Roman Bugaev / CTO, FLO

1. The Future is Private: Secure Data
Management Best Practice
Roman Bugaev, CTO at Flo

2. #1Health & Fitness app
by installs and MAU
26M+MAU
90% organic. 60% tier-1 countries

3. Why is this
important?

4. Privacy is now a luxury

5. Apple’s newest product is privacy

6. You can become “famous”

7. And some more...
Reputational
FinancialBusiness
Regulatory

8. Lessons for Data
Practitioners

9. Design a positive opt-in opt-in (no pre-checked boxes!)
Your strongest position is to get explicit, willful permission to collect user's
data. And think about micro-consent.
Screen Accept rate Churn Rate
With checkboxes 97,14% 2.86%
Without checkboxes 98,67 1.33%

10. Respect Data Subject Rights
User must be able to modify, correct, erase, and update Personal Data

11. Privacy by Design
Be proactive not Reactive; Preventative not Remedial
* https://www.digitemis.com/
If I pull data from an API, do I really
need all the fields of data that I could
get, or do I narrow it for the specific
purpose of this product?
When thinking about geolocation data–
do I really need it? And if I do capture
geolocation data, what are the risks
associated with that?

12. Minimize collected data
Datensparsamkeit [de] - Only store data you need
* https://martinfowler.com/bliki/

13. Reduce sensitivity of data
Aggregate and statistically anonymise data or extract the features of
interest before sharing
e.g. use age group instead of age

14. Cultivate transparency and honesty
Be open and clear about how you protect and use private data

15. Protect whole data lifecycle with End-to-End security
Cloudflare helps Flo to raise the bar of security standards for women’s
health apps.

16. Thank you!