✨Limited Time: 10% OFF your entire purchase! Use code CLAIM10
What Waist LLC (“What Waist” “we” “us” or “our”) is committed to building relationships with our customers based on respect, integrity, and trust. We recognize the importance of privacy and the sensitivity of personal information and have created the following policy to describe for you the information we collect, how that information may be used, with whom it may be shared, and your choices about such uses and disclosures.
We encourage you to read this Privacy Policy (“Privacy Policy” or “Policy”) carefully. By using our website (“Website”), apps, or other technologies (collectively our “Digital Properties”), using our services, or otherwise engaging with us (collectively “What Waist Services”), you are accepting the practices described in this Policy.
This Policy applies to the information you provide to What Waist in any manner or form. This Policy does not apply to information collected by third parties linked in any way to What Waist. We have no control over, and therefore no responsibility or liability for, any third party’s collection, use, disclosure, or retention of the personal information that is provided directly to any third party. Consequently, the collection, use, disclosure, and retention of information by any third party is not subject to this Privacy Policy.
If you do not consent to the collection, use, and disclosure of your personal information in accordance with this policy, please do not access or use any of the What Waist Services.
This Privacy Policy may be revised from time to time, with new terms taking effect on the date of posting. Your consent will be effective from the date that you begin using our services until the date that you withdraw your consent.
This Privacy Policy uses the following terms, as defined:
When using our Digital Properties and submitting PD to us, you may have certain rights under the General Data Protection Regulation (“GDPR”) and other laws. Depending on the legal basis for processing your PD, you may have some (or all) of the following rights:
Right to be informed. You have the right to be informed about the personal data we collect from you, and how we process it.
Right of access. You have the right to: [i] obtain confirmation that your personal data is being processed and [ii] access your personal data.
Right to breach notification
In the event of a breach of our database or website we will notify you within 72 hours of first becoming aware of the breach.
Right to rectification. You have the right to have your personal data corrected if it is inaccurate or incomplete.
Right to erasure (right to be forgotten). You have the right to request the removal or deletion of your personal data if there is no compelling reason for us to continue processing it.
Right to restrict processing. You have a right to “block” or restrict the processing of your personal data. When your personal data is restricted, we are permitted to store your data, but not to process it further.
Right to data portability. You have the right to request and obtain your personal data that you provided to us. We will send your data to you within 30 days of your request.
Right to object. You have the right to object to us processing your personal data.
Automated individual decision-making and profiling. You will have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
Filing a complaint with supervisory authorities. You have the right to file a complaint with supervisory authorities if your information has not been processed in compliance with the General Data Protection Regulation. If the supervisory authorities fail to address your complaint properly, you may have the right to a judicial remedy.
Privacy by Design
You have the right Privacy by design defined as the inclusion of data protection from the onset of the designing of systems, rather than an addition. We will hold and process only the data absolutely necessary for the completion of its duties (data minimization), as well as limiting the access to personal data to those needing to act out the processing.
For details about your rights under the GDPR, visit https://goo.gl/F41vAV
How We Use Your Personal Information
We use the PD we collect about you to provide you with the services, products, and information you request, administer your membership and respond to inquiries and questions, deliver a more relevant and curated experience with What Waist and our Digital Properties, and to satisfy our other business purposes and needs. We use your PD for these purposes because we have a legitimate business interest in providing services to our members, guests, and other interested individuals that is not overridden by your interests, rights, and freedoms to protect personal data about you.
In particular, we may use your personal data in connection with:
Your goals and objectives. We collect and use your PD to learn more about you, record your progress, and otherwise help you achieve your stated goals and objectives. Collecting your PD in this context is a fundamental element of our contractual relationship with you and, most importantly, allows us to assist you as efficiently and effectively as possible.
Membership administration. We process your personal data as necessary to perform our contractual relationship with you as a member or recipient of certain ancillary services such as personal training, including by providing you with administrative and operational communications, announcements, and information such as information regarding changes to facility hours, billing notifications, and appointment reminders. We reserve the right to use any contact information held on file (including e-mail, mailing address, and mobile phone number) to communicate with you in relation to administering your membership.
Promotional and marketing communications. We use your PD to provide special offers, promotions, and information about What Waist and our service offerings to you. We may also use your PD to determine if you are eligible for certain offers. We may also send you newsletters and information about products, services, and promotions of our business partners and affiliates that we believe you may find of interest.
