Strava Privacy Policy
Effective Date: September 30, 2024
Your privacy is very important to us. Before we get to the details, here’s a summary of our key privacy practices. Click on the links to learn more and read the full policy below.
Jump to full privacy policyPrivacy Summary
Collection, Use, and Sharing of Data
- Do we sell your personal information for monetary value? No
- Do we sell aggregated information for monetary value? No
- Do we share your personal information with third parties that are not service providers? Yes, with your consent
- Do we share your personal information for targeted advertising? Yes, with your consent
- Do we use sensitive categories of data, like health information? Yes, with your consent
- Do we provide additional privacy protections for minors (users under 18)? Yes
- Do we use your contact list? Yes, with your consent
- Do we delete your personal information when you request account deletion? Yes, unless it is necessary to provide the Strava services or required by law
- Do we retain your data after you request deletion of your account? No, unless it is necessary to provide the Strava services or required by law
Privacy Controls
- Can you control who sees your activity and content? Yes
- Can you control who sees your location-based activity? Yes
- Are your activity and profile privacy controls public (set to “Everyone”) by default? Yes, if you are 18 years of age or older
- Can you download and delete your personal information? Yes
- Do all users worldwide have the same suite of privacy controls? Yes
Tracking
- Do we track your device location while you are not using our app? No
- Do we track your device location to provide Strava services to you? Yes, with your consent
- Do we use non-essential cookies? Yes, with your consent
- Do we track your browsing activities on other sites? No
- Do we listen to you using your device microphone? No
Communication
- Do we give you advance notice when we make important changes and updates to our Privacy Policy? Yes
- Do we send you marketing communications? Yes, unless you have opted out, or, where required, with your express consent
- Do we send you push notifications on mobile devices? Yes, with your consent
Privacy Policy
Introduction
Strava’s privacy policy (the “Privacy Policy”) explains the information we collect, how we use and share it, how to manage your privacy controls, and your rights in connection with our websites and the related mobile applications and services (collectively, the “Services”). Please also read our Terms of Service, which set out the terms governing the Services.
Strava is headquartered in San Francisco, California, USA. If you are in the European Economic Area, the Services are provided to you by Strava Ireland Limited. Otherwise, the Services are provided to you by Strava, Inc. Throughout these Terms “Strava” refers to the relevant service provider providing the Services to you.
This policy was written in English. To the extent a translated version conflicts with the English version, the English version controls.
If you have any questions about our privacy practices, this Privacy Policy, or would like to contact us or our Data Protection Officer, you can do so by the email or addresses below or via https://support.strava.com.
For Non-EU/EEA Data Subjects:Strava, Inc.
208 Utah Street
San Francisco, CA 94103
USA
Attn: Legal
DPO@strava.com
Strava Ireland Ltd.
Making it Work
Magennis Court
Pearse Street
Dublin 2
D02 FK76 Ireland
Attn: Legal
DPO@strava.com
Information Strava Collects
Strava collects information about you, including information that directly or indirectly identifies you, if you or other Strava users choose to share it with Strava. The sources from which we collect this personal information fall into three categories: information you provide, information we collect automatically, and information we collect from other sources. For example, based on how you interact with Strava and the Services, we may collect information when you track, complete, or upload activities using the Services. Strava also collects information about how you use the Services. In addition, you may choose to share information about yourself, your friends, and your activities with Strava. Specific categories of data collected and received are outlined here.
Account, Profile, and User Activity
We collect account information such as your name, email address, date of birth, gender, weight, username and password that helps secure and provide you with access to our Services.
Profile, activity and use information is collected about you when you engage in activities such as choosing to upload a photo, video, post, or activity (including date, time and geo-location information as well as your speed and pace and perceived exertion), join a club or challenge, add your equipment usage, view others’ activities, or otherwise use the Services.
Location Information
We collect and process location information when you sign up for and use the Services. We do not track your device location while you are not using the Services. In order for most of our core features (e.g., GPS activity tracking, routes, segment leaderboards) to function, you must grant us permissions in your device’s privacy controls to track your device location while you use the Services.
If you would like to stop the device location tracking, you may do so at any time by adjusting your device settings.
