Privacy Policy | WW UK

Effective Date: 25th March 2021

WeightWatchers® Website & Digital Products Privacy Policy

We are dedicated to protecting the privacy of those who visit our Website and use our Digital Products. This Privacy Policy explains how we collect your Personal Data on our Website or through our Digital Products, how we protect such data, and the rights you have concerning the use of such data. Please read this Privacy Policy carefully.

WHO WE ARE?

This Privacy Policy applies to our website (“Website”) as well as to our mobile app (“Mobile App”) and our products, offerings, features, tools or resources offered via our Website or App (collectively, our “Digital Products”). The controller of your Personal Data collected via our Digital Products according to Art. 4(7) UK GDPR is WW GBR Ltd, Regus, Office 250, 268 Bath Road, Slough, SL1 4DX

WHAT DATA ABOUT ME IS COLLECTED AND HOW IS IT USED?

Which Personal Data We Collect

Personal Data is information that identifies you or can be used to identify or contact you (“Personal Data”). Such Personal Data may include your name, address, email address, telephone number, birth date (primarily for eligibility purposes) and billing and credit card information. Personal Data may also include health related data, such as your weight history.

We collect Personal Data from you when you use our Website or subscribe to our Digital Products, as further described in this Privacy Policy. In all of these cases, we will only process Personal Data that you provide directly to us or which we automatically collect from you as specified in this Privacy Policy. Unless defined in this Privacy Policy or unless you give us permission to do so, we will not use or share your Personal Data other than as specified in this Privacy Policy.

How we Collect and Use Your Personal Data

In the following section, you will find information on how we collect your Personal Data, for which purposes we process your data, on which legal basis we do so and for how long we retain your data.

A legal basis for processing your data will arise when one or more of the following conditions apply:

  • Consent: You have given us your consent to the use of your information which can be revoked at any time, Art. 6(1)(a) UK GDPR and/or Art 9(2)(a) UK GDPR.
  • Contract: You have/or are about to enter into an agreement with us and your information is needed to provide you with the requested products or services, Art. 6(1)(b) UK GDPR.
  • Legal obligation: We may be required to process your information in order to comply with certain legal obligations, Art. 6(1)(c) UK GDPR.
  • Legitimate interest: We might use your information because we have—or a third party has—a legitimate interest in doing so. This happens only in cases where we think the way we are using your data doesn’t significantly impact your privacy or would be expected by you, or there is a compelling reason to do so, Art. 6(1)(f) UK GDPR.

What data we collect

How we use it

When you sign up for a WW membership

We collect your name, email address, telephone number, postal address and payment information.

We also collect your health information such as your weight history or other relevant information depending on your specific needs.

This data is used to create your WW member profile and provide you with the WW services as requested. We will send emails to provide you with service announcements, updates and other important information relevant to your WW membership.

The legal basis is the contract with us and because your information is needed to provide you with the requested products or services

The legal basis for processing health information is your prior consent which you can withdraw at any time.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you purchase products from our website

We collect your name, email address, delivery information, payment information and (optional) your telephone number.

This data is used to process your order and deliver your products. We will use your name and email address to send you order confirmation and shipping emails. We will use your payment details to process payment for your order and your postal address and other contact details to ship your order to you.

The legal basis is the contract with us and because your information is needed to provide you with the requested products or services.

Where you agree to receive cart related information or reminders, we will use your email address to send you these cart related messages.

The legal basis is your consent which you can withdraw at any time.

Data retention

As a website (e-commerce) customer, your purchase data is stored for the period of your membership + 5 years after (where applicable) or as long as required by applicable law.

When you sign up to receive our WW Newsletter and subscribe to our other marketing communications

We collect your name, email address and marketing preferences.

This is used to deliver WW promotional newsletters and inform you about offers, products, events and surveys via e-mail and through social media platforms.

The legal basis is your consent which you can withdraw at any time.

Data retention

As a subscriber, your data and preferences are stored until you withdraw your consent.

When you visit our website

We collect your IP address, browser type, operating system, error logs, and other similar information regarding your visit on our site.

We may also collect additional information from cookies, trackers, web beacons and other unique identifiers.

Our cookie banner allows you to decide if we can collect this data. See the cookie policy section.

The data is used to remember your website preferences, language, cookie choices. It also makes it easier to use the site and can help us to provide personalized advertising according to your preferences.

The legal basis is our legitimate interest to improve our services or your consent when required.

Data retention

Your cookie data storage may vary according to the type of cookie implemented. See our cookie policy for more information.

