What exactly did Flo do that Clue did not

The FTC found that Flo shared users' reproductive health data, including period dates, pregnancy status, and symptoms, with Facebook and Google via embedded analytics SDKs without user consent, despite Flo's privacy policy stating it would not. Clue has no documented history of comparable data sharing. Clue's GDPR compliance and no-ads business model reduce the commercial incentive to do what Flo did.

Does GDPR actually protect period tracking data

GDPR limits what Clue can do commercially with your data, requires disclosure about data practices, gives you rights to access and delete your data, and restricts transfers to jurisdictions without adequate data protection. It does not prevent a court from ordering Clue to produce your data in response to a valid legal request. GDPR is a commercial data protection framework, not immunity from legal process.

What did Flo do wrong with user data

The FTC found that Flo shared users' reproductive health information — including period dates, pregnancy status, and health symptoms — with Facebook, Google, and Flurry despite promising to keep this data private. The FTC took enforcement action against Flo in 2021. A class action lawsuit resulting from the same conduct settled for $59.5M in September 2025 (Reuters 2025-09-25).

Is Clue compliant with GDPR

Yes. Clue is headquartered in Berlin and operates under GDPR. This limits how Clue can commercially use or share your data within the EU framework. However, GDPR does not prevent data from being handed over pursuant to a valid court order or law enforcement request, particularly for US-based legal proceedings.

Can period tracker data be used as evidence in court

In states with abortion restrictions, prosecutors have sought digital evidence including period tracker data. Apps that store data on company servers can receive subpoenas. Apps that store data only on your device cannot hand over what they do not have. This is the structural difference between server-based trackers (Flo, Clue) and on-device trackers (Floriva, Drip, Euki).

comparisons

Flo vs Clue: Which Period Tracker Is Safer for Privacy

Flo: FTC action 2021, $59.5M class action 2025. Clue: GDPR-compliant, no documented violations. Both still store your cycles on subpoena-able servers.

Flo vs Clue: the short answer If you are asking which app is safer for privacy, the answer is Clue. Flo carries the FTC enforcement action from 2021 and the later $59.5M settlement history tied to reproductive health data sharing. Clue does not. That alone is enough to separate the two. That does not make Clue private in the way many people mean it. Clue still requires an account and still keeps your cycle history on company servers. So the real answer is two part: Clue is safer than Flo on trust history, and neither app gives you architecture level protection from a company side data request. Where Flo and Clue still look the same Both apps depend on cloud storage. Both ask you to create an account. Both keep records that the company can access and maintain. If the issue you care about is whether the company has a copy at all, Flo and Clue land in the same bucket. GDPR helps Clue on the commercial use side. It does not turn cloud storage into local storage. A cleaner policy framework is still a policy framework. If you want to reduce company side exposure, you need an app that keeps the data on the device and skips the account requirement. The Anonymous Mode Problem Flo introduced