Contacts’ Information
You can choose to add your contacts’ information by connecting your contacts from your mobile device or social networking accounts to Strava. If you choose to share your contacts with Strava, we will access and store your contacts’ information to identify potential connections and help you connect with each other. Learn more about how we collect information about your contacts, how we use that information, and the controls available to you.
Connected Devices and Apps
We collect information from devices and apps you connect to Strava in accordance with the consent you give when you authorize the connection to Strava. For example, you may connect your Garmin watch or Peloton account to Strava to interact with the Services. The information generated from your connections with these third-party devices and apps, for example, step count data, or personal information, such as heart rate data (if you have consented to processing of health information), will be passed along to Strava. You may update your connected devices and apps preferences at any time in your settings. Learn more about how information from devices and apps you connect to Strava may be collected or used.
Health Information
Strava may collect or infer health information, such as heart rate. Certain health information may be inferred from sources such as heart rate or other measurements, including power, cadence, and weight or other indicators. Where health information can be used to uniquely identify you, it is considered personal information, and sensitive personal information under certain laws.
Before you can upload health information to Strava, you must give your explicit consent to the processing of that health information by Strava. You can withdraw your consent to Strava processing your health information at any time.
Payment Information
When you make a payment on Strava, you will be asked to provide payment information such as your payment card or other payment details. We use Payment Card Industry (PCI) compliant third-party payment services who may store your credit card information in accordance with applicable standards.
Third-Party Accounts
Strava allows you to sign up and log in to the Services using accounts you create with third-party products and services, such as Meta, Google, or Apple (collectively, “Third-Party Accounts”). If you access the Services through Third-Party Accounts, we will collect information you have agreed to make available such as your name, email address, profile information and preferences. This information is collected by the Third-Party Account providers and is provided to Strava under their privacy policies. You can generally control the information we receive from these Third-Party Accounts using the privacy controls in your account with them.
Technical Information, Cookies, and Log Files
We collect information from your browser, computer, or mobile device, which provides us with technical information when you access or use the Services. This technical information includes device and network information, cookies, log files and analytics information. Learn more about how we use cookies and manage your preferences by visiting our Cookie Policy.
The Services use log files. The information stored in those files includes IP addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks. IP addresses may be linked to session IDs, athlete IDs and device identifiers.
Other Information
We may collect information directly from you or through our service providers, such as when we collect your feedback through surveys.
We may also collect information about you from other Strava users such as when they give you kudos or comment on your activities.
How Strava Uses Information
Strava uses the information we collect and receive as described below.
To provide the Services
We use the information we collect and receive to provide the Services, including providing you with the ability to:
- Record your activities and analyze your performance. For example, to compare your past efforts, analyze your training, and—with your consent—use your heart rate information to provide you with performance analysis. We may also match your GPS activities to specific segments or routes to analyze your efforts against those of other users and to establish leaderboards.
- Interact with other users. For example, we use personal information, including your name, avatar, athlete ID, and content you choose to share to compete on segments, participate in clubs, challenges, or events, follow other users, message other users, and use features that help users interact with one another, such as group activities or Flyby.
- Manage your training. For example, to set goals and use your training dashboard.
- Explore new places to go. For example, to discover routes or segments where you can engage in your activity. Similarly, if several users run a specific route, that information may be used to suggest the route to other users.
- Provide AI Features. For example, we use machine learning or artificial intelligence, including large language models, to detect anomalies on leaderboards, generate route recommendations, or provide personalized training guidance.
- Visualize your activities in new ways. For example, by creating personal heatmaps or using your training log.
- Share insights with the Strava community. For example, by sharing your public reviews and photos of specific routes or segments. We may also analyze your public photos from specific routes or segments to attach characteristics to those routes or segments (such as shaded, waterfalls, flowers).
- To contact you regarding the Services. We use your contact information, which includes name and email address, so we can contact you when needed regarding the Services, for example, to notify you about material changes to our terms.
