Process

Purpose and processing

To provide you, as a user, the services in the Aware app we need to create a unique user-id, to give you access to the app and for the app to work on your device. We also create a unique user analytic id to identify returning users and to let you know which sessions you have participated in, to continue session programs and explore the app. The user analytic id tracks what the user does, logs time when starting and stops using the app. We do not save your IP address.

Our basis for processing your data

Consent for optional processing

We use consent for optional processing when you share display name and/or a picture.

Legitimate interests as lawful basis for processing and balance of interests

For all the other processing we use legitimate interests as a lawful basis, and for that we need to do a balance of interests.

  1. The necessity test: The processing is necessary to provide the services in the Aware app. If we don’t create the user-id and the user analytic id, the app will not work. We have minimized our use of data to only include the necessities.
  2. The purpose test: We have a legitimate interest to process your personal data to provide the service of the Aware app.
  3. The balancing test: Our interest to provide the Aware app is balanced to your interest to use the app. We take precaution to handle data safely, read more about our safeguards below. The impact of using the app is to give tools to increase well-being, and as an app user it is normal to share some technical data to get access to an app.

Categories of personal data

  • User-id, usage analytics id, log data of accessed session, timestamp, app language, completed exercises, app navigations, anonymous user or not, public session host or not, app events logging, phone time zone, phone language, phone brand and model, OS type and version, app version, app installation source (UTM) - (these are all system generated data).
  • Email (optional), free text feedback (optional), report and text in email may include personal data (optional) - (data from the data subject).

Categories of Data Subjects

  • App User (has a unique user-id)
  • App Power User (adds picture and displayed username)

Technical and Organizational Security Measures

  • Data minimization
  • API requires app authenticated user
  • End-to-end encryption

Data subject rights

If you don’t want processing of a unique user-id or unique user analytic-id on your device, we cannot provide the service of the app and we can only help you to delete the Aware app to ensure your rights due to the right to be forgotten and the right to object.

‣

2. More about the exercise sessions and journaling process

Purpose and processing

The exercise sessions for inner development and to increase psychological well-being is one of the main services in the Aware app and the purpose of the processing of personal data. To keep track of completed exercises we collect timestamps. You can choose to participate in the sessions by yourself (private) or with friends (see private live session process). After the exercise is completed, you can choose to write your reflections, private or public – with your display name or anonymous. This is what we call journaling.

The purpose of private journaling is to do self-reflection, and to see progress over time. We are processing data so that the timestamp, exercise and journal text are stored on your device, only accessible by the Aware app and the user id that saved it. Back-up is on your device, if you use an iPhone the back-up is iCloud.

The purpose of public journaling is to share self-reflection journal entries with other users, anonymously or with profile picture and display name (display name and picture is optional). We are processing data so that the timestamp, exercise and journal text are stored on your device and on servers.

When you publish self-reflections in the Aware app, we use AI to make sure the text is aligned with our User code of conduct (the purpose of this processing is moderation of content). We have chosen this way to have a fast publication in the Aware app and keep the content moderated. The journaling text you publish is automatically moderated (using machine learning) first, and if flagged as not approved, we strive to manually moderate it in the Aware team.

Automatic moderation is done with the help of Open AI Chat Completion API by classifying if the content contains any religion, illegal drug use, threat, high risk of physical harm, adult, profanity, racist, gibberish, non-English, mostly capital letters, names, persons. When the automatic moderation classifies what a user has written with any of the classifications, the content becomes disapproved and hidden. It can later be manually moderated. Manual moderation is done by reviewing incoming content in the internal Aware administration system. When we manually moderate your User-id, display name or picture is not shown. The reviewing is done by a small group in the Aware team.

Our basis for processing your data

Consent for optional processing

We use consent for optional processing when you share display name and/or a picture.

Legitimate interests as basis for processing and balance of interests – sessions

For all the other processing in the exercise sessions we use legitimate interests as a lawful basis, and for that we need to do a balance of interests.

