Revision History
Fitbit.com - Privacy Policy
Show other documents from Fitbit.com
Version Comments
Several important changes have been made throughout this Privacy Policy.
A new version has been posted.
The answer to "How Does Fitbit Handle Data From International Visitors?" has been heavily modified.
The section "How Does Fitbit Handle Data From International Visitors?" has been heavily modified. The last updated date is also incorrect (the change was detected on November 30, 2016).
The section entitled "How Does Fitbit Handle Data From International Visitors?" has been updated.
The introductory paragraph as well as the section entitled "How Does Fitbit Handle Data From International Visitors?" has been updated.
Two new sections added: Cookie Policy and Contact Us.
A new paragraph titled "OUR PLEDGE" has been added to the top of the document.
Mostly a major format change: the document has been reorganized to be easier to read and the "Cookie Policy" section was removed from the document. You can still find it here: http://www.fitbit.com/us/legal/cookie-policy
A new section has been added: "What Data May be Shared With Third Parties?".
Contact us street address updated.
Now the "Last update" date has been changed; minor typos fixed.
Fairly significant changes made; Changes were not present before December 5, 2014, but the document says "Last update November 26, 2014".
This is the initial version that ParanoidPaul captured. It is not necessarily the first version of the document.
Indicates that the document has been updated silently, without a change to the posted "last modified" date!
FITBIT PRIVACY POLICY

	New! We recently revised this policy. Please review the summary of changes and updated policy below. You can find the earlier policy in our archive. 

UPDATED: SEPTEMBER 28, 2017APRIL 23, 2018

EFFECTIVE: OCTOBER 30, 2017,MAY 24, 2018, UNLESS YOU ARE PRESENTED WITHAGREE TO THIS POLICY SOONER, LIKE WHEN YOU CREATE AN ACCOUNT OR PAIR YOUR DEVICE. THEN THIS POLICY IS EFFECTIVE AS OF THAT SOONER DATE.THE DATE OF YOUR AGREEMENT.

	We believe that transparency is the key to any healthy relationship. At Fitbit, we’re all about healthy. We appreciate that you are trusting us with information that is important to you, and we want to be transparent about how we use it. 

	Here we describe the privacy practices for our devices, applications, software, websites, APIs, products, and services (the “Services”). You will learn about the data we collect, how we use it, the controls we give you over your information, and the measures we take to keep it safe. 

	Specifically, we’ll cover:     

 	 Information We Collect
 	 How We Use Information
 	 How Information Is Shared
 	 HowYour Rights To Access or Deleteand Control Your Personal InformationData
 	 Data Retention
 	 Analytics and Advertising Services Provided by Others
 	 Our Policies for Children
 	 Information Security
 	 Our International Operations and Data Transfers
 	 Changes to This Policy
 	 Who We Are and How To Contact Us

INFORMATION WE COLLECT

	When you use our Services, we collect the following types of information. 

INFORMATION YOU PROVIDE US

ACCOUNT INFORMATION

	Some information is required to create an account on our Services, such as your name, email address, password, date of birth, gender, height, weight, and in some cases your mobile telephone number. This is the only information you have to provide to create an account with us. You may also choose to provide other types of information, such as a profile photo, community username, food log, alarm,biography, country information, and messages on discussion boards or to your friends on the Services.  community username. 

ADDITIONAL INFORMATION

	To help improve your experience or enable certain features of the Services, you may choose to provide us with additional information. For example, youinformation, like your logs for food, weight, sleep, water, or female health tracking; an alarm; and messages on discussion boards or to your friends on the Services. 

	You may also connect with friends on the Services or invite friends who have not yet joined by providing their email addresses, accessing social networking accounts, or using the contact list on your mobile device. We do not store your contact list and delete it after it is used for adding contacts as friends. 

	If you contact us or participate in a survey, contest, or promotion, we collect the information you submit such as your name, contact information, and message. 

INFORMATION FROM THIRD-PARTY SERVICES


	If you choose to connect your account on our Services to your account on another service, we may receive information from the other service. For example, if you connect to Facebook or Google, we may receive information like your name, profile picture, age range, language, email address, and friend list. You may also choose to grant us access to your exercise or activity data from another service. You can stop sharing the information from the other service with us by removing our access to that other service. 

