Granting precise location access to Strava means the app continuously collects your exact movement data — routes, timing, pace — which when aggregated over time creates a detailed record of your physical movements and daily patterns.
Consumer impact
Strava collects detailed GPS location, health metrics (heart rate, HRV, VO2max), and activity data that can reveal sensitive personal information such as home address, daily routines, and health conditions. This data is used for AI model training, shared in community features like the Global Heatmap, and may be accessible to other users depending on your privacy settings. You can reduce exposure by navigating to Settings > Privacy Controls in the Strava app to set default activity visibility to 'Only Me,' disable Flyby, and request exclusion from the Global Heatmap.
What you can do
⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
Delete Your Data
On iOS or Android, go to your device Settings, navigate to Privacy or App Permissions, find Location Services, select Strava, and change location access to 'Never' or 'While Using' to limit continuous GPS tracking.
Applicable agencies
FTC
The FTC has active enforcement jurisdiction over companies that collect and misuse precise location data under FTC Act Section 5, with recent enforcement actions establishing precedent for fitness and health app location data practices.
California, Washington, Colorado, Connecticut, and Virginia AGs have enforcement authority over sensitive location data under their respective state privacy statutes including CPRA and WMHMDA.