Data security

At Auntie, we take data security absolutely seriously. We only gather information that is relevant to the delivery of the service, and we do not record video sessions.

On this page you will find the most common data security questions and answers.

Please also read our Privacy policy.

What information is stored about me?

The following information is stored in Auntie’s data system:
– your name
– your email address
– your phone number
– your answers to the surveys (start and end surveys, session feedback)
– your goals in the follow-up form (if follow-up form is used)
– your package and the language you select
– the name of your Auntie Professional
– the name of your employer

Who has access to my data?

The data can only be accessed with a username of an authorized employee, professional or partner. There are different levels of access and each user is only granted access to information that’s necessary for the task at hand. Access to the information is limited to those for whom it is essential for the provision of the service. All Auntie professionals have signed a non-disclosure agreement and are bound by strict confidentiality. All access rights are checked regularly.

Can my information be passed on?

Auntie does not sell or otherwise pass on any personal information. Your personal information is only used to provide the service.

Are the video sessions recorded?

Conversations and video sessions are never recorded or stored anywhere.

Is my information transferred to the Finnish My Kanta database system?

No, your information is not transferred to My Kanta.

How does the information Auntie collects and stores differ from patient information?

The information Auntie collects and stores is customer information. For example, Auntie doesn’t ask or store information about medical diagnoses. In addition, it’s possible to have your data removed from Auntie’s data system upon request.

What information is provided to my employer?

No personal information is ever shared with supervisors, management or authorities. Group-level reports can be formed with only groups consisting of at least ten people and any identifiable information is destroyed before forming such reports which makes it impossible to identify individuals.

How is Auntie prepared for security attacks?

We conduct tests and audits using an external, independent security expert(s). Technical audits have been performed in 2019, 2020 and 2021. The ISO27001 certification audit was done in 2021. In addition to audits, information security is taken into account in daily work, both in technology development, employee training and processes.

How does Auntie comply with GDPR requirements?

Both the technical information security, the selected tools and the operational processes meet the requirements of the GDPR of 25 May 2018.

Only you and the Auntie professional you meet know the contents of your sessions.

We do not record the contents of your video sessions.

We will not pass on your information to your employer.

We do not sell or pass on your information to any third parties.

We use a partner called Whereby for providing video connection. Learn more about Whereby’s security and privacy practises here.

Read the Auntie Privacy statement.