Strava · Strava Privacy Policy · View original document ↗

Precise GPS Location Collection as Core Feature Requirement

High severity Unique · 0 of 343 platforms
Share 𝕏 Share in Share 🔒 PDF
Monitor governance changes for Strava Create a free account to receive the weekly governance digest and monitor one platform for governance changes.
Create free account No credit card required.
Document Record

What it is

Strava requires permission to track your device's precise GPS location for core features to function, including activity tracking, routes, and segments.

This analysis describes what Strava's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology

ConductAtlas Analysis

Why it matters (compliance & governance perspective)

The clause defines GPS location collection as a functional dependency rather than an optional feature, meaning the service architecture requires this data permission to operate core tracking and mapping capabilities. This establishes the operational baseline for service delivery.

Clause Stability Stable

0
Changes
3
Months Monitored
Apr 3, 2026
First Seen
Apr 17, 2026
Last Seen
This clause type exists across 967 other provisions on other platforms.

Consumer impact (what this means for users)

Using Strava's core features requires granting continuous precise GPS location access, meaning Strava builds a long-term record of exactly where and when you exercise, which can reveal your home, workplace, and daily routines.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Delete Your Data
    On iOS or Android, go to your device Settings, navigate to Privacy or App Permissions, find Location Services, select Strava, and change location access to 'Never' or 'While Using' to limit continuous GPS tracking.

How other platforms handle this

Snapchat Medium

We collect information about your approximate and precise location. If you permit us to do so, we can collect your precise location from your device. We also use your IP address to determine your general location. You can use Snap Map to share your location with your friends and to see the locations...

Microsoft Azure Medium

Location data. Data about your device's location, which can be either precise or imprecise. For example, we collect location data using Global Navigation Satellite System (GNSS) (e.g., GPS) and data about nearby cell towers and Wi-Fi hotspots. Location can also be inferred from a device's IP address...

TikTok Medium

We also collect information about your approximate location based on your device and network information, such as SIM card region, IP address, and device system settings. We also collect information, such as tourist attractions, shops, or other points of interest, if you choose to add the location t...

See all platforms with this clause type →

Monitoring

Strava has changed this document before.

Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.

Start Monitor free trial Or create a free account →
▸ View Original Clause Language DOCUMENT RECORD
"
For our core features to function (e.g., GPS activity tracking, routes, segments), you must grant us permission through your device to track your device's precise location. You can stop sharing precise location at any time with your device settings.

— Excerpt from Strava's Strava Privacy Policy

ConductAtlas Analysis

Institutional analysis (Compliance & governance intelligence)

(1) REGULATORY FRAMEWORK: Precise location data is classified as sensitive personal information under CCPA/CPRA Cal. Civ. Code §1798.121(a), requiring the right to limit its use and disclosure. Under GDPR, precise location data processing requires a clear lawful basis under Art. 6 and must satisfy data minimization under Art. 5(1)(c). The Washington My Health MY Data Act covers location data that can identify health-related behaviors. Illinois users may have protections under the Illinois Location Data Privacy Act if enacted. FTC Act Section 5 applies to deceptive location data practices. (2)

Full compliance analysis

Regulatory citations, enforcement risk, and due diligence action items.

Track 1 platform — free Try Monitor free for 14 days

Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.

Applicable agencies

  • FTC
    The FTC has active enforcement jurisdiction over companies that collect and misuse precise location data under FTC Act Section 5, with recent enforcement actions establishing precedent for fitness and health app location data practices.
    File a complaint →
  • State AG
    California, Washington, Colorado, Connecticut, and Virginia AGs have enforcement authority over sensitive location data under their respective state privacy statutes including CPRA and WMHMDA.
    File a complaint →

Applicable regulations

BIPA
Illinois, USA
CCPA/CPRA
California, USA
Connecticut Data Privacy Act Amendments
US-CT
CAN-SPAM
United States Federal
ePrivacy Directive
European Union
FTC Act Section 5
United States Federal
GDPR
European Union
HIPAA
United States Federal
Indiana Consumer Data Protection Act
US-IN
Kentucky Consumer Data Protection Act
US-KY
UK GDPR
United Kingdom
Universal Opt-Out Mechanism Expansion 2026
US

Provision details

Document information
Document
Strava Privacy Policy
Entity
Strava
Document last updated
May 5, 2026
Tracking information
First tracked
April 1, 2026
Last verified
April 1, 2026
Record ID
CA-P-001431
Document ID
CA-D-00272
Evidence Provenance
Source URL
Wayback Machine
Content hash (SHA-256)
e06a34dfa42e1d94055f19b53ac2aaa4928a0edaacc3e46388b431c9a71ed342
Analysis generated
April 1, 2026 14:09 UTC
Methodology
Evidence
✓ Snapshot stored   ✓ Hash verified
Citation Record
Entity: Strava
Document: Strava Privacy Policy
Record ID: CA-P-001431
Captured: 2026-04-01 14:09:14 UTC
SHA-256: e06a34dfa42e1d94…
URL: https://conductatlas.com/platform/strava/strava-privacy-policy/precise-gps-location-collection-as-core-feature-requirement/
Accessed: July 4, 2026
Permanent archival reference. Stable identifier suitable for legal filings, compliance documentation, and research citation.
Classification
Severity
High
Categories

Other risks in this policy

Related Analysis

Compliance Governance Intelligence

Need to monitor specific governance provisions?

Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.

Arbitration clauses AI governance Data rights Indemnification Retention policies
Start Compliance free trial

Or start with Monitor →

Built from archived source documents, structured governance mappings, and historical version tracking.

Frequently Asked Questions

What does Strava's Precise GPS Location Collection as Core Feature Requirement clause do?

The clause defines GPS location collection as a functional dependency rather than an optional feature, meaning the service architecture requires this data permission to operate core tracking and mapping capabilities. This establishes the operational baseline for service delivery.

How does this clause affect you?

Using Strava's core features requires granting continuous precise GPS location access, meaning Strava builds a long-term record of exactly where and when you exercise, which can reveal your home, workplace, and daily routines.

Is ConductAtlas affiliated with Strava?

No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Strava.