Period Tracker

Warning: *Privacy Not Included with this product

Period Tracker

Tarehe ya ukaguzi: Ago. 9, 2022

|
|

Mozilla inasema

|
Watu waliopiga kura: Inaogofya sana

The apt, if rather boring, named period tracking app Period Tracker claims to be "the easiest way to track your periods!" We don't know about that. We do know they app lets you track your period, know your fertility window, let's you track things like mood, symptoms, and intimacy. And the app comes with a disclaimer in the app store that says, "Disclaimer: Period Tracker period and fertility forecasts may not be accurate and should not be used to prevent unwanted pregnancy." So there's that.

Period Tracker developer GP Apps seems to be a small app developer that makes one other app, a weight loss app called Resist. What does all this mean for Period Tracker privacy? Well, the short, rather vague privacy policy we found for Period Tracker actually left us with more questions than answers, which is never a good thing for anything that collects personal and health related data.

Je, jambo gani linaweza kutokea mambo yakienda mrama?

Being a privacy researcher means reading lots and lots of privacy policies, security documents, and FAQ pages. So when I stumbled across Period Tracker FAQ page, I was rather excited to see a question smack in the middle of the page with the question, "Does Period Tracker sell or share my data with any third parties?" I love it when I find privacy information on FAQ pages! Imagine my disappointment when I clicked on that link and up popped the dreaded "This page doesn't seem to exist." page. Bother! So, back to the privacy policy I head to try and find out if Period Tracker does, indeed, share data with third parties. I wasn't feeling too great about things given the broken link on their FAQ page.

So, does Period Tracker share your data with third parties? The answer seems to be yes, but maybe not too much. Here's what we found. Period Tracker's privacy policy says they share data you directly input into the app under certain circumstances like with "trusted service providers" and "as required by law, such as to comply with a subpoena, or similar legal process," and "when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, or to investigate fraud." So, they may share the personal info you input into the app with third parties, but probably (hopefully) not with advertisers.

On that front they say, "We work with advertisers and third party advertising networks, who need to know how you interact with advertising provided in the Application which helps us keep the cost of the Application low. Advertisers and advertising networks use some of the information collected by the Application, including, but not limited to, the unique advertising ID of your mobile device. Data directly inputted by users (ie., periods, notes, email, account info, etc) is not shared with advertisers." So, it seems Period Tracker does share some data with advertisers, but many not things like when your period starts or what your mood is. Still, they do share data with advertisers to target you with ads, which we don't love.

And Period Tracker does say they will share data with law enforcement, but their statement of when and why they do that is a little too vague for our comfort. We would love to see them state clearly that they only share data when required by law enforcement through subpoena and not leave any open questions that they might share data with law enforcement through voluntary disclosure, which we here at Mozilla don't like as a policy.

The biggest concern with have with Period Tracker, alongside their rather short, vague, boilerplate privacy policy, is that their security measures don't meet our Minimum Security Standards. We were able to set the app up using the weak password "1111," which isn't good at all if you're trying to protect sensitive health information on your phone. We also couldn't confirm if they use encryption, which isn't great either, you want the data you share with them to be encrypted in transit and at rest where they store it. We emailed the company three times at the email address listed in their privacy policy for privacy related questions and never received a response. Again, not great. So, we'd say this line in their privacy policy is a good reminder to beware of sharing personal information with this app, "Please be aware that, although we endeavor provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches."

Is Period Tracker the worst period tracking app we reviewed? No, it doesn't seem so. Does it raise red flags for us from a privacy perspective. Yes, absolutely. Their privacy policy is short and vague and leaves us with questions. The privacy question on the FAQ page leads to a broken link, which tells us they aren't super into keeping their privacy information updated for their users. Their security measures are questionable and don't meet our Minimum Security Standards. And they aren't responsive to privacy-related questions. What's the worst that could happen? Well, here's hoping you don't share your period frequency and moods and symptoms with this app and then have that data leaked on the dark web through a security breach where it could be bought up by "anti-abortion activists" looking for data they could us to out someone who may have had an abortion. That would suck really really bad. Here's hoping that never happens.