Subject to your privacy controls, your information, including parts of your profile, username, photos/videos, users you follow and who follow you, clubs you belong to on Strava, your activities, the devices you use, your online status, and kudos and comments you give and receive will be shared on Strava so that you may be able to participate in the Services, for example to show your place on a leaderboard. Certain information (e.g., your name, and some profile information) is also available to non-users on the web. Your precise location information, such as where you run or ride, may also be shared on Strava or to non-users, in accordance with your privacy controls.
Regarding our products or features using machine learning or artificial intelligence, including large language models, ("AI Features"), we use the information we collect to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified information for AI Features where possible for their purpose. Depending on your privacy controls and sharing permissions, we also may use personal information such as health and location information for AI Features, for example, to provide you with training analysis and recommendations.
To customize your experience
We use the information we collect and receive to customize your experience. For example, we may suggest segments, routes, challenges, or clubs on Strava that may interest you, users that you may want to follow, or new features that you may want to try. Learn more about how we use information to make recommendations here.
To provide you with targeted commercial content
We use the information we collect and receive to serve you with relevant promotions, subject to your notification and email preferences. For example, if we see you are an active user who has been on a monthly subscription plan for an extended period of time, we may serve you a promotion to switch to a discounted annual plan. Or if you are an active user who has never subscribed, we may send you an offer for a free subscription trial. In addition, we use cookies and other tracking technologies, including SDKs and other mobile analytics to inform targeted advertising and serve relevant ads. Learn more and manage your preferences by visiting our Cookie Policy.
To protect you and the Services, as well as minors
We use the information we collect and receive to protect users, enforce our Terms of Service, Acceptable Use Policy, and Community Standards, and promote safety. For example, to help us find and remove content that violates our terms, such as hate speech or spam, as well as suspend or terminate accounts that share such content. We use automated tools to assist us in protecting and safeguarding you and other users and to keep the Service secure, for example to detect misuse and bad actors. Strava reserves the right to review accounts and user actions on the Services to ensure compliance with our Terms. You can learn more about how to report content that violates our terms and standards here.
We also use device information and information contained in log files, including IP address, to maintain the security and integrity of our Services.
To enhance safety and privacy for our younger users, we use dates of birth to help confirm that an athlete is old enough to use Strava, and to help provide an age-appropriate experience on Strava and the Services, including Messaging.
To assist you with a support request
We use the information we collect and receive to provide support in response to your requests and comments. Depending on your request, this may require us to access your account, for example, to troubleshoot or replicate a reported issue.
To improve our Services
We use the information we collect and receive, including feedback you provide, to conduct research, and to analyze, develop, troubleshoot, increase functionality, and otherwise improve the Services. To do this, Strava may use third-party analytics providers to gain insights into how our Services are used, using aggregated data, and to help us improve the Services.
To communicate with you
We may also use the information we collect and receive to market and promote the Services, activities and events on Strava, including using email and push notifications, in accordance with your preferences. We may also contact you for partnership opportunities, when investigating alleged violations of our terms, or to send proactive customer support messages.
To process your subscription
We use the information we collect to process your subscription, including using your location data to determine your country pricing.
Managing Your Privacy Settings
Privacy Controls
Strava offers several features and settings to help you manage your privacy and share your activities. We provide the same suite of privacy controls to all of our users worldwide. Most privacy controls are located in your privacy controls page, but some are specific to individual activities, athletes, routes, or features. Strava provides you the option to make your profile visible to Everyone or Request to Follow; and to make your activities visible to Everyone, only your Followers and you, or Only You. You can also hide certain details, such as your heart rate, from being viewed by others on individual activities. Click here to manage your privacy controls.
Adjust Notification and Email Preferences
Strava offers various ways to manage the notifications you receive. You can choose not to receive certain email notifications by indicating your preferences here. You may also unsubscribe from these emails by following the instructions contained at the bottom of these messages. In our app, you can access your “Push Notifications” in the settings menu. Where permitted by local regulations, we may opt you into marketing-related communications if you substantially interact with the Services or purchase a subscription. We may also send you periodic communications asking if you would like to opt into receiving marketing-related communications.
If you receive marketing communications from one or more of our subsidiaries, you must opt-out individually from each subsidiary you are receiving brand-specific marketing from.