When you join our WW Community (Connect, WW social media groups, messages boards)

We collect your username, log in information and any other information including videos, pictures, which you decide to share on these platforms.

If you use the “Public Profile” feature within our community, please be aware that we cannot control how other users might use your data.

We also cannot prevent you receiving unwanted messages from other users.

This data is used to provide you with requested community services.

The legal basis is your consent which you can withdraw at any time.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you download the WW App

We collect information about your usage of the App, food tracking, weight tracking, or the dates you last used certain features). We also collect information concerning your device (such as the specific type of operating system and hardware you have, and the amount of free and total memory) and the App's files on your device

We may use such information, among other things, to ensure that your handheld device is supported and that it has enough room for the App, and to confirm which versions of the App’s files are installed on your device.

We will also use this information to improve our products and analyse how people use our applications.

The legal basis is the contract with us and because your information is needed to provide you with the requested products or services

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you contact our Customer Service

We process your WW account information.

If you contact us by phone, we also collect audio recordings of your call.

The data is used to respond to your customer service requests. Where calls are recorded, the data is used for training and customer care purposes.

The legal basis is our legitimate interest to improve customer service and for staff training purposes or your consent where required.

We may also record your calls as evidence of a business transaction.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after. Recorded calls are stored for 3 months from the data of the call unless otherwise required due to legal obligation.

When you collect / use your Wellness Wins

We process information on your WW membership account information including your weight and activity.

The data is used to collect and manage your Wins account and allow you redeem and receive your chosen rewards.

The legal basis is the contract with us and because your information is needed to provide you with the requested products or services

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you link your account to your wearable or other 3rd party devices

We process information such as your WW account information to sync the relevant 3rd party information. Summary data collected by your 3rd party device (e.g., activity tracker) will be transferred to us and may be incorporated into your WW account.

We use this data to maintain WW tracker information e.g., deliver Fitpoints and to improve our products and services.

The legal basis for such processing is your consent where required or our legitimate interests in customizing the content of our services in line with user preferences and in further improving our products.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you take our surveys, questionnaires, self-assessment quizzes, contests, leave us product or service reviews.

We process your name, email address, location opinions and other information which you provide voluntarily.

Where we use this data to promote our services or products, the legal basis of the processing will be your consent which you can withdraw at any time.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you take part in our Partner offers

We process your WW programme and account information.

Please note that these partners are responsible for their own privacy practices.

Some joint partnerships or programs will require us to share your WW programme information with the partner in order to facilitate these partnerships.

The legal basis for such processing is the performance of a contract with the partner where applicable or your consent where required.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

When you use our “Invite a Friend” function

We process your WW account information and individual Invite a Friend link

We use this data to provide you with your individual Invite a Friend link. If your link is used to create a qualifying WW account, that activity is connected to your account in order to assign you with any credit earned.

If you join WW using an “Invite a Friend” link

We process your signup information. Note that your first name, email address and member number will be linked to the member whose link you used to join.

The legal basis is your contract with us and to provide you with requested services.

Data retention

As a member, your account data is stored for the period of your membership + 5 years after.

WW Wellness Impact Award

If you make an impact award nomination

We process your name, email and note that you are a WW member (where applicable).

We use this data to process your nomination. The legal basis is your consent.

Data retention

Nominator data will be stored for 6 months

If you are nominated /apply for an impact award

We process your name, email and application details.

Winner information will be shared with WW Good Foundation Inc. USA to facilitate disbursement of award funds.

We use this data to process your application / nomination and assess your award eligibility.

The legal basis is Article 6 (1) (b) UK GDPR as processing is necessary for the performance of the award agreement

Data retention

Nominee data stored for maximum of 6 months after decision

Winner stored for 1 year after disbursement of funds + any local applicable tax /legal requirements will apply.

If you subscribe to our impact award email communications.

We collect your name, email address and marketing preferences.

This is used to deliver the award newsletters and inform you about our social impact activities.

The legal basis is your consent which you can withdraw at any time.

Data retention

As a subscriber, your data and preferences are stored until you withdraw your consent

COOKIES

We use cookies and similar technologies like pixels, tags, web beacons, and other identifiers to help us personalise our Website and Digital Products for you, remember your preferences, understand how users are using our Website and Digital Products and help customise our marketing communication.

You may adjust your cookie settings on our cookie banner at any time.

For more information on how we use cookies, please read our Cookie Policy.

SOCIAL PLUG-INS AND OTHER THIRD-PARTY FEATURES

Our Website contains links to or features from other websites. This Privacy Policy covers the privacy practices of WeightWatchers only and does not cover the privacy practices of third-party websites or features. We are not responsible for the privacy policies and/or practices of third parties. When linking to another website or using a third-party service, you should read the privacy policy on that site or service.

