Yes, Flo Health — the wildly popular period and ovulation tracking app used by millions of women — shared your most intimate health data with Google, Facebook, and Yahoo’s Flurry analytics platform, all without your consent. A $59.5 million class action settlement is now open, and if you used the Flo app between November 1, 2016 and February 28, 2019, you could receive anywhere from $50 to over $400 just by filing a simple claim. The deadline to file is April 13, 2026, and you don’t need any proof of purchase or receipts — just your basic contact information and a sworn statement. The settlement in *Frasco v. Flo Health Inc.* (Case No.
3:21-cv-00757-JD) resolves allegations that the app secretly funneled users’ menstrual cycle details, pregnancy status, and even sexual activity data to third-party tech giants through embedded software development kits, or SDKs. The data was then used for targeted advertising. Think about that for a moment: a woman logs that she’s trying to get pregnant, and that information gets packaged and sold so advertisers can serve her baby product ads. That is the transaction that was happening behind the scenes. This article breaks down exactly who qualifies, how much you might receive, how to file your claim, and what the related Meta jury verdict means for the broader fight over health data privacy.
Table of Contents
- How Did Flo Health Share Your Period and Pregnancy Data With Google and Others?
- Who Qualifies for the Flo Health Settlement and What Are the Limitations?
- The Meta Jury Verdict — What It Means for Health Data Privacy
- How to File Your Claim Before the April 2026 Deadline
- The Broader Problem With Health App Data Sharing
- What the FTC’s Previous Action Against Flo Tells Us
- What Comes Next for Period Tracker Privacy
- Conclusion
- Frequently Asked Questions
How Did Flo Health Share Your Period and Pregnancy Data With Google and Others?
The mechanics of this data sharing were both deliberate and invisible to users. Flo Health embedded third-party software development kits — essentially plug-in code libraries from Google, Facebook (now Meta), and Flurry (owned by Yahoo/Verizon) — directly into the Flo app. These SDKs collected granular user data and transmitted it back to their parent companies. When you logged your period start date, noted pregnancy symptoms, selected fertility goals, or tracked sexual activity, that information didn’t just stay within Flo’s servers. It was routed to advertising ecosystems run by some of the largest data brokers on the planet. What makes this case particularly egregious is the nature of the data involved.
This wasn’t browsing history or location pings — this was deeply personal reproductive health information. A user who selected “trying to conceive” as a goal inside the app was essentially broadcasting her pregnancy intentions to Google’s ad network. Compare that to a standard fitness app sharing your step count: both are technically health data, but the sensitivity gap is enormous. The lawsuit argued that no reasonable user would have expected or consented to this kind of sharing, and the court agreed that the claims had enough merit to proceed to settlement — and in Meta’s case, all the way to a jury verdict. The $59.5 million settlement is divided among three defendants based on their respective roles: Google pays the lion’s share at $48 million, Flo Health contributes $8 million, and Flurry (Yahoo/Verizon) pays $3.5 million. That breakdown alone tells you something about where the real money — and the real data appetite — was concentrated.
Who Qualifies for the Flo Health Settlement and What Are the Limitations?
The eligibility window covers all U.S. Flo app users who entered menstruation and/or pregnancy information between November 1, 2016 and February 28, 2019. That includes anyone who selected pregnancy goals, logged period dates, or tracked symptoms during that timeframe. Importantly, you still qualify even if you deleted the app years ago or only used it briefly. If you downloaded Flo, entered any reproductive health data, and did so within that window, you’re a class member. However, there are some important caveats. If you used the app but never actually entered any menstruation or pregnancy data — say you downloaded it and abandoned it before logging anything — you likely don’t qualify.
The claim hinges on the sharing of intimate health data, so there had to be data to share. Additionally, the eligibility window ends on February 28, 2019, which corresponds to when Flo Health reportedly changed its data-sharing practices after a Wall Street Journal investigation exposed the issue. If you started using the app after that date, this particular settlement doesn’t cover you, even though broader privacy concerns about period tracking apps persist. One notable provision: California residents receive double payments compared to users in other states. This reflects the stronger privacy protections under California law, particularly the California Invasion of Privacy Act (CIPA) that was central to the related Meta trial. So a California user who might receive $100 under the standard formula could see $200 instead. If you lived in California during the eligibility period but have since moved, check the settlement FAQ at PeriodTrackerDataPrivacyLitigation.com for guidance on how residency is determined.