Any administrative or service-related emails (for example, to confirm a purchase, to notify you of pricing changes, to deliver a training plan you requested, or provide an significant update to our policies, etc.) may not offer an option to unsubscribe as they are necessary to provide the Services you requested. You are responsible for providing us with a valid email address and keeping it updated to ensure you get these email notifications.
Updating Account Information
You may correct, amend or update profile or account information at any time by adjusting that information in your account settings. You can use this to correct any inaccurate personal information in your account. If you need further assistance please contact Strava at https://support.strava.com.
Deleting Information and Accounts and Downloading Your Data
You can download your account or delete your data using our self-service tools. To download your data, including your activity files, follow the instructions here.
To delete your account, follow the instructions provided here. After you make an account deletion request, we permanently and irreversibly delete your personal information from our systems, including backups. Once deleted, your data, including your account, activities and place on leaderboards cannot be reinstated. Following your deletion of your account, it may take up to 45 days to delete your personal information and system logs from our systems. Additionally, we may retain information where deletion requests are made to comply with the law and take other actions permitted by law.
Note that we do not have control over content you have shared directly or publicly with others, such as segments you created on Strava, photos or videos on other social media platforms, or that others may have copied. In other words, content or information may remain available after you have deleted your account or deleted specific information from your own profile. Your public profile may be displayed in search engine results until the search engine refreshes its cache.
Strava also provides you the option to remove individual activities you have posted without deleting your account. Once removed, the activities may remain on Strava's systems until you delete your account.
Children's Privacy
Our services are not intended for, nor directed to, children under 13 years of age. We use technical measures to help prevent children under 13 years of age from creating an account and therefore do not knowingly collect personal information from anybody under 13 years of age. If you are under 13 years of age, do not use the Services.
Moreover, we provide additional privacy and safety protections for users under 18 years of age. For example, when users under 18 years of age create an account, their profile and activities are set by default to be viewable by followers only, and they are unable to access Messaging. We also may limit how we collect or process the personal information of individuals under 18 years of age. For example, you must be at least 16 years of age to upload heart rate data or receive heart rate analysis.
How We Protect Information
Strava implements measures to ensure that your information is treated securely and consistently with the terms in this Privacy Policy. We maintain administrative, technical, and physical safeguards appropriate to the sensitivity of your information and designed to protect against unauthorized use, disclosure, or access to personal information.
In addition, you can take steps to protect your account and information such as creating a unique password for Strava that is not easily guessed and that you don't use anywhere else, not sharing your password with others, and promptly reporting suspicious activity or unauthorized account access.
Your Legal Rights & How to Exercise your Legal Rights
Privacy laws provide certain rights to users in certain jurisdictions. Below are rights that may be available to you under applicable laws.
Access and Portability
You have the right to know, and request access to, the personal information we collect, use, share, or otherwise process about you. You can access much of your information by logging into your account. If you require additional access, please contact us at https://support.strava.com. To download a copy of your data, click here.
Rights to Rectify, Restrict, and Delete
You have the right to rectify, restrict, or delete personal information, including by requesting that we correct (rectify) where inaccurate, restrict, or delete your personal information on your behalf. Note that these requests are subject to certain limitations, for example, we may retain personal information as permitted by law, such as for tax or other record keeping purposes, to process transactions and facilitate customer requests, and for certain other business purposes described in this Privacy Policy.
You can rectify, restrict, or delete much of your information by logging into your account, such as to edit your profile, delete content like photos or videos you have posted, remove individual activities from view, delete individual activities, or delete your account. You may correct, amend or update profile or account information at any time by adjusting that information in your account settings. If you need further assistance please contact Strava at https://support.strava.com.
To delete your account, click here. See section above on Deleting Information and Accounts for more information about this process. If you need assistance, please contact us at https://support.strava.com. After we receive and validate your deletion request, we will delete your personal information, as well as direct our service providers to delete your personal information, unless an exception applies.
Right to Object
Where we process your information based on our legitimate interests, as explained in Our Legal Bases, you can object to this processing under certain circumstances. In such cases, we will cease processing your information unless we have compelling legitimate grounds to continue processing or where it is needed for legal reasons. You can also object to processing of your information for direct marketing emails at any time here.