  1. The necessity test: The processing of the user-id, log data of accessed exercise session and timestamp is necessary to deliver the exercises.
  2. The purpose test: We have a legitimate interest to process personal data to provide the exercises in the app, and if you use the exercises to process timestamps to give you the opportunity to keep track of your progress over time, which is a part of the training.
  3. The balancing test: The processing of the user-id, log data of accessed exercise session and timestamp is of low impact to the data subject. It is normal and to be expected, and safeguards as end-to-end encryption are in place.

Legitimate interests as basis for processing and balance of interests - journaling

  1. The necessity test: For journaling, it is necessary to process written texts.
  2. The purpose test: We have a legitimate interest to process personal data to provide the exercises in the app, journaling (private or public) is part of the exercise for inner development and to increase psychological well-being.
  3. The balancing test: The processing of journaling texts can have large impacts for the data subject. There is a choice to journal private or public. For private journaling the data is processed through the app (when typing) to be saved on the data subjects device. When the data subject chooses public journaling, it is also displayed in the app and saved on servers.

    4. To have a good user experience we need fast publication in the Aware app, and on the other hand we need to keep the content moderated. Also, we need effective ways of working, going through all publications manually would take a long time and be expensive. The solution we use is to let the text intended for publication go through a process of automatically classifying the content with the help of machine learning.

    It is only the text that goes through this process, personal data like the user id, analytics id, display name and picture are disconnected as safeguards. We use strict minimization of personal data to protect your privacy. We find this a sufficient protection of the personal data and the subject’s fundamental freedom and rights.

Legal basis for processing special categories of personal data: legitimate activities and explicit consent

If you choose to share your feelings and thoughts after the session (journaling), about your own health these are special categories of personal data, which is only allowed to be processed under certain circumstances.

One of those, when it is allowed, are when a processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a philosophical aim and on condition that the processing relates solely to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects (this is called Legitimate activities in the GDPR).

We (The 29k Foundation and 29k International AB) are a foundation respectively a not-for-profit body with a philosophical aim (to increase psychological well-being). Our processing of special categories of personal data (text) is connected to our purpose; to provide journaling after sessions to increase psychological well-being for App users and App power users. The private journaling text is only saved on your device, with access control and only as long as the app is active. The public journaling text is saved on your device and on servers, the journal entry in Google Cloud Firestore is only removed on request and will be anonymized when your user id is deleted. The data (your journaling entry) is not shared outside 29k unless you choose to do so by publishing your journaling in the app.

If you choose to publish your journaling in the app, we must ask for your explicit consent to share your data (your journaling entry) inside the app and with the Aware community. Explicit consent is one other circumstance when it is allowed to process your special categories of personal data.

Categories of personal data

Categories of personal data processed when doing the exercise sessions

(App User or App Power User)

  • User-id, log data of accessed exercise session, timestamp, (these are all system generated data).
  • No data from the data subject.

Categories of personal data processed when journaling

(App User or App Power User)

  • User-id, log data of accessed exercise session, timestamp, (these are all system generated data).
  • Display name (optional), picture (optional, email (optional), journaling text (optional) - (data from the data subject).

Special categories of personal data

Feelings and thoughts about one's own health may be shared when you choose to publish your journaling in the app (optional, text entry).

Categories of Data Subjects

  • App User (has a unique user-id)
  • App Power User (adds picture and displayed username)

Technical and Organizational Security Measures

  • Opt-in to expose user details (store User ID)
  • ML assisted initial filtering of entries (Open AI Chat API)
  • Human assisted second filtering of entries (on Slack)
  • API requires app authenticated user
  • End-to-end encryption

Data Subject Rights

Since the data of which exercise you have completed is only stored locally on your device in the app, we cannot provide, rectify, erase or restrict processing the data, or notify on erasure (we do not have access to do so).

‣

3. More about the public live session process

Purpose and processing

As an App user and App power user you can participate in live video sessions in the Aware app. If you do, sharing a camera and microphone is optional. The purpose is to share your feelings and thoughts with others in live video sessions. The audio and video live stream are data in transit with end-to-end encryption and it is ephemeral, it is not stored or saved.

To personalize you may use a display name, it is optional and can be changed before and after the session. If you haven’t chosen a display name, a temporary display name is required for the live session. The temporary display name is free for you to choose (within limits of our codes of conduct), it doesn’t have to reflect your birth name and its purpose is only to be able to address you during the session. You may also choose a profile picture which can be changed before and after the session. The profile picture is shown when the video camera is off.

