Why Strava isn't compatible anymore with IRONMAN Virtual Club?

On April 16th 2020, Strava decided to no longer allow its users to share their activities with Sport Heroes. The reason given by Strava being that Sport Heroes when operating the IRONMAN VC platform did not respect the terms of use of its API (Application Programming Interface, the route allowing different services to connect) and was “exposing the personal data of its users to risks”. We totally refute these accusations, we always make every effort to ensure the security of our users' data, we are committed to total transparency and never share personal data without the consent of our users.

First, I you are looking for a solution to continue to use our services and challenges, you can:

  • Directly connect your sport watch or other wearable tracking device: we are compatible with Garmin, Polar, Suunto, Fitbit, Withings and TomTom.
  • Use another compatible application from the Sport Heroes ecosystem: Nike+, Runkeeper, MapMyRun/Ride, Decathlon Coach, Rouvy.

To do so, go to the "Connected Apps" section of your application or "Manage my apps" on the web in the left part of your dashboard.

Here we provide you with more explanations about this decision taken by Strava, which we deeply regret.

A quick chronology of events:

  • Since 2014, Sport Heroes has been creating digital sports experiences (applications and websites), some being Sport Heroes’ own communities (Running Heroes, Cycling Heroes, Swimming Heroes, United Heroes for Corporate Wellness) and others being designed for partners (IRONMAN Virtual Club, The ICONIC Sport Challenge, Livret Sport by Sport 2000, Team UNICEF, Air France Running, Paris 2024...). 
  • To enable users to participate in these experiences, Sport Heroes aggregates sports data from multiple partner sources (Garmin, Polar, Suunto, Fitbit, Nike+, Adidas Running, MapMyRun/Ride, Runkeeper, Decathlon Coach, TomTom, Withings...).
  • Sport Heroes' technical model is that of a SaaS (Software-as-a-Service) which allows Sport Heroes to manage all applications developed from a single location, while allowing the multiple services created to be configured and customized according to their needs. 
  • To access each services, the Sport Heroes technology is based on a Single Sign-On authentification method (or SSO) allowing users to easily join a new experience, provided of course that they have registered individually and subscribed to the T&C  and Privacy Policy of each (20% of Sport Heroes users use several of the services offered). A user's data is specific to each experience he or she has registered for, under no circumstances do we authorize the use of this data by another service, another customer or in another context. 

Capture_d_e_cran_2020-04-18_a__10.05.41.png

In fact, this single authentication system is a standard in the IT world, used by all the major players in the tech industry, allowing in particular :

    • To simplify for the user the management of his accounts and passwords, avoiding a multiplication and a greater risk of hacking.
    • To simplify the management of personal data.
    • To simplify the definition and implementation of security policies.
  • This given architecture is the reason why we use only one API key from Strava, which is from a data protection a good practice. Sport Heroes, its technology and its treatment of user data are in full compliance with the global regulations (especially GDPR in Europe). Our clients include major groups such as Nike, Coca-Cola, AXA, PwC, UNICEF, IRONMAN, etc. who regularly conduct security audits and verifications of compliance with GDPR regulations before committing to working with us
  • The integration with Strava has always been a unique API connection and this has always been known to Strava, which has been a constant partner of Sport Heroes since its creation, with many commercial collaborations. The last management meetings were held in October 2019 and February 2020, with open sharing and discussion about the strategic developments of both companies.
  • Strava decided on April 1st, 2020, the same day of the launch of the IRONMAN VC platform by Sport Heroes, that this technical configuration was no longer acceptable, and on April 10th Sport Heroes was given a one week deadline (April 16th) to transfer this experience to a dedicated API connection.
  • Strava refused to give any guarantees to Sport Heroes that other API connections would be provided to the other Sport Heroes experiences following the transfer of IRONMAN VC.
  • Sport Heroes requested 1/ these guarantees and 2/ some more time (4 weeks, after 6 years where this configuration had not posed any problems, did not seem like a huge ask) to be able to accomplish a significant redesign of its technological architecture and SSO to meet Strava's needs. Conducting IT projects without a minimum of time and testing is dangerous for the reliability and security of a system.
  • Strava did not accept that its ultimatum was not met and disconnected the Sport Heroes API connection on April 16, 2020, impacting the experience of hundreds of thousands of users, not least the tens of thousands who had joined IRONMAN VC and were gearing up for VR3 this week-end.
  • Strava justified its decision on its Support site and in social media on the grounds that Sport Heroes was violating the terms of use of its API (a “violation” that had been knowingly "tolerated" for 6 years) and was exposing users to risks due to a "lack of transparency" and questionable practices on the protection of user data (slanderous speculation based on no foundation whatsoever)

It's your data, not Strava's.

We were therefore unable to reasonably respond to Strava's request, which, in response, cut off access to its application and API, thus preventing its users from participating in our sports experiences, without them having any say in the matter. However, the regulations concerning personal data are clear on this point: they never belong to the services that issue them, but always to the users directly.

We are awaiting explanations from Strava, hoping that we can quickly find a solution to work together again, in the best interest of allowing the users to take part in our sports experiences if they wish so.

In the meantime, we propose to our users to continue using our services through all our other partner solutions: Garmin, Polar, Suunto, Nike+, Adidas Running, Fitbit, Runkeeper, MapMyRun/Ride, TomTom, Withings, Decathlon Coach, Rouvy.

Was this article helpful?
Got this ! Thanks for your feedback 😃

Comments

0 comments

Article is closed for comments.