Last updated: October 28, 2024
WeWork cares about your privacy and is committed to maintaining your trust by protecting your personal information.
WeWork provides flexible workspaces and associated services for individuals and companies of all sizes. Our flexible offerings range anywhere from dedicated or non-dedicated workspaces in a shared office to private and configurable offices, full-floors and buildings. WeWork refers to individuals and companies that purchase workspaces as “Members” or “Member Companies”.
In connection with the provision of our services, we regularly process personal information about guests and visitors of our Members and employees at our WeWork locations (collectively referred to below as “visitors”).
This Guest and Visitor Privacy Policy (“Policy”) describes how WeWork collects, uses, discloses, and otherwise processes personal information in connection with your access to, and use of any services, as a visitor of WeWork locations.
This Policy is part of a suite of policies which collectively sets out our privacy practices for the various products and services we provide. For more information about WeWork’s global privacy practices, please refer to the WeWork Global Privacy Policy.
WeWork is comprised of many affiliated entities and group companies around the world, each of which may act as a data controller of your personal information. Please review the list of our global entities for the name of the WeWork entity responsible for your personal information and the appropriate contact information for that entity. The WeWork entity in the country of the WeWork location you are visiting will be the data controller of your personal information.
We use a visitor management platform (“Platform”) to provide space scheduling, visitor management, and workplace analytics services and to produce your digital ID for your visit. Where we refer to the Platform in this Policy we are referring to the visitor management software you access in connection with your visit.
We may collect, use, disclose and otherwise process additional personal information (such as whether you have had COVID or are displaying any COVID symptoms) in connection with our response to COVID. For information regarding WeWork’s data handling practices with respect to COVID-related information, please refer to our COVID-19 Privacy Notice.
We collect personal information from you in a number of ways, which depends on how your visit has been arranged, whether you are visiting a Member or a WeWork employee, and which location you are visiting (see Section 3 for more information).
We also collect information via automated means, such as through the Platform, or via other means such as through our on-site CCTV:.
Information we collect via automated means: we use a range of technologies to make your visit as smooth as possible, including through the use of QR access codes and digital visitor IDs. In addition, when you connect to our guest WiFi services, we collect and process certain information about your device.
Other information: while visiting a WeWork location we may collect certain information when you use our facilities and equipment, guest WiFi, shared workspaces, community services and events. All WeWork locations utilize CCTV for the safety and security of our buildings, employees and Members.
In connection with your visit we may process a range of different types of personal information about you. We describe below the personal information that we process and our reasons for doing so. We have organized this information into categories which loosely correspond to different parts of your visit.
We collect or receive information in advance of your visit and when you first arrive at our locations as follows:
Your Contact Information: where you are visiting a Member or a WeWork employee, that individual may pass your information to us. This information will typically include your name, phone number, email address, company details and who you are visiting. This information will be uploaded to the Platform so you can easily sign in when you arrive. We may email you a notification of your upcoming appointment including a link to use your mobile device as part of your visit (see below).
We use your email address in order to send you a link to download the QR access code for your visit onto your mobile device.
We use your contact information more generally to provide you with your digital ID and as part of our site security requirements.
Device and Usage Information: if you are using your mobile device as part of your visit, we will send you a QR access code which you may choose to add to your mobile device’s digital wallet. This will involve us collecting and processing certain information about your device in order to facilitate this including your device identifier e.g., MAC address, IMEI number, IP address etc.
Digital ID: as part of our site security policies, all visitors are provided with a digital ID to access WeWork locations. We also take your photograph through the Platform in order to create a digital ID. This information is used by our site-security teams as well as emailed to your host when you arrive. We collect this information during sign-up (please see the section on how we process photographic information below).
As part of our site security policies, we require all visitors to create a digital ID while visiting WeWork locations.
When you arrive for your visit you will be asked to sign in using the Platform and provide your contact details (or confirm your details if you have already provided this information to us or your host prior to your visit). After confirming your details, the Platform will then take your photograph.
When taking your photograph, the Platform uses technology known as “facial detection” to detect when your face is suitably within the frame to take your picture. “Facial detection” is not to be confused with “facial recognition” technology which actually scans your face to create a unique profile. The Platform does not use “facial recognition” technology on visitors at WeWork locations.
If for any reason you are uncomfortable with having your photograph taken as part of our sign-in process, please indicate this upon arrival and a member of our team will discuss alternative arrangements with you.
The digital ID generated through the Platform is only shared with the WeWork security teams responsible for managing the locations you are visiting and your host.
All personal information captured within the Platform is only retained for a period of 30 days and no personal information is stored within the Platform beyond this time period.
When visiting our locations it may be the case that you use certain facilities and services, such as guest WiFi, shared workspaces, community services and events etc.
As part of this we may process information about the device you use to access those services, including device identifiers, IP address, WIFI MAC address, Bluetooth address, geolocation information (such as through your mobile device’s GPS signal or WiFi signal), information about your device contacts (depending on your device settings and whether you install our app) and information about your online activity.
Where you use our guest WiFi services we collect your name, email address and phone number as well as your device and usage Information. Your social media account details will be collected if you choose to sign in using a social media account.
