IMO something that specifically addressed an acquisition wouldn't add anything.
Either Fitbit's acquirer is contractually bound by the privacy policy or it isn't. If it isn't, then the specifics about acquisition don't add anything. If it is, then "We pledge...to never sell your personal data" is enough.
FWIW, Fitbit's publicly traded stock is non-voting, so hostile takeover is not possible.
Something about offering to delete a users data before material changes to the privacy policy took effect would be meaningful in more circumstances than acquisition.
It's kinda maybe in there already, but not directly (there is an offer to delete data and the language about continuing to use the service given a change).
I consider the pledge to be nearly meaningless. It's certainly a statement of good faith from the people working at and controlling the company today, but without any sort of legal teeth, it's also little more than a wet napkin.
In some circumstances privacy policies have had legal teeth, "particularly when parties claiming a breach have alleged that they read and subsequently relied on the policy prior to transacting business with the site operator" according to this page:
Either Fitbit's acquirer is contractually bound by the privacy policy or it isn't. If it isn't, then the specifics about acquisition don't add anything. If it is, then "We pledge...to never sell your personal data" is enough.
FWIW, Fitbit's publicly traded stock is non-voting, so hostile takeover is not possible.