Right to Revoke Consent
To the extent we rely on your consent to engage in certain processing (such as to process health-related data), you have the right to withdraw that consent at any time by updating your settings. Please note, past activities will still display health-related data such as heart rate in accordance with the consent provided at that time. We may continue to process your information if we have a separate legal basis to do so (for instance, to comply with a court order) or if your withdrawal of consent was limited to certain processing activities.
Right to Complain
You may raise a concern about our use of your information (and without prejudice to any other rights you may have) by contacting us at https://support.strava.com. Regarding the right to complain, you may also report concerns to your local data protection supervisory authority.
Notice for individuals residing outside the United States
This section is specifically intended for individuals residing in certain jurisdictions outside of the United States (“US”), such as residents of the European Economic Area ("EEA") including the European Union ("EU"), the United Kingdom ("UK"), Switzerland, Brazil, and other relevant jurisdictions around the world (e.g., Latin America, Middle East, Asia). Note that as a US-based and EU-based business we are not necessarily subject to privacy and data protection laws in your jurisdiction, but we endeavor to comply with such laws to the extent they are applicable to us.
Please see the top of this section for a list of rights we provide to you, as well as how to exercise them. To learn more about our legal bases for processing your personal information, click here.
Strava's lead supervisory authority in the EEA is the Data Protection Commission of Ireland. If you reside in the European Economic Area ("EEA") or the United Kingdom ("UK") and have any questions or requests about your legal rights, please contact us at DPO@strava.com.
Notice for individuals residing in certain U.S. states
Residents of certain U.S. states, such as California, Colorado, Connecticut, Oregon, Texas, Utah, or Virginia, and Montana as of October 1, 2024, may have additional rights under your corresponding state laws (“collectively, U.S. State Privacy Laws”). Only you or someone legally authorized to act on your behalf may make a request related to your personal information. Please see the top of this section for a list of rights we provide to you, as well as how to exercise them. To learn more about our legal bases for processing your personal information, click here.
In addition to the description of those rights, below we provide a general description of additional rights and disclosures about your personal information that may be available to you under these U.S. State Privacy Laws.
Access and Portability
Under U.S. State Privacy Laws, you have the right to make a free request regarding your right to know about the personal information we collect, use, and share two times in any 12-month period. Provided we can validate your request, we will make the disclosure no later than 45 days of receiving your request, unless we request an extension. In the event that we reasonably need a 45-day extension, we will notify you of the extension within the initial 45-day period.
Right to non-discrimination
You have the right not to receive discriminatory treatment for the exercise of your privacy rights under State Privacy Laws. We will not discriminate against you for exercising any of your U.S. State Privacy Law rights.
Right to opt out of personal information sales or shares
We do not sell your personal information for monetary value. However, under certain privacy laws, some non-monetary sharing of personal information with third parties – for example to provide you with targeted advertising for Strava on other platforms – may be considered a “sale” or “share” of personal information. To the extent such laws may consider this a sale or share of personal information, Strava does not “sell” or “share” your personal information for analytics or to serve you with targeted advertising on other platforms unless you accept non-essential cookies using our cookie banner. We do not “sell” or “share” the personal information of users we know are under 16 years old.
You have the right to direct us to not “sell” or “share” your personal information. If you opted into receiving our targeted advertising using our cookie banner, you may opt out of targeted advertising by (1) clicking the “Do Not Share My Personal Information” link in the footer below and following the instructions; (2) clicking in our app on the “Personal Information Sharing” link in your Privacy Controls and following the instructions; or (3) setting your cookie preferences to deny non-essential cookies. More information on your opt out options is provided here.
Once you make an opt-out request, we will wait at least 12 months before asking you if you want to re-opt into “sales” or “shares” of your personal information.
Right to limit the use and disclosure of sensitive information
You have the right to direct us to only use your sensitive information, such as precise geolocation data or health data, for limited purposes, such as providing you with the services you requested. We obtain your express consent before processing your sensitive information and only use it to provide the Services, in accordance with your privacy settings.
