(Last updated 15 November 2019)
At Clue, we believe that technology provides a groundbreaking opportunity to empower people to take control of their health.
We fully acknowledge the great responsibility that comes with safeguarding sensitive data, such as information about your menstrual cycle. We are committed to achieving the highest standards of privacy and security, as well as to being transparent about how we process data. We have explained what happens to your tracking data in this blog post and we'd love it if you could take some time to read it.
Clue is made in Berlin, Germany, and the way we handle data meets German legal requirements.
Clue is made by BioWink GmbH, Adalbertstraße 7-8, 10999 Berlin. Further contact information can be found here. Clue has an appointed data protection officer, who can be contacted at email@example.com.
Data processing is at the center of everything we do at Clue, and whenever you use our services—e.g. when you use the Clue app or when you go on our website—some personal and non-personal data is collected, stored, and analyzed using internal and third-party tools.
Here are the three purposes for which we process data and the type of data that is processed to fulfill each purpose:
When you use the Clue app—including use without an account—or when you go on our website Clue collects, stores, and uses some personal and non-personal data and transmits it to some third-party services.
We primarily do this to provide you with our services, which may include the sending of occasional informational and promotional messages as well as reminders to your smartphone via in-app messages and push notifications. We are thoughtful about what we communicate and how often. You always remain in full control of your communication preferences with Clue. You can change the settings in the app or your device at anytime.
We are thoughtful about what we communicate and how often. You always remain in full control of your communication preferences with Clue. You can change the settings in the app or your device at anytime.
We also do this in order to understand your needs and your use of our products, to analyze bugs and fix issues, and to bring you more useful features. In a nutshell, we process this data to provide you the best and most reliable experience of our services.
We do not process personal data that directly identifies you as a person (such as your first name, surname, email) or health-related data.
Here are the types of data we collect:
This data informs us about the device you use to access our services, such as the model, name and identifiers, device settings, the application identifier, and crash information. On our website, we collect information about your browser and browser settings, the operating system you use, and the system settings of your device.
Event and usage data
When you use the app or when you go our website, our servers process data in order to understand your usage of our services—for example, which pages you visit or which tab in the app you open. We collect this information and use it as aggregate data to better understand which features are the most relevant or useful to our users as whole, and to communicate with you about relevant and timely information and promotional content.
We collect IP addresses provided by your browser or mobile device to deliver the service to your device. We also use the IP address to determine your approximate location for statistical and analytics purposes.
All the data we collect at Clue is necessary for Clue to deliver the services you use. The amount we collect has been minimized wherever possible to respect your privacy.
You can withdraw your consent at any time by simply deleting your account in the app. In this case, you can still use our app without an account and your data will only be stored locally on your device. All future health and sensitive data will be only stored in your smartphone, so be sure to make regular backups to avoid the loss of your data.
Here is the type of data we collect and store when you create an account:
Personal data used for account creation
We need some of your personal data, such as your name, surname, and email address, in order to create your Clue account.
Health and sensitive data
We store health data, such as your body measurements, dates of your past and current periods, and symptoms or events you track in the app (e.g. sex, levels of productivity, good hair days, pain, or cravings). Clue uses this data for the purpose of providing our services to you.
The vision of our founder Ida Tin is for Clue to help advance female health globally. Female health has historically been underserved as a field of research—there has been very little anonymous long-term or large scale cycle health information available for academic and clinical purposes. Clue is on a mission to fill this gap by sharing user data for the purposes of scientific and medical research about menstrual and reproductive health.
Since its inception, Clue has successfully collaborated with academic researchers. You can read about our past and ongoing research collaborations here.
We want to make it very clear that we personally select our scientific collaborators with the utmost care and, most importantly, that we only provide data for scientific research after it has been anonymized following a strict protocol that involves the removal of any information that could be used to identify any specific user.
Finally, because we believe that research should benefit everyone, Clue strives to publish the results of our academic, clinical, or internal research in ways that are easy to read for all our users.
Once again, you can withdraw your consent to the use of your data for these purposes at any time by deleting your account. If you do this, your data won’t be included in any future research partnerships.
If you create an account with Clue, your personal data—including sensitive data and data related to your health—is stored on your device and is also stored and processed on Clue servers. This is done so we can offer you the option of backing up your data and to enable additional features.
