For Clinicians
Manage subscription Try Flo today
Product
Product
    Product
  • Tracking cycle
  • Getting pregnant
  • Pregnancy
  • Help Center
  • Flo for Partners
  • Anonymous Mode
  • Flo app reviews
  • Flo Premium New
  • Secret Chats New
  • Symptom Checker New
Health Library
Health Library
    Health Library
  • Your cycle
  • Health 360°
  • Getting pregnant
  • Pregnancy
  • Being a mom
  • LGBTQ+
  • Quizzes
Calculators
Calculators
    Calculators
  • Ovulation calculator
  • hCG calculator
  • Pregnancy test calculator
  • Menstrual cycle calculator
  • Period calculator
  • Implantation calculator
  • Pregnancy weeks to months calculator
  • Pregnancy due date calculator
  • IVF and FET due date calculator
  • Due date calculator by ultrasound
About
About
    About
  • Medical Affairs
  • Science & Research
  • Pass It On Project New
  • Privacy Portal
  • Press Center
  • Flo Accuracy
  • Careers
  • Contact Us
For Clinicians
For Clinicians
Manage subscription

Privacy Policy

Table of contents

    Effective as of 13 November 2025 

    If you want to see older versions of this policy, click here.

    Your body, your data. At Flo, privacy is our top priority. We will never sell your data. We are based in the United Kingdom, and comply with the highest global standards of data protection laws, including the GDPR. This means that no matter where you are in the world, you can trust that Flo is committed to keeping your personal data safe. 

    This policy explains how we handle your personal data. Here’s a quick summary. You should still read the full policy as well as our Terms of Use.

    Safeguarding Your Data: Flo’s dedication to Privacy and Security

    We are proud to hold two certifications for internationally recognised privacy and security standards. Flo has obtained independent certifications called:

    •  ISO/IEC 27001 for Information Security; and 
    • ISO/IEC 27701 in Privacy. 

     

    Our certifications show our promise to keep your information secure and manage your privacy to a high standard. When you use Flo, you trust us with your personal data. We promise to always be clear about how your personal data is used, protect your rights and respect your data. 

    Anonymous Mode

    Flo is the first female health app to add further privacy to your personal data by creating and providing Anonymous Mode. This feature is available to all Flo users and lets you use the app without linking your name, email address or technical identifiers to your data. This means we can’t identify you if you switch to Anonymous Mode and neither can any third parties. 

    Data that helps to serve you

    When you use Flo, we collect your personal data to make your experience better. This includes ensuring the safety of our Services, improving the accuracy of your predictions and giving you relevant content and offers.

    You can contribute to the growth of the Flo community

    If you agree, we may use information about your device and other details (such as your device’s ID, your age group, subscription status, email and the fact you launch the app) to spread the word about Flo.

    You’re in control and can reach out to us

    You can reach out to us anytime. You can access, change, correct, delete and update your personal data by emailing us at support@flo.health. Or you can get in touch with our data protection officer at dpo@flo.health. If you gave us consent to process your personal data, you can take your consent back at any point. If you have any questions about this Privacy Policy, let us know. 

    We limit children’s access to the app

    You must be at least 13 years old to use the app. If you are in the European Economic Area, United Kingdom and Canada, you must be 16 years old.

    Introduction

    This Privacy Policy explains how Flo Health UK Limited and our other companies (“Flo” or “we” or “us”) follow privacy laws such as the General Data Protection Regulation (“GDPR”), the UK GDPR, and any other laws that protect your personal data. It also describes how Flo collects, stores, uses, and shares personal data from you through the Flo mobile application, the Flo Period & Ovulation Tracker application (the “App”),* and the flo.health website (the “Website”), including all subdomains, products and services (together, the “Services”). 

    Flo Health UK Limited is a company registered in the U.K. and the registered data controller of the Services.

    *The App might have different names depending on your location. A full list of names is available here

    We may update this Privacy Policy and any addendums from time to time. We review them at least once a year and make updates if needed to ensure they remain accurate. If there are material changes to this policy that we need to tell you about, we will let you know by email or through the App. 

    The latest updates to this policy are available on our Website and in the App.

    Personal data we collect from you 

    We collect personal data about you when you use the Services. This can come directly from you or from other sources and third parties. 

    Personal data you provide to us directly:

    • General information: When you sign up for our Services, we collect personal data like your name, email, birth month and year, password, location, time zone, and language. Based on how you use the Services, we may also infer your sex or gender.

