Aggregated Data is data that has undergone a process whereby raw data is gathered and expressed in a summary form for statistical analysis. Raw data can be aggregated over a given time period, across individuals, or both, to provide statistics such as average, minimum, maximum, sum, and count. After the data is aggregated analysis can be performed to gain insights about particular data sets. When data is aggregated across a number of individuals, the resulting aggregation is considered anonymized such that it is no longer Personal Data. See our Privacy Policy here for more information on how we use Aggregated Data.


The California Consumer Privacy Act, or CCPA, is a state law that provides California consumers with robust data privacy rights. These rights include the right to know, the right to delete, and the right to opt-out of “sale” of personal information that businesses collect, as well as additional protections for minors. A “sale” under the CCPA is defined as “selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means, a consumer’s personal information by the business to another business or to a third party for monetary or other valuable consideration.” See our Privacy Policy here for more details on the information we may share with others.


Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular user and website, and can be accessed either by the web server or the user computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and is therefore able to carry information from one visit to the website (or related site) to the next. See our Privacy Policy here to learn about cookies and how they are used on our websites.


De-Identified Data is data where all the personally identifiable information has been removed, rendering the data anonymous by stripping out information that would allow an individual’s identity to be determined from the remaining data. Data is “de-identified” to protect the privacy and identity of individuals associated with the data. De-identified Data is no longer Personal Data. See our Privacy Policy here for more information on how we use De-identified Data.


The General Data Protection Regulation, or GDPR, is a data privacy and security regulation under European law that sets guidelines for the collection and processing of personal information from individuals who live in the European Economic Area, Switzerland and United Kingdom (collectively, “Europe” or “European”). The GDPR provides data protection rights to European residents and applies to any organization that offers goods or services to individuals in Europe, even if that organization is not based in Europe. See our Privacy Policy here for more information on the data rights available to European residents.


An IP Address is a unique address that identifies a device on the internet or a local network. It allows a system to be recognized by other systems connected via the internet protocol. An IP Address may be considered Personal Data and is at times used by advertisers to serve interest-based ads. See our Privacy Policy here for details on how we share Personal Data.


Personal Data is any data that identifies or relates to you as a particular individual, including information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws, rules, or regulations. See our Privacy Policy here for an outline of the ways in which we use, collect, and share Personal Data.


Services means, collectively, our websites and mobile apps, any software embedded within the WHOOP Strap, and any features, content, or applications offered, from time to time, by WHOOP in connection therewith.


Third Parties in the context of the relationship between WHOOP, WHOOP Members (our end users), and third parties are entities or businesses involved in an arrangement, contract, deal, or transaction but are not one of the principals (i.e., WHOOP or WHOOP Members). We use Third Parties to enable us to do business with our members, such as charging for transactions or storing data. Third Parties also include advertisers that serve interest-based ads to visitors to our website. See our Privacy Policy here for more information on the Third Parties that do business with WHOOP.


Your WHOOP Strap is a wearable sensor that, when used in connection with the Services, collects certain types of Personal Data.


The terms “WHOOP,” “we,” “us,” or “our” mean Whoop, Inc. and each of its wholly owned subsidiaries.


Wellness Data is (a) data collected by your WHOOP Strap and sent to the WHOOP platform, including your heart rate, heart rate variability, sleep duration, respiratory rate, skin temperature, blood oxygen saturation level, and data such as the type of activity you engage in and the duration of your physical activity; and (b) any additional information you chose to enter during the use of our Services, such as information about your health and wellness, including information collected from accounts, devices, or features that you link with your WHOOP account. See our Privacy Policy here for additional details on Wellness Data.