FAQ's

Privacy & Security

7 min

what are throughline’s values regarding privacy and security? throughline’s goal is to connect people to meaningful help to access this support, people need to feel safe and secure furthermore, the confidentiality and anonymity of mental health and crisis services are a main reason people contact them our privacy and security measures reflect our commitment to supporting users we aim for people in distress and our partners to feel confident and comfortable in using our products what is throughline’s privacy policy? you can review our privacy policy https //www throughlinecare com/privacy policy can end users access throughline’s privacy policy? please see below for how users can access throughline's privacy policy across our 3 products web app our privacy policy is hyperlinked on all pages of throughline's web app product widget we recommend you link to our privacy policy in a clause in your website or app’s privacy policy api as end users do not directly interact with throughline via the api, a privacy notice is not required what user data does throughline collect? the table below details the default user data collected across throughline’s product suite web app & widget ✅ anonymous behavioral analytics of end users collected via cookieless matomo analytics 🚫 no end user personally identifiable information collected api 🚫 no end user data collected by throughline ✅ login credentials of the developer to access the throughline api does throughline collect personally identifiable information of its customers' end users? no in all of throughline's products provided to customers, no features expressly collect personally identifiable information this also means you will not receive any personally identifiable information of end users from throughline, as it will not exist outside of our customer integrations, we only collect the personally identifiable information of end users if they are expressly contacting throughline for an inquiry, such as through our website contact form, in which case we collect a user's email address how does throughline handle analytics consent? throughline uses cookieless analytics through matomo, which does not require user consent under gdpr and other privacy legislation our cookieless tracking approach ensures that no cookies are stored on users' devices for analytics purposes, eliminating the need for cookie consent banners while still providing valuable insights into user behavior matomo's cookieless tracking framework enables compliance with the following key legislation globally gdpr (eu & uk), lgpd (brazil), pipeda (canada), law 25 (quebec), popia (south africa), nfadp (switzerland), privacy act (australia), pdpl (saudi arabia), pdpl (argentina), pdpl (andorra), dpa (faroe island) customers have the option to disable analytics however, if they choose to switch off analytics, throughline will not provide them with any analytics data what data does throughline collect? in the web app and widget, matomo tracks anonymous user interactions with the product (such as key click interactions, scroll distances, and basic device information) using matomo's javascript tracking code as the primary method does throughline collect any personal information when a user contacts a helpline? no when a user contacts a helpline they are interacting with a phone number, sms number, whatsapp number, or website provided by the helpline throughline does not have any ability to collect personal information about the user when they take action to contact a helpline, or any ability to collect information about the conversation they have had throughline anonymously tracks actions to contact a helpline to inform our ranking algorithm, improve our product, and provide anonymous analytical reporting to our partners what end user data is displayed on the impact dashboard? the user impact dashboard is only available for the web app it includes the number of users, sessions, helpline contacts, country distribution, engagement metrics (rate, time), access patterns, and most used helplines/topics no personally identifiable information is collected so no such information will be shared a demo dashboard is available on request how does throughline comply with local legislative privacy requirements? we aim to comply with legislative requirements in the jurisdictions where we serve users with a global user base, throughline has taken a conservative approach to the information it collects from users to comply with legislation globally this includes leading legislation such as the gdpr, which much of the subsequent legislation is modeled on to this end, we serve a cookie banner and privacy policy to users informing them of what data we collect and how we use it, their rights to access that information, and our commitment to data security in line with our values and goal to connect people with meaningful help, we only collect anonymous behavioral analytics of end users via third party vendors we do not collect any end user personally identifiable information through any of our customer integrations is it possible to turn off behavioral analytics? yes if required, we can turn off all behavioral analytics to ensure that even anonymous and non identifiable information is not collected how does throughline keep the information it collects secure? while throughline does not collect personally identifiable information of users in our product integrations, we take seriously our information security this includes all employees and contractors sign a nondisclosure or confidentiality agreement before accessing any throughline information access by employees and contractors to any throughline information requires unique credentials all throughline employees and contractors are required to use multi factor authentication for all software systems where it is available and can be enforced we are happy to respond to security questionnaires upon request how does throughline define anonymous and confidential? anonymous users may willingly, but are not required to, disclose personal information at their discretion, provided that such information is kept confidential online chats that require an email address or phone number to access the service qualify, as long as they are confidential confidential information provided by the user may be used (a) for the purpose of providing the service to the user (b) as necessary for the purpose of improving the service for users (c) to alert emergency responders when someone is at immediate risk of harm, if that is legally required or helpline policy these definitions essentially mean that conversations are held in confidence, except if there’s an immediate safety risk such as suspicion that a child may be at risk of harm, or a user or someone else faces serious harm, either self inflicted or from others many services keep a record of each conversation and information such as phone number, mobile service provider, ip address, or internet service provider that the user used to contact them the service might then share this information with emergency responders (police, ambulance/medical services) who will use it to try and provide support in many countries, services are obligated by law to advise authorities if there is an acute risk to life, and often services will have these privacy policies on their website it’s also common for users to be asked to confirm that they understand these policies before getting support