Strava collects health data such as step count, sleep information, heart rate, HRV, and VO2max from connected devices and apps like Garmin, Peloton, and Apple Health that you link to your account.
This analysis describes what Strava's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Connecting fitness devices and apps to Strava expands the scope of health data Strava holds significantly, and users may not fully appreciate how much sensitive health data flows into Strava from these integrations.
Strava collects highly sensitive personal data including precise GPS routes, heart rate, sleep data, and other health metrics, which may be used to train AI/ML models and contribute to publicly accessible features like the Global Heatmap. Health data from connected devices will not be sold or used for advertising, but activity data can be shared in aggregated or de-identified form and used for AI development. You can adjust your privacy and visibility controls in the Strava app under Settings > Privacy Controls to limit how your data is shared and used.
Cross-platform context
See how other platforms handle Connected Devices and Third-Party Health Data Integration and similar clauses.
Compare across platforms →Monitoring
Strava has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
Collection of health data via third-party integrations triggers analysis under GDPR Article 9, HIPAA (if applicable), CCPA sensitive personal information rules, and the Washington My Health MY Data Act. The explicit commitment not to sell or use for advertising health data from integrations is a notable but contractually limited safeguard.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Connecting fitness devices and apps to Strava expands the scope of health data Strava holds significantly, and users may not fully appreciate how much sensitive health data flows into Strava from these integrations.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Strava.