If you do not wish to receive any marketing e-mails, you can opt-out of future mailings by clicking on the unsubscribe link located on the bottom of the relevant email. If you are a Member and have established an account on our Digital Properties, you can also unsubscribe at any time by logging in and adjusting your communications preferences. If you are a Member, please note that even if you opt-out of receiving promotional e-mails that you will continue to receive administrative and operational communications regarding your membership, such as billing notices or facility closures.
Personalized experience. If you are a Member, we may use your PD to deliver a more relevant and curated experience to you, including by recommending services or content we believe that you will enjoy as part of our effort to provide a personalized experience, we may combine personal data collected through our Digital Properties with other information that we have collected from you in the course of your relationship with What Waist.
Business purposes. We use PD for our legitimate business purposes, including to operate, evaluate, and improve our business and services; develop new businesses, services, and solutions; perform market research; advertise and market our business, services, and solutions; determine the effectiveness of our advertising and marketing; analyze our business, services, solutions, and Digital Properties; and improve the administration and security of our Digital Properties.
We may also use your PD to help us prevent fraud, claims, and other liabilities; comply with or enforce applicable legal requirements; comply with industry standards or regulations; and comply with our terms, conditions, and policies. We use PD for these purposes when it is necessary to protect, exercise, or defend our legal rights, or when we are required to do so by a law that applies to us.
We may collect personal data from you when you visit our facilities and use What Waist Services. The personal data you provide directly to us through your interactions with What Waist and the What Waist Services will typically be apparent from the context in which you provide that information. What Waist may also automatically collect certain personal data and information you while you are interacting with What Waist.
We automatically receive information from your web browser or mobile device. This information includes the name of the website from which you entered our website, if any, as well as the name of the website you’ll visit when you leave our website. This information also includes the IP address of your computer and the proxy server you use to access the Internet, your Internet service provider’s name, your web browser type, the type of mobile device, your computer operating system, and data about your browsing activity when using our website. We use all of this information to analyze trends among our users to help improve our website and, ultimately, your user experience with our Digital Properties and What Waist Services.
If you do not provide us with enough PD, such as a name or e-mail address, we may not be able to provide you with all our products and services. However, you can access some parts of our website without giving us your PD (for example, when you visit the home page of our website).
Contact information. We collect your name and other contact information, such as e-mail address, mobile or other phone numbers, mailing address, and postal code when you fill out a contact form, inquire about our business and membership opportunities, register to use What Waist as a guest or with a trial membership, sign up for our mailing lists, newsletters, or enter any sweepstakes or contest we may offer.
Communications and surveys. We will also collect any information you provide to us in your communications with us, including through e-mails you send us, exchanges with personnel at What Waist facilities, and through social media. On occasion, we will ask members and other individuals to provide feedback by completing a survey, and we will collect any information you choose to provide in completing such a survey.
Membership and facility usage information. If you are a Member, we will collect information about how you use and interact with the What Waist Services, including facility check-in and check-out dates and times, workouts you log, classes you book, and information provided when you purchase or schedule personal training sessions and/or spa treatments.
Demographic and fitness information. We will collect certain demographic information, including your date of birth, age, gender identity, as well as the name of your employer, when you join or visit What Waist. In addition, as a What Waist Member, we may collect certain personal data that you provide on our intake and registration forms regarding your fitness and health, including, but not limited to, height, weight, body measurements, performance metrics, current and past injuries and surgeries, nutritional information, and fitness goals, such as when you complete a fitness assessment or participate in personal training or spa treatments. We may also collect certain personal data that is developed by our personnel, such as training session logs and notes taken by personal trainers and other What Waist staff. As a Member, you may also be photographed and your image recorded via CCTV video footage. We may also collect certain biometric data for identification and account authentication purposes.
Digital account registration. If you are a Member and establish an account with us, we will collect your username, password, membership account preferences, and a profile picture. If you have established an online account with us, you may log in to it to review and update your information and preferences.
Transaction information. Information related to your purchase(s) of goods and services with What Waist, such as your credit/debit card information, billing address, the goods and services purchased, and other related transaction information will be required to complete transactions with us. Of particular note is that although information such as credit card number, expiry date, and CVC/CVV are required, this payment information is sent directly to our payment processor. What Waist receives a random electronic token over an encrypted connection from our payment processor that confirms that a transaction has been completed. We do not receive, nor do we store, a copy of your payment/card information.
Social media and third-party apps. If you link your social media profiles and accounts to any of our Digital Properties or otherwise interact with What Waist through social media networks (e.g., by clicking a Facebook “like” button) or “check-in” to a club through social media, information may be made available to, and collected by What Waist through those social media profiles and accounts. In addition, if you elect to connect any third-party fitness devices or apps to the Digital Properties to utilize certain features and functionalities, we may collect information about you from such third-party apps.