Vidokezi vya kujilinda

  • Do not register for the app if you do not want your email collected
  • Follow these instructions to delete all past information from the app.
  • Add an app passcode if your device might end up in the wrong hands
  • Chose a strong password! You may use a password control tool like 1Password, KeePass etc
  • Use your device privacy controls to limit access to your personal information via app (do not give access to your precise location, camera, microphone, images and videos, other files)
  • Keep your app regularly updated
  • Limit ad tracking via your device (eg on iPhone go to Privacy -> Advertising -> Limit ad tracking) and biggest ad networks (for Google, go to Google account and turn off ad personalization)
  • Request your data be deleted once you stop using the app. Simply deleting an app from your device does not erase your personal data.
  • mobile

Unaweza kunichunguza? taarifa

Kamera

Kifaa: Haihusiki

Programu: Hapana

Kipaza sauti

Kifaa: Haihusiki

Programu: Hapana

Inafuatilia eneo

Kifaa: Haihusiki

Programu: Hapana

Unaweza kutumia nini kujisajili?

Kampuni inakusanya data gani?

Je, kampuni inatumiaje data hii?

This app doesn't share personally identifiable data such as name or email. However, "Information that is collected automatically may be shared with advertisers and third party advertising networks and analytics companies." Such data may include type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.

"Data directly inputted by users (ie., periods, notes, email, account info, etc) is not shared with advertisers."

How the company says they may share data with law enforcement:
"Information that users directly input into The Application is not shared with any third parties unless […] as required by law, such as to comply with a subpoena, or similar legal process"

Unawezaje kudhibiti data yako?

We ding this app because Privacy Policy does not mention GDPR or CCPA rights. There is no contact provided in the Privacy Policy for data deletion that could be used by all users.

"If you’d like us to delete User Provided Data that you have provided via the Application, you may delete your account and associated data by going to the app settings, account page, and select delete account. This will delete your account and associated data from our servers. Deleting the native app on your phone will also delete any app data your phone holds."

"We will retain User Provided data for as long as you use the Application and for a reasonable time thereafter. We will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate. Please note that some or all of the User Provided Data may be required in order for the Application to function properly."

Je, rekodi ya kampuni inayojulikana ya kulinda data ya watumiaji ni gani?

Wastani

No known privacy or security incidents discovered in the last 3 years.

Taarifa ya Faragha ya Mtoto

The app do not use the Application to knowingly solicit data from or market to children under the age of 13 (or under the age of 16 for individuals residing in the European Union). If a parent or guardian becomes aware that his or her child has provided them with information without their consent, he or she should contact the app at https://gpapps.com/feedback-contact-us/.

Je, bidhaa hii inaweza kutumika nje ya mtandao?

Ndiyo

Maelezo ya faragha yanayofaa watumiaji?

Hapana

Viungo vya taarifa za faragha

Je, bidhaa hii inakidhi Viwango vyetu vya Chini Zaidi vya Usalama? taarifa

Hapana

Usimbaji fiche

Haiwezi Kuamua

Nenosiri thabiti

Hapana

Managed to sign up with "1111" as a password

Masasisho ya usalama

Ndiyo

Inashughulikia hatari

Ndiyo

Sera ya faragha

Haiwezi Kuamua

Je, bidhaa inatumia AI? taarifa

Haiwezi Kuamua

Je, AI hii haiaminiki?

Haiwezi Kuamua

Je, AI hukufanyia maamuzi gani?

Je, kampuni ina uwazi kuhusu jinsi AI inavyofanya kazi?

Haiwezi Kuamua

Je, mtumiaji anadhibiti vipengele vya AI?

Haiwezi Kuamua

*Privacy Not Included

Chunguza kwa Kina

  • Congress to Investigate Data Brokers and Period Tracking Apps
    Vice Link opens in a new tab
  • Consumers swap period tracking apps in search of increased privacy following Roe v. Wade ruling
    TechCrunch Link opens in a new tab
  • The data flows: How private are popular period tracker apps?
    Surfshark Link opens in a new tab
  • FemTech: My Body, My Data, Their Rules
    Eticas Foundation Link opens in a new tab
  • Should You Really Delete Your Period Tracking App?
    Electronic Frontier Foundation Link opens in a new tab
  • Fertility and Period Apps Can Be Weaponized in a Post-Roe World
    Wired Link opens in a new tab
  • Should I delete my period app? And other post-Roe privacy questions.
    Vox Link opens in a new tab

Maoni

Una maoni? Tuambie.