For access control and authorization to live video sessions, we collect user-ids. Processing the unique user-id is necessary to give access to the Aware app and the services provided in the app. The live session is closed five minutes after start (to create a safe and calm experience in the group). To secure access for participants that exit the session due to lost network access, collecting user-ids during the session is necessary.

The hosts of public live sessions are App privileged users. As such you are required to have a display name and a profile picture. All public live session hosts go through training and are certified by 29k. Their names and pictures are published at the website under "Session hosts". The purpose of the processing is to host live video sessions, by sharing camera and microphone, picture and display name.

For security reasons we also process data for access control and authorization for hosts, i.e. App privileged users.

Our basis for processing your data

Consent for optional processing

We use consent for optional processing when you share your camera and microphone during a session, and when you share display name and/or a picture as an App user or an App power user.

Legitimate interests as basis for processing and balance of interests - participants

  1. The necessity test: The processing of a temporary display name is necessary for the host to be able to address the participants during the session. User-id access is necessary for control and authorization.
  2. The purpose test: We have a legitimate interest to process your personal data to process your temporary display name during the session and to use your user-id for access control.
  3. The balancing test: To choose a temporary display name is of insignificant impact to the data subject. It is normal and to be expected, as well as that there are security measures in place and use the user-id. Safeguards as end-to-end encryption are in place, and we do not keep your temporary display name after the session.

Legitimate interests as basis for processing and balance of interests - hosts

  1. The necessity test: The processing of the hosts display name, picture, video live feed and audio live feed is necessary for hosting a public live session, so the participants can see and interact with the host which is the purpose of this service in the app. User-id access is necessary for control and authorization for hosts, i.e. App privileged users.
  2. The purpose test: We have a legitimate interest to process your personal data as a host, due to the certification processes all hosts attend, technical security and the emotional security of the participants to know which host will lead the session, see and hear the hosts during the session.
  3. The balancing test: Individuals volunteer to be hosts (App privileged user), attend training and get certified to host public live sessions in the Aware app. It is reasonable to expect to share your display name, picture, video live feed and audio live feed when hosting. The volunteers do not commit to holding a certain number of sessions and are free not to schedule hosting any sessions. Safeguards are in place, the audio and video live stream are data in transit with end-to-end encryption, it is not stored or saved.

Legal basis for processing special categories of personal data: legitimate activities

During the public live sessions, you may choose to share your feelings and thoughts. This is optional, if you only want to listen it is okay too. If you share feelings and thoughts about your own health these are special categories of personal data, which is only allowed to be processed under certain circumstances. One of those, when it is allowed, are when a processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a philosophical aim and on condition that the processing relates solely to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects (this is called Legitimate activities in the GDPR).

We (The 29k Foundation and 29k International AB) are a foundation respectively a not-for-profit body with a philosophical aim (to increase psychological well-being). Our processing of special categories of personal data (video live feed and audio live feed) is connected to our purpose; to provide live sessions to increase psychological well-being for App users, App power users and App privileged users. The audio and video live stream are data in transit with end-to-end encryption, it is not stored or saved, nor is it shared outside 29k.

Categories of personal data

Categories of personal data processed about participants in public live sessions (App user or App power user)

  • User-id, log data of accessed session, a unique analytic id (these are all system generated data).
  • Picture (optional), display name (optional) or temporary display name, video live feed (optional), audio live feed (optional) - (data from the data subject).

Categories of personal data processed about hosts in public live sessions

(App privileged user)

  • User-id, log data of accessed session, a unique analytic id (these are all system generated data).
  • Display name, picture, video live feed, audio live feed, email - (data from the data subject).

Special categories of personal data

Feelings and thoughts about one's own health may be shared by participants and the host during the session (video live feed (optional) and audio live feed (optional)).

