Strava Integration & Support

This page explains how ZoneTrain connects to Strava, what data is used, and how you can disconnect or delete that data at any time.

ZoneTrain is an independent application and is not sponsored, endorsed, or administered by Strava. “Strava” is a registered trademark of Strava Inc.

Support & Compliance

For any questions about Strava or your data in ZoneTrain, contact: support@zonetrain.fit

You can also use the in‑app Help / Feedback option from the dashboard to reach the same support team.

1. What Strava data ZoneTrain accesses

When you connect Strava, ZoneTrain may access:

  • Basic Strava profile information (name, profile image, athlete ID).
  • Recent running activities that you have permission to share.
  • Activity metrics such as distance, time, pace, heart rate and elevation, when available.
  • Non‑private training metadata needed to show your own history and progress charts.

ZoneTrain does not access your Strava login password and cannot post activities or modify your Strava account unless you explicitly grant those scopes during authorization.

2. How ZoneTrain uses your Strava data

Your Strava data in ZoneTrain is used only to provide features directly to you:

  • Displaying your own recent runs, training load, and progress inside your dashboard.
  • Deriving your training‑zone distribution and suggested workouts for your account.
  • Optional HRV and performance summaries based on your own activities.

Strava’s current API terms do not allow third‑party apps to use Strava data for analytics across users, customer‑insight generation, product improvement, or any AI / machine‑learning models. ZoneTrain does not use Strava‑sourced data for any such purposes and does not share it with third parties.

3. How to connect and disconnect Strava

Connect Strava

  • From your ZoneTrain dashboard, choose “Connect Strava” to start the secure authorization flow.
  • You will be redirected to Strava’s site to review permissions and approve or deny access.
  • After you approve, you are returned to ZoneTrain and your Strava connection is stored for your account.

Disconnect Strava

  • In ZoneTrain, use the “Disconnect Strava” button in your dashboard Strava card.
  • This triggers a secure call to our POST /api/strava/disconnect endpoint, which revokes access and removes stored Strava tokens.
  • You can also revoke access from your Strava account’s connected applications page; when you do this, ZoneTrain will stop receiving new data and will remove remaining Strava tokens on the next check.

4. Data retention, removal and your rights

Retention

  • Strava‑sourced activity details are stored only as long as needed to power your personal ZoneTrain views and training features.
  • Cached copies of Strava data are refreshed frequently and are not kept beyond the short periods permitted by Strava’s API policies.

Remove Strava data from ZoneTrain

  • Use the dashboard “Disconnect Strava” option to revoke access and optionally delete all synced Strava activities stored in ZoneTrain via POST /api/strava/disconnect.
  • If you want all Strava‑linked data and your ZoneTrain account removed, use the in‑app “Delete my account” flow, which calls DELETE /api/account/delete and permanently deletes user records and linked Strava activity data.
  • Once we receive a valid deletion or disconnection request, Strava data associated with your account is removed from our systems within a short period and no later than the timelines required by Strava’s API Agreement and applicable law.

Remove or download data from Strava itself

You can manage or delete activities and your account directly in your Strava settings. Any deletions you perform in Strava will be honored by ZoneTrain: removed activities will no longer appear in your ZoneTrain views once our next sync completes.

5. Strava‑related API endpoints in ZoneTrain

Authentication & connection

  • GET /connect-strava – begins the Strava OAuth flow for logged‑in users.
  • GET /auth/strava – convenience redirect into the same connection flow.
  • GET /auth/strava/callback – OAuth callback used to exchange the Strava authorization code for an access token and refresh token.
  • POST /api/claim-strava-connection – binds a pending Strava connection to the authenticated ZoneTrain user.

Connection status & sync

  • GET /api/strava/connection-status – returns whether Strava is connected and last sync timestamps for the current user.
  • POST /api/strava/sync – pulls the latest permitted Strava activities into the user’s ZoneTrain account.
  • GET /api/analytics/workout-history – reads the user’s stored workout history (which may include activities originally sourced from Strava).
  • GET /api/analytics/progress-chart – returns aggregated metrics for the signed‑in user’s own training progress.
  • GET /api/analytics/personal-records – returns personal records derived from the user’s stored activities.

Disconnection and deletion

  • POST /api/strava/disconnect – revokes Strava OAuth access for the authenticated user, removes stored Strava tokens, and optionally deletes synced Strava activities owned by that user.
  • DELETE /api/account/delete – deletes the ZoneTrain account and associated data, including Strava‑ sourced content stored under that user ID.

All endpoints listed above are only available to the authenticated user and only ever return or manipulate that user’s own Strava‑derived data. ZoneTrain never exposes Strava data from one athlete to any other athlete.

6. Privacy, security and AI use

  • ZoneTrain never sells or rents Strava‑sourced data and does not share it with advertisers or external analytics platforms.
  • Strava‑sourced data is not used to train, fine‑tune or evaluate any machine‑learning or artificial‑intelligence models and is not combined with other customers’ data for analytics or product‑improvement experiments.
  • Access to Strava‑linked data inside ZoneTrain is restricted to the authenticated account owner and to limited internal services that are required to provide your features.

This page is intended to satisfy Strava’s API support, privacy and deletion requirements and may be updated as Strava’s policies evolve.