Effective as of October 31, 2023.
Securing your data
We are proud to be ISO/IEC 27001 certified. This is an international accreditation awarded to organizations that set high standards for handling information securely. When you use Flo, you are trusting us with your personal data. We are committed to being transparent and keeping that trust, and we will take steps to protect your rights and data.
Flo is the first female health app to introduce further privacy protections with Anonymous Mode. With an even deeper layer of privacy for your data, Anonymous Mode gives you the option to access the app without your name, email address, or technical identifiers being associated with the data you put into the app.
Data that helps to serve you
When you use Flo, we collect your personal data and use it to improve your experience and service. We can then increase the safety and accuracy of your predictions and give you relevant app content and product offers.
You can contribute to the growth of the Flo community
If you consent, we may use technical information about your device and other information about you (such as your device’s unique technical identifier, age group, subscription status, emails, and the fact of application launch) to reach you for promotional purposes.
You’re in control
You can access, modify, correct, erase, and update your personal data by emailing us at email@example.com or emailing our data protection officer at firstname.lastname@example.org. For iOS Flo Premium users, the app also enables you to download a report containing some of your personal data from within the app. Please be aware that erasing or modifying some personal data you have provided could affect your ability to use certain features of the app that rely on historical data. Where we rely on your consent to process your personal data, you can withdraw your consent.
We limit children’s access to the App
You must be at least 13 years old to use the app (16 years old for European Economic Area and United Kingdom residents).
* The App may be listed under a different name depending on your location. A full list of names is available here.
The latest updates to this policy are on our Website and in the App.
Personal data we collect from you
We collect personal data about you when you interact with the Services. This can be directly from you or from other sources and third parties.
Personal data you provide to us directly:
General information: When you sign up to use the Services, we may collect personal data such as your name, email address, year of birth, password, and place of residence and location information including time zone and language. We may be able to infer your sex and/or gender by your use of the Services.
Well-being: When you use the Services, you can choose to input personal data about you, such as your weight; height; body mass index (BMI, a value derived from the mass and height of a person); body temperature; menstrual cycle dates; details of your pregnancy (if you select the pregnancy mode); other symptoms that are related to your menstrual cycle, menopause, pregnancy, general well-being and health; symptoms, which may include information relating to your sex life; or other information, like your physical and mental well-being. With your consent, you may also allow us to connect to third-party services, such as Apple HealthKit and Google Health Connect, to enable us to import information about your health and activities into the App. This imported data may include fitness activities, weight, height, BMI, calories burned, heart rate, number of steps/distance traveled, and other activity data. We will process this data in order to provide you with App functionality and features. Importing this data is subject to the Google Health Connect and Apple HealthKit privacy policies and terms.
Personal data we collect automatically:
When you access or use the Services, we may automatically collect the following information:
Device information: Device model, information about the operating system and its version, unique device identifiers, enabled device accessibility features (e.g., display features, hearing features, and physical and motor features), mobile operator and network information, device storage information, or version of your device system
Location information: IP address, time zone, or information about your mobile service provider
Data about your use of the Services, including, among others: frequency of use; areas and features of the Services that you access, visit, or use; payment information; or engagement with particular features
Data from external sources: We may receive personal data about you from third parties. For example, we may obtain information from third parties to enhance or supplement your existing information, including to customize your experience and for statistical purposes and analytics.
How we use your personal data
Depending on which features of the Services you use, we will process your personal data based on one or more of the following legal bases (we have included some examples):
- Your consent: On the registration screen, you can give us permission to process health data to provide the Services.
- To fulfill our contractual obligations to you in order to provide the Services to you: We may process your personal data to fulfill our contractual obligation to you such as account management and other administrative purposes.
- Legitimate interest: We may process your personal data in relation to our interests in providing the Services to you, including our interest in protecting the security and integrity of the Services. If we rely on this basis, our interests will not come before your rights.
- Legal obligation: We may be obligated to process some of your personal data to comply with applicable laws and regulations.