PAYMENT AND CARD INFORMATION

	Some Fitbit devices support payments and transactions with third parties. If you activate this feature, you must provide certain information for identification and verification, such as your name, credit, debit or other card number, card expiration date, and CVV code. This information is encrypted and sent to your card network, which upon approval sends back to your device a token, which is a set of random digits for engaging in transactions without exposing your card number. For your convenience, we store the last four digits of your card number and your card issuer’s name and contact information. You can remove the token from your account using your account settings. We do not store your transaction history. 

	If you purchase Fitbit merchandise on our website, you provide your payment information, including your name, credit or debit card number, card expiration date, CVV code, and billing address. We do not store this payment information. We store your shipping address to fulfill your order. Note that third-party payment processors may retain this information in accordance with their own privacy policies and terms.  

INFORMATION WE RECEIVE FROM YOUR USE OF OUR SERVICES

FITBIT DEVICEDEVICE INFORMATION

	Your device collects data to estimate a variety of metrics like the number of steps you take, your distance traveled, calories burned, weight, heart rate, sleep stages, active minutes, and location. The data collected varies depending on which device you use. Learn more about the features of our various devices and how you can use MobileTrack. When your device syncs with our applications or software, data recorded on your device is transferred from your device to our servers. 

LOCATION INFORMATION

	The Services include features that use precise location data, including GPS signals, device sensors, Wi-Fi access points, and cell tower IDs. We collect this type of data if you grant us access to your location. You can always remove our access using your Fitbit device or mobile device settings. We may also derive your approximate location from your IP address. 

USAGE INFORMATION

	When you access or use our Services, we receive certain usage data. This includes information about your interaction with the Services, for example, when you view or search content, install applications or software, create or log into your account, pair your Fitbit device to your account, or open or interact with an application on your Fitbit devicedevice. 

	We also collect data about the devices and computers you use to access the Services, including IP addresses, browser type, language, operating system, Fitbit or mobile device information (including device and application identifiers), the referring web page, pages visited, location (depending on the permissions you have granted us), and cookie information.  

HEALTH AND OTHER SPECIAL CATEGORIES OF PERSONAL DATA

	To the extent that information we collect is health data or another special category of personal data subject to the European Union’s General Data Protection Regulation (“GDPR”), we ask for your explicit consent to process the data. We obtain this consent separately when you take actions leading to our obtaining the data, for example, when you pair your device to your account, grant us access to your exercise or activity data from another service, or use the female health tracking feature. You can use your account settings and tools to withdraw your consent at any time, including by stopping use of a feature, removing our access to a third-party service, unpairing your device, or deleting your data or your account.  


HOW WE USE INFORMATION

	We use the information we collect to provide and support our Services and make them better for all our users. Here’s how:the following purposes.  

PROVIDE, IMPROVE,PROVIDE AND DEVELOPMAINTAIN THE SERVICES

	Using the information we collect, we are able to deliver the Services, improve them,Services to you and research and develop new ones.honor our Terms of Service contract with you. For example, we need to use theyour information to provide you with the Services you request; understand how you and other users interact with the Services; trackyour Fitbit dashboard tracking your exercise, activity, and other trends; provide customer support; troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys; and develop newto enable the community features of the Services; and Services.to give you customer support. 

	We	For the Services’ community features, we may also use your information to help you find and connect with other users and to allow other users to find and connect with you on the Services.you. For example, your account contact information allows other users to add you as a friend. When another user has your email or mobile phone number in their contact list or in their friend network on a connected service, we show that user that you are a user of the Services. 

	When you allow us to collect precise location information, we use that information to provide and improve features of the Services such as recording where a workout took place or mapping an activity. IMPROVE, PERSONALIZE, AND DEVELOP THE SERVICES

PERSONALIZE SERVICES	We use the information we collect to improve and personalize the Services and to develop new ones. For example, we use the information to troubleshoot and protect against errors; perform data analysis and testing; conduct research and surveys; and develop new features and Services. 

