Period tracker app privacy: Everything you need to know
10 min read
Period tracker apps have risen in popularity over the years. The convenience of tracking reproductive health digitally has appealed to millions of Americans. However, these apps often collect extensive personal and health information — and may pose serious privacy risks. Here’s what you need to know about period app privacy in the U.S. — and how to protect yourself.
Table of Contents
Table of Contents
What is a period tracker app?
A period tracker app is a digital program that allows users to track their menstrual cycle and predict upcoming periods. Users may input personal health data, such as their menstrual cycle dates and symptoms, as well as intimate activity.
Period apps have become increasingly popular over the last decade, with an estimated 55 million users worldwide in 2022. Apps like Flo, Clue, Period Calendar, and Stardust claim a big market share, with new period apps entering the market every year.
However, the overturning of Roe v. Wade in the U.S. in 2022 has placed these apps under increased scrutiny, particularly when it comes to app tracking and privacy. With these apps collecting significant reproductive health data month by month, it isn’t surprising that users want reassurance about their personal data privacy. Let’s take a closer look at the digital security and privacy issues of period trackers.
Are period tracking apps safe?
A period tracking app is only as safe as the app’s provider. If you’ve chosen a reputable company with strong security measures, then using a period app will not pose significant security or privacy risks. However, most apps carry some risk, especially if you’ve shared your personal information with them.
Many popular apps collect and store the data you’ve shared with them. If the app is affected by a data breach and doesn’t have the right security measures in place, your information could fall into the hands of cybercriminals. The data stolen could end up on the dark web, potentially making you vulnerable to various cybercrimes (including identity theft). That’s why it’s paramount to choose period apps that take user security seriously — and only download them from trusted sources (like official mobile app stores).
While general app security is always important, the biggest concern with period apps right now is the lack of user privacy.
Common privacy concerns with period tracker apps
Like many other health apps, period trackers often collect a substantial amount of personal and health data on their users. From your weight and location to the date of your last late period, these apps may know more about you than a close friend. Here’s why that’s a concern for many users.
Storing sensitive health data
By default, the data health apps collect is highly sensitive. Period apps collect various information you may not want to share with anyone, including your menstrual cycle details and even information relating to pregnancy loss.
Shockingly, most health apps that track menstrual cycles and reproductive health do not fall under the U.S. Health Insurance Portability and Accountability Act, meaning they’re exempt from health privacy laws. The same strict privacy regulations that apply to healthcare professionals and organizations don’t apply to the information handled by these apps.
Selling data to third parties
Like many other apps, period trackers may share your information with data brokers and third-party advertisers. With the help of your period tracking app, these companies may obtain a wealth of information about you, helping them decide what products and services are most relevant to you.
While it’s always important to be mindful of app tracking and data sharing, the thought of sensitive health information being passed on to advertisers is particularly alarming. Your reproductive health and any online data relating to it should only be your business.
Sharing data with law enforcement
Tech companies are not exempt from legal regulations. If a period app company received a subpoena or a warrant from law enforcement in the U.S., depending on the legal obligations, they would be required by law to hand over the information they’ve collected about a particular user.
While sharing data with law enforcement wasn’t a major user concern several years ago, it is now. In June 2022, the Supreme Court ruled to overturn Roe v. Wade, ending the protection of abortion as a constitutional right in the United States. With Roe v. Wade no longer protecting reproductive rights, it’s become crucial for residents of the U.S. to understand the relationship between law enforcement and period apps.
The Supreme Court’s decision has paved the way for abortion being made illegal in many states across the U.S. In court cases concerning illegal abortions, period apps may contain potentially incriminating evidence (e.g., late or missed periods and symptoms). And if law enforcement officials issued a request recognized by the applicable laws, the app makers would have no choice but to hand this information over.
Period tracker app privacy policies
The best way to find out if a period app is committed to user privacy is by reading its privacy policy. While reviewing the entire policy may seem tedious, you shouldn’t skip it. This document provides important information, including how the app collects, stores, and uses your data. Here’s what you need to pay attention to.
Data storage (local vs. in the cloud)
Knowing where an app stores your data is key. Apps can either store your information locally (on your device) or in the cloud (in servers across various locations).
Storing user info in the cloud makes it easy for companies to process large amounts of information (which is why most apps choose this storage option). However, data stored in the cloud may be exposed to privacy and security risks. For example, if a company-wide security breach occurs, cybercriminals may gain access to the cloud and the user information it stores. If your data’s kept on your device, such an incident wouldn’t expose it.
Additionally, local data storage gives you more control over your information. If you decide that you’d like to reduce the amount of data you’ve shared with an app, you can delete previously logged periods, symptoms, and other information relatively easily. On the other hand, if your data is stored in the cloud, you’d need to ask the company to delete it for you, which may take a while. We’ll cover data deletion practices in more detail below.
Third-party sharing
Many apps collect and share user data with third parties (e.g., data brokers and advertisers). This information may include technical identifiers (like your device’s ID), your age, and how you use the app. The third-party companies then use this data for various purposes, including targeted advertising and promotional campaigns.