Below, we describe the purposes for which we process your personal data and our lawful bases for doing so, including some basic examples:
|Purpose of processing||Legal basis for processing||Example|
To support the existing functions of the App, including customization of content and materials you see when you use the App
We use your cycle data to predict your future cycles or ovulation, analyze your data to provide you with new features and services, and provide certain suggested articles or materials (e.g., stories, Health Assistant, and Secret Chats) to read.
|For the customization of product and service offerings and making our recommendations to you, including for third-party products and offerings (excluding data from Apple HealthKit and Google Health Connect)||Consent||We may offer you a discount for Flo Premium.|
|To process transactions and send you related information, including confirmations and reminders for account management and other administrative purposes||Contract||Using your device data, we may send you a reminder (e.g., via push notifications) if your subscription has expired or is due to expire, or we may send you an email containing your invoice, if applicable.|
|To respond to your comments, questions, and requests and to provide customer service||Legitimate interest||We may process your name and email to reply to your support request or to contact you about a specific query or question you have raised.|
|To review App content, feedback, and complaints raised to ensure clinical safety and medical accuracy of the App||Legitimate interest||We may process your name and email to review support requests that require review by our medical team.|
|To send you technical notices and updates, investigate incidents, and send security alerts. To send you support and administrative messages||Legitimate interest|
We may send a request for you to update your App to ensure you have access to the latest features. We may send an email that contains a customer satisfaction survey. You can opt out of receiving such surveys anytime by contacting us at email@example.com.
|To integrate data between the Website and App in connection with onboarding users||Legitimate interest||As an example, when you sign up for the Services on the Website, we use a third party, AppsFlyer, to help us identify you as an existing user when you use the App.|
|To monitor and analyze trends, usage, and activities in connection with our App||Legitimate interest||We may analyze your browsing activity in the App to ensure the App functions as it should in response to your interactions, fix issues, and improve your future experience.|
|Solely with respect to information that you agree to share, for Flo promotional purposes||Consent||If you give your consent, we can post your review or comment on our website.|
Principles of processing
Data minimization and purpose limitation: We will not process personal data in a way that is incompatible with the purposes for which it has been collected or authorized by you or collect any personal data that is not needed for the mentioned purposes.
Your privacy rights
It does not matter what country, state, or region you come from; we are committed to providing you with individual privacy rights standard to the General Data Protection Regulation (GDPR) in relation to your personal data. What are these rights?
Correction of your personal data
If you believe that your personal data is inaccurate, you have the right to contact us and ask us to correct such personal data.
Restriction of processing
You have the right to request that the processing of your personal data be restricted in some circumstances. For example, you have the right to request the restriction of your personal data if you contest the accuracy of your personal data and we need some time to verify its accuracy.
Access to your personal data (including in portable form)
You have the right to request information about what personal data we process about you, to access all your personal data, and to receive a copy of it, including in a structured and portable form (.json). For iOS Flo Premium users, the App also enables you to download a report containing some of your personal data from within the App.
Erasure of your personal data
You may ask us to erase your personal data if you withdraw your consent to processing, if you believe such processing is unlawful. Please be aware that erasing some personal data may affect your experience using certain features of the Services that rely on historical data.
Objection to the processing of your personal data
In some cases, you can object to the processing of your personal data, for example, if we process it under the legitimate interest basis, by emailing us at firstname.lastname@example.org.
How to exercise your privacy rights
Email us at email@example.com to exercise your privacy rights.
We will address your request within 30 days after receipt. It can take us up to 90 days in some cases, for example for full erasure of your personal data stored in our backup systems. We will let you know if we need more time and explain the reasons for the delay.
Please keep in mind that if we receive a vague request, we may contact you to better understand the request. We may also refuse to comply with or charge a reasonable fee for a request that is manifestly unfounded and/or excessive (repetitive) requests.
We will require you to prove your identity. Normally, we will verify that the request is coming from the same email that you provided when registering. If you have not registered your account, we may ask you to undergo additional verification checks to ensure we can appropriately respond to you.
Subject to applicable laws, you may have the right to lodge a complaint with your local data protection authority about any of our activities. If you have any concerns about our privacy practices, please let us know by emailing our support team at firstname.lastname@example.org or by emailing our data protection officer at email@example.com.
Third parties processing your personal data
Promoting our Services
With your consent, we may share some of your non-health personal data with AppsFlyer to promote Flo’s services.
