EU, UK, and Swiss users have a set of legal rights under GDPR to access, correct, delete, and move their personal data, and can object to MyFitnessPal processing their information in certain circumstances.
This analysis describes what MyFitnessPal's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
GDPR provides strong legal protections for EU users, particularly relevant when a company processes sensitive health data, and these rights are enforceable through national data protection authorities with the power to impose significant fines.
EU and UK MyFitnessPal users can formally request a copy of their data, ask for it to be deleted, or object to their health information being used for advertising, and they have legal recourse through data protection authorities if these rights are not honored.
Cross-platform context
See how other platforms handle EU/EEA Users Data Subject Rights and similar clauses.
Compare across platforms →Monitoring
MyFitnessPal has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you are located in the European Economic Area, the United Kingdom, or Switzerland, you have the right to access personal information we hold about you; the right to request correction of inaccurate personal information; the right to request deletion of your personal information; the right to object to processing of your personal information; the right to restrict processing; and the right to data portability.— Excerpt from MyFitnessPal's MyFitnessPal Privacy Policy
REGULATORY LANDSCAPE: This provision implements rights under the EU General Data Protection Regulation (GDPR), UK GDPR, and Swiss Federal Act on Data Protection (FADP). The relevant enforcement authorities are national data protection authorities within the EU/EEA (such as the Irish Data Protection Commission, which is the likely lead supervisory authority for MyFitnessPal as a US-based company with EU operations), the UK Information Commissioner's Office, and the Swiss FDPIC. GDPR Article 9 special category protections are particularly relevant given the health data collected. GOVERNANCE EXPOSURE: High for EU/EEA operations. The processing of dietary and health data for advertising purposes by a US-based company creates compounded exposure: potential Article 9 violations if explicit consent is not obtained, and international data transfer compliance requirements under GDPR Chapter V. The right to object to processing (Article 21) is particularly significant if legitimate interests is asserted as the legal basis for advertising use. JURISDICTION FLAGS: EU/EEA users are directly protected by GDPR. UK users fall under UK GDPR post-Brexit. Swiss users are covered by the revised FADP which aligns closely with GDPR. International data transfers from the EU to the US require valid transfer mechanisms (such as Standard Contractual Clauses or the EU-US Data Privacy Framework), and compliance with these mechanisms should be verified. CONTRACT AND VENDOR IMPLICATIONS: MyFitnessPal's EU operations require data processing agreements with all processors and sub-processors. The advertising and analytics partner ecosystem receiving EU user data requires contractual coverage under GDPR Chapter V transfer mechanisms. B2B customers operating in the EU that integrate MyFitnessPal functionality should assess their controller-processor relationships carefully. COMPLIANCE CONSIDERATIONS: Compliance teams should verify that MyFitnessPal maintains a valid legal basis under GDPR Article 6 and, where applicable, Article 9 for each processing purpose, including advertising. A Records of Processing Activities (ROPA) review should confirm that EU user data flows are accurately documented. The right to object to advertising-purpose processing should be operationally implemented and tested on both web and mobile platforms.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
GDPR provides strong legal protections for EU users, particularly relevant when a company processes sensitive health data, and these rights are enforceable through national data protection authorities with the power to impose significant fines.
EU and UK MyFitnessPal users can formally request a copy of their data, ask for it to be deleted, or object to their health information being used for advertising, and they have legal recourse through data protection authorities if these rights are not honored.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by MyFitnessPal.