By creating an account with Clue you explicitly consent that:
i. Clue may store and process personal data you provide through the usage of the Clue app and through the account creation process solely for the purpose of providing Clue services to you and to improve Clue’s service features. Such Clue services may include sending you information and reminders through the Clue app, e.g. via push notification or to the email address you provided to Clue.
ii. Such personal data you provide to Clue through the account creation process for the purpose of providing Clues service includes personal data you enter into the Clue app, such as your account data (e.g. your name and email address), and your health data which may include your cycle information (e.g. period length, pain, or spotting) and depending on the data you provide, it may also contain information about your general health (e.g. weight, body temperature, hair quality, and if/how you engage in sexual intercourse).
iii. Clue will not transmit any of your personal data to third parties, except if it is required to provide the Clue service to you (e.g. technical service providers), unless Clue has asked for your explicit consent.
iv. Clue may use your cycle data to create anonymized sets of data for academic and clinical research purposes. Clue’s collaborators are individually selected through an internal vetting process. This anonymized research data cannot be linked to you as an individual or identify you in any way.
You may withdraw your consent to this use of your data at any time by deleting your Clue account. If you choose to do so, you may continue using the Clue app without an account, but since a copy of your health and sensitive data will no longer be stored on our servers, please be sure to make regular backups of your data to avoid data loss—we are not able to retrieve lost data of users without Clue accounts.
We believe that privacy—including data privacy—is a basic human right. At Clue we strive to ensure that your rights are respected.
Here are some key facts about your privacy that we would like you to know:
i. Our products and services have been designed to minimize the use of your personal data. We only collect and process your data for the purposes that have been previously outlined.
ii. The security of our servers is routinely verified by experts to protect your data from unauthorized access. You can contact us at firstname.lastname@example.org if you have any questions about the security of our services.
iii. We do not retain your data in an identifiable format for longer than necessary to deliver our services.
iv. Clue does not engage in any automated decision-making or profiling activities.
As a user of Clue’s services and website, you may exercise your user rights to:
i. Request information on your personal data processed by Clue. Upon your request, this information will be provided to you electronically.
ii. Gain access to your information by requesting a backup of your data (as explained in the next section) in a format that is readable by other companies or organizations (data portability).
iii. Correct your personal information and health data in the app settings and in the tracking categories available in the Clue app.
iv. Withdraw your consent from data processing at any time by deleting your account (as explained in the support section of the app) and/or deleting the Clue app from your smartphone, and/or unsubscribing from our newsletter by clicking the link at bottom of the email or by contacting email@example.com.
v. Request the complete deletion of your data, including all past data sent to third-party services used for tracking and analysis, by reaching out to firstname.lastname@example.org. Your data will be deleted within 30 days.
vi. Lodge a complaint with the relevant supervising authority if you believe Clue is processing your personal data under violation of applicable data protection regulations.
We apply security measures to protect against the misuse, loss, and/or alteration of personal information under our control. We follow industry best practices when transferring and storing your data. Though we cannot ensure or guarantee that misuse, loss or alteration of information will never occur, we use all reasonable efforts to prevent it.
If you have an account with Clue, your personal profile data is stored separately from your cycle tracking data and your service settings. This allows us to ensure the highest possible level of privacy for your cycle information. Your password is stored using one-way encryption ("hashing" plus “salting”) and it cannot be read by us.
Important: Clue uses servers located in the European Union to process and store your personal data.
Your data is transmitted between your device and Clue’s servers using the HTTPS protocol for encryption. HTTPS is the same technology used to create secure connections for your web browser and is indicated by a padlock icon in the URL bar of your browser.
We believe the biggest threat to the security and privacy of your data is if someone—probably someone you know—gains access to any of your devices. The data you enter into Clue is private and it should stay that way. We have outlined some ways to keep your devices secure below.
Protect your Clue account:
i. Activate a unique PIN code or activate TouchID (iPhone 5S-8) for the Clue app. If you share your device with others, activating a unique PIN code or TouchID will ensure you are the only person who can access your Clue data on the device.
Protect your device:
i. Activate either PIN, TouchID (iPhone 5S-8), or FaceID (iPhone X) authentication for your device. This automatically encrypts your Clue data and prevents any person from using your device without your permission.
ii. Set up a feature that will allow you to erase all the data from your device if it’s been lost or stolen. For iOS, activating this feature is a two-step process: first, you need to Activate “Find My iPhone” via iCloud (see instructions on Apple Support pages) and then enable “Erase your device” (see instructions on Apple Support pages).
