Garmin Index Smart Scale
Best Of Holiday Guide 2023 Smart Home Health & Exercise Smart Scales

Garmin Index Smart Scale

Garmin
Wi-Fi Bluetooth

Review date: Nov. 1, 2023

|
Mozilla researched 8 hours
|

Mozilla says

|
People voted: A little creepy

Let's be honest, tracking all those steps with a fitness wearable is nice. Seeing the benefits of all those steps when you take that step onto the scale is much nicer. Garmin's Index Smart Scale gives you a way to bring all those metrics -- weight, body mass index, body fat, skeletal muscle mass and more -- together. Pair up this WiFi and Bluetooth connected scale with the same app your Garmin fitness tracker uses -- the Garmin Connect app -- and you've got all your fitness and body info right there in one place. And best of all, Garmin looks pretty good from a privacy perspective. Now get stepping.

What could happen if something goes wrong?

When your *Privacy Not Included researcher wanted to get a fitness tracking smartwatch to see how stressed out reading privacy policies made her, Garmin is what she went with. Because Garmin seems to do one of the best jobs handling the privacy and security of all the personal data fitness trackers collect, at least according to their really not that stressful privacy policy. The same thing applies to their smart scale too.

Here’s what this privacy researcher really likes about Garmin. Yes, Garmin's smart scale can collect a whole lot of personal information through the device and on the Garmin Connect app. That’s what smart scales are designed to do, that's why we want them. Garmin says they can collect data like email address, device information, location, and all that body-related data like how much you weigh, your BMI, and more. Here's the thing. Garmin might collect lots of data, but they then do a pretty good job, as far as we can tell, of respecting it, protecting it, and not trying to make money off sharing or selling it. Gasp! What a wonderful idea.

Your “sharing with others” user settings in the Garmin Connect app are set to “private” by default. Which is great. You can choose to share your data with contacts if you wish, but you have to change your privacy settings to do that. Good work Garmin. Garmin says they don't sell data and they don't share your personal information for advertising purposes with third parties without your consent. They ask you to opt-in rather than opt-out of consent to receive marketing communications from them. And their privacy policy is actually pretty good at laying out what data they collect, clearly explaining why they collect it, and how it is used.

Garmin also seems to do a pretty good job securing the personal information they collect. However, they did suffer that very public ransomware attack in 2020. Ransomware attacks suck and it seems no company is safe from them these days. Good news though, no user data was actually compromised in that attack, so, once more, good work Garmin.

Garmin has been on our Best Of list for a number of years. And we're pleased to say, in 2023, it seems they've gotten even better (which is amazing when so many other companies are getting worse). We were very happy to see that the one gripe we had with Garmin in the past -- the fact that they didn't clearly state they grant all people, regardless of where they live and the privacy laws they live under, the same right to delete their data -- got fixed in 2023.

Garmin actually reached out to us about that and when we pointed out that they didn't clearly state that, they said they would take a look. And now we see this lovely line on their Data Protection Rights page, "Depending on where you reside, you may have rights under applicable laws, subject to conditions and restrictions provided in those laws. Regardless of where you reside, you can access, correct, export, or delete your personal data (including deleting your entire Garmin account) by visiting our Account Management Center." Great work Garmin! This is the kind of care about privacy for everyone, not just the people you're required to grant privacy rights to, that we LOVE to see. (Also, a note to toot our own horn a bit: This is what happen when we point out the issues we see to companies -- sometimes the good ones make change.)

Is your intrepid privacy researcher happy with her decision to get a Garmin fitness tracker? What’s the worst that could happen with your Garmin smart scale? Well, hopefully nothing, but do beware if you link your data to other third party apps like Strava and MyFitnessPal. Those apps come with their own privacy policies and every time you share your personal information with someone else you increase the vulnerability of that personal information.

Tips to protect yourself

  • Be very careful what third party companies you consent to share you health data with. If you do decided to share your health data with another company, read their privacy policy to see how they protect, secure, and share or sell your data.
  • Do not sign up with third-party accounts. Better just log in with email and strong password.
  • Chose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless necessary)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
  • When starting a sign-up, do not agree to tracking of your data if possible.
  • mobile

Can it snoop on me? information

Camera

Device: No

App: Yes

Microphone

Device: No

App: Yes

Tracks location

Device: No

App: Yes

What can be used to sign up?