Here is a step-by-step illustration of how we work with AppsFlyer and its integrated partners for marketing and promotional purposes:
1. You become a Flo user, and with your consent, we start sharing the following personal data with AppsFlyer and its integrated partners to promote Flo’s services:
a) Technical identifiers: IP address (which may also provide general location information), user agent, identifier for advertisers (IDFA), Android ID (in Android devices), Google advertising ID, customer-issued user ID, and other similar unique technical identifiers
b) Your age group
c) Your subscription status
d) The fact of application launch
2. Flo sends your personal data to AppsFlyer, which analyzes it and provides us reports and insights on how to optimize our promotional campaigns.
3. At the same time, AppsFlyer sends your personal data to some of its integrated partners (e.g., Pinterest, Google Ads, Apple Search Ads, Meta Audience and others) to find you or people like you on different platforms, including social media websites.
These integrated partners analyze your personal data and show relevant information about Flo to people who might be potentially interested in it or remind you about revisiting the App if you stopped using it a while ago.
4. Opt-out options: You can withdraw your consent or opt out from the sharing of your personal data with AppsFlyer for marketing purposes in accordance with this subsection anytime by adjusting your device settings in iOS or Android.
Note that we also use AppsFlyer to integrate data between the Website and App in connection with onboarding users. You are not able to opt out of AppsFlyer’s processing of your personal data for these purposes.
Processing to make the App run
In some situations, we engage other companies to process your personal data on our behalf. We refer to these companies or service providers as “processors.”
Processors are companies that help us run the Services, support our communication with you, or perform other App-related activities. They process certain personal data on our behalf to accomplish the goals related to the App functions and deliver the Services and associated activities. We remain responsible for any acts or omissions of our processors, and we enter into data processing contracts with them to the extent required by applicable law.
Here are some of the main processors we rely on:
|Infrastructure and security||ElasticSearch Inc.||ElasticSearch Inc. Privacy Statement|
Apple (Apple, Inc.)
We may aggregate, anonymize, or de-identify your personal data so that it cannot reasonably be used to identify you. We may share such data with third parties such as academic research institutions or use the data for statistical purposes. For example, we may share or use general age and demographic information and aggregate statistics about certain activities or symptoms from data collected to help identify patterns across users in articles, blog posts, and scientific publications. Sharing such data may contribute to the advancement of scientific research on female health.
For certain targeted academic or user research studies, we will contact you and rely on your consent. You can withdraw your consent at any time by emailing us at firstname.lastname@example.org.
Information posted by you
The App features several community areas like Secret Chats where users with similar interests can share information and support one another.
Any information (including personal data) you share in any online community area or online discussion is by design open to the Flo community. Please think carefully before posting any personal data in any public forum. What you post can be seen, disclosed to, or collected by others and may be used in ways we cannot control or predict, including to contact you for unauthorized purposes. Posting your personal data in Secret Chats will violate the Secret Chats Rules. If you mistakenly post personal data in our community areas and would like it removed, email us at email@example.com.
How information is shared: For legal reasons or to prevent harm
We may also preserve or share some of your personal data in the following limited circumstances:
- In response to subpoenas, court orders, or legal processes, to the extent permitted and as required by applicable law (including to meet national security or law enforcement requirements)
- When disclosure is required to maintain the security and integrity of the Services or to protect any user’s security or the security of other persons, consistent with applicable laws. In such cases, we may also delete some of your personal data (e.g., by resetting your password to avoid unauthorized access).
- To assert legal rights or defend against legal claims
- When disclosure is directed or consented to by the user who has inputted the personal data
- In the context of an acquisition or transfer of any party of our business or in connection with the business reorganization
Depending on the circumstance, we may rely on legitimate interest or legal obligation as our legal basis for the processing activities above.
Anonymous Mode lets you create a Flo account without your email, name, or technical identifiers being associated with your new Anonymous Mode account.
If you have an existing account, certain non-identifiable data will be transferred to your new Anonymous Mode account (e.g., your cycle data). Your old account with personal information you logged from your previous cycles will be automatically deleted, and you will no longer have access to it.
Limitations of Anonymous Mode: When you choose to create an Anonymous Mode account, some features of the Flo App will not be available to you since they use personal data to function. These features may include integration with your wearable device, some push notifications, and emails.
