Privacy Policy

Your privacy is critically important to us. We at Strava, Inc. (“Strava”) have a few fundamental principles:

  • We don’t ask you for personal information unless we truly need it.
  • We don’t share your personal information with anyone except to comply with the law, develop our products and services, or protect our rights.
  • We treat your personal information with the highest regard to privacy and security.

Strava respects your right to privacy and shares your concern about the security of any data you may submit to Strava via Strava’s websites and related services (the “Site”), currently accessible at www.strava.com. The following statement (the “Privacy Policy”) discloses the guidelines Strava has established for protecting the information you provide to Strava during your visit to the Site.

The Site is owned, operated, and maintained by:

Strava, Inc.
PO Box 32
Hanover, NH 03755
E-mail support@strava.com

What information about me does Strava collect and how is it used?

Strava only collects personal information about you if you voluntarily choose to share it with Strava. Strava does not share, rent or sell information concerning Strava’s members or other users of its website to third parties in ways other than disclosed in this privacy statement.

To use the core functionality of the Site, you must first complete the registration form at the Site and agree to our Terms and Conditions. During registration you will be required to provide personal information such as your name and email address. Strava does not knowingly collect information from children under 13 years old. If we or a third party service provider requires a birth date to order a specific product or service, you will not be able to enter a birth date that indicates that you are less than 13 years old.

There are several other opportunities on the Site for you to share personal information about yourself with Strava. This may include information about you such as your equipment and activities, your biking routes, your name, and your zip code and e-mail address. Strava will also collect your credit card or other payment information if you choose to become a Strava Member. If you choose to share any personal information with Strava, Strava may store it and use it for internal research and other Strava marketing purposes, including e-mailing you with special promotions and other programs of interest. If the information is sent as part of a website evaluation, Strava may also use the information to contact you about your comments. If you opt-in for the Strava newsletter during registration, Strava will use your email address to send you newsletters with updates and news about Strava. You may remove your name from our email list by updating your profile in the Account section or by emailing support@strava.com. Strava does not share, rent or sell your information to another company in ways other than disclosed in this privacy statement.

When you visit the Site, a cookie will be stored on your computer. Generally, cookies work by assigning to your computer a unique number that has no meaning outside of Strava. Strava’s cookies do not contain any personally identifying information; Strava uses them to provide features such as personalization, to save your member ID and to keep track of your shopping cart. Strava may also use cookies to assist it in delivering content specific to your interests. Additionally, after you’ve entered your member ID and password during a session on Strava’s website, Strava saves that information so you don’t have to re-enter it repeatedly during that session. Most Web browsers automatically accept cookies, but you can usually change your browser to prevent that. Not accepting cookies may make certain features of the Site unavailable to you. Strava may use your IP address to identify you, to administer the Site and to assist in diagnosing problems with Strava’s server.

Like most standard Web site servers the Site uses log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the Site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personally identifiable information. In addition, Strava uses Google Analytics as a method of tracking site statistics and user behavior on the Site.

You may decide to send Strava personally identifying information in an e-mail message which might contain information or inquiries about Strava’s products or services. Strava will use this information to identify you as a Strava member and to respond to the electronic mail. Strava will only use the information obtained to resolve the issue identified in the e-mail. Strava never sells e-mail addresses. You may change or request deletion of your personal information by contacting support@strava.com.

Strava will only share your personal information with third parties if:

  • Strava has your consent;
  • Strava determines that it is required to do so by law; such as in response to a court order or subpoena;
  • Strava finds that you are in breach of its terms and conditions or any of its policies or usage guidelines for specific products or services;
  • it is necessary in Strava’s opinion to do so to prevent, investigate, detect or prosecute criminal offenses or attacks on the technical integrity of the Site or Strava’s network;
  • it is necessary in Strava’s opinion to do so to protect the rights, property, or safety of Strava or its employees, the users of its website(s), or the public; or
  • it is necessary to fulfill your product or service order. Strava uses a credit card processing company to process your credit card information as required for your order and to ensure that your transaction is secure. This processing company does not retain, share, store or use your personally identifiable information for any other purposes.

Information about you and your use of the Site may be aggregated with other information collected on the Site or otherwise used in ways that do not personally identify you or constitute personally identifiable information. This type of aggregated or statistical information may be used by us to improve the quality of the Site or for other purposes that we may deem appropriate.

What does Strava do to protect the data I transmit to Strava?

