TLDR
Health data privacy in menopause apps is not just a preference - it is a documented pattern of abuse. Flo settled FTC charges in 2021 for sharing health data with advertising platforms. Most apps store data on servers. Horiva is the only app in this comparison with structural on-device storage.
| App | Storage | Privacy Model | Violations | Price |
|---|---|---|---|---|
| Horiva | On-device only | Structural - no server access | None documented | $9/mo |
| Balance | Server (GDPR) | Regulatory | None documented | Free / ~$3.80/mo |
| Clue | Server (GDPR) | Regulatory | None documented | Free + Clue Plus |
| Flo | Server | Policy (post-settlement) | FTC settlement 2021 | Free / $12.99/mo |
| Paper log | Physical only | No digital risk | N/A | Free |
Horiva
On-device storage by design - data never reaches Horiva's servers. The privacy guarantee is structural.
Pros
- ✓ On-device encryption - data never sent to servers
- ✓ No ad revenue model - paid-only subscription
- ✓ Cannot sell data it structurally cannot access
- ✓ 40+ perimenopause symptoms and doctor report export
Cons
- × $9/month after 1-month free trial
- × No cloud backup (by design)
Pricing: $9/month
Verdict: Best structural privacy. The on-device model means no data to sell, share, or breach.
Balance
GDPR-compliant menopause app with server-based storage and regulatory accountability.
Pros
- ✓ GDPR compliance provides regulatory oversight
- ✓ UK-based company with stronger regulatory context than US-only apps
- ✓ No documented data-sharing violations
- ✓ Free tier available
Cons
- × Data stored on servers - GDPR compliance is not on-device storage
- × Server-based data is subject to breach risk
Pricing: Free / GBP 2.99/month
Verdict: Good regulatory privacy. Not structural privacy. Better than most US-based apps.
Clue
General cycle tracker with server-based storage and GDPR compliance.
Pros
- ✓ GDPR compliant
- ✓ Published privacy policy with data handling details
- ✓ No documented FTC-level violations
Cons
- × Server-based storage
- × Free tier with server-side storage
- × Not perimenopause-specific
Pricing: Free + Clue Plus
Verdict: Regulatory compliance without on-device privacy. Ad-supported tier creates data incentives.
Flo
Large period app with a 2021 FTC settlement for sharing health data without user consent.
Pros
- ✓ Updated data practices following FTC settlement
- ✓ Privacy mode option added after settlement
Cons
- × FTC settled charges in 2021 for sharing data with Facebook, Google, and AppsFlyer
- × Settlement required improved practices - did not require deletion of already-shared data
- × Free tier remains ad-funded
Pricing: Free / $12.99/month
Verdict: Documented history of sharing health data without user consent. Proceed with awareness of this record.
Paper Symptom Log
A handwritten daily log. No digital privacy risk whatsoever.
Pros
- ✓ Complete privacy - no digital data created
- ✓ No server, no breach risk
- ✓ Free
Cons
- × No automatic pattern analysis
- × No doctor report export
- × Physical security only
Pricing: Free
Verdict: Maximum privacy, minimum features. A valid choice for women with specific privacy concerns.
Start tracking instead of comparing forever
Private by design. No ads. No data selling.
If Horiva fits, you will already have a cleaner record to review or export later.
Try Horiva freeWhy Privacy Matters More for Menopause Data
Menopause symptoms are among the most sensitive health data a person can log: irregular bleeding, sexual health changes, mood and mental health patterns, hormonal fluctuations. This is the category of health data that carries real-world consequences if disclosed without consent.
The concern is not abstract. Flo Health settled FTC charges in 2021 for sharing this type of health data - including whether users were pregnant - with Facebook and Google for advertising targeting. The data was being used to infer health states and target advertising before users had any idea.
The Distinction Between Regulatory and Structural Privacy
Two kinds of privacy appear in this comparison.
Regulatory privacy means a company has legal obligations about how it handles your data. GDPR-compliant companies (Balance, Clue) have regulatory accountability. They can still store your data on servers - they are just obligated to handle it responsibly under EU law.
Structural privacy means the architecture makes certain data uses impossible. If your data is only on your device and never sent to a server, the company cannot sell what it does not have. Horiva is built this way.
The FTC Fact Is Not a Footnote
The Flo settlement is cited in most perimenopause app comparisons. It deserves more than a footnote. The FTC found that Flo explicitly promised users their health data was private, then shared it with advertising platforms for targeting without disclosure. The settlement required improved practices - it did not make affected users whole.
For anyone deciding where to store intimate health data, a company’s documented behavior is more informative than its current privacy policy.
Making a Practical Choice
If on-device structural privacy is the priority: Horiva. If cost is the priority and regulatory compliance is acceptable: Balance. If you want zero digital risk: paper.
There is no option in this category that combines free pricing, on-device storage, and a full feature set. That trade-off is worth understanding before making a choice.
Q&A
Which menopause app has the best data privacy?
Horiva stores all data on-device and never sends it to servers. This is structural privacy - not a policy promise but a technical constraint. Balance and Clue are GDPR-regulated which provides regulatory accountability, but data is still stored on their servers. Flo settled FTC charges in 2021 for sharing health data without user consent.
Q&A
What did Flo do with user health data?
The FTC found that Flo Health shared sensitive health information - including whether users were pregnant or trying to conceive - with Facebook, Google, and AppsFlyer for advertising targeting, without disclosing this to users. Flo settled the charges in 2021, agreeing to improved data practices and requiring third parties to delete the shared data.
Q&A
Is GDPR compliance enough for menopause app privacy?
GDPR compliance means regulatory oversight and accountability. It does not mean on-device storage. A GDPR-compliant app can still store your data on servers - it just has regulatory obligations about how that data is handled. The distinction matters for women who want structural privacy guarantees.
Frequently asked