Categories of data subjects

  • App User (has a unique user-id)
  • App Power User (adds picture and displayed username)
  • App Privileged User (public session host)

Technical and organizational security measures

Participants (App user or App power user)

  • API requires app authenticated user
  • End-to-end encryption
  • The audio and video live stream are data in transit with end-to-end encryption, it is not stored or saved

Hosts (App privileged user)

  • Per user authorization tokens in Daily session
  • 24h Daily session details retention period
  • The API requires app authenticated user
‣

4. More about the private live session process

Purpose and processing

Similar to the public live session, you can participate in private sessions to create peer-to-peer groups for inner development and to increase psychological well-being. The difference is that in the private live sessions you need an invite, and the host can be a college or friend.

To participate you must receive an invitation to the private live video session (by link) and we are collecting user-ids for access control. If you participate in a live video session as an App user and App power user, sharing camera and microphone is optional. The purpose is to share your feelings and thoughts with others in a live video session. The audio and video live stream are data in transit with end-to-end encryption and it is ephemeral, the data is not stored or saved.

To personalize you may use a display name, it is optional and can be changed before and after the session. If you haven’t chosen a display name, a temporary display name is required for the live session. The temporary display name is free for you to choose (within limits of our codes of conduct), it doesn’t have to reflect your birth name and its purpose is only to be able to address you during the session. You may also choose a profile picture which can be changed before and after the session. The profile picture is shown when the video camera is off.

For access control and authorization to live video sessions, we collect user-ids. Processing the unique user-id is necessary to give access to the Aware-app and the services provided in the App. The live session is closed five minutes after start (to create a safe and calm experience in the group). To secure access for participants that exits the session due to lost network access, collecting user-ids during the session is necessary.

To host a private live session, you must choose a display name and a profile picture, and they are shown as host details for the live session. For security reasons you can only host sessions from the account used when creating the session. When you create a private live session, you can share the invitation by a link. We collect user-id for you as a private session host (App power user host) for access control.

Our basis for processing your data

Consent for optional processing

We use consent for optional processing when you share your camera and microphone during a session, and when you share display name and/or a picture as an App user or an App power user.

Legitimate interests as lawful basis for processing and balance of interests – participants

For all the other processing we use legitimate interests as a lawful basis, and for that we need to do a balance of interests.

  1. The necessity test: The processing of a temporary display name is necessary for the host to be able to address the participants during the session. User-id access is necessary for control and authorization.
  2. The purpose test: We have a legitimate interest to process your personal data to process your temporary display name during the session and to use your User-id for access control.
  3. The balancing test: To choose a temporary display name is of insignificant impact to the data subject. It is normal and to be expected, as well as that there are security measures in place and use the User-id. Safeguards as end-to-end encryption are in place, and we do not keep your temporary display name after the session.

Legitimate interests as basis for processing and balance of interests - hosts

  1. The necessity test: The processing of the hosts display name, picture, microphone and video is necessary for hosting a public live session, so the participants can see and interact with the host which is the purpose of this service in the app. User-id access is necessary for control and authorization for hosts, i.e. App power user host.
  2. The purpose test: We have a legitimate interest to process your personal data as a host, to provide the service of hosting private sessions, technical security and the emotional security of the participants to know which host will lead the session, see and hear the hosts during the session.
  3. The balancing test: Individuals volunteer to host private live sessions in the Aware app. It is reasonable to expect to share your display name, picture, video live feed and audio live feed when hosting. Safeguards are in place, the audio and video live stream are data in transit with end-to-end encryption, it is not stored or saved.

Legal basis for processing special categories of personal data: legitimate activities

During the private live session, you may choose to share your feelings and thoughts. This is optional, if you only want to listen it is okay too. If you share feelings and thoughts about your own health (as a participant or host) these are special categories of personal data, which is only allowed to be processed under certain circumstances. One of those, when it is allowed, are when a processing is carried out in the course of its legitimate activities with appropriate safeguards by a foundation, association or any other not-for-profit body with a philosophical aim and on condition that the processing relates solely to persons who have regular contact with it in connection with its purposes and that the personal data are not disclosed outside that body without the consent of the data subjects (this is called Legitimate activities in the GDPR).