When you create an Anonymous Mode account, we cannot identify you. While our customer support will not be able to answer some specific or technical questions, we will do our best to help.
As is the case with all digital products, in certain limited circumstances, it may be theoretically possible for someone to find a way around security measures. For instance, a user’s device may be utilized without authorization by a third party. Anonymous Mode accounts unlink all personal information from stored health data, which reduces the risks posed by such events. For more information about Anonymous Mode, please read our Anonymous Mode FAQs here.
Retention of your personal data
Except as set forth below, we will retain your personal data for as long as needed to provide you with the Services or otherwise fulfill the purposes for which it was collected.
Impact of account deactivation/requests to erase personal data: At any time, you can deactivate your account and erase your personal data by emailing firstname.lastname@example.org. We will address your deletion request within 30 days after receipt. It will take us up to 90 days in some cases to complete full erasure of your personal data stored in our backup systems. If you choose to deactivate your account, Flo will generally delete all your personal data, and it will not be recoverable should you later create another account.
Impact of App deletion or inactivity: If you choose to delete the App from your device or your account becomes inactive, we will retain your personal data for a period of three years in case you decide to reactivate the Services or reinstall the App. After three years of inactivity and not using the App, we will delete your personal information. While this is the Flo data retention standard, you can still ask for your data to be deleted at an earlier date by contacting us. The App covers different periods of users’ lifecycle; therefore, retention of your data is needed in some cases to secure your smooth experience with other App functions (e.g., switching to pregnancy mode after cycle tracking).
Limitations: You should be aware that although we will anonymize or otherwise de-identify your data where possible, we may retain certain personal data and other information after your account has been terminated or deleted as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.
Security of your personal data
General security measures
We implement technical and organizational measures in an effort to protect personal data from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction, taking into account the nature of the personal data that we process and risks associated with special categories of personal data we collect. This includes:
- Encryption of your personal data in transit and in rest
- Systematic vulnerability scanning and penetration testing
- Protection of data integrity
- Organizational and legal measures: For example, our employees have different levels of access to your personal data and only access your personal data for limited and necessary purposes required for the operation of the Services. We impose strict liability on our employees for any disclosure, unauthorized access, alteration, destruction, or misuse of your personal data.
- Conducting periodical data protection impact assessments in order to ensure that the Services fully adhere to the principles of privacy by design, privacy by default, and others. We also commit to undertake a privacy audit in the event of Flo’s merger or takeover.
Please protect your password, and for an added layer of protection, you can add a passcode to access the App. Do not share your password or allow others to use your mobile device. No security system is perfect. Therefore, we cannot guarantee the absolute security of the Services or that your information will not be intercepted while being transmitted to us.
If you want to report a security incident related to the Services, please email us at email@example.com.
General age limitation: The Services are not intended for children, and we do not knowingly collect personal information from children under 13 years old through the Services. If you are aware of anyone under 13 years old using the Services, please email us at firstname.lastname@example.org, and we will take the required steps to delete such information and/or delete the child’s account.
Age limitation for residents of the European Economic Area (EEA) and United Kingdom (UK): Due to legal requirements, we do not allow the use of the Services by residents of EEA or the UK younger than 16 years old. If you are aware of anyone younger than 16 using the Services, please email us at email@example.com, and we will take steps to delete such information and/or delete the child’s account. Some App functions are limited for users that are younger than 18 years old.
Communication with you
We may contact you from time to time via email or through other means (like pop-ups or push notifications) to communicate with you about products, services, offers, promotions, rewards, and events offered by us and provide news and information that we think will be of interest to you.
Opt-out options: You can always opt out of receiving emails by unsubscribing via the “Unsubscribe” link contained in the email. Opting out of these emails or notifications will not end the transmission of service-related emails that are necessary to your use of the Services. You may also opt out of receiving pop-ups or push notifications by adjusting your settings in your device. If required, we may ask some users to provide additional consent for such communications.
Please note that we may contact you with information about products, services, offers, promotions, rewards, and events offered by us and others via third-party platforms (like social media).
Presence on social networks
We may use social media platforms to promote Flo and engage with our customers. When you interact with us on these platforms, we may process information, such as your username, profile picture, and any comments or posts you make related to Flo, for engagement purposes only.
