Natural Cycles - Birth Control

Natural Cycles - Birth Control

Review date: Aug. 9, 2022

|
|

Mozilla says

|
People voted: A little creepy

Natural Cycles is a Swedish-based birth control app that has the distinction of being the first FDA cleared app designed for contraceptive use to prevent pregnancy. The app also got FDA clearance to use temperature data from wearable devices like Oura Ring to help make predictions on when you might get pregnant.

Natural Cycles is an app that can track and collect a whole bunch of sensitive personal information like name, email, location, race, period data, and when a user is likely to be most fertile based on basal body temperature and an algorithm that "learns the patterns of your unique cycle." The app isn't free — it charges around $12.99 a month or $99 a year for a subscription — and they point out on their website their monthly subscription fee "helps protect you and your data." So, do they protect your and your very personal data? Well, the don't sell it, which is great. They do say they can share some personal information to improve their social media marketing -- which isn't too great. Though, they say they don't share "sensitive data" for this purposes, which makes us feel better. All in all, Natural Cycles isn't the worst data sharing fertility app we reviewed. It's not the best either.

What could happen if something goes wrong?

The good news first. Natural Cycles states very clearly in their privacy policy and their data privacy mission statement that they will never sell your data. Yay! That's something, even if the bare minimum of what we hope to see for privacy protections. And because Natural Cycles is a Swedish-based company, their privacy policy says they comply with stricter European GDPR privacy regulations for all users, regardless of where a you live. This is more good news. That means all users have strong rights to access and delete their data too.

Are there things with Natural Cycles that worry us? Yes, a few. One, they do collect a whole bunch of personal, sensitive, and health related information on you. A whole bunch. Remember, once that data is out in the world, you have to trust that it will remain secure. And while Natural Cycles does state that they take strong security measures to protect this data, and we believe them on this, nothing ever shared on the internet is 100% secure.

Natural Cycles also does indicate they use data such as IP and device information and anonymized email addresses for social media marketing purposes. They don't share any sensitive personal information for this purpose though. And Natural Cycles does use cookies, including third party services that may collect data about your site visits for marketing purposes. None of this is great. But, as this mostly all seems to be anonymized or data limited of direct personal information, it's also not an uncommon practice for most companies.

Natural Cycles does say they can ask for consent to share personal data for research purposes. They say, "If we have your consent, we will use your User Data and other Personal Data that you may provide, in pseudonymized or anonymized form ... for scientific studies, scientific articles and other research purposes as may be disclosed when your Personal Data is collected." As long as consent is clearly asked for in these instances, we're OK with this too.

Then there is the matter of what and how Natural Cycles says they share with law enforcement. This section of their privacy policy is a little more vague than we like to see. They state that can disclose your personal information, "if we reasonably believe it is necessary to comply with a legal or regulatory obligation." That doesn't give us much to go on regarding how Natural Cycles would handle subpoenas from law enforcement. We'd like to see a bit more information there. The good news is, when we asked Natural Cycles this question about sharing with law enforcement, they acknowledged it was a thorny issue and told us they are "currently in the process of creating a completely anonymous experience for users" with the goal of making it so no one, not even Natural Cycles, can identify the users. Yes, please! We'll all stay tuned for this.

What's the worst that could happen with Natural Cycles. Well, hopefully not too much, although they do collect a whole bunch of very personal information. One thing to consider: when you're able to use your Apple Watch or other wearable device to connect with this app to track information about your cycle, remember, you'll have to worry about the privacy of that device as well as this app too. The more you share, the more you have to worry about that data leaking out into the world somehow.

Tips to protect yourself

  • Add an App lock for your calendar if someone else might be using your phone/other device
  • When you no longer use the app, go to "Delete account" in the app menu
  • Chose a strong password! You may use a password control tool like 1Password, KeePass etc.
  • Do not give access to your location in the app! When asked to provide location in the sign-up, first click 'Enable' and then chose 'Do not give location' in the drop down. Yes, very misleading!
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images and videos)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • mobile

Can it snoop on me? information

Camera

Device: N/A

App: Yes

Microphone

Device: N/A

App: No

Tracks location

Device: N/A

App: Yes

What can be used to sign up?

Google sign-up available

What data does the company collect?

How does the company use this data?

"Natural Cycles never sell your Personal Data and we conduct extensive assessments before engaging any processor to ensure that they have appropriate technical and organizational measures in place that provide adequate protection of your Personal Data. Anyone who is processing Personal Data on our behalf is bound by contractual obligations to keep Personal Data confidential and secure, and to use it only for the purposes as instructed by us. "

Natural Cycles does not share any Sensitive Data that can be linked back to you as an individual with any partner for them to use. They do, however, use external suppliers for storing and processing data, with agreements in place to ensure they don’t use the data for other purposes.

The app may share your data if they reasonably believe it is necessary to comply with a legal or regulatory obligation.

Another way that the app uses data is to help them monitor the effectiveness of the product as a method of contraception. To do this, they combine the applicable Sensitive Data from all users into one large “data pool” and review it on a monthly basis to check that the effectiveness rate remains constant; this is a requirement of the notified body that granted the app's certification.

How can you control your data?

Every user can exercise rights granted by GDPR, such as right to access or to erase your personal information.

Otherwise, you consent that Natural Cycles store your data for 3 years.

You may contact the app in writing at any time to exercise your rights, preferably using the email address that is associated with your user account. The app does their best to respond to your request within a few days, and at least within one (1) month. If the request is complicated or if they have received a large number of requests, they may need to prolong the response time with one (1) additional month.

How the company says they may share data with law enforcement:
Natural Cycles may share your Personal Data: if we reasonably believe it is necessary to comply with a legal or regulatory obligation

What is the company’s known track record of protecting users’ data?

Average

No known privacy or security incidents discovered in the last 3 years.

Child Privacy Information

The app is not intended for users under 18.

Can this product be used offline?

Yes

User-friendly privacy information?

Yes

There is a glossary with privacy terms, and also a separate privacy mission statement.

Links to privacy information

Does this product meet our Minimum Security Standards? information

Yes

Encryption

Yes

Strong password

Yes

Security updates

Yes

Manages vulnerabilities

Yes

Users can send vulnerability reports to [email protected]

Privacy policy

Yes

Does the product use AI? information

Yes

Natural Cycles uses an algorithm based on your daily body temperature readings and menstrual cycle information to work out the days of the month you're most and least likely to conceive.

Is this AI untrustworthy?

No

What kind of decisions does the AI make about you or for you?

The risk of unwanted pregnancy

Is the company transparent about how the AI works?

Yes

Natural Cycles website claims that their “digital birth control” method is 93 percent effective under typical use and 99 percent effective when used perfectly (i.e. if you never have unprotected vaginal intercourse on high-risk days), it also warns that it takes between one and three cycles for the app to "get to know you.”

Does the user have control over the AI features?

Can’t Determine

*Privacy Not Included

Dive Deeper

Comments

Got a comment? Let us hear it.