    You can also enter your first name or a preferred name. This is completely up to you and won’t impact your use of the Services if you choose not to provide it.

    • Well-being: When using our Services, you may enter personal data (including ‘special category data’ as defined in the UK GDPR) about yourself, such as your weight, height, BMI, body temperature, and menstrual cycle details. If you enable pregnancy mode, you can also input and track pregnancy-related information. You may log symptoms linked to your menstrual cycle, pregnancy, perimenopause, or menopause, as well as general health and well-being. This can include details about your sex life, physical and mental health, water intake, and sleep duration.
    • Third-party services (including wearables): With your permission, we can connect to third-party services like Apple HealthKit and Google Health Connect. This allows us to automatically import your health and activity data into the app, so you don’t have to log it yourself. The imported data may include fitness activities, weight, height, BMI, calories burned, heart rate, steps taken, distance traveled, body temperature, sleep patterns, and other activity details.

    This information helps provide insights into your activities and improves our ability to predict your cycle. We process this data to enhance the App’s features and functionality.

    Importing data is subject to the privacy policies and terms of Google Health Connect and Apple HealthKit. If you use a wearable device to connect to Flo, please review its terms and privacy policies as well. Your device provider may collect usage data for its own purposes, such as improving its services.

    Personal data we collect automatically:

    When you use the Services, we may automatically collect certain information:

    • Device information: device model; information about the operating system and its version; unique device identifiers; enabled device accessibility features (e.g., display features, hearing features, and physical and motor features); mobile operator and network information; device storage information or version of your device system. 
    • Location information: IP address for an approximate location; country; time zone or information about your mobile service provider. We do not collect your exact location. We only use location details for the reasons listed below.
    • Data about your use of the Services, including: frequency of use; areas and features of the Services that you access or use; payment transaction information (excluding full payment card details) or engagement with features.

    To collect this and other information, we may use cookies and other similar technologies. See more in our Cookie Policy.

    Data from external sources: We may receive your personal data from third parties. For example, they may provide additional information to enhance your existing data, personalise your experience, and support analytics and statistics.

     

    How we use your personal data

    Depending on which features of the Services you use, we will process your personal data based on one or more of the following legal bases (we have included some examples):

    Your consent: you can give us permission to process your health data to provide the Services.

    To fulfill our contractual obligations to you in order to provide the Services to you: we may process your personal data to fulfill our contractual obligation to you for activities such as management of your Flo account and other administrative purposes.

    Legitimate interest: we may process your personal data based on our legitimate interests in order to manage our Services better. For example, we may use your personal data in order to: 

    • identify and fix bugs;
    • determine genuine user interaction with the Services (rather than bots); 
    • monitor the App and analyze its performance and reliability; 
    • inform you of matters concerning your subscriptions;
    • conduct vulnerability scanning to protect the security of the Services; and 
    • review aggregated App usage trends.

    Further examples of our legitimate interests are outlined in the table below. When relying on this legal basis, we first determine that we have a legitimate interest in conducting and managing our business. We then consider and balance potential impacts to you and your rights, to ensure that our interests do not override them. 

    Legal obligation: We may be obligated to process some of your personal data to comply with applicable laws and regulations.

    Below, we describe the purposes for which we process your personal data and our lawful bases for doing so, including some basic examples:

    Purpose of processingLegal basis for processingExample
    To support the App’s features, including tailored content, insights and materials in the App, we use the personal data you provide within the App;  machine learning models for cycle predictions;  the Services you choose to use (e.g. your selected mode) and the App features you interact with; information from connected third-party services (like Apple HealthKit and Google Health Connect); and certain information provided in onboarding questionnaires. ConsentWe use your cycle data to predict future cycles or ovulation, analyse your personal data to offer new features and Services, and suggest articles or materials (e.g., stories, Health Assistant, and Secret Chats) for you to read.  
    We also customize product and service recommendations and cycle date notifications to you, such as through emails or push notifications. We may also contact you about third-party products and offers.ConsentWe may offer you a discount for Flo Premium.
    We process transactions and send related information, including confirmations and reminders about your subscription, for account management reasons and other administrative purposes.ContractWe use your device data to send reminders, like push notifications, if your subscription has expired or is about to expire. If applicable, we may also email you your invoice. 
    To respond to your comments, questions, requests and to provide you with customer service. Legitimate interestWe use your name and email to respond to your support request or to contact you about a specific question or issue you’ve raised.
    To review App content, feedback and complaints to ensure the App’s clinical safety and medical accuracy. Legitimate interestWe use your name and email to review support requests that need our medical team’s attention.
    To send you technical notices and updates; security alerts, ensure the safety of our App and investigate incidents;  support and administrative messages; and customer satisfaction surveys. Legitimate interestTo request that you update your App to ensure you have access to the latest features. 