In addition, we utilize a technology known as Spatial and People Analytics Sensors (“SPA Sensors”) in offices, kitchens, conference rooms, and other spaces of some facilities. SPA Sensors passively collect information about when and how people use that particular space. We use this information in an anonymized and aggregated fashion to promote more efficient and comfortable use of our facilities. Examples of SPA Sensors include desk occupancy sensors, environmental sensors, WiFi network hubs, and optical camera-powered sensors.
CCTV: WeWork’s buildings and facilities are equipped with CCTV in the interest of protecting all our guests, members and employees. For further details please see the relevant section below.
Tracking pixels and cookie technologies: we use cookies and associated technologies on a range of services you may interact with. In particular, where we email you your QR access code, we use tracking pixels in those emails so that we know that you have opened and/or received it. For further information about our use of such technologies please see our Cookie Policy.
Communications: when you interact with WeWork through our various communication channels, such as via e-mail, requests made through feedback platforms, automated chatbots or similar technology, and calendar invitations, we collect any information you choose to share with us through those services.
We may disclose your personal information for a business purpose to the following categories of third parties:
WeWork’s affiliated entities and group companies;
Our licensees who operate locations in certain countries;
Our service providers, including technology and cloud software system providers such as database, email distribution and storage providers;
Landlords and building management;
Third parties with whom you interact with such as your Member or WeWork employee host; and
Other third parties you have directed us to disclose your personal information in connection with your visit to WeWork locations.
When we share your personal information with our service providers, we require them to keep your personal information secure and do not allow them to use or share your personal information for any purpose other than providing services on our behalf. When we share your personal information with any third parties that are controllers of that information such as our licensees, they may disclose or transfer it to other organizations in accordance with their data protection policies.
We may also share your personal information to other third parties in other special circumstances, which may include situations when sharing is required by a legal or regulatory obligation or we believe sharing will help protect the safety, property and well-being of you, our employees, Members, other persons and workspaces or situations where a third party is involved in restructuring, selling or acquiring some or all of our business or assets or otherwise in the event of a merger, re-organisation or similar event.
All our locations use CCTV as part of our legitimate business interests in protecting the safety of our guests, members, employees, other persons and property.
WeWork’s CCTV practices are based on an assessment of the data protection interests of affected data subjects against our legitimate interests. This may entail consideration, for example, of the likelihood and impact of unlawful or impermissible conduct on our communities and expectations of privacy in particular facilities or spaces that may be subject to CCTV.
Visible signage is displayed at all locations where CCTV is in use. CCTV is deployed only in areas where permissible under applicable law.
CCTV footage is retained for a limited period of time. CCTV footage may be kept longer where WeWork determines that it is appropriate, for example in connection with the investigation of an incident, or at the request of competent authorities.
CCTV footage and equipment can be accessed by the relevant WeWork site security teams and footage may be made available to members and other third parties where it would be lawful and reasonable for us to do so.
CCTV footage may be shared with local law enforcement as part of our legitimate interest to deter and/or prevent crime in and around our locations. It may also be shared with relevant law enforcement in response to a subpoena or data production request made by a competent authorities in accordance with applicable laws
In certain jurisdictions, data protection law requires us to have a valid reason to process your personal information. The law refers to each reason as a ‘lawful basis’. The purposes for which we use your personal information and the lawful basis on which we rely differ depending on the type of data and how we use that data, but broadly include: (i) compliance with our legal obligations; (ii) to protect you or another’s vital interests; (iii), and in furtherance of our legitimate interests.
We will use your personal information to comply with our legal obligations:
to protect the safety and well-being of you, our employees, Members and workspaces (e.g. through our use of CCTV and through sharing your digital ID with our site-security teams);
to comply with court orders or other valid legal requests;
to comply with any reporting obligations or government requests under applicable laws or legal mandates; and
to handle and resolve any complaints we receive relating to our processing of your personal information.
As part of keeping you safe while at our locations, we will use your personal information to identify and locate you such as in the event of an emergency.
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business, or that of a third party, for the following purposes:
Processing is necessary for us to effectively operate our business and ensure our office spaces remain open;
As part of providing services to our Members, such as through our guest booking services;
To protect the health and safety of our employees, visitors and members; and
To protect the safety and security of our locations.
WeWork is headquartered in the United States. Your information will be collected in your country and may subsequently be transferred to or stored in the United States or another country, which could be a country with privacy protections less stringent than those in your jurisdiction. In accordance with applicable law, we implement measures to ensure that any transferred personal information remains protected and secure. You can obtain further information about these measures by contacting us using the contact details below.
We do not use personal information collected through the Platform or in connection with your physical access to WeWork locations for the purpose of sending marketing communications to you; however, we may rely on our legitimate interests in marketing our services to you if you provide your personal information for such purposes, use our services in the WeWork locations (including, without limitation, our guest WiFi services) and/or where otherwise permitted by applicable law.
You can opt-out of receiving marketing communications from us at any time through the unsubscribe links embedded in each marketing-related email communication.