	When you allow us to collect precise location information, we use that information to provide and improve features of the Services such as recording where a workout took place or mapping an activity. 

	We also use theyour information we collect to personalize the Services, make inferences,inferences and show you more relevant content. Here are some examples: 

 	 Information like your height, weight, gender, and age allows us to personalizeimprove the accuracy of your daily exercise and activity statistics like the number of calories you burned and the distance you traveled.
 	 Based on your sleep data, we may make inferences about your sleeping patterns and provide you with customized insights to help you improve your sleep.
 	 We may personalize exercise and activity goals for you based on the goals you previously set and your historical exercise or activity data.

COMMUNICATE WITH YOU

	We use your information when needed to send you Service notifications and informrespond to you ofwhen you contact us. We also use your information to promote new features or products that we think you would be interested in. You can control marketing communications and most Service notifications by using your notification preferences in account settings or via the 'Unsubscribe'“Unsubscribe” link in an email. We also use your information to respond to you when you contact us. 

PROMOTE SAFETY AND SECURITY

	We use the information we collect to promote the safety and security of the Services, our users, and other parties. For example, we may use the information to authenticate users, facilitate secure payments, protect against fraud and abuse, respond to a legal request or claim, conduct audits, and enforce our terms and policies.  

	We use cookies and similar technologies to provide, support, and improve our Services asfor the purposes described above. For more information, please read our Cookie Use statement. 

	For personal data subject to the GDPR, we rely on several legal bases to process the data. These include when you have given your consent, which you may withdraw at any time using your account settings and other tools; when the processing is necessary to perform a contract with you, like the Terms of Service; and our legitimate business interests, such as in improving, personalizing, and developing the Services, marketing new features or products that may be of interest, and promoting safety and security as described above. 

HOW INFORMATION IS SHARED

	We do not share your personal information except in the limited circumstances described below.  

WHEN YOU AGREE OR DIRECT US TO SHARE

	You may direct us to disclose your information to others, such as when you use our community features like the forums, 7-day leaderboard, and other social tools. For certain information, we provide you with privacy preferences in account settings and other tools to control how your information may be accessed byis visible to other users onof the Services. Just remember that if you choose to participate in a challenge, information like your profile photo, posted messages, total steps in the challenge, personal statistics, and achievements, is not governed by your privacy preferences and will be visible to all other challenge participants. 

	You may also authorize us to share your information with others, for example, with a third-party application when you give it access to your account, or with your employer when you choose to participate in an employee wellness program. Remember that their use of your information will be governed by their privacy policies and terms. You can revoke your consent to share with third-party applications or employee wellness programs using your account settings.  

FOR EXTERNAL PROCESSING

	We transfer information to our corporate affiliates, service providers, and other partners who process it for us, based on our instructions, and in compliance with this policy and any other appropriate confidentiality and security measures. These partners provide us with services globally, including for customer support, information technology, payments, sales, marketing, data analysis, research, and surveys. 

FOR LEGAL REASONS OR TO PREVENT HARM

	We may preserve or disclose information about you to comply with a law, regulation, legal process, or governmental request; to assert legal rights or defend against legal claims; or to prevent, detect, or investigate illegal activity, fraud, abuse, violations of our terms, or threats to the security of the Services or the physical safety of any person.  

	Please note: Our policy is to notify you of legal process seeking access to your information, such as search warrants, court orders, or subpoenas, unless we are prohibited by law from doing so. In cases where a court order specifies a non-disclosure period, we provide delayed notice after the expiration of the non-disclosure period. Exceptions to our notice policy include exigent or counterproductive circumstances, for example, when there is an emergency involving a danger of death or serious physical injury to a person.   

	We may share non-personal information that is aggregated or de-identified so that it cannot reasonably be used to identify an individual. We may disclose such information publicly and to third parties, for example, in public reports about exercise and activity, to partners under agreement with us, or as part of the community benchmarking information we provide to users of our subscription services. 

	If we are involved in a merger, acquisition, or sale of assets, we will continue to take measures to protect the confidentiality of personal information and give affected users notice before transferring any personal information to a new entity. 