    To enhance your user experience and connect data between the Website and App during the onboarding process.

    		Legitimate interestWhen you sign up for the Services on the Website, we use a third party deeplinking service, AppsFlyer, to help us identify you as an existing member when you download the App.
    To monitor and analyse trends, usage and activities in connection with our App.Legitimate interestWe review your usage activity in the App to make sure it works correctly, fix any issues, serve you relevant content, and improve your future experience. We may also use overall usage trends to deliver the right content, sales campaigns and offers to you.
    Promotional communications regarding our Services.ConsentIf you give your consent and we use your personal data, we can post your review or comment on our Website.

    To enable you to participate in surveys and promotions.

    		ConsentIf we ask you to participate in a survey or promotion, we use your name, survey responses and any other content (e.g. testimonial videos) that you provide for product improvement and marketing purposes. We may give you a gift for participating in the survey or promotion, so will process your contact details to provide you with this gift. 
    Promote Flo by improving how our advertising and campaigns performConsent We use some technical identifiers to help us understand which advertisements are effective and where our users are coming from. This allows us to improve how Flo is promoted. The personal data we use for this purpose does not include health data. 
    Sign up to Flo through Flo’s commercial partner offeringsContractIf you sign up to Flo through a Flo partner offer, we’ll use unique identifiers to verify that you are a subscriber to the partner’s service.

    Principles of processing

    Data minimisation and purpose limitation: we only process personal data for the specific purposes for which it was collected or authorised by you. 

    No sale of personal data: we do not sell or rent your personal data for money. We will only share your personal data as outlined in this Privacy Policy. This includes sharing your personal data with our service providers who help us operate our Services. We will not use information from Apple HealthKit or Google Health Connect for advertising or sell it to advertising platforms, data brokers or resellers.

    Your privacy rights

    Regardless of where you live, we’re committed to providing you the same privacy rights afforded under the GDPR, which is generally regarded as the highest standard for data protection globally.

    What are your rights?

    You have rights in relation to your personal data. Only you or someone authorised to act on your behalf can make a request about your personal data. If you authorise someone to act on your behalf, we may need to verify their authorisation. 

    Correction of your personal data

    If you think your personal data that we hold is incorrect, you can contact us to request a correction. 

    Restriction of processing

    You can request that we limit the processing of your personal data in certain circumstances. For example, if you believe your personal data is inaccurate, you can ask us to restrict the processing while we verify it. 

    Access to your personal data

    You have the right to know what personal data we process about you. You can request access to all your personal data and to receive a copy of it, including in a structured and portable form (we use .json files). For iOS Flo Premium members, the App also allows you to download a report with some of your personal data directly. 

    Right to data portability

    You can request your personal data in a format that lets you easily move, copy or transfer it to third parties for other services or purposes. 

    Erasure of your personal data

    You can ask us to delete your personal data at any time. Keep in mind that deleting some personal data might affect your experience with certain features that depend on historic information. 

    Objection to the processing of your personal data

    You can object to the processing of your personal data, such as if we use it for direct marketing purposes. 

    How to exercise your privacy rights

    To exercise your privacy rights, you can use our interactive chatbot, available on our Website or by emailing us at support@flo.health.

    You can request to delete your account or make certain changes directly in the App's settings. 

    We will handle your request within one month of receiving it. In some cases, such as for complete deletion of your personal data stored in our backup systems, it may take 90 days. If we need more time to action your request, we will let you know and explain the reason for the delay. Please be aware that once the deletion process begins, it can’t be undone. This is because your personal identifiers are immediately unlinked from your App information, which means we can no longer identify you, even if some data temporarily remains in our backup systems.

    Your consent is required for us to use your health data. You can withdraw this consent at any time by either contacting us or deleting your account through the App. 

    What else should you know?

    If your request is unclear, we might reach out to you for clarification. We may also refuse or charge a reasonable fee for requests that are clearly unfounded and/or excessive.

