How Period Tracker Apps Collect and Use Your Data

Data broker: A company that aggregates personal information from multiple sources and sells it to third parties, typically advertisers, insurers, or researchers. Data brokers often receive health information from app developers through third-party SDKs embedded in the app.

Behavioral advertising: Advertising targeted to users based on inferred characteristics — health status, purchasing intent, demographic profile — derived from data collected across apps and websites. Period data can be used to infer pregnancy status, fertility treatments, and reproductive health conditions.

Health data: Any information relating to the physical or mental health of an individual. In the context of period tracker apps, this includes cycle dates, flow intensity, symptoms, mood, sexual activity, contraception use, and pregnancy status. Consumer health apps are generally not protected by HIPAA.

What Period Tracker Apps Actually Collect

The visible data is only part of the picture. When you log a period date, a mood, or a symptom, the app records that entry. It also typically records when you opened the app, what you tapped, how long you spent on each screen, and device identifiers that link this session to your broader digital profile.

This behavioral layer — not just the health data itself — is what makes period tracking data valuable to advertisers. Combined with external data from brokers, a detailed profile of a user’s reproductive health, lifestyle, and purchasing behavior can be assembled from what looks like a simple cycle log.

The FTC Enforcement Record

Two enforcement actions define the legal landscape:

Flo Health (2021): The FTC found that Flo shared health data — including menstrual and pregnancy information — with Facebook and Google for advertising purposes, despite its privacy policy stating it would not. The FTC entered a consent order requiring Flo to obtain user consent before sharing health data. A $59.5M class action settlement followed in September 2025.

Premom (2023): The FTC found that Premom shared sensitive reproductive health data with two analytics firms, Umeng and Jiguang, without user awareness or consent. The action resulted in a ban on sharing health data with third parties for advertising.

Both cases confirm that the privacy risks of period tracking apps are not speculative — they have resulted in documented enforcement.

How to Audit Your Current App

Use the steps above to review what your current period tracker is sending and to whom. The combination of checking app permissions, reading the data sharing section of the privacy policy, and scanning for embedded trackers gives a reasonably complete picture of your exposure.

The Alternative: Data That Never Leaves Your Device

The most direct way to prevent this data collection is to use an app that never transmits health data to a server in the first place. On-device-only apps have no server to breach, no company to serve with a court order, and no advertising network to feed. The trade-off is no cross-device sync and no cloud backup — but for many users, that trade is worth making.

What data does Flo collect?

According to Flo's privacy policy and the FTC's findings, Flo collected menstrual cycle dates, pregnancy status, sexual activity, mood, symptoms, and usage data. The FTC enforcement action in 2021 found that Flo shared this data with Facebook and Google despite promising not to — data that could be used to infer health status and target advertising.

What does 'data sold to advertisers' actually mean?

In practice, period tracker data reaches advertisers through multiple mechanisms: direct sale of user profiles, sharing via third-party SDKs embedded in the app, and sharing with data brokers who aggregate and resell it. The end result is that a woman who logs a missed period may see pregnancy product ads within days — not because anyone read her diary, but because her behavioral data was processed automatically.

Did the Flo class action settlement cover all US users?

The $59.5M class action settlement reported by Reuters in September 2025 covered affected US users. Eligibility and claim procedures were defined in the settlement terms. Settlement amounts in class actions of this type are typically small per-user, but the enforcement signal to the industry is significant.

Take back your privacy.

Floriva is built on the architecture you just read about.

Want a tracker built on real privacy architecture?

14-day free trial
No account required
Data never leaves your device

Learn More

Frequently Asked Questions

Is Clue safer than Flo?

Clue is based in Germany and subject to GDPR, which provides stronger baseline protections than US law. However, Clue still stores data on servers and shares some data with research partners. GDPR compliance is a meaningful safeguard but not the same as on-device-only architecture.

Does deleting the app delete my data?

Deleting the app removes it from your device but does not automatically delete data stored on the company's servers. You need to submit a separate deletion request through the app's account settings or via email to the company's privacy team before uninstalling.

What was the Premom FTC enforcement action about?

In 2023, the FTC took enforcement action against Premom, an ovulation tracking app, for sharing sensitive health data with two Chinese analytics firms — Umeng and Jiguang — without user consent. The case established that sharing reproductive health data with third-party analytics providers without disclosure is an unfair and deceptive practice under FTC Section 5.

Ready to track with real privacy?

Start Your Free Trial

Related Guides

Flo App Alternative: 7 Period Trackers That Don't Sell Your Data

Looking for a Flo alternative? We document what Flo did with your data and which period trackers store everything on your device instead.

Clue App Alternative: Period Trackers With Stronger Data Architecture Than GDPR

Clue is GDPR-compliant but cloud-based. GDPR compliance doesn't mean your data can't be subpoenaed. Here's what on-device storage actually means.

Best Private Period Tracker Apps in 2026

Ranked by privacy architecture — on-device storage, enforcement history, data model, and legal jurisdiction. Not just policy promises.

Best Period Tracker Apps That Don't Sell Your Data (2026)

Five period tracker apps with no documented history of selling or sharing reproductive health data. Ranked by privacy architecture, not just policy promises.

Flo Health Pricing: What $4.99/mo Actually Costs You

Flo offers a free tier and a $4.99/mo premium plan. We break down the real tiers, the hidden costs the FTC documented, and how Floriva compares at $2.99/mo.

Reproductive Data Privacy Laws in Texas (2026)

Texas has a near-total abortion ban with both criminal and civil enforcement mechanisms. Despite having a data privacy law, period tracker users face high subpoena risk.