Your Rights and Our Legal Bases

Access and Portability

You can access much of your information by logging into your account. If you require additional access, please contact us at https://support.strava.com. To enforce your right to data portability, click here to download a copy of your data.

Rectify, Restrict, Limit, Delete

You can also rectify, restrict, limit or delete much of your information by logging into your account, such as to edit your profile, delete photos or videos you have posted, remove individual activities from view, or delete your account. You can delete individual activities or click here to delete your account. If you need assistance with this, please contact us at https://support.strava.com.

Object

Where we process your information based on our legitimate interests explained below, you can object to this processing in certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons.

Revoke consent

Where you have previously provided your consent, such as to permit us to process health-related data about you, you have the right to withdraw your consent to the processing of your information at any time. For example, you can withdraw your consent by updating your settings. In certain cases, we may continue to process your information after you have withdrawn consent if we have a separate legal basis to do so (e.g., to comply with a court order) or if your withdrawal of consent was limited to certain processing activities.

Complain

Should you wish to raise a concern about our use of your information (and without prejudice to any other rights you may have), you have the right to do so with your local data protection supervisory authority. Strava’s lead supervisory authority is the Data Protection Commission of Ireland.

To provide the Strava Services

As described in the Terms of Service, the core Strava Services cannot be provided, and the Terms of Service cannot be performed, without Strava processing data including for the following purposes:

• Create your account and provide you with access to the Services.
• Record your activities.
• Help you analyze your performance. For example, to compare your past efforts and analyze your training.
• Help you manage your training. For example, to set goals and use your training dashboard.
• Process your Strava subscription.
• Respond to your support requests and comments.
• To ensure the safety and security of our Services.

Since we process data you provide to us which is necessary to perform our contract with you, you have the right to port or transfer that data if you reside in the EEA or the UK.

With your consent

We ask for your permission to process your information for certain purposes and you have the right to withdraw your consent at any time. We ask for your consent to:

• Obtain your geolocation when recording GPS-based activities including to use our Beacon safety feature.
• Collect or infer health information which may include information inferred from sources such as heart rate or other indicators. We use your health information to provide helpful statistics and visualizations.
• Send you marketing communications.
• Collect and process information from third-party products and services, such as Facebook or Google, or devices and apps, such as your Garmin watch or Peloton account, which you connect to Strava.
• Access photos, location, and contacts information through your device-based settings so we can provide the services described when you enable the settings.

Legal obligation or for the establishment, exercise or defense of legal claims

We process data where we have a legal obligation to do so, for example, where we're responding to a valid and binding legal process from a law enforcement agency for certain data. See our Privacy Policy, under "Legal Requirements" for more information. We may also collect and process personal information, for example, your date of birth, to comply with regulations that require us to provide additional protections for children.
In addition, processing may be needed for us to establish, exercise or defend civil or criminal claims in connection with actual or potential litigation including to protect the Strava Services, our property or other legal rights, including those of our members, partners, or subsidiaries.

To protect vital interests

We process data where it is necessary to protect an interest which is essential to someone’s life or protect any person from serious bodily injury. This includes processing information to combat harmful conduct both on and off of our Services.

Carrying out a task in the public interest

Where laid down by EU law or the law in an EU Member State, we may process your data to perform processing in the public interest. This may include protecting against harm and undertaking research for social good. You have the right to object to, and seek restriction of, our processing of your personal information when we process data using this legal basis.

In furtherance of legitimate interests

We process your information for our legitimate interests, and those of third parties, while applying appropriate safeguards that protect your privacy, rights and interests. We do this to:

• Market the Services, activities on Strava and other commercial products or services. For example, our partners may pay us to promote their challenges, products, or services on Strava. This is one of the ways we are able to provide the Services on a sustainable basis.
• Maintain our business by conducting research and continuously improving the Services so as to offer innovative and customized offerings to our members and partners.
• Convert your information into aggregated form for use by us and our partners. Our partners may use this information to improve transportation infrastructure, such as with Strava Metro, or for other commercial purposes including developing useful insights. We also aggregate information to generate community-powered features like our Global Heatmap, Points of Interest, and Start Points.
• Keep the Services safe and secure by using information to prevent or detect violations of our Terms of Service or Community Standards, fraud or abuse, and other harmful or illegal conduct. We may also share information with third parties, including law enforcement agencies for this purpose.
• Promote the Services, including email and in-product marketing campaigns to inform you about our Services.
• Enable you to find new ways to interact by using the Services. For example, to compete on segments, participate in clubs, challenges, or events, follow other athletes, and use features that help athletes interact with one another, such as group activities or flyby.
• Enable you to contribute to and access community-powered insights. For example, sharing points of interest or public photos from specific routes to provide insights to other users about those places.
• Enable you to visualize your activities in new ways. For example, by creating personal heatmaps or using your training log.
• Customize the Services for you. We may suggest segments, routes/trails, challenges, points of interests, or clubs that may interest you, athletes that you may want to follow, or new features that you may want to try. We rely on our legitimate interest in retaining members when ensuring that we offer new opportunities, such as showing routes or segments of interest to our community, and we may use location information when suggesting such opportunities.

Right of deletion

You have the right to request that we delete your personal information, subject to certain exceptions. After we receive and validate your request, we will delete your personal information, as well as direct our service providers to delete your personal information, unless an exception applies.

You can delete individual activities or click here to delete your account.

Right to non-discrimination

You have the right not to receive discriminatory treatment for the exercise of your privacy rights under State Privacy Laws.

We will not discriminate against you for exercising any of your State Privacy Law rights.

Right to opt out of personal information sales or shares

We have never sold your personal information for monetary value, and we still don’t. However, under certain privacy laws, some non-monetary sharing of personal information with third parties – for example to provide you with targeted advertising for Strava on other platforms – may be considered a “sale” or “share.”

Strava does not “sell” or “share” your personal information for analytics or to serve you with targeted advertising on other platforms unless you accept non-essential cookies using our cookie banner.

You have the right to direct us to not “sell” or “share” your personal information. We do not “sell” or “share” the personal information of users we know are under 16 years old. If you opted into receiving our targeted advertising using our cookie banner, you may opt out of targeted advertising by (1) clicking the “Do Not Share My Personal Information” link in the footer below and following the instructions; (2) clicking in our app on the “Personal Information Sharing” link in your Privacy Controls and following the instructions; or (3) setting your cookie preferences to deny non-essential cookies. More information on your opt out options is provided here.

Once you make an opt-out request, we will wait at least 12 months before asking you if you want to re-opt into “sales” or “shares” of your personal information.

Right to correct inaccurate personal information

You have the right to direct us to correct inaccurate information that we maintain about you. You can do so by contacting us using the information provided in the “How to contact us” section below.

Right to limit the use and disclosure of sensitive information

You have the right to direct us to only use your sensitive information, such as precise geolocation data or health data, for limited purposes, such as providing you with the services you requested.

We obtain your express consent before processing your sensitive information and only use it to provide the Services, in accordance with your privacy settings.