    To process your request, we’ll need to verify your identity. Usually, this involves confirming that the request is coming from the email you used to register. If you haven’t registered, we may ask you for additional verification to ensure we respond appropriately. 

    Depending on local laws, you may have the right to lodge a complaint with your local data protection authority about any of our activities. If you have any concerns about our privacy practices, please let us know by emailing our support team at support@flo.health or by emailing our data protection officer at dpo@flo.health.

    Third party data processing 

    We will not share your personal data with third parties except as specified within this Privacy Policy.

    Promoting our Services 

    We do not share your health data with third parties for marketing purposes. With your consent, Flo may collect and share information with AppsFlyer and its partners, and Firebase. These are mobile app marketing and analytics platforms who help us improve our advertising campaigns, understand the performance of our campaigns and spread the word about Flo. They may also use information collected to remind you to revisit the App if you haven’t used it in a while.

    Your health data is not shared with AppsFlyer and Firebase. AppsFlyer and Firebase handle your personal data only with your consent and according to our instructions as a data processor. 

    Here is how we work with AppsFlyer and its partners for marketing and promotional purposes:

    1, When you become a Flo member and give your consent, we share the following personal data with AppsFlyer and its partners to promote the Services: 

    • technical identifiers: IP address (which may also reveal general location information), Android ID (in Android devices), Google advertising ID, and other similar unique technical identifiers;
    • your age group;
    • your subscription status; 
    • the fact that you launched the App; and
    • your advertising identifier if you provide your consent on the iOS ‘allow tracking’ settings. 

    2. Flo sends this personal data to AppsFlyer, which analyses it and provides us with insights on how to improve our promotional campaigns.

    AppsFlyer may also share your personal data with its partners (e.g., Pinterest, Google Ads, Apple Search Ads, Meta Audience and others) to find you or people like you on various platforms, including social media. These partners use the information shared to help us achieve the purposes described above. Read more about AppsFlyer and how its partners work here

    3. Withdrawing your consent: You can withdraw your consent to sharing your information with AppsFlyer anytime. You can do this by visiting your device settings or adjusting your consent preferences in the Flo App.

    Please note, that we also use AppsFlyer for a separate functional purpose to help join up the onboarding process between the Website and App for some users. You cannot opt out of AppsFlyer’s processing of your personal data for this purpose. 

    Here is how we work with Firebase for marketing and promotional purposes:

    1. When you become a Flo member and give your consent, we share the following personal data with Firebase and connected Google services partners to promote the Services: 

    • technical identifiers: IP address (which may also reveal general location information), Android ID or Google advertising ID (in Android devices), IDFA (for iOS devices), and other similar unique technical identifiers;
    • your subscription status; 
    • information about App usage, such as the fact that you launched the App; and 
    • your advertising identifier if you provide your consent on the settings of your device

    2. Flo sends your personal data to Firebase, which analyses it and provides us reports and insights on how to optimise our promotional campaigns.

    3. At the same time, your personal data is shared with linked services (e.g. Google Ads, Google Analytics, and Google Play). Linking this information helps us to enhance our app’s functionality, understand how well our marketing efforts are working, and allows us to create targeted campaigns to show you more relevant ads.

    Read more about how Firebase and linked services work here. 

    4. Withdrawing your consent: You can withdraw your consent or opt out from the sharing of your personal data with Firebase in accordance with this subsection anytime by adjusting your device settings. You can opt out of receiving push notifications by adjusting your settings on your device at any time.

    Apple’s AppTrackingTransparency (ATT)

    In addition to AppsFlyer, for iOS devices, we may use Apple’s ATT tool to help us improve our advertising and help more people discover Flo’s Services. If you choose to allow tracking, Apple will ask whether you would like to share your device’s advertising ID (sometimes referred to as a IDFA), and details like your age group, subscription status and the fact you launched the Flo App. Please be aware, we do not share your health data with third parties for advertising purposes, and you can change your consent for ATT any time in your phone settings or Flo’s consent settings in the App. 

    Processing to make the App run 

    Sometimes, we work with other companies to process your personal data on our behalf. We call these companies or service providers “processors.” 

    Processors are companies that help us operate our Services. We are responsible for any actions of these processors ensuring they follow the law and our instructions by entering into data processing agreements with them. 

    Flo’s team is spread across several countries. The following group companies within the Flo group act as processors: 

    • Flo Health Cyprus Ltd (based in Cyprus); 
    • Flo Health LTU UAB (based in Lithuania, our main EU establishment); and 
    • Flo Health NL. BV (based in the Netherlands). 