Usage information. We may automatically collect certain information about how you use and interact with the Digital Properties and What Waist facilities, such as the time and duration of your visit, search query terms you may enter, and the pages, features and content you access and how you interact with those pages, features and content.
Technical information. When you use the Digital Properties, we may automatically collect information about your Internet connection, browser, or computer/device, including IP address or device ID, browser type, operating system information, time zone, click stream information, page response times, and download errors.
In addition to collecting information via our Website, we may collect information from you in other ways that include, but are not limited to, telephone calls, e-mail exchanges, and completion of our client intake process. This information may include PD and other information, such as your name, billing address, mailing address, e-mail address, home and mobile telephone numbers, and participation in events and promotions that we may offer from time to time. This information may be matched with and stored in connection with PD provided or collected via our Website.
Our Website uses cookies. A cookie is a small piece of data or a text file that is downloaded to your computer or mobile device when you access certain websites. Cookies may contain text that can be read by the web server that delivered the cookie to you. The text contained in the cookie generally consists of a sequence of letters and numbers that uniquely identify your computer or mobile device, and it may contain other information as well.
Cookies are widely used by website owners to make their website work, or work more efficiently, as well as to provide reporting information. Cookies set by the website owner (in this case, What Waist) are called “first-party cookies.” Cookies set by parties other than the website owner are called “third-party cookies.” Third-party cookies enable third party features or functionality to be provided on or through the website (e.g., such as advertising, interactive content, and analytics). The parties that set these third-party cookies can recognize your computer when it visits the website in question and when it visits certain other websites.
You have the right to decide whether to accept or reject cookies. You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our website although your access to some functionality and areas of our website may be restricted. Because how you can refuse cookies through your web browser controls vary from browser to browser, you should visit your browser’s help menu or user documentation for more information. In addition, most advertising networks offer you a way to opt-out of targeted advertising. If you would like to find out more information, please visit one or both of the following sites: http://www.aboutads.info/choices/ or http://www.youronlinechoices.com.
By agreeing to accept our use of cookies, you are giving us permission to place some (or all) of the cookies described below on your device.
We may also use cookies to: identify the areas of our Website that you have visited; personalize the content you see on our Website; perform Website analytics; remember your preferences, settings, and login details; target advertising relevant to your interests; facilitate affiliate marketing; allow you to post comments; and allow you to share content with social networks. Most web browsers can be set to disable the use of cookies. However, if you disable cookies, you may not be able to access features on our Website correctly, or at all.
Web beacons (also known as “clear gifs,” “pixel tags,” or “web bugs”) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users or to access cookies. Unlike cookies which are stored on a user’s computer hard drive, web beacons are embedded invisibly on the web pages (or in e-mail) and are about the size of the period at the end of this sentence.
We may use web beacons to collect general information about your use of our Website and your use of special promotions or newsletters. Web beacons allow us to count users who have visited certain pages of our Website and to understand usage patterns. We also may receive an anonymous identification number if you navigate to our site from an online advertisement displayed on a third-party website.
We may share your PD with third parties for similar audience marketing purposes. Similar audience marketing is also referred to as “lookalike audience marketing.” The third parties we share your PD with for this type of marketing include Google and Facebook. Using your PD for similar audience marketing or lookalike audience marketing helps us improve our marketing by identifying potential customers who have interests that are similar to yours. Your PD is only shared with Google or Facebook for this type of marketing. By using our Website and agreeing to our Privacy Policy, you are giving your consent for your PD to be used for the marketing purposes described herein.
More specifically, some (or all) of the following may apply to our Website from time-to-time:
When we communicate with you about our Website, we will use the e-mail address you provided when you registered as a Member or User. We may also send you e-mails with promotional information about our Website or offers from us or our affiliates unless you have opted out of receiving such information. You can change your contact preferences at any time through your account or by sending us an e-mail with your request to: contact@whatwaist.com
We do not sell, rent, or otherwise provide your PD to third parties for marketing purposes. However, for data aggregation purposes we may use your NPD, which might be sold to other parties at our discretion. Any such data aggregation would not contain any of your PD. We may provide your PD to third-party service providers we hire to provide services to/for us. These third-party service providers may include, without limitation: payment processors; web analytics companies (like Google Analytics); data management services companies; help desk providers; shopping cart and e-mail service providers; shipping and mailing companies; call centers; accountants; law firms; and auditors.
