This is among the most sensitive personal data a company can collect — it can reveal medical conditions, reproductive health, and daily routines, making robust data protection essential.
Consumer impact
Fitbit collects sensitive health and biometric data — including heart rate, sleep patterns, menstrual cycles, weight, and GPS location — and may share it with Google, third-party service providers, and health platforms. Users who link a Google Account are subject to Google's broader privacy practices, significantly expanding how their data may be used. You can review and delete your Fitbit data or request a data export through the Fitbit app under Account Settings.
What you can do
⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
Delete Your Data
In the Fitbit app, navigate to your account profile, select Manage Data, and choose to delete specific health data categories or your entire account history.
Applicable agencies
FTC
The FTC has jurisdiction over health data privacy and unfair data practices involving sensitive consumer health information.
State attorneys general enforce biometric privacy laws (e.g. Illinois BIPA) and state health data protection statutes applicable to Fitbit's data collection.