What data does the company collect?

How does the company use this data?

Garmin Privacy Policy

"If you choose to enable your account to access accounts you have with other app providers, such as your MyFitnessPal, Strava, or TrainingPeaks account, we will obtain information about you from such account, such as the number of calories consumed in a particular day based on information from your MyFitnessPal account or courses and segments from your Strava account."

"If you provide your opt-in consent to receiving marketing information from us, we will also process your email address for the purpose of sending you marketing information about our products, services, and apps, as well as newsletters. The legal ground for processing your email address for this purpose is your consent. You may withdraw your consent at any time by changing your preferences in your account or through the unsubscribe link at the bottom of our marketing emails. The marketing emails you receive from us are based on the preferences you provide in your account, the locale indicated by your Internet Protocol (IP) address, the types of devices you have added to your account, and any subscriptions included in your account. The legal ground for processing this data for this purpose is our legitimate interest in reducing the number of marketing emails sent to each particular customer by selecting which customers receive a particular marketing email rather than sending every marketing email to every customer who has consented to receiving marketing emails. If you reside in mainland China, we may use your mobile phone number to send you marketing communications via SMS."

According to Garmin written statement to us, Garmin doesn’t share any data collected from a user’s device with third parties unless the user directs us to do so. Some users wish to connect their Garmin accounts with their accounts on other platforms, such as Strava or MyFitnessPal, and we share a user’s data with such other platforms if directed to do so by a user.

How can you control your data?

Data Protection Rights page
"Regardless of where you reside, you can access, correct, export, or delete your personal data (including deleting your entire Garmin account) by visiting our Account Management Center."

Privacy Policy for Garmin Connect and Compatible Garmin Devices

"We will retain your personal data as long as your Garmin account is considered to be active or in accordance with applicable law and regulatory obligations. In addition, see below under “Manage Your Data” for information on how to delete your data or account."

"We provide a self-service portal, the Account Management Center, to allow you to access, export, correct, or delete your data at any time. The Account Management Center requires you to sign in with your Garmin credentials to ensure that only you can manage your data and exercise your rights."

What is the company’s known track record of protecting users’ data?

Average

They did suffer that very public ransomware attack in 2020. No user data was compromised during this attack.

Child Privacy Information

We request individuals under the age of 13 in the U.S. and under the age of 16 in the rest of the world not provide personal data to Garmin. If we learn that we have collected personal data from a child under the age of 13 in the U.S. or under 16 in the rest of the world, we will take steps to delete the information as soon as possible.

Can this product be used offline?

Yes

User-friendly privacy information?

Yes

Garmin has an easy to find list of all privacy policies. The privacy policies are relatively simple to read.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Garmin devices and apps use a combination of asymmetric and symmetric encryption appropriate to the nature and function of the product, and data stored/transmitted.

Strong password

Yes

In order to use companion apps, an account with a strong password is required.

Security updates

Yes

Manages vulnerabilities

Yes

Privacy policy

Yes

Does the product use AI? information

Yes

Garmin use Machine Learning (ML) to provide personalized insights to customers who wish to receive them as they pursue their fitness and wellness goals.

Is this AI untrustworthy?

Can’t Determine

What kind of decisions does the AI make about you or for you?

Garmin says in their privacy policy, "Garmin does not make any decisions based on algorithms or other automated processing that significantly affect you."

Is the company transparent about how the AI works?

Yes

Does the user have control over the AI features?

Yes

*privacy not included

Dive Deeper

  • Thousands of Garmin Smartwatches Being Used to Test Space Force Fitness Program
    Military.com News
  • Garmin’s New Aviator Watch Partly Addresses a Risk the War in Ukraine Is Highlighting – Microtargeting
    Forbes
  • A Cyberattack on Garmin Disrupted More Than Workouts
    Wired
  • Stop Leaving Your Smartphone's Bluetooth On
    Lifehacker
  • Ransomware attack on Garmin thought to be the work of 'Evil Corp'
    The Guardian
  • The Garmin Hack Was a Warning
    Wired
  • The Garmin Security Breach: Here’s What You Need to Know
    Terra Nova

Comments

Got a comment? Let us hear it.