We (The 29k Foundation and 29k International AB) are a foundation respectively a not-for-profit body with a philosophical aim (to increase psychological well-being). Our processing of special categories of personal data (audio) is connected to our purpose; to provide live sessions to increase psychological well-being for App Users, App Power Users and App Privileged Users. The Video and audio live feed is data in transit (with end-to-end encryption), it is not stored or saved, nor is it shared outside 29k.

Categories of personal data

Categories of personal data processed about participants in private live sessions (App User or App Power User)

  • User-id, log data of accessed session, a unique analytic id (these are all system generated data).
  • Picture (optional), display name (optional) or temporary display name, video live feed (optional), audio live feed (optional) - (data from the data subject).

Categories of personal data processed about hosts in private live sessions

(App power user host)

  • User-id, log data of accessed session, a unique analytic id (these are all system generated data).
  • Display name, picture, video live feed, audio live feed (data from the data subject).

Special categories of personal data

Feelings and thoughts about one's own health may be shared by participants and the host during the session (Video and audio live feed).

Categories of Data Subjects

  • App user (has a unique user-id)
  • App power user (adds picture and displayed username)
  • App power user host (private session host)

Technical and Organizational Security Measures

  • Data minimization
  • API requires app authenticated user
  • End-to-end encryption
  • Data minimization
  • Per user authorization tokens in Daily session
  • 24h Daily session details retention period
‣

5. More about the development of the app and reporting process

Purpose and processing

To improve the app and troubleshoot technical issues we ask you for feedback and reporting, follow the aggregated behavior of users from the analytics id, crash and error reporting and use data of app installation attribution (also aggregated).

We ask for feedback (optional reviews) on the content after your completed session, using symbols of thumbs up or down, and the opportunity to write if the session was helpful or not. The purpose is to provide feedback about the exercise, so we can develop the content to be more meaningful for you. The reviews are anonymous and are published in the app. The free text may include personal data, otherwise there is none.

We also ask you to report bugs, inappropriate behavior or give general feedback (and this is our purpose for processing). This feedback is in free text, and it is optional to leave a reply-to email address. This information is sent to a 29k email address. We do not save or use the email you share with us for anything else other than to respond to your report or feedback.

For the purpose to follow user behavior and improve the app over time we use the analytic id to analyze behavior over time. This is done by first automatically transforming personal data into aggregated statistics. This aggregated statistic is also processed for the purpose to provide statistics to Partners about users participating in 29k partner programs.

A more technical analysis is done for the purpose to see where users install the app from and to unlock specific content. Again, the first step is to categorize the user's installation source (origin) into buckets as a way of anonymizing the personal data.

Our basis for processing your data

Legitimate interests as lawful basis for processing and balance of interests

We use legitimate interests as a lawful basis, and for that we need to do a balance of interests.

  1. The necessity test: It is necessary to process personal data to troubleshoot technical issues, to turn personal data into statistics and to improve the app if the data subject writes any personal data in the free text.
  2. The purpose test: We have a legitimate interest to process your personal data to improve the app, troubleshoot technical issues and turn personal data into statistics.
  3. The balancing test: To collect data to troubleshoot technical issues, to ask for reviews to improve the app and turn personal data into statistics is common behavior when using an app and generally expected of the users. The impact of the data subjects is low, the collected data is mostly meta-data, and the more possibly sensitive data is optional. The efforts to minimize the use of personal data, to separate the connection to persons (anonymize the data) combined with other safeguards are sufficient.

Categories of personal data

  • User-id, usage analytics id, timestamp, app language, completed exercises, app navigations, anonymous user or not, public session host or not, app events logging, phone time zone, phone language, phone brand and model, OS type and version, app version, app installation source (UTM) - (these are all system generated data).
  • Email (optional), free text feedback (optional), report and free text in email may include personal data (optional) - (data from the data subject).

Categories of Data Subjects

  • App User (has a unique user-id)
  • App Power User (adds picture and displayed username)
  • App Power User Host (private session host)
  • App Privileged User (public session host)

Technical and Organizational Security Measures

  • Data minimization
  • User ID not stored or linked to feedback
  • No user personally identifiable information sent or stored
  • API requires app authenticated user
  • End-to-end encryption
  • Data minimization
  • Opt-in reply-to email address

Last updated July 3rd of 2024

🗓️
Last updated October 30th 2024