MyFitnessPal collects detailed records of everything you log in the app, including your food intake, exercise, body weight, and health measurements, and uses this data to operate the service and for other purposes including advertising.
This analysis describes what MyFitnessPal's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Dietary and body data is among the most personal information someone can share, and understanding how it is used beyond the core app function, including for advertising, is important for informed consent.
Interpretive note: The exact legal basis asserted for processing health data for advertising purposes is not fully visible in the truncated document, creating some uncertainty about whether explicit consent or legitimate interests is claimed.
Your food logs, weight records, and body measurements are collected and may be used for advertising personalization and shared with third-party analytics and marketing partners, not just to power the app's core features.
Cross-platform context
See how other platforms handle Collection and Use of Health and Fitness Data and similar clauses.
Compare across platforms →Monitoring
MyFitnessPal has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"We collect information you provide when you use our Services, such as when you create an account, log food, exercise, or health data, or communicate with us. This includes: Health and fitness data, such as food and water intake, nutritional information, exercise and activity data, sleep data, body weight and measurements, and other health-related information you choose to track.— Excerpt from MyFitnessPal's MyFitnessPal Privacy Policy
REGULATORY LANDSCAPE: The collection of dietary intake, body weight, and health measurements engages GDPR Article 9 (special categories of personal data, which includes health data) for EU/EEA users, requiring a qualifying legal basis such as explicit consent. Under CPRA, dietary data and health-related metrics may qualify as sensitive personal information, triggering additional disclosure and opt-out obligations enforced by the California Privacy Protection Agency. The FTC Act's prohibition on unfair or deceptive practices is also relevant if health data is used in ways not clearly disclosed. GOVERNANCE EXPOSURE: High. The use of health and fitness data for advertising personalization is the provision with the greatest regulatory exposure, particularly in the EU and California. Processing special category data under GDPR without clear explicit consent or another Article 9 qualifying ground creates material compliance risk. The breadth of data collected (food logs, weight, measurements, exercise history) increases the sensitivity classification risk under multiple frameworks. JURISDICTION FLAGS: EU/EEA users face the highest exposure given GDPR Article 9 requirements. California users are protected under CPRA's sensitive personal information provisions. Users in other US states with emerging comprehensive privacy laws (Virginia, Colorado, Connecticut, Texas) may also have applicable rights. Minors' health data warrants heightened review under COPPA and state equivalents. CONTRACT AND VENDOR IMPLICATIONS: Organizations using MyFitnessPal's API or white-label features should ensure data processing agreements address the sensitive nature of health data. Downstream advertising technology vendors receiving this data may trigger their own compliance obligations, and procurement teams should verify that vendor contracts address health data restrictions. COMPLIANCE CONSIDERATIONS: Compliance teams should audit whether consent mechanisms for health data advertising use satisfy GDPR's explicit consent standard (distinct from general terms acceptance) and whether CPRA's sensitive personal information opt-out is prominently surfaced. A data mapping exercise should classify dietary and fitness data under applicable frameworks and document the legal basis for each processing purpose.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Dietary and body data is among the most personal information someone can share, and understanding how it is used beyond the core app function, including for advertising, is important for informed consent.
Your food logs, weight records, and body measurements are collected and may be used for advertising personalization and shared with third-party analytics and marketing partners, not just to power the app's core features.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by MyFitnessPal.