To the extent certain third-party website features are available on our Website, the following terms apply:

We use plug-ins of the social networks Facebook, Pinterest, Twitter, Instagram and YouTube to enable our Website users to easily share content found on our Website and connect with their friends via such social networks. Whenever you view a page of our Website containing such plug-in, your browser establishes a direct connection to the servers operated by provider of the social network. As a result, the content of the social plug-in is transferred by the network provider directly to your browser and embedded in our Website being shown. If you visit our Website whilst signed into your social network user account, information concerning your visit will be transferred to the network provider and the provider of the social network can assign your visit to our Website to your account with the social network. Please note that a data transfer is triggered already when you visit our Website, irrespective whether you interact with the plug-in. To prevent this, you must log out of your social network account before visiting our Website. Please refer to the privacy policies of Facebook, Pinterest, Twitter, Instagram and YouTube for more information on the purpose and scope of data collection and data analysis undertaken by the social network as well as your options to modify settings and how to protect your privacy.

THIRD PARTY APPLICATIONS AND DEVICES

Our Website offers you the option to connect your WeightWatchers account with third party applications or devices (each a "Tracker") such as activity trackers that measure your activity level (e.g., the number of steps and distance walked, calories burned and other personal metrics). If you connect your WeightWatchers account with an account you have with a provider of a Tracker, the third-party provider will receive the information from us that you have a WeightWatchers account. At the same time, data collected by your third-party Tracker (for example, personal activity data collected via an activity tracker device or other collected data) will be transferred to us and may be incorporated into your WeightWatchers account (for example, to display activity Points® values earned) in accordance with the terms of this Privacy Policy. You have the option to disconnect the Trackers from your WeightWatchers account at any time via our website.

Please refer to the privacy policy of your Tracker provider for further details, which may include information on what specific data is collected by your third-party Tracker and account.

Apple HealthKit

We provide our subscribers the ability to sync with Apple’s HealthKit framework, which provides the ability to access your health and fitness data to help you keep track of your activity in the WW app on your iPhone and Apple Watch if you so choose. (For more information click here). We do not use information gained through the HealthKit framework for advertising or similar services. You can always stop WW from accessing your data by changing the settings of your mobile device.

HOW WE SHARE AND DISCLOSE PERSONAL DATA

We will not share, sell, transfer or otherwise disseminate your Personal Data to third parties, unless required by law according to Art. 6(1)(c) UK GDPR, unless required for the purpose of your contract according to Art. 6(1)(b) UK GDPR, unless the third-party acts as a data processor on our behalf according to Art. 28 UK GDPR, as a Joint Controller according to Art 26 UK GDPR or you have given us express consent to do so according to Art. 6(1)(a) UK GDPR.

We share some of your Personal Data with our affiliate companies, WW International Inc and WW.com LLC, which are located in the United States for the provision of IT tools and related services.

We also use third-party service providers to offer or facilitate services on our behalf and share your Personal Data with such providers to the extent necessary for such providers to perform their services on our behalf.

  • Payment processing: we use payment service providers such as Payment Tech to bill you for goods and services and for credit card processing;
  • Order fulfillment: we use several shipping and delivery companies to fulfil orders depending on the product and location such as XPO Logistics;
  • Customer Service: we use customer service providers to facilitate customer service;
  • Cloud Provider: for our CRM system and an external provider for the hosting of our web
  • Marketing and Advertising: we use identity facilitators such as Liveramp to help us recognize our consumers across our websites, our partner websites and their shops; we also use digital agencies to manage our social media and other advertising campaigns.

We also partner with Criteo (https://www.criteo.com/privacy/) for interest-based advertising.

The privacy policies for all the above can be found on their corporate websites. WW is not responsible for the policies of the third-party providers.

Please note that with regards to transfers of personal data outside the UK, there is a risk that local authorities may access the data for security and surveillance purposes without informing you or allowing you to take legal action.

3rd Party Advertising and Marketing

We may share your hashed email address and other identifiers such as name, location, phone number and browsing behavior with our marketing partners, publishers and other third-party service providers to assist with our targeting advertising on their sites, apps or social networks. We use this service to reach new target audience groups which are similar to our existing clients based on their characteristics and other identifiers.

We and our partners compare demographic information including interests and social connections to segment groups based on an automated advanced matching technique of similarities in their profiles. This process can happen in real time and the matching can be performed independently of the device you are using. In particular, we may use Facebook, Pinterest and Google custom audiences which match personal data against platform user data that it already controls to target ads.

