Privacy Notices for US users of the ieso app


ieso is committed to protecting and respecting your personal data.

These Privacy Notices describes the privacy practices of the Ieso Digital Health group of companies (Ieso Digital Health Ltd, Ieso Digital Health (UK) Ltd and Ieso Digital Health, Inc.) (collectively, “ieso”, “we”, “us”, or “our”), and how we handle your personal data that we collect via use of our digital tool and reflect legal requirements and regulations. If you require further information on anything below, please contact our Privacy Full details on how to contact us can be found below.  

Here, we explain what personal data we collect, how it is used, shared, secured, stored, and how you can exercise choices and manage your personal data.

Information we collect

We collect the following Personal Data about you in several ways:

Information we collect directly from you

As a user of the app, we will collect the following Personal Data from you, including:

  • Your name and email address
  • Your written conversations when interacting with our digital guide in the app
  • Your responses to our questionnaires
  • Your queries, requests or comments if you contact us for customer service or technical support

Information we collect automatically from your use of the app

Certain information is collected automatically from your use of this Service:

  • Session activity information – we collect information on your use of the app, including when you login, when you start and complete session, etc.
  • Event data – this includes how the software has interpreted your responses.
  • Device information – this includes information about whether you are using the product on a mobile or tablet. This helps us ensure optimization for relevant different devices.
  • Log information – this includes information about the device you’re using, your Internet Protocol (IP) address and IP location.

Inferred data

As the app uses the information you enter to make a conversational response, the digital tool will collect and categorize your comments to help better support you.

For example, if you tell the digital guide that you are worried about work, that may fit a category of ‘work concerns’ which the digital tool will use to learn how to respond to you in the future. This is known as ‘intent classification’ and ‘machine learning’.

New data that is collected through this process is known as ‘inferred’ data, which is not data you have provided to us directly, however, the digital tool has drawn conclusions from the content of your discussions.

You can ask for information from our Privacy team at

You always have the right to refuse to submit your personal data to us, but note that without this information, this Service may be unavailable to you.

How we use collected information

We use your Personal Data to:

  • Deliver this Service, including to create your account via Auth0 and personalizing the experience, for example by using your name within conversations
  • Enable sign-in, verify access to your account and assist with any login issues
  • Communicate with you
  • Provide you with customer service or technical support
  • For ieso service evaluation and improvement
  • Determine whether or not you are eligible and suitable for participation in one of our clinical trials/ studies, or user research. We are data-driven research orientated company who passionately believe in responsible innovation to increase the understanding of mental health, improve treatments and widen access to treatment, and
  • To anonymize your Personal Data to use it for the development of products/ tools intended to help more people access products earlier and/or assess their need for such products. Although this is not then Personal Data, you may be interested in reading about an example of this here.

How does our Artificial Intelligence process your data

The ieso program is a smartphone app that you can engage with for help with your worries. It uses automated text chat to help people who might not be able to access other care, or people who may be waiting for therapy services to start. It provides tools and techniques to help with difficult feelings. So that the app responds in an engaging way with more personalized responses to the inputs that you provide, we use some artificial intelligence techniques, including machine learning and large language models. However, all of the content in the app that helps users to deal with their worries has been written exclusively by our trained therapists, and the app makes no autonomous decisions about what elements of this therapist-written content is provided.

If you have any questions, please contact us at

Using your Personal Data for service evaluation

We are passionate about conducting high-quality service evaluation to feed into the effectiveness of our product to further improve accessibility, usability and outcomes. We have internal procedures in place to safeguard your privacy so that only the minimum necessary information is used to conduct the service evaluation on the most de-identified data possible. We also use some artificial intelligence techniques (such as machine learning and natural language processing) to improve interactions between users and the digital guide.

How we store your Personal Data

We use a small number of well-known Software as a Service (SaaS) providers to store subsets of your information and enable the uses of information described in these notices, and we have agreements in place with each provider to ensure your information is secure.

How long we retain your Personal Data

We retain information for as long as it is necessary and relevant for our operations, including the establishment or defence of legal claims, subject to contractual limitations with your health plan. Information about you that is no longer necessary and relevant for our operations will be anonymised or disposed of securely.  

If you only create an account without accessing the app, we will retain your information for 6 years.

Sharing your information

We appreciate and respect that the confidentiality of your interactions with the Service are of utmost importance to you. Information is only shared on a strictly ‘need to know’ basis. The confidentiality of all information that you share with the app is upheld to the highest level possible, which is why anyone receiving information about you will be under an equal legal duty to keep it confidential. Relevant internal policies and procedures are designed to share the minimum information necessary to provide the best services, care and protection for yourself or others, and to conduct our service evaluation.