We may be legally required to disclose your PD if such disclosure is: [i] required by subpoena, law, or another legal process; [ii] necessary to assist law enforcement officials or government enforcement agencies; [iii] necessary to investigate violations of or otherwise enforce our Terms and Conditions; [iv] necessary to protect us from legal action or claims from third parties, including you and/or other users or members; or [v] necessary to protect the legal rights, personal/real property, or personal safety of our company, users, employees, and/or affiliates.
If our business is sold or merges in whole or in part with another business that would become responsible for providing our Website to you, we retain the right to transfer your PD to the new business. The new business would retain the right to use your PD according to the terms of this Privacy Policy as well as to any changes to this Privacy Policy as instituted by the new business. We also retain the right to transfer your PD if What Waist files for bankruptcy and some (or all) of our assets are sold to another individual or business.
Our Digital Properties may offer the ability for users to communicate with each other through online community discussion boards or other mechanisms. We do not filter or monitor what is posted on such discussion boards or in these forums. If you choose to post on these discussion boards, or in these forums, you should use care when exposing any PD, as such information is not protected by our Privacy Policy nor are we liable if you choose to disclose your PD through such postings. You further understand and acknowledge that PD you post on our Website for publication may be available worldwide by means of the Internet. We cannot prevent the use or misuse of such information by others.
We retain information that we collect from you (including your PD) only for as long as we need it for legal, business, or tax purposes. Your information may be retained in electronic form and/or paper form. When your information is no longer needed, we will erase, delete or otherwise destroy it. You have the right to request that we delete any PD we have about you. If you want access to your PD, are requesting to know what PD we have collected about you, or are requesting that we delete your PD, we ask that you send us an e-mail with your request to
You have the right to revoke your consent for us to use your PD at any time. Such an opt-out will not affect disclosures otherwise permitted by law including, without limitation: [i] disclosures to affiliates and business partners; [ii] disclosures to third-party service providers that provide certain services for our business, such as credit card processing, computer system services, shipping, data management, or promotional services; [iii] disclosures to third parties as necessary to fulfill your requests; [iv] disclosures to governmental agencies or law enforcement departments, or as otherwise required to be made under applicable law; [v] previously completed disclosures to third parties; or [vi] disclosures to third parties in connection with subsequent contests or promotions you may choose to enter, or third-party offers you may choose to accept. If you want to revoke your consent for us to use your PD, we ask that you send us an e-mail with your request to
Your rights to access your PD are not absolute. We may deny access to your PD when:
If any postings you make on our Website contain information about third parties, you must make sure you have permission to include that information in your posting. While we are not legally liable for the actions of our users, we will remove any postings about which we are notified, if such postings violate the privacy rights of others.
Some web browsers have settings that enable you to request that our Website not track your movement within our Website. Our Website may not obey such settings when transmitted to and detected by our Website. You can turn off tracking features and other security settings in your browser by referring to your browser’s user manual.
Our Website may contain links to or otherwise enable you to connect with other sites, social media platforms, or apps such as Facebook, Instagram, Twitter, YouTube, and Apple (collectively “Third-Party Sites”). We have no responsibility for these websites and we provide links to these websites solely for your convenience. You acknowledge that your use of and access to any other websites are solely at your risk.
We do not control Third-Party Sites and are not responsible for the privacy practices, content, or nature of any Third-Party Site. If you choose to use any Third-Party Site, any personal data collected by such a site or app will be controlled by the privacy policy of that third party. We strongly encourage you to read the privacy policies of Third-Party Sites, as their practices may differ from ours.
To the maximum extent permitted by law, we are not responsible for the privacy practices or the collection or use of your personal data from any Third-Party Sites.
Even though our Website is not designed for use by anyone under 16 years of age, we realize that a child under 16 years of age may attempt to access our Website. We have no intent to collect, nor will we ever knowingly collect PD from children under 16 years of age. If we discover that a child under 16 years of age is accessing our Website, we will delete his/her information within a reasonable period of time. If you are a parent or guardian and believe that your child is using our Website, please contact us immediately so that this situation may be handled in an appropriate and timely manner. Please understand that, if you contact us under such circumstances, we may ask for proof of identification from you to prevent malicious removal of account information before we remove any information about any user/member. You acknowledge that we do not verify the age of our users nor do we have any liability to do so.
You can always opt-out of receiving further e-mail correspondence from us or our affiliates. We will not sell, rent, or trade your e-mail address to any unaffiliated third party without your permission except in the sale or transfer of our business, or if our company files for bankruptcy.