Categories of personal information
We collect the following categories of personal information from you in connection with the Services. The table below outlines the specific categories of personal information, as well as the categories of Services Providers to whom we have disclosed these categories of personal information during the past 12 months. You also may request a copy of the following: (1) the categories of personal information we collected about you; (2) the categories of sources from which the personal information is collected; (3) the business or commercial purpose for collecting or selling (if applicable) the personal information; (4) the categories of third parties with whom we shared personal information, and the categories of personal information shared; and (5) the specific pieces of your personal information that we have collected, used, disclosed, or sold.
Categories of Personal Information | Business purpose | Legal Bases for processing | Categories of service providers* |
---|---|---|---|
Identifiers, such as your real name, athlete ID, Internet Protocol (IP) address, email address, and other similar identifiers. |
Auditing related to counting ad impressions to unique visitors and compliance with data protection laws. Helping to ensure security and integrity. Debugging. Performing services for the business, including maintaining or servicing accounts, providing customer service, processing or fulfilling orders and transactions, verifying customer information, processing payments, providing financing, providing analytic services, providing storage, or providing other similar services. Providing advertising and marketing services to the consumer (excluding cross-context behavioral advertising). Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. |
To provide the services Legitimate Interest Consent |
Advertising networks Communication networks Data analytics providers Data hosting providers Social networks Partners Subsidiaries Payment processors Operational logistics providers |
Physical characteristics such as height or weight, as indicated by you |
Performing services for the business. Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. |
Consent |
Data analytics providers Data Hosting Subsidiaries |
Payment Information |
Performing services for the business. |
To provide the services |
Payment processors |
Gender, as identified by you |
Performing services for the business. Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. Providing advertising and marketing services to the consumer (excluding cross-context behavioral advertising). |
Consent |
Advertising networks Data analytics providers Data hosting providers |
Age, as identified by you |
Performing services for the business. Helping to ensure security and integrity. Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. Providing advertising and marketing services to the consumer (excluding cross-context behavioral advertising). |
To provide the services |
Data analytics providers Data hosting providers Subsidiaries |
Commercial information, such as the record of purchase of your Strava subscription |
Performing services for the business. |
To provide the services Legitimate Interest |
Advertising networks Data analytics providers Data hosting providers Social networks Subsidiaries Payment processors Communication Networks |
Biometric information, such as your exercise data to the extent it contains identifying information |
Performing services for the business. |
Consent To provide the services |
Data analytics providers Data hosting providers Subsidiaries |
Internet or other electronic network activity information, such as session logs |
Helping to ensure security and integrity. Debugging. Performing services for the business. Providing advertising and marketing services to the consumer (excluding cross-context behavioral advertising). Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. |
To provide the services Legitimate Interest |
Data analytics providers Data hosting providers Advertising networks |
Geolocation data, such as the physical location, direction and speed of your recorded activity |
Performing services for the business. Verifying or maintaining quality or safety or improving or upgrading the Services. |
Consent |
Data analytics providers Data hosting providers Social networks Subsidiaries Advertising networks Operational logistics providers |
Electronic, visual, or similar information, such as photos |
Helping to ensure security and integrity. Performing services for the business. Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. |
Consent |
Data hosting providers Social networks Partners Subsidiaries |
Inferences drawn from any of the above information to create a profile reflecting your preferences, characteristics, behavior, abilities, and aptitudes, such as Relative Effort |
Auditing related to counting ad impressions to unique visitors and compliance with data protection laws. Helping to ensure security and integrity. Performing services for the business. Providing advertising and marketing services to the consumer (excluding cross-context behavioral advertising). Undertaking internal research for technological development and demonstration. Verifying or maintaining quality or safety or improving or upgrading the Services. |
Consent Legitimate Interest |
Advertising networks Data analytics providers Data hosting providers Partners Subsidiaries |
*The actual service providers where information may be shared depends on the factual circumstances, but could include what is listed.
Strava does not use or disclose sensitive personal information for purposes other than the Permitted Sensitive Personal Information Purposes, as defined under California law.
Please note, according to U.S. State Privacy Laws, personal information does not generally include:
- Publicly available information from government records.
- De-identified or aggregated consumer information.
