I had a Fitbit, and the first thing I did was file a bug report on the lack of support for HealthKit - in other words mandating that you give them all your data, after you already paid for the device.
That responded saying that they did not want to support HealthKit or any secure data method - I was willing to give them the benefit of the doubt, which in hindsight was stupid: it should have been clear that they wanted to profit off the stolen data.
At least Google has some incentive to keep the data for themselves (to target ads at you), rather than sell it to third parties.
Still, I’ll be looking at different brands next time my Fitbit breaks.
What are the alternatives ? MS band ? Apple watch ? xiaomi ?
Though they are still gathering a lot of data. It feels better than Fitbit/Google, but I wish they'd spend some time on encryption / privacy.
For example, all the GPS data, that's useful for showing a map of the run and measure the distance, but certainly doesn't need to go on their servers. They should encrypt the GPS points and only send the shape (vector path) to their servers. That would contain info about distance, but not where in the world the person was running.
Similar things could be done for other things.