    Here are some of the main processors we rely on:

     ProcessorProcessor's privacy policyData collectedPurpose
    Infrastructure and securityAmazon Web Services, Inc. AWS Privacy Notice All personal dataStoring all personal data when you use the App
    Infrastructure and securityCloudflare, Inc.Cloudflare Privacy PolicyAll personal dataSecurity of the App, content delivery
    Infrastructure and securityAuth0, Inc. (Okta, Inc.) Okta Privacy and Cookie PolicyEmail address, IP address, and NameAuthentication and authorization services
    Infrastructure and securityKibana Inc. (Elastic N.V.)Elastic N.V. Privacy StatementAll personal dataTo protect members’ data 
    Infrastructure and securityVercel Inc. Vercel’s Privacy PolicyPersonal data processed via the WebsiteTo improve the Website’s performance and ensure efficient service delivery
    Email communications SendGrid, Inc. (Twilio, Inc.)SendGrid Privacy Notice Email addressTo send you our newsletters, surveys and notifications 
    Email communications Trustpilot A/S Trustpilot Privacy PolicyEmail address, and Name (or a nickname if you prefer)To send and invite you to take part in Service reviews. 
    Email and in-App communicationsSurveyMonkey (Momentive Europe UC)SurveyMonkey Privacy NoticeIP address, member ID, and Results of surveys To send and invite you to take part in Service reviews. 
    Analytical toolsLooker (Google Cloud EMEA, Ltd)Looker Privacy PolicyApp usage dataTo understand how you use the App, which features you engage and what you like or dislike the most, and To create statistical reports. 
    Analytical toolsDatabricks, Inc.Databricks Privacy NoticeApp usage dataTo understand how you use the Website, which features you interact with and what you like or dislike. This helps us improve your product experiences.
    Analytical toolsGoogle LLC (Google Tag Manager & Google Analytics 4) 

    Google Privacy Policy and Google Analytics 4: Data privacy and security

    		Website usage dataTo monitor how well our Services are performing and to understand how you use them on our Website, all while ensuring suitable privacy protections. 
    Customer SupportZendesk Inc., USAZendesk Privacy PolicyEmail address, Content of the emails,and Content of support query chatbot messaging To process communications received from you, and Our Website chatbot is powered by Zendesk. Once a chat is closed, its contents will be automatically deleted within two hours.
    Customer SupportCustomer Thermometer Ltd Customer Thermometer Privacy PolicyEmail address, and Responses to surveysTo obtain customer feedback. Machine learning to deliver cycle predictions; forecast customer retention; and display relevant content within the app
    Machine Learning Development PlatformTecton, Inc.Tecton Privacy PolicyPersonal data relating to cycle dates, goals, symptomsMachine learning to deliver cycle predictions; forecast customer retention; and display relevant content within the app
    PaymentsApple, Inc.Apple: App Store & Privacy NoticePayment and banking information, and Personal identifiersTo handle and process payments for your App subscription.
    PaymentsGoogle LLC, USAGoogle Privacy PolicyPayment and banking information, and Personal identifiersTo handle and process payments for your App subscription.
    PaymentsStripe, Inc., USAStripe Privacy PolicyPayment and banking information, and Personal identifiersTo collect and process payments for certain Website purchases.
    PaymentsPayPal Inc.PayPal Privacy StatementPayment and banking information, and Personal identifiersTo handle and process payments for your App subscription.
    PaymentsChargeback Gurus (International Risk Mitigation, LLC)Chargeback Gurus Privacy Policy Payment and banking informationTo handle disputes and process refunds 
    Promoting Flo and user experience functionalityAppsFlyer UK Ltd AppsFlyer Privacy PolicyInformation about your device model, language and operating system. Enable linking for Website to App onboarding journey or invite a friend or partner to Flo, and To optimise marketing campaigns. To link accounts when using Flo for Partners and to simplify, track and improve influencers campaigns. 
    Promoting Flo and user experience functionalityFirebase (Google Cloud EMEA Ltd)Firebase Privacy and Security Information about your app usage, subscription status, and technical identifiersTo optimise marketing campaigns. To send push notifications on Android devices. To enhance our app’s functionality. To understand how you use our Services and improve your experience. 
    Security and verification of web usersCloudflare Turnstile Cloudflare's Privacy Policy IP address for fraud detection and validation, time spent on the Website or interaction signals (such as clicks), and Browser and device informationTo help keep our Website safe and secure. Cloudflare Turnstile confirms our Website visitors are real and blocks unwanted bots without slowing down web experiences for real users. This does not use cookies or track users across websites.

