Warning: *Privacy Not Included with this product
NordicTrack Treadmill
Nowhere to run to, nowhere to hide. That's what you get with these connected treadmills from NordicTrack. Climb on the road to nowhere, hop in one of the live, interactive training sessions you stream on the HD touchscreen right in front of you, and take off. The personal trainers can control your treadmill's incline, decline, and speed in real time so you have no choice but to sprint up that hill! Google Maps technology lets you run anywhere in the world. And you get tons of personalized stats to tell you how much harder you need to run to beat your buddy. Just the motivation you need to lose those extra few pounds. Unfortunately, NordicTrack isn't exactly stellar at privacy.
What could happen if something goes wrong?
NordicTrack has cleaned up their act a little bit since we reviewed them last year, but they’re still bad. They’ve gone from “awful" to “awe come on, you can do better than that!” Their privacy policy no longer says outright that they can sell your personal data -- except in the context of digital tracking technologies like cookies. Don’t get us wrong, that’s still not good, but it is pretty standard these days. (If you’re curious, it looks like the old privacy policy is still up on their Canadian site for some reason.)
One of the terrible, bad, no-good things that NordicTrack is still up to? They say, “By creating an account with us, you agree that we may contact you for marketing and transactional purposes by phone, e-mail, mail, or text message, even if your number is on a do-not-call list or is a wireless number.” Yikes!!!! And while we’re sharing bad news, we feel it’s our duty to mention that in spring of 2023, some users said that their NordicTrack treadmills and exercise bikes became “very expensive spider resort[s]” in that they suddenly stopped working. Ouff.
Back on privacy, NordicTrack seems to collect and share a good amount of data on their users, including buying data from data brokers and gathering it from public sources. Ugh. They say they will use all the data they can collect on you to target you with advertising and marketing and make suggestions to you about goods or services that may be of interest to you. Eh, not good but also, kinda the way the world works these days. They also say they can collect, use, and share aggregated data for “any purpose.” That’s pretty normal too but it’s worth pointing out that many privacy researchers have demonstrated that it can be easy to re-identify that data.
So, if you buy a NordicTrack exercise machine and sign up for their iFit app for workouts, expect your data to be collected, used to target you with all kinds of ads, your phone number is now fair game for marketing texts or phone calls from them. You’re gonna need a good workout to help get rid of the stress of all that. Maybe go outside for some exercise, that seems safer. Good news though, residents of California and Virginia in the US can opt out of some of this data gathering and selling. Just those states’ residents though, thanks to their stronger privacy laws, no one else. Yay for strong privacy laws! Uh, hang on. NordicTrack says that even in those states they reserve the right to “charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive” or can refuse it. Hmm. That’s an interesting take on the law. One thing we can say about NordicTrack is that they are bad in unique and unpredictable ways.
Tips to protect yourself
- Be very careful what third party companies you consent to share you health data with. If you do decided to share your health data with another company, read their privacy policy to see how they protect, secure, and share or sell your data.
- Do not sign up with third-party accounts. Better just log in with email and strong password.
- Chose a strong password! You may use a password control tool like 1Password, KeePass etc
- Use your device privacy controls to limit access to your personal information via app (do not give access to your camera, microphone, images, location unless necessary)
- Keep your app regularly updated
- Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
- Request your data be deleted once you stop using the app. Simply deleting an app from your device usually does not erase your personal data.
- When starting a sign-up, do not agree to tracking of your data if possible.
Can it snoop on me?
Camera
Device: No
App: Yes
Microphone
Device: No
App: No
Tracks location
Device: Yes
App: Yes
What can be used to sign up?
Yes
Phone
No
Third-party account
No
What data does the company collect?
Personal
Identity data includes first name, last name, username, or similar identifier, date of birth, and gender. Contact data includes billing address, mailing address, email address, and telephone numbers. Financial data includes bank account and payment card details. Transaction data includes details about payments to and from you and other details of products and services you have purchased from us. Technical data includes internet protocol (IP) address, your login data, browser type, and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website. Usage data includes information about how you use our website, products, and services. Marketing and communications data includes your preferences in receiving marketing from us and our third parties and your communication preferences. Social Media Application Data includes your public profile information, your social media connections, photos and ""likes."" Geolocation information may be recorded when you use certain features of our apps, which may be uploaded to your profile when synced with your account. We may collect precise geolocation information when you connect our Services to certain third-party apps, such as Strava, Garmin, Google or Apple. Professional or Employment-Related Data includes information you provide on a job application or resume, including past employment or qualifications.
Body related
Your profile could include your health data, including height and weight data, exercise data, including heartrate data, or other physical patterns or rhythms from your workouts or fitness goals. Under certain privacy laws, this data may be classified as sensitive and be entitled to additional protections. It may also include information you share about your workouts or fitness goals, such as videos of a workout.
Social
How does the company use this data?
How can you control your data?
What is the company’s known track record of protecting users’ data?
In late 2022 and early 2023, Consumer Reports reported some NordicTrack users found that a software update to the iFit platform on some NordicTrack touch screen devices caused the machines to become inoperable. Users also reported trouble getting NordicTrack to fix this issue, and a class action lawsuit was filed.
Child Privacy Information
Can this product be used offline?
User-friendly privacy information?
NordicTrack and iFit's privacy policy is not the worst we've seen but can be confusing and not exactly user-friendly.
Links to privacy information
Does this product meet our Minimum Security Standards?
Encryption
Strong password
Security updates
Manages vulnerabilities
Privacy policy
Dive Deeper
-
Owners Resort to Hacking Smart Treadmills After NordicTrack Locks Them OutExtremeTech
-
iFIT Class Action Says Software Update Left Fitness Equipment ‘Totally Inoperable’ [UPDATE]ClassAction.org
-
Peloton vs. NordicTrack: Which exercise bike is better for you?Tom's Guide
-
Some NordicTrack and ProForm Exercise Machines Have Suddenly Stopped WorkingConsumer Reports
Comments
Got a comment? Let us hear it.