HOWYOUR RIGHTS TO ACCESS OR DELETEAND CONTROL YOUR PERSONAL INFORMATIONDATA

	We providegive you with account settings and tools to access and manage thecontrol your personal information associateddata, as described below, regardless of where you live. If you live in the European Economic Area, United Kingdom, and Switzerland (the “Designated Countries”), you have a number of legal rights with respect to your account. You can also download certain account information, including data about your activities, body, foods, and sleep, throughwhich your account settings.settings and tools allow you to exercise, as outlined below. 

	We store information associated	ACCESSING AND EXPORTING DATA. By logging into your account, you can access much of your personal information, including your dashboard with your daily exercise and activity statistics. Using your account untilsettings, you can also download information in a commonly used file format, including data about your activities, body, foods, and sleep. 

	EDITING AND DELETING DATA. Your account is deleted. Yousettings let you change and delete your personal information. For instance, you can edit or delete the profile data you provide and delete your account at any time by contacting Customer Support. Pleaseif you wish.  

	If you choose to delete your account, please note that while most of your information will be deleted within 30 days, it may take a bit of timeup to 90 days to delete all of your account information, like the data recorded by your Fitbit device and other data stored in our backup systems. This is due to the size and complexity of the systems we use to store data. We may also preserve itdata for legal reasons or to prevent harm, including as described in the How Information Is Shared section.  

	OBJECTING TO DATA USE. We give you account settings and tools to control our data use. For example, through your privacy settings, you can limit how your information is visible to other users of the Services; using your notification settings, you can limit the notifications you receive from us; and under your application settings, you can revoke the access of third-party applications that you previously connected to your Fitbit account. You can also use the Fitbit application to unpair your device from your account at any time. 

	If you live in a Designated Country, in certain circumstances, you can object to our processing of your information based on our legitimate interests, including as described in the How We Use Information section. You have a general right to object to the use of your information for direct marketing purposes. Please see your notification settings to control our marketing communications to you about Fitbit products. Please also review our Cookie Use statement for your options to control how we and our partners use cookies and similar technologies for advertising. 

	RESTRICTING OR LIMITING DATA USE. In addition to the various controls that we offer, if you reside in a Designated Country, you can seek to restrict our processing of your data in certain circumstances. Please note that you can always delete your account at any time. 

	If you need further assistance regarding your rights, please contact our Data Protection Officer at data-protection-office@fitbit.com, and we will consider your request in accordance with applicable laws. If you reside in a Designated Country, you also have a right to lodge a complaint with your local data protection authority or with the Irish Data Protection Commissioner, our lead supervisory authority, whose contact information is available here. 

DATA RETENTION

	We keep your account information, like your name, email address, and password, for as long as your account is in existence because we need it to operate your account. In some cases, when you give us information for a feature of the Services, we delete the data after it is no longer needed for the feature. For instance, when you provide your contact list for finding friends on the Services, we delete the list after it is used for adding contacts as friends. We keep other information, like your exercise or activity data, until you use your account settings or tools to delete the data or your account because we use this data to provide you with your personal statistics and other aspects of the Services. We also keep information about you and your use of the Services for as long as necessary for our legitimate business interests, for legal reasons, and to prevent harm, including as described in the How We Use Information and How Information Is Shared sections. 

ANALYTICS AND ADVERTISING SERVICES PROVIDED BY OTHERS

	We work with partners who provide us with analytics and advertising services. This includes helping us understand how users interact with the Services, serving ads on our behalf across the internet, and measuring the performance of those ads. These companies may use cookies and similar technologies to collect information about your interactions with the Services and other websites and applications. To learn more and about your privacy choices, please read our Cookie Use statement. 

OUR POLICIES FOR CHILDREN

	We appreciate the importance of taking additional measures to protect children’s privacy. Persons

	Fitbit allows parents to set up accounts for their children to use with select Fitbit devices (“Children’s Account”). Children’s Accounts are subject to a separate Privacy Policy for Children’s Accounts which explains what information we collect to set up these accounts, what information we collect from a child’s use of our Services, and how we use and share that information. Parents or guardians must consent to the use of their child’s data in accordance with the Privacy Policy for Children’s Accounts in order to create such an account. 