    For details about the processors we use in connection with cookies, please see our Cookie Policy

    Commercial partners

    Flo offers the Services to customers of selected commercial partners. These partnership offers involve limited sharing of personal data with Flo so that we know you have joined us via our commercial partner (like, Wellhub). Flo may receive information from the commercial partner to validate your subscription, which may include a customer ID or email address. Flo may share limited event information with the commercial partner, but Flo will never share any health data (or any other sensitive data) about you. If you join Flo via a commercial partner, please check their privacy policy for more information, or contact us at dpo@flo.health if you have any questions.

    Example: Flo has partnered with Wellhub, a health and wellbeing platform. Flo is available to Wellhub’s members as a health and wellbeing service. If you sign up for Flo using your Wellhub subscription, a Wellhub ID is shared with Flo. After you sign up to Flo, Flo will confirm to Wellhub if you have been active in the App. 

    Aggregated information

    We may aggregate, anonymise or de-identify your personal data so that it cannot be used to identify you. This personal data might be shared with third parties, like research institutions or used for statistical purposes. For example, we share general age and demographic information, along with aggregated statistics about activities or symptoms to identify patterns across and support scientific research. This helps us create articles, blog posts and scientific publications that advance research on female health.

    If we want to include you in specific research studies, we will ask for your consent. You can withdraw your consent at any time by emailing us at dpo@flo.health.

    Information posted by you

    The App includes community areas like Secret Chats and guided groups where members with similar interests can share information and support each other. 

    Posting personal data that can directly identify you or others in such groups is not allowed and violates our rules, including the Secret Chats Rules. Any information you share in these community areas is accessible to the Flo community. Please think carefully before posting anything that could identify you in any public forum. Remember, what you post can be seen, disclosed, or collected by others and may be used in ways beyond our control, including contacting you for unauthorised purposes. If you accidentally post personal data and want it removed, email us at support@flo.health

    We may also preserve or share some of your personal data in the following limited circumstances: 

    • in response to subpoenas, court orders, or legal processes, as required by applicable law (including to meet national security or law enforcement needs); 
    • when necessary to maintain the security and integrity of the Services or to protect any member’s security, consistent with applicable laws. In such cases, we may also delete some of your personal data (e.g., by resetting your password to prevent unauthorised access);
    • to assert legal rights or defend against legal claims; 
    • when disclosure is authorised or requested by the member who has provided the personal data; 
    • in the event of a business acquisition, transfer or reorganisation; and
    • depending on the situation, we may rely on legitimate interest or legal obligations as the basis for these processing activities. 

    Anonymous Mode

    Anonymous Mode lets you use Flo without linking your email, name, or other personal identifiers to your account. 

    What happens with your old account: if you already have a Flo account, some non-identifiable data (like your cycle information) will be transferred to your new Anonymous Mode account. However, your old account with personal data will be deleted according to our retention policy and you will no longer have access to it. 

    Limitations of Anonymous Mode: in Anonymous Mode, some features of the App will not be available because they rely on personal data. These features may include:

    •  integration with your wearable device; and 
    • certain push notifications and emails. 

    Customer Support: when using Anonymous Mode, we cannot identify you. This means our customer support may not be able to assist with specific or technical questions. However, we will do our best to help where possible. 

    Security: while Anonymous Mode minimises risks by unlinking personal data from health data, it’s important to note that in rare cases, security measures might be bypassed. For more details on Anonymous Mode, please check our Anonymous Mode FAQs here.

    Flo for Partners 

    If you are over 18, you can choose the Flo for Partners Service, allowing certain information from your Flo account to be shared with your partner. As the main member, you have complete control over this sharing and you can stop it at any time. 

    What information will be shared with my partner?

    Your partner will have read-only access to the information you choose to share. They cannot download or edit your information. Specifically they cannot see or edit: 

    • calendar information created before you decided to share; 
    • personal notes; 
    • any symptoms or feelings logged in the App; or 
    • interactions with other features (e.g. Secret Chats).

    If you’re trying to conceive or tracking your menstrual cycle: your partner will see a view-only version of your current cycle day and cycle phase predictions. They will also receive tailored daily educational insights and notifications during key phases of your cycle. 

