Taking care of your team’s privacy

Security, safety and privacy underpin everything we do at Auntie.
As a mental health service, our work impacts the private, personal and professional lives of our users - so we take every precaution to keep their data and information safe.
Auntie_icons_certificate
sessions_are_confidential

Auntie sessions are 100% confidential

no_data_to_the_government

We don't update data to government health registries

not_sharing_with_the_employer

We don't share personal information with your employer

using_anonymously

You can use Auntie completely anonymously

FI ISO_IEC 27001_lores

We’re certified by an industry-leading security provider

Auntie has upgraded to ISO/IEC 27001:2022. This transition reflects the companys commitment to staying at the forefront of information security. We have aligned with the current best practices to better protect everyones data and continously search for ways to fight the ever evolving risk landscape of information security. Auntie is as commited as ever to providing secure and trustworthy services for people around the world.

Auntie security and privacy

For a more detailed view, have a read of our Terms and Policies. For frequently asked questions for employers and employees, you’ll find the answers below.
How is Auntie prepared for security attacks?

We conduct tests and audits using an external, independent security expert(s). Technical audits have been performed in 2019, 2020 and 2021. The ISO27001 certification audit was done in 2021. In addition to audits, information security is taken into account in daily work, both in technology development, employee training and processes.

How does Auntie comply with GDPR requirements?

Both the technical information security, the selected tools and the operational processes meet the requirements of the GDPR of 25 May 2018.

Privacy for Auntie end users

What information is stored about me?

The following information is stored in Auntie’s data system:

  • your name
  • your email address
  • your phone number
  • your answers to the surveys (start and end surveys, session feedback)
  • your goals in the follow-up form (if follow-up form is used)
  • your package and the language you select
  • the name of your Auntie Professional
  • the name of your employer
Who has access to my data?

The data can only be accessed with a username of an authorized employee, professional or partner. There are different levels of access and each user is only granted access to information that’s necessary for the task at hand. Access to the information is limited to those for whom it is essential for the provision of the service. All Auntie professionals have signed a non-disclosure agreement and are bound by strict confidentiality. All access rights are checked regularly.

Can my information be passed on?

Auntie does not sell or otherwise pass on any personal information. Read more about how we process your personal data in our Privacy Policy.

Discussions with an Auntie professional are completely confidential and we will never disclose the content of the discussion to third parties. However, exceptions can be made in situations where the Auntie professional has the right and duty to report to a public authority based on laws and ethical principles.

What information is provided to my employer?

No personal information is ever shared with supervisors or management. Group-level reports can be formed with only groups consisting of at least ten people and any identifiable information is destroyed before forming such reports which makes it impossible to identify individuals.

Is the video meeting system secure?

The video meeting system is secure. The connection is secure and no one outside the room can listen, see or participate in the conversation. We use the Whereby system, you can read more about Whereby’s security and privacy practises here.

Are the video sessions recorded?
Conversations and video sessions are never recorded or stored anywhere.
Is my information transferred to any government health system?

No, your information is not transferred to any government health system.

How does the information Auntie collects and stores differ from patient information?

The information Auntie collects and stores is customer information. For example, Auntie doesn’t ask or store information about medical diagnoses. In addition, it’s possible to have your data removed from Auntie’s data system upon request.

Can I see what information is stored about me?

The data inspection request can be sent to info@auntie.io. Unless otherwise requested, the information will be sent via encrypted email. Exercising your right of data inspection is free of charge.

I want my data deleted, what do I do?

Send a request to delete the data to the e-mail address info@auntie.io. We will inform you when the data has been deleted. Data will be deleted from the database as soon as possible after the request and all backups will be deleted within 30 days of deletion.

something we haven't covered

Something we haven't covered?

Get in touch