In accordance with the provisions of Article 5 of European Regulation 2016/679, the collection and processing of data from users of the site complies with the following principles:

Lawfulness, fairness and transparency: data may only be collected and processed with the consent of the user who owns the data. Whenever personal data are collected, the user will be informed that their data are being collected, and for what purposes their data are being collected;

Limited purposes: the collection and processing of data is carried out in order to meet one or more objectives set out in these general conditions of use;

Minimisation of data collection and processing: only the data necessary for the proper execution of the objectives pursued by the site are collected;

Time-limited retention of data: the data are kept for a limited period of time, of which the user is informed. If the storage period cannot be communicated to the user

Integrity and confidentiality of the data collected and processed: the data controller undertakes to guarantee the integrity and confidentiality of the data collected.

In order to be lawful, and in accordance with the requirements of Article 6 of European Regulation 2016/679, the collection and processing of personal data may only take place if they comply with at least one of the following conditions listed below:

The user has expressly consented to the processing;

The processing is necessary for the proper execution of a contract;

The processing is in accordance with a legal obligation;

The processing is necessary in order to safeguard the vital interests of the data subject or another natural person;

The processing and collection of personal data are necessary for the legitimate and private interests pursued by the controller or by a third party.

The personal data collected on the WAW website are as follows:

Last name, First name, e-mail address, telephone number, account identification, password

This data is collected when the user performs one of the following operations on the site:

When sending a message in the contact form When booking an Edition

When creating a personal “My Account” space on the WAW website

To make the payment of the reservation and the preparation of the legal and accounting documents (estimate, contract, invoice, reminder, collection), WAW collects the following data:

Name, first name, country, postal address, e-mail address, telephone, additional information, if any, company name (employer) and bank details.

WAW using an outsourced online payment solution (PAYPAL), bank data is not stored on the WAW website. They are also deleted once the bank transaction has been completed.

In order to take the necessary steps to ensure the smooth running of the Editions (travel, accommodation, catering, sports activities, etc.), the following data are collected:

Surname, first names, date of birth, postal address, passport number and/or national identity card number, food preferences, certificate of fitness for physical and sporting activities

WAW will store all collected data in the site’s computer systems and under reasonable security conditions for a period of 2 years after the last interaction with the user unless the user requests its deletion before the end of this period.

When personal data are recorded, the user is informed of the duration for which his data will be stored, and when this duration cannot be specified, the site editor informs him of the criteria used to determine it.

The collection and processing of data shall serve the following purposes:

Respond to user requests sent via the contact form Book one or more Editions Organise the ordered Edition(s)

Manage the execution of the contract, including invoicing

The data may be transmitted to the following third party(ies):

Tourism agencies, airlines, passenger carriers, hotels or other tourist accommodation

Other parties to whom users’ personal data must be disclosed in order to provide the requested services

Service providers who process personal data on our behalf and according to our instructions for the purposes described above as a subcontractor, such as those who provide IT and hosting services, etc.

The online payment provider PAYBOX, acting as independent processors.

Our historical partners, a list of which can be provided on request.


As mentioned in the legal notices, the WAW website is hosted by INFOMANIAK whose head office is located at the following address: Avenue de la Praille 26, 1227 Carouge Genève,


The host can be contacted at the following telephone number: +41 22 820 35 44

Data collected and processed by the site are transferred to the following country(ies):

Switzerland which offers an adequate level of data protection (“adequacy decision”) the United States which offers legal guarantees in terms of personal data protection (Privacy Shield)

On a case-by-case basis, country of destination according to the Edition. Where these countries are not members of the European Economic Area (EEA), WAW endeavours, in the absence of an adequate level of protection, to obtain guarantees from data controllers or service providers so that personal data are sufficiently protected.


The person responsible for the processing of personal data is the WORKOUT AROUND THE WORLD Association. He can be contacted as follows:



Fields marked with an asterisk in the WAW site forms are mandatory. The consequences in the event of a failure to respond are the failure to take a request into account. The obligation to provide the requested data is contractual, as it is necessary for the performance of the contract to which a user may be a party or for pre-contractual measures taken at your request, in particular in the event of a request for information or an estimate concerning the Editions.


In conformity with the regulations governing the processing of personal data, the user has the following rights.

In order for the data controller to comply with his request, the user is required to provide him with: his first and last name and e-mail address, and if relevant, his account or personal or subscriber space number.

The data controller is required to reply to the user within a maximum of 30 (thirty) days.

a. Right of access, rectification and right to forget

The user may review, update, modify or request the deletion of data concerning him/her, in accordance with the following procedure:

Send an email to specifying the purpose of the request (“access to my data”, “modification of my data”, deletion of my data”)

If he has one, the user has the right to request the deletion of his personal space by following the following procedure:

Send an email to specifying the subject of the request (“Delete account”)

b. Right to data portability

The user has the right to request the portability of his personal data, held by the site, to another site, by complying with the following procedure:

Send an email to specifying the subject of the request (“portability request”)

c. Right to limit and object to data processing

Finally, the user has the right to request the limitation or to oppose the processing of his data by the site, without the site being able to refuse, unless it can demonstrate the existence of legitimate and compelling reasons, which may prevail over the interests and rights and freedoms of the user.

d. Right to determine the fate of data after death

Users are reminded that they can organise the future of their data collected and processed if they die, in accordance with law n°2016-1321 of 7 October 2016.

e. Right to have recourse to the competent supervisory authority

In the event that the data controller decides not to respond to the user’s request, and the user wishes to contest this decision, he/she has the right to refer the matter to the CNIL (Commission Nationale de l’Informatique et des Libertés, or any competent judge.


The controller undertakes to protect the personal data collected, not to transmit them to third parties without the user having been informed and to respect the purposes for which the data were collected.

In addition, the data controller undertakes to notify the user in the event of rectification or deletion of the data, unless this would entail disproportionate formalities, costs and procedures for him.

In the event that the integrity, confidentiality or security of the user’s personal data is compromised, and results in a high risk of invasion of privacy, the controller undertakes to inform the user by any means.