While many popular apps allow third-party tracking, this practice isn’t great for your online privacy. Privacy-focused period apps will not share your information with third parties, and they’ll outline that in their privacy policy.
If an app you choose shares information with third parties, make sure you know exactly what it shares and how this information is used (e.g., to promote the app’s services or provide user insights).
The app’s privacy policy may also tell you how you can opt out of data sharing. Most reputable period tracking apps will allow you to opt out or at least reduce the amount of data you share.
Location tracking
Location data can reveal a lot about you, including the places you visit and even your approximate address. While disclosing this information is generally not great for your privacy, it’s a much bigger issue if you live in a state where abortion is banned.
In states with anti-abortion laws, location data can potentially be used against you in court (for example, to prove that you visited an abortion clinic). How would the court get this information about you? In many states, law enforcement agencies can ask companies to hand over location information (known as a subpoena) — and the companies must comply.
When reviewing a period app’s privacy policy, pay close attention to location data tracking — the policy should outline if the app tracks your location. The safest option is choosing an app that doesn’t.
Even if an app doesn’t track your location, it still sees your IP address, which may indicate someone’s approximate location. If you’d like to hide your IP, use a virtual private network (VPN). A VPN masks your IP address, making it more challenging for apps and websites to determine your location — and giving you more control over your privacy.
Data deletion practices
It’s also important to understand the app’s data deletion practices. Every user should be able to ask a company to delete their personal information from the developers’ systems — and the company should honor this request.
Always review an app’s data deletion protocols, including how you can request it and how quickly the app will resolve it. Some apps may take up to 90 days to remove your data from their servers and backup systems, but it shouldn’t take much longer than that.
While many US-based apps have established protocols, privacy policies should clearly outline that these privileges apply to all users, no matter where they’re based.
What if an app stores your information locally? In this case, data deletion practices won’t be necessary — you’ll be in charge of your data and able to delete it whenever you want.
How to protect your privacy with period tracker apps
Here’s what you can do to protect your privacy on period tracking apps.
Pick a privacy-focused app
If you choose to track your reproductive health with a period app, go for a provider that puts user privacy and security first. Opt for an app that stores your data locally and doesn’t share it with third parties. Also, look for apps with additional privacy-enhancing features (like passcodes).
Read the app’s privacy policy
Many users automatically skip privacy policies and terms when downloading apps. However, as outlined in the previous section, these documents contain important information about the app’s privacy commitment. Read the privacy policy to ensure you’re not choosing a data-hungry app.
Limit location sharing
Period apps rarely need your location data to provide a service — so it’s best not to share this information. If a period app tracks your location automatically (this information should be provided in its privacy policy), you’ll be better off choosing another period tracker.
Delete your data
Even if an app stores your data locally, it’s a good practice to regularly delete it from your device. While it may seem overly cautious, the less information an app has about you, the better. Remove data (like period dates or any previous symptoms you’ve logged) from your device regularly to add a layer of protection to your sensitive information.
What period tracking apps are the most private?
Not all period tracking apps are created equal. Some work hard to preserve your privacy, while others operate with questionable data-sharing practices. Several period apps have received attention for prioritizing user privacy, and here are our top four.
- Euki. Euki receives excellent reviews from many sources (including the National Institutes of Health) for its functionality and keeping user data private and secure. According to the app’s privacy policy, it doesn’t collect, retain, or share any personally identifiable information (like your name, address, or Social Security number). The app also offers some privacy-focused features, like the ability for the user to set a PIN to make the app more private or bring up a fake screen.
- Drip. Drip is a menstrual cycle tracking app created by the Mozilla Foundation, a global non-profit organization. Like other privacy-focused apps, Drip doesn’t track or sell your data to third parties. It keeps your data on your device, which is a lot more secure and private than storing data in the cloud. Drip is an open-source app, meaning anyone can get involved and contribute to the code or documentation. Drip also allows you to set a password for the app, which is important for protecting your data.
- Periodical. Periodical is another great option for privacy-focused users. Like the apps above, it doesn’t store data in the cloud or sell it to third parties. However, this app is only available on Android devices, so if you’re an iOS user, you’ll have to choose one of the other options.
- Apple’s Cycle Tracking. Cycle Tracking is a period app created by Apple that allows people to track their cycles using the Apple Watch. Cycle Tracking collects very little data — and none that could be linked to the user. It doesn’t share your data with advertisers either. Unfortunately, the app doesn’t get the best user reviews on the App Store, so its functionality may need to improve for it to see more uptake.
Should you delete your period tracking app?
Whether you delete your period tracking app is entirely up to you. With the overturning of Roe v. Wade, many U.S. users chose to delete their period apps to protect their personal and intimate information.
For American users in the states where abortion is banned, using a period tracker could pose significant risks. Their personal and health data may be used not just for advertising and marketing — but also for prosecution. In these cases, privacy experts recommend deleting period apps and switching to a paper calendar.
However, it is possible to find ways to use period tracking apps while preserving your digital privacy. The key is choosing an app that respects and works to protect your privacy, like some of the apps we’ve mentioned above. As long as an app doesn’t collect too much data, stores it locally, and doesn’t sell it to third parties, you can use it safely without risking your privacy.
