In today’s digital world, it’s natural to have questions about how your data is used and protected. Protecting user privacy has always been at the heart of Natural Cycles’ mission, and as a regulated medical device, our team has built our app with privacy at its core. As a Swedish company, our privacy and compliance standards are grounded in European principles, such as GDPR, and we adhere to strict regulatory requirements, including FDA cybersecurity standards. Users can remain confident that their information is safeguarded under some of the world's strongest data-protection frameworks.
We understand the trust you place in us to keep your sensitive information secure. Many of us use the app ourselves, and we treat your data with the same care we expect for our own.
You can read Natural Cycles' full Privacy Policy here or in the app. We have also answered some commonly asked questions about data privacy below.
Who owns the sensitive data that I put into the app?
Should I be concerned about my data being shared with government agencies?
Where is the sensitive data stored?
For how long do you store my sensitive data?
What if I do not want Natural Cycles to use my data for research purposes?
Do you use cookies on your website? If so, what type and why? Can they be disabled?
Was there a lawsuit filed in California?
What is NC° Secure?
NC° Secure is Natural Cycles’ comprehensive privacy protection program that is included with every Natural Cycles subscription. The program includes advanced data protection, a commitment to you and your data, and identity protection. You can learn more about it here: NC° Secure.
Who owns the sensitive data that I put into the app?
All data you provide to us is owned by you, even when you provide your consent for us to store or use the data. In accordance with GDPR, you may ask us to delete your data at any time in accordance with our Privacy Policy or export it for you.
Should I be concerned about my data being shared with government agencies?
At Natural Cycles, we will always do everything in our power to make sure that our users’ data is safe with us, no matter the circumstances. We remain focused on being a company committed to doing the right thing for our users. Natural Cycles' Privacy Policy (section 6.5) outlines the steps we will take to keep your data private.
If I do not give consent to Natural Cycles to store my sensitive data, will I still be able to use the app?
For us to store and process any data relating to health and sexual life, we need to have explicit consent from you.
If you don’t consent for us to store and process your sensitive data, the app will not work. We require this information to provide you with the service you signed up for.
Should you still wish to remove that consent, click the top menu > Settings > Consent and Permissions > untick I consent to Natural Cycles’ use of sensitive personal data that I add to the app, such as health and intercourse data, to enable and provide the services.
Where is the sensitive data stored?
Sensitive data provided by you is stored on our servers.
We choose to store sensitive data within the EEA (European Economic Area) as much as possible. However, data can be transferred outside of the EEA; in those cases, we have agreements in place with the processors to ensure the highest security standards.
For how long do you store my sensitive data?
To ensure compliance with GDPR standards, we anonymize all sensitive data and delete all personal data that can identify a user three years after an individual stops using our service in accordance with our Privacy Policy.
However, you may request that we delete your account and anonymize your data at any time. You can also do this yourself in the app by going to the menu > My account > Delete account. We write a bit more about this here: How to delete your Natural Cycles account.
What if I don’t want Natural Cycles to use my data for research purposes?
You don’t need to give your consent if you don’t want to. If you don’t give consent, you will still be able to use the app, and your data will not be used for research purposes.
When you first start using the app, you will be asked if you consent to your data being used for research about women’s reproductive health. If you change your mind and wish to withdraw or give consent, you can do so at any time by going to the top menu > Settings > Consent and Permissions > tick or untick ‘Natural Cycles can use my health data related to the menstrual cycle, intercourse, medical conditions, pregnancy, birth control choices and any other data entered into the Natural Cycles app for research in women’s reproductive health’.
For our research, we use pseudonymized copies of production data wherever possible. This means that this data cannot be linked back to you as an individual. We anonymize information by either deleting all information that can be connected to you or encrypting it in such a way that it cannot be reversed.
By giving us your consent to use your data for research purposes, you are contributing to driving women’s health forward by making sure that the studies and research conducted are representative of people like you. For examples of how we conduct research about women’s reproductive health, you can visit our research library here: Research Library.
How do you anonymize my data?
For any activities that need real user data, such as clinical research and app development, we use pseudonymized copies of production data wherever possible. This means that this data cannot be linked back to you as an individual. We anonymize information by deleting all information that can be connected to you so that it cannot be reversed.
We apply privacy by design and perform anonymization according to k-anonymity, thus eliminating even very sophisticated identity reversal techniques and cross-references with other data sources. That includes removing all direct identifiers like name, street address, email, IP address, etc., but it also includes masking part of postal codes, birthdays, etc.
As part of NC° Secure, you also have the option to Go Anonymous if you need an extra layer of protection for your identity, for example, if your data is at an increased risk. If you Go Anonymous, your personal identifying information will be separated from your fertility data, which means that no one — not even us at Natural Cycles — can link your NC° data to you. The anonymized data includes your name, email address, and password, as well as which mode you are using, date of birth, weight, height, and due date if you are using NC° Follow Pregnancy. You can learn more about this here: What is Go Anonymous?
Do you use cookies on your website? If so, what type and why? Can they be disabled?
Yes, like most companies, we use cookies on our websites. You can read more about our Cookies on our website and modify your own cookie preferences in Your Privacy Choices on our website.
Was there a lawsuit filed in California?
Lawsuits of this nature around data privacy have become increasingly common in the state. We are confident the claims reflect a misunderstanding of how Natural Cycles operates and are inconsistent with our privacy practices.
Protecting user privacy has always been at the heart of Natural Cycles’ mission, and our team has built our app with privacy at its core. As a Swedish company, our privacy and compliance standards are grounded in European principles such as GDPR, and as an FDA-regulated medical device, our practices have been reviewed in accordance with FDA guidance. Users can remain confident that their information is safeguarded under some of the world's strongest data-protection frameworks.
Like any company operating in this highly litigious environment, we anticipated that legal challenges could arise in a state like California, where the legal landscape is uniquely complex and lucrative. We are confident the claims are inaccurate and stem from a fundamental misunderstanding of how Natural Cycles operates. Our women-led legal team is fully prepared to address this matter through the appropriate legal channels, guided by the same determination that drives our mission to provide women with a safe, non-hormonal contraceptive option.
As this is an ongoing legal matter, we’re limited in what we can share at this time, however, I can also confirm:
- We maintain strict confidentiality and strong privacy safeguards for all data logged in the NC° app. We strongly disagree with these claims, which mischaracterize both how the app functions and how modern analytics tools are lawfully and responsibly used.
- For ex, one fundamental misunderstanding in this lawsuit surrounds Mixpanel, a database and account management service provider that handles data on our behalf to support functions like account management and troubleshooting. Data stored in Mixpanel is not used or disclosed for advertising purposes.
- We have long given users control over technologies, like cookies, deployed on our website. Our cookie controls exceed many industry standards and are designed to help users clearly understand what they are consenting to.
- The claims do not stem from a data security incident or government investigation, but from a privately initiated legal filing.
- Lawsuits of this nature have become increasingly common in California (approximately 2,000 CIPA cases filed in the last two+ years).
- This lawsuit does not alter our operating procedures. Our security team, led by Data Protection Officer Kristofer Borgström, continues to invest heavily in compliance and data protection across all markets.