Additional Disclosures for California Residents
- Financial Incentives. We do not generally provide a loyalty program or other financial incentive in return for the collection or use of personal information. On some occasions we may engage in a limited-time marketing event, promotional offer or discount on fees that includes a registration or other collection of personal information, and we will disclose the benefits and terms of that promotion at the time of collection.
- Privacy rights requests for non-customers. California privacy rights apply to all individuals (not just registered users), including job applicants, current and former employees, contractors and business partners. Job applicants may provide contact information and resume-related information (e.g., past education and experience) as well as complete relevant background checks. Employees receive internal privacy disclosure relevant to them. Contractors and business partners provide business contact information and payment-related information as necessary to facilitate a prospective or actual business relation. Due to the nature of these relationships, the precise collection and use of personal information can vary. All such individuals who are California residents can request additional information about our privacy practices with respect to their information, as well as make the access, deletion, correction and opt-out requests described above, by contacting us as directed above. Please provide sufficient information that we can identify you, and be aware that we may employ a more extensive authentication process to verify your identity before responding to your request.
- Do Not Track. Do Not Track (DNT) is a privacy preference you can set in most browsers but there is no standard interpretation or practice for responding to DNT signals (see https://allaboutdnt.com/ for more information), and we therefore handle all user information consistent with our privacy policy.
- Direct Marketing. We do not share personal information such as your contact information with third parties for their own direct marketing purposes.
Additional Disclosures for Nevada residents
We do not “sell” personal information as defined by Nevada law (Nevada Revised Statutes, Chapter 603A, Section 1.6). You can submit a request to us regarding the sale of such information via the contact information above.
Cross Border Data Transfers
If you are located outside of the United States and choose to use the Services or provide information to us, you acknowledge and understand that your information will be transferred, processed and stored in the United States, due to the provision of Services being provided from and data storage facilities being located in the United States.
Whenever we transfer personal information internationally, we use legal mechanisms, such as Standard Contractual Clauses, to ensure data transfers comply with applicable law.
Retention of Information
We retain information as long as it is necessary to provide the Services subject to our legal obligations to further retain such information. Information associated with your account will generally be kept until it is no longer necessary to provide the Services or until your account is deleted or becomes inactive. In making these determinations, we consider the amount, nature, and sensitivity of the personal information, the purposes for which the personal information is processed, whether we can achieve those purposes through other means, and applicable legal requirements.
In addition, you can delete some items of information (e.g., profile information) and you can remove individual activities from view on the Services without deleting your account. For example, if you withdraw your consent to Strava processing your health-related information, Strava will delete all health-related information from any future activities you upload.
Following your deletion of your account, it may take up to 45 days to fully delete your personal information and system logs from our systems. Additionally, we may retain information to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations, enforce the Terms of Service and take other actions permitted by law. The information we retain will be handled in accordance with this Privacy Policy.
Personal information that is no longer necessary and relevant to provide our Services to you may be de-identified and aggregated with other non-personal information to provide insights that are valuable to Strava, such as statistics of the use of the Services. For example, we may retain publicly available segments or routes and other depersonalized geolocation information to continue to improve the Services, and we use Aggregated Information in Strava Metro and our Global Heatmap. This information will be de-associated from your name and other identifiers.
Other Strava Sites
Strava maintains certain websites that can be accessed outside of https://strava.com>, such as https://stories.strava.com, https://partners.strava.com, https://press.strava.com, https://business.strava.com, https://support.strava.com, or https://communityhub.strava.com (the “Other Sites”). The Other Sites may maintain the look and feel of the Services, but may be hosted by Strava’s service providers with their own additional terms and privacy policies. If you interact with the Other Sites, your information may be stored, processed, or shared outside of the Services. If you interact with the Other Sites, you acknowledge that you may be subject to the terms and conditions and policies applicable to such Other Sites, which may differ from this Privacy Policy.
Privacy Policy Updates
Strava reserves the right to modify this Privacy Policy at any time. If we make changes to this privacy statement we will post the revised privacy statement and its effective date on this website. If we make changes we deem to be material, we will provide prominent, advance notice. If you object to any changes to this Privacy Policy, you should stop using the Services and delete your account.
Past Privacy Policies
© 2024 Strava