Storage and international personal data transfers
Flo is based in the United Kingdom. Personal data we collect is transferred to and processed in the United States (US; where it is governed by US law) and to other countries (where it is governed by the laws of those countries). The laws of the US and the laws of other countries may not offer the same protections as the laws of your jurisdiction.
Transfers of personal data outside of the European Union, the European Economic Area, and the United Kingdom
Personal data in the European Union (EU), the EEA, and the United Kingdom is protected by the General Data Protection Regulation and Data Protection Act 2018, but some other countries may not necessarily have the same standard of protection for your personal data.
Flo transfers personal data from the EU, EEA, and UK to the US and other third countries. When transferring personal data outside the EU, EEA, and UK, we either implement standard contractual clauses, conduct transfer impact assessments, or rely on current European Commission adequacy decisions. For further information, please email us at firstname.lastname@example.org.
Data Privacy Framework Participation
Flo is certified under the EU–US Data Privacy Framework and Swiss–US Data Privacy Framework (together, the “DPF”) for personal data transfers from the EU to the US and from Switzerland to the US. You may view our certification here.
Complaints and dispute resolution: We commit to resolve complaints about our collection and use of your personal data. EU and Swiss individuals with inquiries or complaints regarding our DPF policy should first contact us by emailing us at email@example.com or by mail using the address Flo Health UK Limited, 27 Old Gloucester Street, London, WC1N 3AX, United Kingdom.
Arbitration: You may also be able to invoke binding arbitration for unresolved complaints, but prior to initiating such arbitration, a resident of a European country (including Switzerland) participating in the DPF must first (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the US Department of Commerce (either directly or through a European data protection authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that pursuant to the DPF, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the DPF with respect to the resident. The arbitration option may not be invoked if the individual’s same claimed violation of the principles (1) has previously been subject to binding arbitration; (2) was the subject of a final judgment entered in a court action to which the individual was a party; or (3) was previously settled by the parties.
We are subject to the investigatory and enforcement powers of the US Federal Trade Commission concerning personal data transferred under the DPF.
We have further committed to refer unresolved DPF complaints to JAMS, an alternative dispute resolution provider located in the US. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact JAMS or visit https://www.jamsadr.com/submit/ for more information or to file a complaint. The services of JAMS are provided at no cost to you.
We do not sell your information for monetary gain.
Under certain state laws (including California), if we disclose personal information to a third party for any benefit, this can be considered a “sale” or “share” or personal information, even if the third party does not use the personal information for any other purpose. We “share” personal information if we disclose personal information to a company for purposes of cross-context behavioral advertising.
Request to opt out: While we do not sell your personal information for monetary gain, you have the right to opt out of our “sale” or “sharing” of your personal information (as defined under California or other US state legislation) to our analytics and advertising partners. To exercise this right, you can adjust your browser settings, visit the “Your Privacy Choices” link on our website, or contact us.
Limiting the use of sensitive personal information: Sensitive personal information that we process is limited to only those purposes that are necessary to provide products or services to you.
Request to know/access: In addition to the other rights mentioned in this policy, you have the right to request to know (i) the personal and sensitive information we have collected about you and our purposes of use; and (ii) the categories, sources, and third parties involved in personal information we have collected about you or “sold” or disclosed in the past 12 months. You may exercise your right to request to know twice a year, free of charge.
Shine the Light: California residents may also request information from us once a calendar year about any personal information shared with third parties for their own direct marketing purposes. We don’t share information with third parties for their own marketing uses, but please email us at firstname.lastname@example.org if you have questions. You’ll need to specify “California Privacy Rights Request” in the subject line of the email, and also include your name, street address, city, state, and ZIP code.
References to “personal data” in this policy include “sensitive/personal information” as defined under California laws.
If you have any questions or concerns about your privacy, you may contact us or our data protection officer by writing to us at:
Flo Health UK Limited, 27 Old Gloucester Street, London, WC1N 3AX, United Kingdom
Flo Health LTU UAB, Saltoniškių street 2 Vilnius, LT-08126, Lithuania (our main EU establishment)
You may also contact your local data protection authority. You can find a list of local data protection authorities here.