Your data is stored in the US, with processing taking place in the US to deliver most of the app's functionality. Some data is processed in the UK to support operational analysis and reporting. Data supporting enhanced dialogue via large language models may be processed in the UK or Canada. A small subset of data is stored in the EU for basic, pseudonymised analytics.  

Within ieso, your personal data may be accessed by UK-based staff, including ieso researchers, AI scientists, clinically-qualified advisors, on a need-to-see basis. Where possible, this data will be as deidentified, and separated from your directly identifiable data. For example, your written conversations will not be accessed for service evaluation in connection with your full name or contact details. Pseudonymised reporting data will also be made available to UK-based staff for operational and analytical purposes. In the event that a technical issue arises, raised either by you or identified by ieso, UK-based ieso Support or Engineers may access your personal data to resolve the issue.

When any information sharing is required with your health plan for administrative or customer care purposes, this will be limited and will never include your conversation data. We will also work with your health plan to conduct a retrospective observational analysis, which will involve sharing aggregate information about users’ health information (this information will not be directly or indirectly attributable to individuals) to demonstrate the success of the app. In the event that you access an SOS resource via the app, for example 911, ieso is required to notify your health plan but this will not be in real-time. Your written conversations will never be shared outside of ieso, including with your health plan.

Outside of these circumstances, we will always seek your permission ahead of disclosing any information that identifies you directly or indirectly to any other person or organisation, or for any reason other than those set out in this policy without your knowledge or permission, unless we have an overriding legal duty to do so.

How we secure your Personal Data

We place great importance on the security of personal data. We have put controls in place to safeguard your personal data, applying physical, technical and procedural measures against unauthorized access, loss, misuse and alteration of personal data under our control.

We use deidentified data for service evaluation where possible, we limit access to your personal data to those who have a genuine need to know it. Those processing your information will do so only in an authorized manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

We have achieved the International Standard certification for Information Security (ISO 27001).

Your data protection rights

In the UK, the Data Protection Act 2018 provisions certain rights to individuals which ieso is committed to extending to you:

  • The right to be told how we process your personal data;
  • The right to know what data is held about you and to have a copy of it;
  • The right to have incorrect information corrected;
  • The right to request that personal data is erased;
  • The right to restrict processing;
  • The right to have your personal data ‘ported’ or transferred to another provider;
  • The right to object; and
  • Rights to have automated decision making and inferred data explained to you and to ask for human involvement

In addition to the above rights, if HIPAA applies any of your data, you also have the right to request an account of disclosures of your Protected Health Information. The rights are additional to, include, and do not affect, your rights under HIPAA.

If you need any assistance in these areas, please contact our Member Support.

If you are unhappy with the service you’ve received, you can make a complaint to us by emailing our Member Support team at Please be assured that you will not be prejudiced in any way by making a complaint.


To exercise your rights specified above, please contact Member Support at

Questions and comments regarding these privacy notices or data protection should be addressed to our Privacy team at


In terms of merely registering an online account at ieso, we use third party Auth0 cookies for reasons including: to store the state of the sign in process; to identify if the user is currently authenticated; and to monitor the fact that a user is logged in and interacting with features.

These typically include a unique reference code that relates to, or is accessed from, a user's device and that enables that device to be remembered when next logging on.

Computers and mobile devices may automatically accept cookies, but you can change your browser to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting which includes additional useful information on cookies and how to block cookies using different types of browser. Please note however, that by blocking or deleting cookies you may not be able to take full advantage of future products and services provided by ieso. 

Our company website has its own cookie policy.

Changes to these Privacy Notices

We are bound by the terms of the notice in effect and we reserve the right to change these Privacy Notices from time to time by updating the effective date of these Privacy Notices and posting it on the Site. If the change affects the way we process your personal data, then we will notify you by reasonable means. In all cases, your use of the Service after the effective date of any modified Privacy Notice indicates you have read and understood the modified Privacy Notice.

These privacy notices are effective from December 4th, 2023.  

Changes to your personal data

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during this relationship with ieso.

Get started

The ieso program is free and available to use and download today

Alternatively, if you would like to find out about other mental health support options available in your area, visit the MYHEALTH website here.

We care about your wellbeing
If you need more than our program can offer:
Do you need to talk to someone?
Call or text the Suicide & Crisis Lifeline at 988
Experiencing a medical emergency?
Call 911 or go to your nearest emergency room
If you need more than our program can offer:
    Do  you need to talk to someone?   Callor text the Suicide & Crisis Lifeline at 988
    Experiencing  a medical emergency?     Call911 or go to your nearest emergency room