In 2018, Strava’s global heatmap revealed the patrol routes and locations of soldiers at classified military bases worldwide. The soldiers were using Strava to track their runs. The heatmap was public. The bases were not supposed to be.
Your run data is your location data. This is what that looks like at scale. What you think is a workout log is a detailed map of your life — your home, your workplace, your daily routes and rhythms.
DO / DON’T
DO:
- Review privacy settings on every fitness app you use
- Disable route sharing and map visibility for workouts near your home
- Use a “privacy zone” around your home and workplace if the app supports it
DON’T:
- Make your activities public — even “friends only” exposes your location patterns
- Share full route data — start and end points reveal where you live and work
- Link fitness apps to social media accounts
- Allow fitness apps to sync with third-party apps without reviewing what’s shared
Strava
Path: Strava app > Profile icon > Settings
Privacy Controls:
Path: Settings > Privacy Controls
- Profile Page: Set to Followers (not Everyone)
- Activities: Set to Followers only or Only You
- Group Activities: Set to Only You
- Flyby: Set to No One — Flyby shows other people who ran near you on the same day and time. This is a direct stalking risk.
- Local Legends: Consider disabling — reveals your most frequent routes to anyone on the platform
Map Visibility:
Path: Settings > Privacy Controls > Map Visibility
- Default: Set activities to Show only partial map or Hide map entirely
- Enable Privacy Zones: Add your home address and workplace — routes within these zones are automatically hidden from your activity maps
- Settings → Privacy → Privacy Zones → Add Privacy Zone
- Set radius (200–1000m recommended)
Aggregated Data note: Strava’s Heatmap aggregates user route data globally — your individual privacy settings don’t prevent your data from contributing to this aggregate map. Consider this when deciding whether to use Strava at all.
Nike Run Club
Path: Nike app > Profile > Settings
- Set profile to Private
- Disable activity sharing and challenges with strangers
- Review linked apps and revoke access to any you don’t actively use
- Do not sync with social media
Garmin
Path: Garmin Connect app > Profile icon > Settings (gear icon)
Profile & Privacy:
Path: Settings > Account & Privacy
- Set Profile Visibility to Private or Friends only
- Disable Real-Time Tracking unless actively needed — this broadcasts your live location
- Set Activities visibility to Private or Connections only
Data Sharing:
Path: Settings > Connected Apps
- Review all connected apps and services
- Revoke access to any apps you no longer use or don’t recognize
Insights & Analytics:
- Garmin uses your health data to generate insights — review what data is shared with Garmin’s analytics
- Opt out of Garmin’s data analytics program if available in your region
Fitbit / Google Fit
Path: Fitbit app > Today tab > Profile picture > Account Settings
Social & Sharing:
Path: Account Settings > Privacy
- Set Profile Privacy to Private
- Disable Friends’ activity in the feed
- Turn off Sharing your daily stats with contacts
Privacy:
- Review Health Data Sharing — disable sharing with third parties
- Review Apps and Devices — remove any connected apps you don’t use
- Fitbit is now owned by Google — your health data may feed Google’s ecosystem. That’s not a neutral fact.
Set up Strava Privacy Zones for your home address right now. Settings → Privacy → Privacy Zones. That’s the single most important action on this page — it stops your home coordinates from being visible in your activity data.