The Meta Jury Verdict — What It Means for Health Data Privacy
While Flo Health and Google chose to settle before trial, Meta decided to fight it out in court — and lost. On August 1, 2025, a federal jury in San Francisco found Meta liable for violating the California Invasion of Privacy Act by collecting Flo users’ health data without consent. This was not a slap on the wrist. Under CIPA, statutory damages can reach up to $5,000 per violation, and with millions of users potentially affected, Meta faces potential liability in the billions. The verdict is a landmark moment. For years, tech companies have operated under the assumption that burying data-sharing disclosures in lengthy terms of service documents was sufficient legal cover. This jury disagreed.
The finding specifically addressed the collection of intimate health data through Facebook’s SDK embedded in the Flo app — the same mechanism that Google and Flurry used, except Meta refused to settle. Meta has stated it “vigorously disagrees” with the verdict and is exploring appeal options, which means the final damages figure could be years away. But the precedent is set: a jury of ordinary citizens looked at what these companies did with women’s reproductive data and said it was illegal. For consumers, the Meta verdict is arguably more significant than the $59.5 million settlement itself. Settlements are negotiated compromises. A jury verdict is a factual finding of liability. It signals to every app developer and every ad-tech company that embedding third-party SDKs that siphon sensitive health data is not just a PR risk — it’s a legal one with potentially catastrophic financial consequences.
How to File Your Claim Before the April 2026 Deadline
Filing a claim is straightforward, and the settlement administrators have intentionally kept the process simple. Visit PeriodTrackerDataPrivacyLitigation.com, the official settlement website, and submit your claim form. You’ll need to provide your name, mailing address, email address, and phone number, along with a sworn statement confirming you used the Flo app and entered menstruation or pregnancy data during the eligibility period. No receipts, no screenshots, no app store purchase history required. The claim deadline is April 13, 2026, so there is still time, but procrastination is the biggest threat to your payout. Class action settlements consistently show that the fewer people who file, the larger each individual payment becomes.
Estimated payouts range from $50 to over $400 per person, but that range depends entirely on total claims filed. If this settlement follows typical patterns, many eligible users won’t bother filing — which means those who do will see payments on the higher end. Compare that to the Equifax data breach settlement, where so many people filed that individual payments were disappointingly small. Here, the relatively narrow eligibility window (about two and a half years) and the specific data-entry requirement may keep the claimant pool smaller and payouts more meaningful. One practical note: make sure the email address and mailing address you provide are ones you’ll still be checking in late 2026 or early 2027. Payments are distributed 60 to 90 days after final court approval and resolution of any appeals. If you move or change email providers in the interim, your payment could end up in limbo.
The Broader Problem With Health App Data Sharing
The Flo Health case did not happen in a vacuum. It exposed a structural problem across the health app industry: apps that collect extraordinarily sensitive data but operate outside the regulatory framework that governs traditional healthcare providers. Flo Health is not a hospital. It’s not a doctor’s office. It’s not covered by HIPAA in the way most people assume health apps are. That gap between user expectation and legal reality is where the damage occurred. Many users reasonably assumed that an app tracking their menstrual cycles and pregnancy would treat that data with the same confidentiality as a medical record.
It didn’t. And Flo is far from the only offender — studies have repeatedly found that fertility apps, mental health apps, and fitness trackers share data with third-party advertisers at alarming rates. The difference here is that someone filed a lawsuit, a judge let it proceed, and a jury ultimately held one of the tech giants accountable. A critical warning for current app users: even post-settlement, the underlying incentive structure hasn’t changed. Free health apps still need revenue, and advertising remains the dominant business model. If you’re not paying for the product, your data is the product. Review the privacy settings on any health app you use, disable analytics and ad tracking where possible, and be skeptical of apps that request more permissions than they need. The Flo settlement covers a specific historical window, but the practice of data harvesting through SDKs is an industry-wide issue that regulation has not yet caught up with.