You can activate and deactivate these Custom Audiences, Pixels and similar technologies via our website cookie banner. In addition, you can also use browser-based ad blockers to prevent Facebook and others, from tracking your data.

WW has no influence on the advanced matching processes or which data is evaluated by the 3rd party for the purposes of creating reference groups.

Further information on the advertising and targeting processing can be found on our Cookie Policy or that of the corresponding provider.

DATA TRANSFERS

Some of the companies we share your Personal Data with as described above are located outside of the UK. In order to grant sufficient protection of your Personal Data in this context, all data transfers above are covered under an appropriate legal transfer mechanism such as UK Adequacy Decisions or other such measures according to Art. 46 UK GDPR.

Please note that the use of third-party content and functions may result in your data being processed outside the UK. In some countries, there is a risk that authorities may access the data for security and surveillance purposes without informing you or allowing you to take legal action.

Any sharing of your Personal Data with other WW entities or service providers will be made in accordance with applicable data protection laws and will be limited to the extent necessary. We have carefully selected these companies and continuously monitor their compliance with our instructions. These companies are contractually prohibited from using your Personal Data for any other purposes than those described in this Privacy Policy. The legal basis for our sharing of your Personal Data with such companies is according to Art. 28(1) UK GDPR, Art 26(1) UK GDPR or alternatively our legitimate interests in commissioning those companies with the services described above (Art. 6(1)(f) UK GDPR).

We may also be required to disclose your Personal Data to government or law enforcement officials in response to a lawful request by a public authority or if we have to do so to comply with a legal obligation, including to meet national security or law enforcement requirements according to Art. 6(1)(c) UK GDPR. We can also disclose your information in order to pursue our legitimate interest in applying or enforcing our terms and conditions or in responding to any claims, in protecting our rights or the rights of a third party, in protecting the safety of any person or in preventing any illegal activity (including for the purposes of fraud protection and credit risk reduction) according to Art. 6(1)(f) UK GDPR.

If required under applicable data protection laws, we will collect your prior consent before sharing your Personal Data with other companies. In such cases, the legal basis is Art. 6(1)(a) UK GDPR.

WHAT RIGHTS DO I HAVE?

You have the following rights:

  • Right of access (Art. 15 UK GDPR):

You have the right to request confirmation as to whether we process your Personal Data and where that is the case, to request access to the Personal Data we hold about you.

  • Right to rectification (Art. 16 UK GDPR):

You have the right to request the correction of inaccurate Personal Data.

  • Right to erasure (Art. 17 UK GDPR):

You have the right to request erasure of Personal Data without undue delay under certain circumstances, e.g., if your Personal Data is no longer necessary for the purposes for which it was collected or if you withdraw consent on which our processing is based according to Art. 6(1)(a) UK GDPR and where there is no other legal ground for processing.

  • Right to restriction of processing (Art. 18 UK GDPR):

You have the right to request us to restrict the processing of your Personal Data under certain circumstances, e.g., if you think that the Personal Data we process about you is incorrect or unlawful.

  • Right to data portability (Art. 20 UK GDPR):

Under certain circumstances, you have the right to receive your Personal Data you have provided us with, in a structured, commonly used and machine-readable format and you have the right to transmit that information to another controller without hindrance or ask us to do so.

  • Right to object (Art. 21 UK GDPR):

You have the right to object to the processing of your Personal Data under certain circum-stances, in particular if we process your Personal Data on the legal basis of legitimate interests (Art. 6(1)(f) UK GDPR) or if we use your Personal Data for marketing purposes.

You can assert your abovementioned rights by contacting us at the contact details mentioned below.

RIGHT TO LODGE A COMPLAINT BEFORE THE DATA PROTECTION AUTHORITY

You have the right to lodge a complaint with the Information Commissioner if you believe that the processing of your personal data infringes applicable data protection laws.

AUTOMATED INDIVIDUAL DECISION-MAKING

We do not use your Personal Data to make decisions with legal or similar effects for you based on the automated processing of your Personal Data only.

WHO DO I CONTACT IF I HAVE ANY PRIVACY QUESTIONS?

If you have any questions about our Privacy Policy, your privacy rights or feel that we are not abiding by the terms of our posted Privacy Policy or the applicable data protection laws, please contact our data protection officer at privacyuk@ww.com

CHANGES TO THIS PRIVACY POLICY

We may amend this Privacy Policy from time to time. We will post any changes to this Privacy Policy here. Please refer back to this Privacy Policy on a regular basis.