    If you’re pregnant: your partner will get regular updates about your pregnancy, including tailored daily educational insights. They will be notified about changes to your body, common symptoms and important milestones. 

    Your partner will also see updates in their App if you switch between modes (e.g. from ‘track pregnancy’ to ‘track cycle’) and their content will adjust accordingly. 

    What personal data is collected from you as a partner? 

    If you’re a partner receiving information, we will collect your name and email to set up your account with Flo. We’ll also ask for your month and year of birth to verify your age. While we don’t collect your gender directly, it may be inferred based on your App usage. No health data about you will be collected. 

    Retention of your personal data

    We will keep your personal data for as long as necessary to provide you with the Services or fulfill the purposes for which it was collected (except as noted below). 

    Impact of account deactivation/requests to erase personal data: You can deactivate your account at any time by following instructions in the ‘How to exercise your privacy rights’. We will process your request within one-month. In some cases, it will take up to 90 days to completely erase your personal data from our backup systems. If you choose to deactivate your account, Flo will delete your personal data, and it will not be recoverable should you later create another account. 

    Deleting the App or inactivity: If you delete the App from your device or your account becomes inactive, we will retain your personal data for three years in case you decide to reactivate the Services or reinstall the App. After three years of inactivity, your personal data will be deleted. Flo will apply this standard retention policy. However, you can still request earlier deletion by contacting us at any time.

    Limitations: Even after your account is deleted, we may need to retain certain personal data and other information. This is required or permitted by applicable law, like the GDPR, and may include situations like: 

    • complying with legal obligations; 
    • managing and handling legal claims; and 
    • archiving for public interest, scientific or historical research, or statistical purposes.

    How do we delete your data?

    We use industry-standard methods to securely and permanently delete your personal data from our systems, making it impossible to recover. This process may include sending automated notifications to our processors who process your personal data on our behalf. 

    Security of your personal data

    General security measures

    We take various technical and organisational steps to protect your personal data from loss, theft, misuse, and unauthorised access, disclosure, alteration, and destruction. These measures are designed based on the nature of the personal data we handle and the risks associated with special categories of personal data we collect. This includes:

    • encryption: your personal data is encrypted both in transit and at rest;
    • vulnerability scanning: we conduct regular scans and penetration testing;
    • data integrity protection: we have measures in place to protect the integrity of your data;
    • organisational and legal measures: for example, our employees have different levels of access to your personal data, limited to what is necessary for operating the Services. We hold our employees strictly accountable for any disclosure, unauthorised access, alteration, destruction or misuse of your personal data; and
    • privacy assessments: we conduct regular data protection impact assessments to ensure that the Services comply with privacy principles. We also commit to a privacy audit in the event of Flo’s merger or takeover.

    Please keep your password secure and don’t share it with others. Consider adding a passcode or enabling face ID for an extra layer of protection. 

    While we strive to protect your information, we cannot guarantee absolute security, nor can we ensure that your personal data won’t be intercepted during transmission to us. 

    Security breaches

    If there is a security breach and where required by law, we will either post a notice or try to contact you by email. We will take reasonable steps to fix the issue according to applicable laws and this Privacy Policy. For potential personal data breaches, we may take additional actions, such as logging you out from all the devices, resetting your password and other necessary steps to address the situation.

    If you want to report a security incident related to the Services, please email us at security@flo.health.

    Children’s privacy

    General age limitation: our Services are not for children, and we do not knowingly collect personal data from anyone under 13. If you know of someone under 13 using the Services, please email us at support@flo.health. 

    Age limitation for residents of the European Economic Area (EEA), United Kingdom (UK), Canada and India: For legal reasons, residents of the EEA, the UK, Canada or India must be at least 16. If you know of someone under 16 using the Services, please email us at support@flo.health.

    Some features of the App are only available to members who are 18 or older.

    Communication with you

    We might contact you via email, pop-ups or push notifications to share updates with you about Services, offers, promotions, rewards and events. These messages will be based on the Services you have chosen from Flo, (e.g. your selected mode) and the features you interact with.

    Opt-out options: You can unsubscribe from marketing emails by clicking the “Unsubscribe” link in the email. Opting out of these marketing emails or notifications will not stop essential Service-related emails. To stop receiving push notifications, adjust your settings on your device. In some cases, we might ask for additional consent for certain communications.

