Last updated March 25, 2009.
Your privacy is critically important to us. We at Strava, Inc. (“Strava”) have a few fundamental principles:
- We don’t ask you for personal information unless we truly need it.
- We don’t share your personal information with anyone except to comply with the law, develop our products and services, or protect our rights.
- We treat your personal information with the highest regard to privacy and security.
The Site is owned, operated, and maintained by:Strava, Inc.
PO Box 32
Hanover, NH 03755
What information about me does Strava collect and how is it used?
Strava only collects personal information about you if you voluntarily choose to share it with Strava. Strava does not share, rent or sell information concerning Strava’s members or other users of its website to third parties in ways other than disclosed in this privacy statement.
To use the core functionality of the Site, you must first complete the registration form at the Site and agree to our Terms and Conditions. During registration you will be required to provide personal information such as your name and email address. Strava does not knowingly collect information from children under 13 years old. If we or a third party service provider requires a birth date to order a specific product or service, you will not be able to enter a birth date that indicates that you are less than 13 years old.
There are several other opportunities on the Site for you to share personal information about yourself with Strava. This may include information about you such as your equipment and activities, your biking routes, your name, and your zip code and e-mail address. Strava will also collect your credit card or other payment information if you choose to become a Strava Member. If you choose to share any personal information with Strava, Strava may store it and use it for internal research and other Strava marketing purposes, including e-mailing you with special promotions and other programs of interest. If the information is sent as part of a website evaluation, Strava may also use the information to contact you about your comments. If you opt-in for the Strava newsletter during registration, Strava will use your email address to send you newsletters with updates and news about Strava. You may remove your name from our email list by updating your profile in the Account section or by emailing firstname.lastname@example.org. Strava does not share, rent or sell your information to another company in ways other than disclosed in this privacy statement.
Like most standard Web site servers the Site uses log files. This includes internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyze trends, administer the Site, track user’s movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personally identifiable information. In addition, Strava uses Google Analytics as a method of tracking site statistics and user behavior on the Site.
You may decide to send Strava personally identifying information in an e-mail message which might contain information or inquiries about Strava’s products or services. Strava will use this information to identify you as a Strava member and to respond to the electronic mail. Strava will only use the information obtained to resolve the issue identified in the e-mail. Strava never sells e-mail addresses. You may change or request deletion of your personal information by contacting email@example.com.
Strava will only share your personal information with third parties if:
- Strava has your consent;
- Strava determines that it is required to do so by law; such as in response to a court order or subpoena;
- Strava finds that you are in breach of its terms and conditions or any of its policies or usage guidelines for specific products or services;
- it is necessary in Strava’s opinion to do so to prevent, investigate, detect or prosecute criminal offenses or attacks on the technical integrity of the Site or Strava’s network;
- it is necessary in Strava’s opinion to do so to protect the rights, property, or safety of Strava or its employees, the users of its website(s), or the public; or
- it is necessary to fulfill your product or service order. Strava uses a credit card processing company to process your credit card information as required for your order and to ensure that your transaction is secure. This processing company does not retain, share, store or use your personally identifiable information for any other purposes.
Information about you and your use of the Site may be aggregated with other information collected on the Site or otherwise used in ways that do not personally identify you or constitute personally identifiable information. This type of aggregated or statistical information may be used by us to improve the quality of the Site or for other purposes that we may deem appropriate.
What does Strava do to protect the data I transmit to Strava?
The Site uses industry standard Secure Sockets Layer (SSL) technology to allow for the encryption of personal information such as your name and address, as well as critically sensitive information such as your credit card number. Strava engages a company that is an industry leader in online security and site verification to ensure the security of Strava’s site. The Site is also registered with site identification authorities so that your browser can confirm Strava’s identity before any personal information is sent. In addition, Strava’s secure servers protect this information using advanced firewall technology.
What can I do to help make sure the security works correctly?
To help ensure that these measures are effective in preventing unauthorized access to your private information, you should be aware of the security features available to you through your browser. You should use a security-enabled browser to submit your credit card information and other personal information at the Site. Please note: If you do not use a SSL-capable browser, you are at risk for having data intercepted. Strava will not be responsible for any compromise of data that is intercepted due to your use of an unsecured browser.
Most browsers have the ability to notify you if you change between secure and insecure communications, receive invalid site identification information for the site you are communicating with, or send information over an unsecured connection. Strava recommends that you enable these browser functions to help ensure that your communications are secure. You can also monitor the URL of the site you are visiting (secure URLs begin with https:// rather than the normal http://), along with the security symbol of your browser (an open or closed padlock in Netscape or a broken or complete key in Internet Explorer) to help identify when you are communicating with a secure server. You can also view the details of the security certificate of the site to which you are connected. Strava encourages you to use this to check the validity of any site you connect to using secure communications.
If my credit card company determines that there are fraudulent charges on my account, what should I do?
If your credit card company determines that there are fraudulent charges on your account that are the result of the use of your credit card at the Site and they hold you liable for the unauthorized changes, please contact Strava immediately. You can contact Strava by email at firstname.lastname@example.org or postal mail:Strava, Inc.
PO Box 32
Hanover, NH 03755
Does Strava offer opt-out or opt-in services?
Yes. If you choose to stop receiving emails from Strava, please follow the unsubscribe instructions within each email communication or send an email to email@example.com. Strava will not provide or share any mailing lists or other information about you to another company or service for promotional purposes. Any service related emails (to confirm a purchase, etc.) generally do not offer an option to unsubscribe as they are necessary to provide the service you requested.
What if information I have previously submitted has changed?
If you need to correct, amend or delete submitted information that is inaccurate please contact Strava at firstname.lastname@example.org. Strava will respond to your email request within 7-10 business days. In addition, you may correct, amend or delete submitted information that is inaccurate by visiting “Edit Profile” on the Site.
What about the blog?
While Strava continues to work hard to protect your personal information, no data transmission over the Internet can be guaranteed to be absolutely secure, and Strava cannot ensure or warrant the security of any information you transmit to Strava. Transmitting personal information is done at your own risk.
Strava welcomes your questions and comments about security and privacy. Please send any questions or comments via email to email@example.com.