EU and UK users have GDPR rights to access, correct, delete, or export their data, and to object to certain types of processing, including profiling for advertising.
This analysis describes what Noom's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This clause establishes that Noom's data handling practices are subject to GDPR and UK GDPR regulatory requirements for affected users, which define specific data subject rights and corresponding organizational obligations for data processing activities.
If you are in the EU or UK, you have enforceable rights to see what data Noom holds about you, request its deletion, and object to its use for advertising profiling. These rights can be exercised by contacting privacy@noom.com.
How other platforms handle this
If you are located in the European Economic Area (EEA) or United Kingdom, the data controller for your personal information is Twitter International Unlimited Company. If you are located outside of the EEA, United Kingdom, and Switzerland, the data controller is X Corp. You have the right to access,...
If you are located in the European Economic Area, you have certain rights under the General Data Protection Regulation. These include the right to access personal information we hold about you, to rectify inaccurate data, to erase your data, to restrict processing, to object to processing, and to da...
Depending on your location, you may have certain rights regarding your personal data, including the right to access, correct, delete, or port your data, the right to restrict or object to processing, and where processing is based on consent, the right to withdraw consent at any time. California resi...
Monitoring
Noom has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"If you are located in the European Economic Area or the United Kingdom, you have certain rights under the General Data Protection Regulation (GDPR) or UK GDPR, including the right to access, correct, delete, or restrict processing of your personal data, the right to data portability, and the right to object to processing.— Excerpt from Noom's Noom Privacy Policy
REGULATORY LANDSCAPE: GDPR (EU) and UK GDPR impose obligations on Noom as a data controller, including requirements for lawful basis, data subject rights responses, and data transfer restrictions; health data as a special category under GDPR Article 9 requires explicit consent or another enumerated lawful basis; data transfers from the EU/EEA to the US require adequate safeguards such as Standard Contractual Clauses following the invalidation of Privacy Shield; the UK ICO enforces UK GDPR with its own enforcement framework. GOVERNANCE EXPOSURE: Medium. Noom's EU and UK user base creates ongoing GDPR compliance obligations including lawful basis documentation, data subject rights workflows, and international transfer mechanisms; the processing of special category health data for advertising-adjacent purposes is an area requiring careful lawful basis analysis under GDPR Article 9. JURISDICTION FLAGS: EU/EEA member states (GDPR, enforced by lead supervisory authority and local DPAs); UK (UK GDPR, enforced by ICO); data transfers to the US require valid transfer mechanisms including SCCs or adequacy decisions. CONTRACT AND VENDOR IMPLICATIONS: Noom must maintain Data Processing Agreements with all EU/UK data processors; Standard Contractual Clauses or equivalent transfer mechanisms must be in place for US-based advertising and analytics partners receiving EU/UK user data; the EU-US Data Privacy Framework may provide a transfer mechanism for qualifying US recipients. COMPLIANCE CONSIDERATIONS: Compliance teams should confirm Noom's Records of Processing Activities are current and include health data flows to advertising partners; data subject request workflows should be tested for compliance with the 30-day GDPR response window; the lawful basis for processing health data for advertising or analytics purposes should be documented and defensible before relevant supervisory authorities.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This clause establishes that Noom's data handling practices are subject to GDPR and UK GDPR regulatory requirements for affected users, which define specific data subject rights and corresponding organizational obligations for data processing activities.
If you are in the EU or UK, you have enforceable rights to see what data Noom holds about you, request its deletion, and object to its use for advertising profiling. These rights can be exercised by contacting privacy@noom.com.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Noom.