The Site uses industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of personal information such as your name and address, as well as critically sensitive information such as your credit card number. Strava engages a company that is an industry leader in online security and site verification to ensure the security of Strava’s site. The Site is also registered with site identification authorities so that your browser can confirm Strava’s identity before any personal information is sent. In addition, Strava’s secure servers protect this information using advanced firewall technology.

What can I do to help make sure the security works correctly?

To help ensure that these measures are effective in preventing unauthorized access to your private information, you should be aware of the security features available to you through your browser. You should use a security-enabled browser to submit your credit card information and other personal information at the Site. Please note: If you do not use a SSL-capable browser, you are at risk for having data intercepted. Strava will not be responsible for any compromise of data that is intercepted due to your use of an unsecured browser.

Most browsers have the ability to notify you if you change between secure and insecure communications, receive invalid site identification information for the site you are communicating with, or send information over an unsecured connection. Strava recommends that you enable these browser functions to help ensure that your communications are secure. You can also monitor the URL of the site you are visiting (secure URLs begin with https:// rather than the normal http://), along with the security symbol of your browser (an open or closed padlock in Netscape or a broken or complete key in Internet Explorer) to help identify when you are communicating with a secure server. You can also view the details of the security certificate of the site to which you are connected. Strava encourages you to use this to check the validity of any site you connect to using secure communications.

If my credit card company determines that there are fraudulent charges on my account, what should I do?

If your credit card company determines that there are fraudulent charges on your account that are the result of the use of your credit card at the Site and they hold you liable for the unauthorized changes, please contact Strava immediately. You can contact Strava by email at support@strava.com or postal mail:

Strava, Inc.
PO Box 32
Hanover, NH 03755
E-mail support@strava.com

You should carefully review security/privacy policies of any third party sites accessible from the Site. Other sites accessible through the Site have their own policies and data collection, use, and disclosure practices. Please consult each site’s policies and practice. Strava is not responsible for the policies or practices of third parties. The information practices of those websites linked from the Site are not covered by this Privacy Policy. These other sites may send their own cookies to users, collect data, or solicit personal information.

Does Strava offer opt-out or opt-in services?

Yes. If you choose to stop receiving emails from Strava, please follow the unsubscribe instructions within each email communication or send an email to support@strava.com. Strava will not provide or share any mailing lists or other information about you to another company or service for promotional purposes. Any service related emails (to confirm a purchase, etc.) generally do not offer an option to unsubscribe as they are necessary to provide the service you requested.

What if information I have previously submitted has changed?

If you need to correct, amend or delete submitted information that is inaccurate please contact Strava at support@strava.com. Strava will respond to your email request within 7-10 business days. In addition, you may correct, amend or delete submitted information that is inaccurate by visiting “Edit Profile” on the Site.

What about the blog?

Strava maintains a relationship with an outside service provider to administer the online Blog site that can be accessed through Strava’s site at http://blog.strava.com/ (the “Blog”). The Blog maintains the look and feel of the Site, but any personal information you provide on the Blog is stored by the outside service provider. Any personal information submitted on the Blog is wholly governed by the privacy policy of the outside service provider, which can be found at http://www.wordpress.com/privacy. Strava recommends that you read that privacy policy before submitting any personal information on the Blog. Although the Blog pages may have Strava branding, the outside service provider is prominently identified so that you are aware of who is collecting your personal information. If you use the Blog, you should be aware that any personally identifiable information you submit in the comment field can be read, collected, or used by other users of these forums indefinitely, and could be used to send you unsolicited messages. Strava is not responsible for the personally identifiable information you choose to submit via the Blog.

Privacy Policy changes

If Strava makes changes to any terms or conditions of this Privacy Policy, these changes will be posted on the Site in a timely manner. If Strava decides to change this Privacy Policy, it will post those changes on this Privacy Policy and other places Strava deems appropriate, which may include the Site, for a period of time Strava deems appropriate, so that you are aware of what information Strava collects, how Strava uses it, and under what circumstances, if any, Strava discloses it. Strava reserves the right to modify this Privacy Policy at any time, so please review it frequently. In case of a business transaction in which a portion or all of Strava’s business is acquired, Strava will notify you as described above in this paragraph.

Disclaimer

While Strava continues to work hard to protect your personal information, no data transmission over the Internet can be guaranteed to be absolutely secure, and Strava cannot ensure or warrant the security of any information you transmit to Strava. Transmitting personal information is done at your own risk.

Contact Strava

Strava welcomes your questions and comments about security and privacy. Please send any questions or comments via email to support@strava.com.

Last updated March 25, 2009.