Flo App May Have Illegally Shared Users Sexual Health Information

Flo—one of the most well-known period, ovulation, and pregnancy tracker apps—is used by more than 70 million women each month. Most of these users don’t question the Flo health app privacy and trust the female health company to keep their sensitive information confidential. 

Shockingly, a class action lawsuit claims Flo did just the opposite—the digital platform has been accused of harvesting and selling sexual health information without user consent. 

The following were named as defendants in the initial and amended complaints: 

• Flo Health, Inc.: The maker of the menstrual, fertility, and pregnancy tracking app 
• Google Inc.: Embedded Software Development Kits (SDKs) in the Flo app to collect personal user data
• Facebook, Inc. (now Meta): Unlawfully received personal data without user consent
• AppsFlyer, Inc.: Like Facebook, accepted sensitive information without users’ knowledge
• Flurry, Inc.: Provided SDKs embedded into the Flo app to harvest information

According to the Flurry Flo lawsuit, “Flurry knew that the data it received from Flo Health through Flurry contained intimate health data.” “Despite knowing this,” the complaint states, “Flurry continued to receive, analyze, and use this information for its own purposes, including marketing and analytics.”

Flurry shuttered its operations in 2024, but the analytics firm isn’t off the hook for its alleged involvement. Rather than wait for the case to go to trial and risk further deterioration of the defunct company’s financial situation, plaintiffs chose to seek settlement. 

Flurry has since agreed to a $3.5 million settlement. Pending court approval, affected Flo app users should be able to claim their portion. The California privacy settlement may entitle claimants in that state to a double payout.  

Though this amount is less than initially hoped for, the menstrual tracking lawsuit describes the Flo app settlement as “fair, reasonable, and adequate” given Flurry’s degraded economic condition. Resolving claims at this stage also frees up additional time and resources, allowing plaintiffs to focus on pursuing greater compensation from larger, more financially secure defendants—such as Flo, Meta, and Google.

What Information Was Allegedly Harvested—And How Was It Used?

Though Flo denies ever selling user information, the company is accused of violating privacy laws by collecting and sharing a variety of sensitive personal information. Information allegedly harvested goes beyond Flo ovulation tracking data. It includes: 

• Birthdates
• Gender
• Location data
• Sexual activity information, such as frequency, protection used, and other details
• Menstrual cycle details, including period start and end dates
• Future pregnancy plans

Plaintiffs believe the allegedly sold information was used by recipients (like Google and Facebook) to: 

• Build unique user profiles for targeted advertising based on menstrual cycles, fertility status, or pregnancy intentions
• Improve data analytics for certain user segments (e.g., those trying to conceive, expecting mothers, women who may purchase period products) for marketing purposes
• Track users across multiple apps to generate more comprehensive advertising profiles
• Potentially resell or redistribute to third-party data brokers

Who is Eligible for the Flo Privacy Data Breach Settlement?

Pending court approval, the following people may be eligible to claim their portion of the $3.5 million Flurry settlement:

• Those who entered period and/or pregnancy information into the Flo Health App during the period of November 1, 2016, to February 28, 2019.

Further, class members who lived in California during this time may qualify for a double Flo app user payout under the state’s data protection laws. These individuals should be prepared to prove that they lived in California during the relevant time period to receive this increased payout amount.

However, affected Flo app users won’t be able to seek part of the settlement until it has been approved. Plaintiffs filed a motion for preliminary court approval of the proposed settlement in May 2025. If approved, class members should be notified via email or mail. Claims can typically be submitted online or by post.

Are Women’s Health Apps Safe?

Period-, fertility-, and pregnancy-tracker apps can be useful tools throughout a woman’s sexual health journey. However, the privacy concerns surrounding Flo are very real—and may lead users to wonder if their most sensitive data can be trusted with similar apps. 

The truth is complicated. 

Disappointingly, like Flo, several women’s health apps have come under fire for privacy concerns. According to data protection experts, users should practice caution with apps including the following:

• My Calendar Period Tracker
• Babycenter
• Clue Period & Cycle Tracker
• Pregnancy+
• Ovia Fertility & Pregnancy
• Glow

Some period-tracking apps may be safer than others, however. Apps like Drip, Euki, and Periodical claim to prioritize user privacy, offering greater data protection measures like: 

• Local data storage (meaning any information you enter into the app is stored only on your device, not the company’s servers)
• Disabling location services
• Allowing you to request deletion of your data and verifying its deletion

It’s important to understand that all apps allowing you to track periods, ovulation, or pregnancy are classified as “lifestyle apps,” not medical tools. So even though they are used to record sensitive health information, they aren’t subject to the Health Insurance Portability and Accountability Act (HIPAA). Without HIPAA’s protection, your personal data can be harvested and redistributed to third parties.

For women who are concerned about privacy, the best choice may be to forgo the use of these apps entirely and record sexual health data in paper calendars or journals, spreadsheets stored locally on their device (rather than online), or encrypted notes apps.

In an ideal world, individuals would be able to trust their most private information with women’s health apps. But, as the Flo app class action lawsuit and Flurry settlement show, these companies are more than capable of putting profits ahead of user safety.