Recommendations for Clue users without accounts:
If you don’t register an account with Clue, all of your data will be stored solely on your device and we won’t have access to it. If you delete Clue or lose your device, your data in the Clue app will also be lost. If you don’t have an account with Clue, we strongly recommend that you back up your Clue data regularly.
Back up Clue on iOS without an account
Use Apple’s backup solution via iTunes or iCloud. See Apple’s support pages for instructions. Use Clue’s Backup feature to store your data in a location of your choice. This can serve as your own backup that you can import into Clue if needed and it does not require you to use Clue’s account feature.
Back up Clue on Android without an account
Use Clue’s Backup/Import features to store your data in a location of your choice. This can serve as your personal backup that you can import back into Clue if needed, and and it does not require you to use Clue’s account feature.
Any personal data collected from you may only be transferred to countries outside the European Union / the European Economic Area (EEA) observing applicable privacy regulations and ensuring that your privacy rights remain protected.
Clue will not exchange any personal data with Apple’s Health app without your prior approval. Approval is given by you in the relevant settings of the Health app or within the Clue app during initial user profile setup or via app settings and can be revoked by you at any time. If you have given your approval, Clue may interact with the Health app on your iOS device and read and/or write information between the Clue app and Health. This may include a transfer of your personal data to Apple servers located outside the European Union.
You can choose if and to what extent your personal data is exchanged between Clue and Health by granting or revoking appropriate permissions in Health app settings. Please refer to the Privacy Information of Apple Health for further information.
Clue will not exchange any personal data with Google Fit without your prior approval, such approval is given by you in the relevant settings of Google Fit or within the Clue app during initial user profile setup or via app settings and which can be revoked by you at any time. If you have given your approval, Clue may interact with Google Fit on your Android device and read and/or write information between the Clue app and Google Fit. This may include a transfer of your personal data to Google servers located outside the European Union.
You can choose whether or not your personal data is exchanged between Clue and Google Fit by granting or revoking appropriate permissions in Google Fit settings. Please refer to the Privacy Information of Google Fit for further information.
The Clue app and our website also use third-party analysis and tracking services to track the performance of our services, understand how you use our services, and offer you an improved and safer experience.
Information on your usage of our website or of the Clue app may be collected and processed by Clue, or a third party engaged by Clue using a unique identification number assigned to you. Information about your usage will be deleted as soon as this information is no longer required for the purpose collected, and will always be anonymized before sharing with third parties besides those mentioned under Section 6.2 to 6.8.
You may withdraw your consent at any time, by either disabling cookies on your device or following the instructions on how to withdraw your consent individually for each third party provider Clue uses for its third party tracking and analysis services.
For the purpose of tracking the performance of our services and to improve Clue services Clue uses the following third party services:
Google analyzes this information to offer reports for Clue on website usage and online usage of associated services. Google may also transfer this information to third parties either when this is required by law or when third parties are contracted by Google to process this data. Google will not allow your IP address to be linked to any other personal data. You can prevent cookies from being stored on your computer by changing your browser settings; however, if you choose to do this, your experience when visiting our website or using some of our features may be altered.
By using Clue’s website, you consent to have non-personal data used and processed by Google as described above. You can withdraw consent for this use of your data at any time, but this withdrawal only applies to future activities.
Clue uses a data analysis and app engagement service operated by Braze, a company based in the United States, which utilizes device identifiers that are stored on your mobile device and allow us to analyze your use of the Clue app, in order to improve our app features and to communicate with you via in-app messages and push notifications. Data concerning your use of the Clue app is stored on a server in the EU operated by Braze, Inc.
By using our service, you explicitly consent to the use and processing of your personal data collected by Braze, Inc. as described above. You can prevent your participation in Braze’s analysis by emailing us at email@example.com.
Clue uses a data analysis service operated by Amplitude. Amplitude uses device identifiers that are stored on your mobile device and allow us to analyze your use of the Clue app in order to improve our app features. Data concerning your use of the Clue app will be transferred to and stored on a server in the USA operated by Amplitude.
