Sign up to Newsletter

Euki: Research Findings

The last app we looked at was Euki, which has been recognised among privacy advocates. 

Long Read
Post date
6th May 2025
Screenshot of Euki's website - it's advertising the period app, it's headline reads Privacy. Period.

Screenshot of Euki's website

Go back to the full report page

The last app we looked at was Euki, which has been recognised among privacy advocates. The app is a U.S. non-profit privacy-by-default period tracker app founded by a group of social tech and sexual and reproductive health organisations like Digital Defense Fund and Ibis Reproductive Health. The app has recently become open-source

We ran the Euki app through the DIAAS environment to observe its web traffic as for the above apps. There were no onboarding questions to get started on the app except for agreeing to the Terms of Services before use, and we were able to use the app without having to create an account (nor were we prompted anywhere on the app throughout our use to create an account). 

Consequently, we did not find much in the web traffic while setting up and using the app. The only calls that were made across the web were the following calls that appear to be from the Play Store running in the background, not calls from the app itself:

A screenshot of data from the DIE with only 4 entries in the log. Request highlighted is to the play.googleapi.com which includes Connection: Keep-Alive
Figure 8.1. Screenshot of our web traffic window while using Euki. See ‘connection: keep-alive’ for Google API, which could be related to an instruction for the Play Store to keep running in the background.

At this point, we had already inputted our blood flow and emotion symptoms. The only calls that appeared in the web traffic pertained to the Google Play Store API; these calls are from Google's Play Store which is running in the background. We did not observe any user data - nor device data - being sent to any parties. 

Our findings mimic the disclosures in Euki’s Privacy Policy, which states that the app does not collect personally identifiable information or anonymous information automatically, such as the type of mobile device the user uses, their unique device ID, the IP address of the device, or the operating system and web browsers the user is using.

Download the full report

Read more

What can I do?

If you want to make sure we can keep doing work like this you can donate now to make sure PI can keep holding governments and companies to account.  

Related learning resources
No Body's Business but Mine: Vol 2