    Please note we may contact you through third-party platforms (like social media) with information about our Services, offers, promotions, rewards and events.

    Presence on social networks 

    We may use social media to promote Flo and interact with our customers. When you engage with us on these platforms, we process information about you, like your username, profile picture and any comments or posts related to Flo. This information is used solely for engagement purposes.

    Storage and international personal data transfers

    Flo is based in the UK. The personal data we collect is transferred to and processed in the US, where it is subject to US law and to other countries (where it follows the laws of those countries). These transfers are usually cloud-based and occur when you use our Services. Please note, the laws in these countries may not offer the same protections as those in your country.

    Transfers of personal data outside of the EEA and the UK

    Personal data in the EEA and the UK is protected by the GDPR and the UK GDPR. When we transfer personal data outside of these areas, we apply appropriate safeguards to ensure your personal data is protected. For example, we use data transfer agreements that include the European Commission’s Standard Contractual Clauses and conduct transfer risk assessments. 

    For further information, please email us at support@flo.health.

    Data Privacy Framework (“DPF”) Participation

    Flo complies with the EU–US DPF, the UK Extension to the EU–US DPF and Swiss–US DPF (collectively, the “DPFs”) when it transfers personal data to its US group company. We have certified to the U.S. Department of Commerce that, on reliance of the DPFs, we adhere to the DPF Principles when processing personal data of individuals within the EU, UK and/or Switzerland. For onward transfers, Flo is responsible for processing personal data it receives under the DPFs, and then transfers to a third party acting on Flo’s behalf. Flo remains liable under the DPFs if those third parties process personal data in a way that is not in compliance with the DPFs, unless Flo can prove that we are not responsible for the cause of any damage.

    If there is any conflict between the terms in this Privacy Policy and the DPF Principles, the DPF Principles will govern. You may view our certification here.

    Complaints and dispute resolution: We commit to resolve complaints about our collection and use of your personal data. EU, UK and Swiss individuals with inquiries or complaints regarding our DPFs should first contact us by emailing us at dpo@flo.health or by mail using the address Flo Health UK Limited, Fourth Floor, International House, 1 St Katharine’s Way, London, E1W 1UN, United Kingdom. 

    Arbitration: You may also be able to invoke binding arbitration for unresolved complaints, but prior to initiating such arbitration, a resident of a European country (including Switzerland) participating in the DPFs must first (1) contact us and afford us the opportunity to resolve the issue; (2) seek assistance from JAMS; and (3) contact the US Department of Commerce (either directly or through a European data protection authority) and afford the Department of Commerce time to attempt to resolve the issue. If such a resident invokes binding arbitration, each party shall be responsible for its own attorney’s fees. Please be advised that pursuant to the DPFs, the arbitrator(s) may only impose individual-specific, non-monetary, equitable relief necessary to remedy any violation of the DPF with respect to the resident. The arbitration option may not be invoked if the individual’s same claimed violation of the principles (1) has previously been subject to binding arbitration; (2) was the subject of a final judgment entered in a court action to which the individual was a party; or (3) was previously settled by the parties.

    We are subject to the investigatory and enforcement powers of the US Federal Trade Commission concerning personal data transferred under the DPFs, the UK’s Information Commissioner’s Office (for UK individuals), the relevant EU Data Protection Authority, and the Swiss Federal Data Protection and Information Commissioner for resolving disputes with Swiss individuals. 

    We have further committed to refer unresolved DPF complaints to JAMS, an alternative dispute resolution provider located in the US. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact JAMS or visit https://www.jamsadr.com/DPF-Dispute-Resolution for more information or to file a complaint. The services of JAMS are provided at no cost to you.

    United States

    If you live in the United States, please also see our U.S. State Privacy Law Notice.

    If you are a resident of Washington and Nevada, please see our Consumer Health Data Privacy Notice.

    Contact us

    If you have any questions or concerns about your privacy, you may contact us or our data protection officer by writing to us at:

    Flo Health UK Limited: 

    Fourth Floor South, International House, 

    1 St Katharine’s Way, London,

    E1W 1UN, 

    United Kingdom

    Flo Health LTU UAB (our main EU establishment): 

    Saltoniškių street 2 

    Vilnius, 

    LT-08126, 

    Lithuania 

    You can also reach us by email at support@flo.health or dpo@flo.health.

    If needed, you may also contact your local data protection authority. A list of local data protection authorities is available here