By using our service, you explicitly consent to the use and processing of your data collected by Amplitude as described above. You can prevent your participation in Amplitude’s analysis by emailing us at firstname.lastname@example.org.
Clue uses a data analysis service operated by Apptimize, a company based in the United States, that uses device identifiers that are stored on your mobile device and allow us to analyze your use of the Clue app in order to improve our app features. Data concerning your use of the Clue app will be transferred to and stored on a server in the USA operated by Apptimize Inc.
By using our service, you explicitly consent to the use and processing of your data collected by Apptimize as described above. You can prevent your participation in Apptimize analysis by emailing us at email@example.com.
Clue uses an in-app performance and analysis service by Adjust, a Berlin-based company that helps us understand how our users are interacting with our app and optimize our ad campaigns. Adjust uses your advertising identifier (Apple IDFA on iOS and your Google Play Services ID on Android), and your IP- and MAC addresses modified in such a way that it is not possible to identify you or your mobile device individually to provide these insights to us.
By using our service, you explicitly consent to the use and processing of your data collected by Adjust as described above. You can prevent your participation in Adjust’s analysis by opting out of the tracking under https://www.adjust.com/opt-out/.
Clue uses Facebook’s advertising and analytics products known as Facebook audiences in order to serve ads for Clue on Facebook and Facebook-owned applications such as Instagram and on other third-party websites and in order to better understand our users and optimize the performance of our marketing campaigns. For this, Facebook uses a combination of advertising identifiers, device identifiers and meta-data in such a way that it is not possible to identify you personally.
Clue does not in any way share data you are tracking in the app (e.g. when you get your period, what symptoms you experience) or any other personal information with Facebook.
By using our service, you explicitly consent to the use and processing of your data as described above.
By using our service, you explicitly consent to the use and processing of your data collected by parse.ly as described above. You can prevent your participation in parse.ly’s analysis by opting out of the tracking under http://srv.config.parsely.com/optout.
Clue uses your personal information, such as your email address, to contact you with messages, emails, and newsletters. These include push notifications, in-app messages and emails to deliver health content and occasional promotional materials that may be of interest to you.
Such services are only provided to you if you have signed up for the newsletter or given your consent for these notifications. You consent to push notifications when you activate Clue’s push notifications in your device settings. You also consent to Clue contacting you via email if you have contacted Clue for questions or support requests in connection with our services or the Clue app. You can withdraw your consent at any time. You can unsubscribe from our newsletter by clicking the unsubscribe link at the bottom of the message, and you can disable notifications sent by Clue in your device settings.
In order to provide these services, Clue may forward information such as your email address to third-party providers in order to carry out such newsletter services, surveys or notifications.
These providers are Braze Inc. (“Braze”), seated in New York, USA, which may process your email address, name, a user identifier and usage data to send you information and occasional commercial content via in-app message, push notifications and email; Message Systems Inc. (“SparkPost”) seated in San Francisco, USA, which processes names and email addresses as well as the personal information that may be included in transactional emails (e.g “I lost my password” or “verify your Clue account”); The Rocket Science Group LLC (“MailChimp”), seated in Atlanta, USA, which may process your email address, name and usage data to send you informational and occasional commercial content via email; and Typeform S.L., seated in Barcelona, Spain, which may process information from survey forms filled out by you. For customer support and communication with you, Clue uses services provided by Slack Technologies Ltd, seated in Ireland and Zendesk, Inc. seated in San Francisco, USA.
Clue does not knowingly collect or use personal data from children under the age of 13. By registering to a Clue account you are required to confirm that you are at least 13 years old.
If Clue gains actual knowledge that the information has been collected from children under the age of thirteen in the United States in contradiction with the Children’s Online Privacy Protection Act of 1998 and the regulation thereunder, Clue will not disclose this data and reserves the right to immediately delete the account and wipe all related information, including health and sensitive data of the user, from our servers.
If you are located in the EU, you can only use our services if you are over the relevant age at which you can provide explicit consent to the processing of your data under the laws of your country or if you have the consent of your parent or legal guardian. If you are a parent and learn that your child is using Clue without your permission or if you have any specific question about data privacy at Clue, do not hesitate to get in touch with us at firstname.lastname@example.org.
Are vaginal fluids really all that different? In this article, we explain how to identify vaginal discharge, arousal fluid, and...