Strava provides privacy rights including access, deletion, portability, and correction for users, with additional rights for residents of certain US states under applicable state privacy laws.
This analysis describes what Strava's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The provision operationalizes a multi-document privacy framework for US users, requiring reference to state-specific notices and health data policies in addition to the base policy. This structure indicates Strava maintains differentiated privacy terms based on jurisdictional requirements.
Strava users have rights to access, correct, delete, and export their personal data, including all GPS activity history and health metrics, with the specific scope of rights varying depending on whether you are in the EU, California, or another jurisdiction.
How other platforms handle this
Managing And Deleting Your Information. You have the right to access, correct, or delete your information in certain circumstances. We store information until it is no longer necessary to provide our Services or until your account is deleted, whichever comes first. You can delete your WhatsApp accou...
Depending on where you live, you may have certain rights regarding your personal information, such as the right to request access to, update, or delete the information we hold about you. You can exercise many of these rights directly through your account settings. You can also submit a request to us...
You may request that we delete your personal information. Subject to certain exceptions, upon receiving a verifiable consumer request, we will delete your personal information from our records and direct our service providers and contractors to delete your personal information from their records.
Monitoring
Strava has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"For individuals in the United States, please also refer to our Notice For Individuals Residing In Certain US States below and the Consumer Health Data Policy.— Excerpt from Strava's Strava Privacy Policy
REGULATORY FRAMEWORK: GDPR Arts. 15 (access), 16 (rectification), 17 (erasure), 18 (restriction), 20 (portability), and 21 (objection) apply to EU/EEA users with Strava acting as data controller. CCPA/CPRA §§1798.100 (access), 1798.105 (deletion), 1798.110 (disclosure), 1798.115 (third-party disclosure), and 1798.130 (response timelines — 45 days extendable to 90) apply to California residents. Virginia CDPA, Colorado CPA, Connecticut CTDPA, Texas TDPSA, and other state laws provide similar rights with varying timelines. The Washington My Health MY Data Act provides additional deletion rights for consumer health data. The EU-US Data Privacy Framework (DPF) governs cross-border transfers relevant to EU users' data rights.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The provision operationalizes a multi-document privacy framework for US users, requiring reference to state-specific notices and health data policies in addition to the base policy. This structure indicates Strava maintains differentiated privacy terms based on jurisdictional requirements.
Strava users have rights to access, correct, delete, and export their personal data, including all GPS activity history and health metrics, with the specific scope of rights varying depending on whether you are in the EU, California, or another jurisdiction.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Strava.