MIND MEASURE
MIND MEASURE
Blog

Privacy & Security Policy

Mind Measure

Privacy & Security Policy

Last updated: 16th December 2025

Mind Measure Ltd ("Mind Measure", "we", "our", "us") is committed to protecting your privacy and handling your data transparently, lawfully, and securely. This Privacy & Security Policy explains how we collect, use, store, and protect personal data when you use our websites and applications, including mindmeasure.app and mindmeasure.co.uk.

Mind Measure is a preventive wellbeing and self-reflection tool. It is not a medical device, does not provide diagnosis, and does not replace professional mental health support.

1. Who This Policy Applies To

This policy applies to:
• Students and individuals using the Mind Measure app or web platform
• University or organisational administrators accessing aggregated dashboards
• Visitors to our websites

2. What Data We Collect

We collect only the minimum data required to provide the service.

2.1 Data You Provide Directly
• Account details (for example email address or anonymous identifier)
• Optional self-report check-ins (short mood or wellbeing responses)
• Optional text, voice, or video inputs used during wellbeing check-ins

2.2 Automatically Collected Data
• Device and browser type
• App usage data (for example session duration, feature usage)
• Technical logs required for security and performance

2.3 What We Do Not Collect
• We do not collect contacts, location data, advertising identifiers, or background recordings
• We do not access photos, microphone, or camera without your explicit action
• We do not sell personal data or use it for advertising

3. How Voice, Video, and Text Data Are Used

If you choose to complete a multimodal check-in:
• Audio, video, and text inputs are analysed only to generate your personal wellbeing signals
• Analysis focuses on patterns, not content meaning
• Raw recordings are not reviewed by humans

Where possible:
• Data is processed transiently and discarded
• Only derived, non-identifiable features are retained

You can use Mind Measure without enabling voice or video features.

4. Purpose of Processing

We process data for the following purposes:
• To provide personal wellbeing feedback to you
• To allow you to track changes over time
• To generate aggregated, anonymised insights for institutions (where applicable)
• To improve platform reliability, safety, and performance

We do not use data for:
• Diagnosis
• Automated clinical decision-making
• Targeted advertising
• Profiling for marketing purposes

5. Legal Basis for Processing (UK GDPR)

Depending on context, our legal basis includes:
• Consent – for optional wellbeing check-ins and multimodal features
• Legitimate interests – to operate and secure the platform
• Contractual necessity – to provide the service you request

You may withdraw consent at any time.

6. Anonymisation and Aggregation
• Individual-level data is never shared with universities or third parties
• Institutional dashboards display aggregated trends only
• Minimum group thresholds are enforced to prevent re-identification
• No dashboards allow drill-down to individual users

7. Data Storage and Security

We apply industry-standard security controls, including:
• Encryption in transit (TLS 1.2+)
• Encryption at rest
• Role-based access control
• Secure cloud infrastructure hosted in approved regions
• Regular security reviews and access audits

Only authorised personnel with a legitimate need can access systems.

8. Data Retention
• Personal data is retained only as long as necessary for the service
• You may request deletion of your data at any time
• Aggregated, anonymised data may be retained for longitudinal insight

9. Your Rights

Under UK GDPR, you have the right to:
• Access your data
• Correct inaccurate data
• Request deletion
• Restrict or object to processing
• Withdraw consent
• Lodge a complaint with the Information Commissioner's Office (ICO)

Requests can be made by contacting us using the details below.

10. Children and Young People

Mind Measure is intended for users aged 16 and over, or younger users where enabled by an institution under appropriate safeguarding and consent frameworks.

We do not knowingly collect data from children without appropriate authorisation.

11. Third Parties

We use carefully selected service providers for:
• Secure hosting
• Analytics strictly related to platform performance
• Error monitoring

All providers are subject to data protection agreements and may not use data for their own purposes.

12. Not a Crisis or Emergency Service

Mind Measure is not a crisis service.

If you are experiencing distress or feel unsafe:
• In the UK, contact your GP, NHS 111, or Samaritans on 116 123
• In an emergency, call 999

Crisis resources are signposted within the app where appropriate.

13. Changes to This Policy

We may update this policy from time to time. Material changes will be clearly communicated.

14. Contact Us

Data Controller:
Mind Measure Ltd. 71-75, Shelton Street, Covent Garden, London, United Kingdom, WC2H 9JQ

Email: privacy@mindmeasure.co.uk