A Mozilla Foundation privacy review found that the period-tracking app Stardust transmitted detailed reproductive health information to an analytics company that was not named in its privacy policy, according to reporting by the BBC and TechCrunch. For users logging cycle symptoms, that means data such as birth control type, pregnancy status, moods, tender breasts, and stomach cramps could leave the app and land in a third-party analytics pipeline.
Mozilla’s audit, conducted with Harvard’s Berkman Klein Center, examined six popular period trackers. Stardust received the lowest score in the group, 2 out of 10, according to Mozilla researcher Shoshana Wodinsky. The nonprofit-run tracker Euki received 10 out of 10.
The difference is not subtle. Mozilla said Stardust contacted third-party trackers as soon as the app opened, before a user had entered any health information. Once Wodinsky recorded a symptom, Mozilla found that the app sent the symptom data to RudderStack along with a persistent user identifier. Mozilla said it found no control inside the app to stop that sharing.
That mechanism matters because RudderStack is not just a passive bucket for app telemetry. Mozilla described it as a data-routing service, meaning information can be forwarded to other destinations. Mozilla said it could not see where RudderStack may have sent the data after receiving it.
Mozilla also found that Stardust sent Facebook an advertising identifier, which can connect activity inside an app to Meta’s existing ad profiles. That does not mean Facebook received every symptom a user entered. It does mean the app linked user behavior to an identifier built for ad tracking, which is exactly the kind of plumbing privacy policies tend to describe in soothing fog.
Stardust told TechCrunch that it has never received a legal demand for user data. That statement does not address Mozilla’s core finding about routine analytics sharing, and Mozilla said the analytics firm involved was not identified in Stardust’s privacy policy.
One tracker kept the sensitive bits local
Euki, which is run by a nonprofit, took the opposite approach, according to Mozilla. The app does not require an account, and Mozilla said health data stays on the user’s phone. Users can protect the app with a PIN, set automatic deletion, or open a decoy screen if someone forces them to unlock the device.
Mozilla did flag one weakness: Euki includes an in-app browser for educational pages, and those pages load ordinary web trackers. Mozilla said the browser resets identifiers between visits, limiting how much those trackers can connect across sessions.
The audit lands in a legal and political context where reproductive health data carries unusually high stakes. The finding is also a reminder that “period tracker” is a soft name for a database of intimate medical, sexual, and behavioral signals. Whether that database stays on a phone or gets piped into analytics infrastructure depends on choices made by the companies building the app.
This story draws on original reporting from WIRED.