	Persons under the age of 13, or the equivalentany higher minimum age in the relevant jurisdiction,jurisdiction where that person resides, are not permitted to create accounts unless their parent has consented in accordance with applicable law. If we learn that we have collected the personal information of a child under the relevant minimum age without parental consent, we will take steps to delete the information as soon as possible. Parents who believe that their child has submitted personal information to us and would like to have it deleted may contact us at privacy@fitbit.com. 

INFORMATION SECURITY

	We work hard to keep your data safe. We use a combination of technical, administrative, and physical controls to maintain the security of your data. This includes using Transport Layer Security (“TLS”) to encrypt many of our Services. No method of transmitting or storing data is completely secure, however. If you have a security-related concern, please contact Customer Support. 

OUR INTERNATIONAL OPERATIONS AND DATA TRANSFERS

	We operate internationally and may transfer information collected within the European Economic Area and Switzerland to the United States and other countries for the purposes described in this policy. Fitbit, Inc. complies with the EU-US and Swiss-US Privacy Shield principles regarding the collection, use, sharing, and retention of personal information from the EEA and Switzerland, as described in our EU-US Privacy Shield certification and Swiss-US Privacy Shield certification. Learn more about Privacy Shield here. 

	We arerely on multiple legal bases to lawfully transfer personal data around the world. These include your consent, the EU-US and Swiss-US Privacy Shield, and EU Commission approved model contractual clauses, which require certain privacy and security protections. You may obtain copies of the model contractual clauses by contacting us. Fitbit, Inc. complies with the Privacy Shield principles regarding the collection, use, sharing, and retention of personal information as described in our Privacy Shield certifications. Learn more about Privacy Shield here. 

	Fitbit, Inc. is subject to the oversight of the US Federal Trade Commission and remainremains responsible for personal information that we transfer to others who process it on our behalf as described in the How Information Is Shared section. If you have a complaint about our Privacy Shield compliance, please contact us. You can also refer a complaint to our chosen independent dispute resolution body JAMS, and in certain circumstances, invoke the Privacy Shield arbitration process. 

	Please note that the countries where we operate may have privacy and data protection laws that differ from, and are potentially less protective than, the laws of your country. You agree to this risk when you create a Fitbit account and click “I agree” to data transfers, irrespective of which country you live in. For a list of the locations where we have offices, please see our company information here. If you later wish to withdraw your consent, you can delete your Fitbit account as described in the Your Rights To Access and Control Your Personal Data section. 

CHANGES TO THIS POLICY

	We will notify you before we make material changes to this policy and give you an opportunity to review the revised policy before deciding if you would like to continue to use the Services. You can review previous versions of the policy in our archive. 

HOWWHO WE ARE AND HOW TO CONTACT US

	If you have questions, suggestions, or concerns about this policy, or about our use of your information, please contact us at privacy@fitbit.com. 

	If you live in the European Economic Area, United Kingdom, or Switzerland, then Fitbit International Limited, an Irish company, controls your personal data and provides you with the Services. If you are seeking to exercise any of your statutory rights, please contact our Data Protection Officer at data-protection-office@fitbit.com. You may also contact us at: 

	 Fitbit International Limited Attn: Legal Department (Privacy Policy) 76 Lower Baggot Street Dublin 2, Ireland  

	If you have questions about this policy, or about our use of your information, pleasereside elsewhere, then Fitbit, Inc., a US company, is the data controller that provides you with the Services. You may contact us at privacy@fitbit.com.at: 

	Privacy Officer
 Fitbit,	 Fitbit, Inc.
 199 Attn: Legal Department (Privacy Policy) 199 Fremont Street, 14th Floor
 San San Francisco, CA 94105 U.S.A.  

	Archive of Previous Privacy Policies      

GET THE LOW-DOWN ON ALL THINGS FITBIT LEGAL.

	See all our legal policies

If you'd like to be notified when Fitbit.com makes updates to documents like this, choose which ones you'd like to subscribe to today (it's free!).