9.1 Depending on where you live, you may be able to exercise certain rights in relation to your personal information. These rights may include the right to:
Obtain confirmation as to whether or not your personal information is being processed by us, and where that is the case, access to such personal information (and related details);
Obtain rectification of inaccurate personal information and to have incomplete personal information completed;
Obtain erasure or deletion of your personal information;
Obtain restriction of our processing of your personal information or object to processing of your personal information;
Receive your personal information in a structured, commonly used and machine-readable format and to transmit such data to another controller where feasible;
Know about the existence of Automated Decision-Making and to not be subject to Automated Decision-Making;
Withdraw your consent at any time, to the extent we rely on your consent as the legal basis for processing your personal information (without affecting the lawfulness of the processing based on such consent prior to your withdrawal or processing based on reliance on a legal basis other than consent);
Lodge a complaint with the applicable supervisory authority; and
Obtain additional information about the suitable safeguards and means we rely upon with regard to international transfer of personal information as described in Section 7 above.
You will not be discriminated against for exercising any of your rights described in this Policy. Please note that these rights may be subject to further conditions, limitations and/or exemptions under applicable personal information protection laws. If any of the rights listed above are not provided under law for your jurisdiction, we have absolute discretion in providing you with these rights.
9.2 To exercise your applicable rights, please complete our Privacy Webform or contact us by using the information in Section 13 [Contacting Us] below.
To protect your privacy and maintain security, we may ask you to provide certain information to verify your identity and residence before granting you access to your personal information or complying with your request. We will contact you if we need additional information in order to process your request. If we are unable to verify your identity or rights to the information, we may not be able to provide you with information rights until you are able to provide us with proper documents. Where permitted by law, we reserve the right to charge an appropriate fee to cover administrative costs incurred in responding to your request, for instance, if your request is manifestly unfounded or excessive.
Under certain personal information protection laws, you may designate an authorized agent to make requests on your behalf to exercise your rights. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
If you would like to make a complaint or if you have any questions about how we use or keep your personal information, you may contact WeWork at privacy@wework.com.
In addition, if you believe our processing of your personal information violates applicable law, you may have the right to lodge a complaint with the relevant supervisory authority for the jurisdiction of the locations you are visiting. We suggest that you contact us first so that we may try to address your concerns.
We may review this policy from time to time. Where required by applicable law, we will notify you of any changes by posting an updated version on our website. We recommend you regularly check for changes and review this policy whenever you visit our locations.
If you reside in California, this section applies to you and supplements other sections of this Policy. The privacy practices described in Sections 2-5 of this Policy describe the categories of personal information collected within the last twelve (12) months as well as the purposes and uses for such personal information. As described in these other sections, we collect this type of information from you, through our interactions with you and others, through certain automated means and from third parties such as your Member or WeWork employee host.
Within the last twelve (12) months, we disclosed these categories of information to third parties as needed for a business purpose and/or as needed to comply with our legal obligations. We disclose your personal information for a business purpose to the following categories of third parties:
WeWork’s affiliated entities and group companies;
Our licensees who operate locations in certain countries;
Our service providers, including technology and cloud software system providers such as database, email distribution and storage providers;
Third parties with whom you interact with such as your Member or WeWork employee host; and
Other third parties you have directed us to disclose your personal information in connection with your visit to WeWork locations.
As described in Section 4, we may also share your personal information to other third parties in other special circumstances.
For purposes of the CCPA, WeWork does not “sell” personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age.
Non-Discrimination. California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.
You may exercise your rights as a California resident by contacting WeWork at privacy@wework.com or by calling 888-914-9661 and entering pin 767325. We will not discriminate against you for exercising your rights and choices, although your access to, and use of certain services, as a visitor of WeWork locations may be restricted as permitted by the CCPA. In order to verify your request, you must provide sufficient information to allow us to reasonably verify you are the person about whom we collected personal information, and you must describe your request with sufficient detail to allow us to properly understand, evaluate, and respond to your request.
When We Will Respond. We endeavor to respond to your request for access, portability or deletion within 45 days from receipt. If we require additional time, we will inform you of the reason and extension period.
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To designate an authorized agent, please contact us as set forth above.
Verification. To protect your privacy, we will take the following steps to verify your identity before fulfilling your request. When you make a request, we will ask you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, which may include your name, email address, phone number, and/or mailing address.
California residents are entitled to request and obtain certain information about the disclosure of certain categories of their personal information to third parties for their direct marketing purposes. Requests may be sent to privacy@wework.com.
If you have any questions or comments regarding this Policy, please contact us at privacy@wework.com.
If you would like to contact us by mail, please see our list of global entities at the top of this Policy for contact information of the data controller for your jurisdiction.
If you are based in Singapore and have any questions, please contact our Data Protection Officer at DPO.Singapore@wework.com.
If you are based in India you may submit any questions to our Grievance Officer at: privacy@wework.com .
If you are based in a jurisdiction where the law requires that WeWork has a Data Protection Officer, please submit your query to privacy@wework.com.
WeWork will address your concerns and attempt to resolve any privacy issues in a timely manner.