Proactive not Reactive — Flo’s approach to privacy
Privacy continues to be a trending topic everywhere — news and articles about privacy are consistently being released across every major media outlet. Consumers are also becoming more aware of what data they are sharing with businesses, asking questions (rightly so!) about how it’s being used, and expressing their own rights in relation to their data.
While privacy is trending globally, it’s remained a constant at Flo. Privacy has always been at the core of our operations.
In this article, we’re going to give you a tour of how we do privacy at Flo — how privacy is integrated into our company culture, how we build trust with our users by being transparent, and how we stand up for the health of all women, girls, and people with menstrual cycles by giving them control over their data.
Privacy is an integral part of our company culture
To begin with, we know that users trust us with their most intimate information, and we are committed to keeping that trust. One way we do this is by providing a safe and highly secure platform to ensure that our users’ data and privacy rights are protected.
We believe that privacy is a human right. Colleagues at Flo are custodians of any personal data that they handle within the scope of their roles. This means that each Flo team member that may process personal data as a part of their job is responsible for caring for and protecting that personal data in line with strict internal policies and procedures.
Privacy is an ongoing activity at Flo, and all of us play an active role in our privacy program. Employees at Flo are required to undertake an extensive mandatory privacy and data protection training when they join our team and must undertake training on an annual basis thereafter.
Certain roles that are more directly involved in handling personal data, such as our support team, receive additional specialized training to ensure the highest data security levels possible.
Trust can be built only by being transparent
At Flo, we know that there is no trust without transparency. We are transparent with and remain accountable to our users. We inform users about how we intend to use their data, and we only use personal data that users choose to share with us in a way that they expect.
That’s one reason why we strongly recommend all Flo app users read our privacy policy. Through our policy, we inform users in a simple way about how and why we are going to use their personal information. Our privacy policy covers everything about our use of personal data from the point of initial data collection throughout our entire relationship with them.
We also take robust measures to ensure that we honor our commitments. Flo is one of the few menstrual tracking apps on the market to conduct regular privacy audits with the assistance of highly respected independent auditors. These auditors screen our privacy processes and our policies. In March 2022, Flo completed an external, independent privacy audit which confirmed that “Flo’s own practices are consistent with its publicly stated privacy policy.”
We’ve also got an online privacy portal that provides further information to our users. This portal centralizes key privacy information in one place and makes it much more understandable for the end user. Through this portal, users have access to clear information about how we use and protect their personal data. The portal also has guidance and instructions to help our users control their data and exercise their rights in relation to it.
Flo will always stand up for the health of women and people who menstruate, and we will do everything in our power to protect the data and privacy of our users.
Regardless of where in the world our users are, Flo ensures that their privacy rights and freedoms are respected.
Earlier, we mentioned our support team. Flo Health has a dedicated support team (support@flo.health) that fulfills any requests we may receive directly from users in relation to their privacy rights. For iOS (Android soon to follow), Flo offers in-app deletion, which makes it simple and straightforward for users to exercise their right to erasure.
We also have a process in place to manage our relationship with supervisory authorities, such as the Information Commissioner’s Office (ICO) in the United Kingdom. These processes are operationally governed by strict internal policies and controls.
Our users are kept informed so that they know and understand what personal information we use, how we use it, and why we use it. Now, Flo users can also enable our new Anonymous Mode feature. Enabling Anonymous Mode means that a user can use the Flo app without personal information being associated with their Anonymous Mode account. Flo continues to explore new solutions that put user privacy at the heart of product and service design.
Privacy in our business is led by a multiskilled privacy team
Our privacy program at Flo Health is supported by our dedicated privacy team. This multiskilled team provides privacy advice and support to the business across all Flo entities. The privacy team operates under the instruction of our data protection officer.
Our privacy team is consistently involved in any business activities which may impact privacy and data protection or involve the use of personal data. This helps us to ensure privacy compliance with applicable laws and regulations, such as the GDPR and CCPA. Our privacy team monitors changes in the law, advises on industry best practices, and also provides guidance to all other Flo teams regarding said changes.
To aid, promote, and support a sustainable privacy compliance culture across Flo, we have also built an incredible privacy champions network.
Our dedicated privacy champions across the company have direct responsibilities in relation to data protection. Privacy champions are also a source of support for all colleagues at Flo, helping answer any privacy questions and concerns. These champions are formally nominated by Flo’s senior leadership, and every team and department across Flo Health is represented in this network.
Privacy is built into the design of all of our products and features
Flo Health’s privacy team is involved in all projects and plans that might include the use of personal data, starting from the initial concept stage. We also have a dedicated user privacy engineering team which, as the name implies, helps us build privacy into the technical design of all of our products and services.
Flo is constantly exploring new opportunities to build and enhance the privacy of everything we make. Our new Anonymous Mode is a good example of this — it’s a feature based on the principle that all our users should feel empowered to access their Flo app without having to share any personally identifiable information with us.
Final thoughts
Privacy is at the heart of all business operations at Flo. We know how important it is to our users. We actively gather user feedback and take their thoughts and concerns seriously. Their opinions help inform the design of our products and features, such as Anonymous Mode.
To achieve a high trust level with our users, Flo believes that it is critically important to foster a secure environment in which everyone can feel comfortable sharing their data (in our case, extremely sensitive data) with us and truly understand how it’s being used.
Our team is constantly growing, so if everything we talked about in this article seemed close to your values and beliefs, check out our career site. And don’t hesitate to reach out — we are always open to chatting about security and privacy!