What the FTC’s Previous Action Against Flo Tells Us
This class action didn’t emerge from nowhere. In 2021, the Federal Trade Commission reached its own settlement with Flo Health over the same data-sharing practices, requiring the company to obtain user consent before sharing health data and to instruct third parties to delete previously obtained data. The FTC action validated the core allegations — that Flo had promised users their data would be private and then broke that promise.
But the FTC settlement didn’t include any direct payments to affected users, which is exactly the gap this class action fills. The progression from FTC enforcement to private litigation to a jury verdict against Meta illustrates how accountability for data privacy violations is evolving. Government agencies set the floor, but private lawsuits — and the threat of massive jury awards — are what actually change corporate behavior. The $59.5 million settlement and the looming Meta damages judgment together send a message that the old playbook of collecting sensitive data first and asking for forgiveness later now carries real financial teeth.
What Comes Next for Period Tracker Privacy
Looking forward, the Flo Health litigation is likely to accelerate two trends. First, expect more state-level privacy legislation specifically targeting health app data. The post-Dobbs environment has already heightened concerns about reproductive data privacy, and lawmakers in several states have introduced bills that would impose HIPAA-like obligations on apps that collect reproductive health information, regardless of whether those apps qualify as covered entities under federal law.
Second, the Meta jury verdict — if it survives appeal — could reshape how SDK-based data collection works across the entire app economy. If embedding a third-party analytics SDK that harvests user data can result in billions in statutory damages, the risk calculus for app developers changes overnight. We may see a shift toward privacy-preserving analytics, on-device processing, and genuine informed consent mechanisms — not because companies suddenly care about privacy, but because the Flo case proved that ignoring it can be extraordinarily expensive.
Conclusion
The Flo Health settlement is a case study in how the tech industry’s appetite for data ran headlong into some of the most sensitive information imaginable. For $59.5 million — with Google paying $48 million, Flo Health paying $8 million, and Flurry paying $3.5 million — three companies are answering for the secret collection and commercial exploitation of women’s reproductive health data. The related Meta jury verdict, finding the company liable under California’s Invasion of Privacy Act, adds another layer of accountability that could result in damages orders of magnitude larger.
If you used the Flo app and entered any menstruation or pregnancy data between November 1, 2016 and February 28, 2019, file your claim at PeriodTrackerDataPrivacyLitigation.com before the April 13, 2026 deadline. The process takes minutes, requires no documentation beyond a sworn statement, and could net you between $50 and $400 or more. California residents receive double payments. Don’t leave money on the table — and don’t let the companies that profited from your most personal data walk away without hearing from you.
Frequently Asked Questions
Do I need to prove I used the Flo app to file a claim?
No. You do not need receipts, screenshots, or app store purchase records. You only need to provide your name, address, email, phone number, and a sworn statement confirming you used the app and entered menstruation or pregnancy data during the eligibility window.
What if I deleted the Flo app years ago — can I still file?
Yes. You qualify as long as you used the app and entered relevant health data between November 1, 2016 and February 28, 2019, regardless of whether you still have the app installed.
Why do California residents get double payments?
The settlement reflects stronger privacy protections under California law, particularly the California Invasion of Privacy Act (CIPA), which provides for enhanced statutory damages. The jury in the related Meta trial specifically found violations of CIPA.
When will I actually receive payment?
Payments will be distributed 60 to 90 days after the court grants final approval and any appeals are resolved. Realistically, most payments will arrive in late 2026 or early 2027.
How much will I receive?
Estimated payouts range from $50 to over $400 per person, but the exact amount depends on how many eligible users file claims. Fewer claimants means larger individual payments.
Does this settlement cover data Flo shared with Facebook/Meta?
The $59.5 million settlement covers Google, Flo Health, and Flurry. Meta did not settle and instead went to trial, where a jury found it liable. Meta’s damages will be determined separately and could be substantially larger.