Strava's services are not directed at children, and the company requires users to meet minimum age requirements, with additional parental consent mechanisms for younger teen users in some jurisdictions.
Parents and guardians should be aware that Strava collects sensitive location and health data, and the platform has specific age-related requirements that vary by jurisdiction.
Age restriction provisions implicate COPPA (US), GDPR Article 8 (EU), and the UK Children's Code; compliance teams should assess whether age verification mechanisms are sufficiently robust given the sensitivity of data collected, including location and health data.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Strava collects highly sensitive personal data including precise GPS location history, health metrics (heart rate, HRV, VO2max), and biometric data, which is used for AI training, advertising personalization, and aggregated into publicly visible features like the Global Heatmap. Your activity data may be shared with third-party advertising partners, though Strava commits not to use health data for advertising. You can adjust your data sharing and visibility settings by navigating to Privacy Controls in the Strava app settings, and can request data deletion by visiting strava.com/athlete/delete_your_account.