Strava uses your personal information, including health and location data, to train and improve its AI and machine learning models, both internally and through third-party service providers.
Your sensitive fitness, health, and GPS data may be used indefinitely to improve commercial AI products, which goes beyond the basic purpose of tracking your workouts.
Use of personal data for AI model training implicates GDPR Article 22 and the EU AI Act's requirements around transparency and purpose limitation; legal teams should assess whether current consent or legitimate interest bases adequately cover this processing purpose.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Strava collects highly sensitive personal data including precise GPS location history, health metrics (heart rate, HRV, VO2max), and biometric data, which is used for AI training, advertising personalization, and aggregated into publicly visible features like the Global Heatmap. Your activity data may be shared with third-party advertising partners, though Strava commits not to use health data for advertising. You can adjust your data sharing and visibility settings by navigating to Privacy Controls in the Strava app settings, and can request data deletion by visiting strava.com/athlete/delete_your_account.