Our Website uses industry-standard encryption and authentication tools to protect the security of your PD. We, and the third parties who provide services for us, also maintain technical and physical safeguards to protect your PD. If we collect your credit card information through our Website or through third parties who provide services to/for us, to process/complete a transaction, we, or third parties who provide services to/for us, will encrypt your PD and your credit card information before it travels over the Internet using industry-standard technology for conducting secure online transactions. Unfortunately, no firm, including What Waist, can ever guarantee secure transmission of data across the Internet, nor can any firm, including What Waist, guarantee against the loss or misuse of your PD. Consequently, we strongly urge you to protect any password you may have for our Website and to not share it with anyone. You should always log out of our Website and end your browsing session when you finish using our Website, especially if you are sharing or using a computer in a public place.
You may have to provide a credit card to buy products and services through our Website. We use third-party billing services and have no control over these services. Additionally, we use commercially reasonable efforts to make sure your credit card number is kept strictly confidential by using only third-party billing services that use industry-standard encryption technology to protect your credit card number from unauthorized use. However, you understand and agree that we are in no way responsible for any misuse of your credit card number.
Wherever we transfer, process, or store your PD, we will take commercially reasonable steps to protect it. We will use the information we collect from you in accordance with this policy. By using our Website or services, you agree to the transfers of your PD described in this section. Also, PD you post on our Website for publication may be available worldwide via the Internet. We cannot prevent the use or misuse of such information by others.
PD that we collect from you may be stored, processed, and transferred between various countries given where data is stored and processed (for example, cloud-based servers). The European Union has not found the United States to have an adequate level of protection of PD under Article 45 of the General Data Protection Regulation (“GDPR”). What Waist relies on derogations for specific situations as defined in Article 49 of the GDPR. For European Union customers and users, with your consent, your PD may be transferred outside of the European Union to the United States. We will use your PD to provide the goods, services, and/or information you request from us to perform and contract with you or to satisfy a legitimate interest of What Waist in a manner that does not outweigh your freedoms and rights. Wherever we transfer, process, or store your PD, we will take reasonable steps to protect it. We will use the information we collect from you in accordance with our Privacy Policy. By using our Website and the What Waist Services, you agree to the transfers of your PD as herein described.
Your California Privacy Rights
The following section pertains to the rights of individuals or households in California (“California consumers”).
Civil Code Section 1798.83
Rights under the California Consumer Privacy Act (CCPA)
After January 1, 2020, the CCPA (California Civil Code Section 1798.100 et seq.) will provide California consumers with additional rights regarding Personal Information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular consumer or household. The categories of Personal Information we collect are generally described above but differ for individual consumers depending on the Services used by such consumers.
Under the CCPA, qualifying California consumers may have the following rights:
Right to Know and Right to Delete
A California consumer has the right to request that we disclose what Personal Information we collect, use, disclose and sell. A California consumer also has the right to submit requests to delete Personal Information.
When we receive a request to know or delete from a California consumer, we will confirm receipt of the request within 10 days and provide information about how we will process the request, including our verification process. We will respond to such requests within 45 days.
Right for Disclosure of Information
A California consumer may also submit requests that we disclose specific types or categories of Personal Information that we collect.
Under certain circumstances, we will not provide such information, including where the disclosure creates a substantial, articulable and unreasonable risk to the security of that Personal Information, customers’ account with us, or the security of our systems or networks. We also will not disclose California consumers’ social security numbers, driver’s license numbers or other government-issued identification numbers, financial account numbers, any health insurance or medical identification numbers, or account passwords and security questions and answers.
Submitting Requests
If you are a California consumer and would like to make any requests under the CCPA, please direct them as follows:
We reserve the right to change this Privacy Policy at any time. If we decide to change this Privacy Policy, we will post those changes on our Website so that you are always aware of what information we collect, use, and disclose. If at any time we decide to disclose or use your PD in a method different from that specified at the time it was collected, we will provide advance notice by e-mail (sent to the e-mail address on file in your account). Otherwise, we will use and disclose your PD in agreement with the Privacy Policy in effect when the information was collected. In all cases, your continued use of the What Waist Services after any change to this Privacy Policy will constitute your acceptance of such change.
Your use of What Waist Services is governed by our Terms and Conditions. Our Terms and Conditions contain important provisions, including provisions disclaiming, limiting, or excluding the liability of What Waist, and provisions determining the applicable law and jurisdiction for the resolution of any disputes regarding your use of What Waist Services. Each of the provisions of the Terms and Conditions applies to any disputes that may arise concerning this Privacy Policy, and the collection, use, and disclosure of your PD and are of the same force and effect as if they had been reproduced directly in this Privacy Policy.
If you have any questions about our Privacy Policy, please e-mail us at