Back

Privacy Policy for StravaChat

Last Updated: October 14, 2025

Thank you for using StravaChat ("we," "us," or "our"). This Privacy Policy outlines how we collect, use, and protect your information when you use our website and services (the "Service").

By accessing or using StravaChat, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Strava Data
We collect your Strava activity data only after you connect your account via Strava OAuth. This includes activity summaries, statistics, and profile information from the last 12 months. We do not collect your Strava password or store your Strava credentials permanently.

1.2 Session Data
We temporarily cache your activity data in server-side sessions for the duration of your chat session (maximum 30 minutes) to enable analysis. This session data includes a summary of your activities and is automatically deleted after the session expires.

1.3 Non-Personal Data
We may use cookies and similar technologies to collect non-personal information such as browser type, device information, and usage patterns to improve your experience.

2. How We Use Your Data

2.1 No Permanent Storage
We do NOT permanently store your Strava activity data on our servers. Your data is only cached temporarily in session files during active use and is automatically deleted after 30 minutes of inactivity.

2.2 Data Processing
Your Strava data is processed to generate AI-powered insights and analysis. We create aggregated summaries of your activities (total distance, activity counts, recent activities) that are provided to AI services for analysis.

2.3 Privacy-First AI Usage
We do NOT send your raw activity data to AI services. Instead, we send only high-level summaries and aggregated statistics. For detailed analysis requiring code execution, we use isolated sandboxes (E2B Code Interpreter) where your data is processed securely and deleted immediately after analysis.

2.4 Access Tokens
Strava OAuth access tokens and refresh tokens are stored in your browser's localStorage. We may temporarily use these tokens server-side to fetch your activities, but they are not permanently stored in our databases.

3. Data Sharing

We do not sell, rent, or share your personal data with third parties, except as follows:

3.1 AI Service Providers
We use OpenAI's GPT models for chat functionality and E2B Code Interpreter for data analysis. Only aggregated summaries and statistics are shared with these services - never your raw activity data.

3.2 No Marketing or Third-Party Sharing
We do not share your data with advertisers, marketers, or other third parties. Your data is used solely to provide the analysis and chat features of StravaChat.

4. Data Security

4.1 Temporary Storage
All session data is stored in temporary files with unique session IDs. These files are automatically deleted after 30 minutes of inactivity.

4.2 No Databases
We do not maintain databases of user activity data. Once your session expires or you disconnect from Strava, all cached data is permanently deleted from our servers.

4.3 Browser Storage
Your Strava access tokens are stored only in your browser's localStorage. You can disconnect your Strava account at any time, which will remove all locally stored tokens and clear server-side session data.

5. Your Rights and Control

5.1 Data Access
Since we don't permanently store your data, there is no persistent record of your activities on our servers beyond active sessions.

5.2 Data Deletion
You can disconnect your Strava account at any time through the chat interface, which will:
- Remove all access tokens from your browser
- Delete all server-side session data
- Revoke StravaChat's access to your Strava account

5.3 Demo Mode
You can use StravaChat in demo mode without connecting your Strava account to explore the service with sample data.

6. Children's Privacy
StravaChat is not intended for children under 13. We do not knowingly collect data from children. If you believe a child has provided us with personal information, contact us at the email below.

7. Updates to the Privacy Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with a new "Last Updated" date. Please review periodically for changes.

8. Contact Information
If you have questions or concerns about this Privacy Policy or how we handle your data, contact us via the feedback button within the chat interface.

---

StravaChat is not affiliated with or endorsed by Strava, Inc.