Privacy Policy

1. Introduction

This Privacy Policy explains how Sinclair Pioneers (“we”, “us”, “our”) collects, uses, stores and protects personal data. It applies to visitors to sinclairpioneers.com, prospective clients we contact through cold outreach, leads who submit enquiries through our website, and clients who engage our paid media services.

Sinclair Pioneers is operated by Tyler L. Sinclair as a sole trader based in the United Kingdom. We are the data controller for the personal data described in this policy and are committed to processing it in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Who We Are and How to Contact Us

Sinclair Pioneers is a freelance paid media agency offering Meta Ads and Google Ads management to clients in the online fitness sector.

Data controller: Tyler L. Sinclair, trading as Sinclair Pioneers

Email: gdpr@sinclairpioneers.com

Website: sinclairpioneers.com

If you have any questions about this policy or how we handle your data, please contact us at the email address above.

3. Personal Data We Collect

3.1 Visitors to our website

Our website is hosted on WordPress and does not use analytics, advertising, or third-party tracking technologies. We do not set non-essential cookies and we do not require a cookie consent banner because no tracking takes place. WordPress and our security plugin (Wordfence) may set strictly necessary cookies and process limited technical information (such as IP addresses) for the sole purpose of keeping the site running and secure.

Wordfence may temporarily log IP addresses and request data to detect and block malicious traffic, brute-force login attempts, and known threats.

3.2 Prospective clients (cold outreach)

We carry out business-to-business cold outreach to companies that we believe may benefit from our services. To do this, we use Apollo.io to identify business contacts and obtain professional information that is publicly available or provided by Apollo. The categories of data involved are typically:

  • Full name
  • Job title and employer
  • Business email address
  • Business phone number (where available)
  • Publicly available LinkedIn profile information
  • Information about the company (size, sector, location, advertising activity)

We send cold outreach emails manually from our getsinclair.co.uk domain. Every cold email contains a clear and simple way to opt out, and we honour opt-out requests promptly.

3.3 Warm leads (website enquiries)

If you complete an enquiry form on our website, the form is provided by HubSpot and the information you submit is stored in our HubSpot CRM. The data we collect through forms typically includes:

  • Full name
  • Email address provided by you
  • Company name
  • Phone number (if you provide it)
  • Any information you include in the message field
  • Technical information collected by HubSpot, such as IP address and submission timestamp, used to populate the CRM record

3.4 Clients

When you engage us as a client, we collect and process information necessary to deliver our services, manage our relationship, and meet our legal obligations. This may include:

  • Contact details for you and other relevant individuals at your organisation
  • Billing information and company details (payment card details are entered directly into Stripe and are not collected or stored by us)
  • Communications with us (email, calls, messages)
  • Account access information for advertising platforms (such as Meta Ads Manager and Google Ads) and tracking tools, where you grant us permission
  • Performance data, creative assets, briefs and other working materials shared with us as part of the engagement

Client information is stored in dedicated folders within our business Google Workspace (Google Drive). Where helpful for analysis or briefing, relevant materials may be reviewed using NotebookLM, a Google service that operates within our Google Workspace environment.

4. How We Use Your Personal Data and Our Lawful Basis

Under UK GDPR, we must have a lawful basis for processing personal data. The basis we rely on depends on the relationship we have with you.

4.1 Cold outreach to business contacts

Lawful basis: Legitimate interests (Article 6(1)(f) UK GDPR).

We have a legitimate interest in promoting our services to businesses we believe could genuinely benefit from them. We limit our outreach to professional contacts at relevant organisations, we contact people in their business capacity only, and we provide a clear opt-out in every message. We have considered the privacy impact and we believe our interest is balanced against the rights and interests of the individuals contacted. Cold email outreach is also subject to the Privacy and Electronic Communications Regulations (PECR); we send marketing emails to corporate subscribers only on this basis.

If you would prefer not to be contacted, you can reply to any of our emails asking to be removed, or email gdpr@sinclairpioneers.com.

4.2 Website enquiries

Lawful basis: Taking steps at your request prior to entering into a contract (Article 6(1)(b)), and where relevant your consent (Article 6(1)(a)) for follow-up marketing communications.

We use the information you submit through our website to respond to your enquiry, understand your needs, and follow up by email or phone.

4.3 Client work

Lawful basis: Performance of a contract (Article 6(1)(b)) and our legitimate interests (Article 6(1)(f)) in operating, administering and improving our services.

We process client information to deliver paid media services, manage advertising accounts, communicate, prepare reports, send invoices, and keep accurate records.

4.4 Legal and accounting obligations

Lawful basis: Compliance with a legal obligation (Article 6(1)(c)).

We retain certain records (for example, invoices and tax records) to comply with HMRC requirements and other applicable laws.

5. Who We Share Your Data With

We do not sell personal data. We share personal data only with the service providers necessary to operate our business, and only to the extent required for them to provide their service to us. Each of these providers acts as a processor on our behalf or as an independent controller for their own platform purposes, and each has its own privacy policy.

5.1 Our service providers

  • Zume — hosting provider for sinclairpioneers.com.
  • Wordfence — security plugin that protects the website from malicious traffic.
  • Apollo.io — sales intelligence platform used to identify and source business contacts for cold outreach.
  • HubSpot — CRM platform that hosts our website enquiry forms and stores lead and customer records.
  • Google (Google Workspace, Gmail, Google Drive, Google Docs, Google Calendar, Google Meet, Google Sheets, NotebookLM) — productivity, storage, calendar, video meeting, e-signature (via Google Docs), bookkeeping (via Google Sheets) and analysis tools used to run the business and deliver client work.
  • HubSpot Meetings — booking tool used to schedule calls. When you book a meeting with us, HubSpot collects your name, email, and any details you share to confirm the booking.
  • Anthropic (Claude, Claude Cowork) — AI assistant tools used to help with prospecting, drafting, and client work. Where personal data is shared with these tools, it is done in line with Anthropic’s privacy and data handling terms.
  • Stripe — payment processor used to issue invoices to clients and receive payment. Stripe collects and processes billing details (such as name, business address, and payment information) directly from clients and acts as an independent controller for that data under its own terms.
  • Meta and Google Ads platforms — where we are granted access by clients, we operate within these platforms to deliver advertising services. Each platform processes personal data under its own terms.

5.2 Other disclosures

We may disclose personal data where we are required to do so by law, by a regulator, or in connection with legal proceedings, or where it is necessary to protect our rights, property, or safety, or that of others.

6. International Transfers

Some of the providers listed above (including HubSpot, Google, Apollo.io, Anthropic and Stripe) are based in or process data in the United States or other countries outside the UK. Where personal data is transferred outside the UK, we rely on appropriate safeguards permitted under UK GDPR, such as the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or the UK Extension to the EU-US Data Privacy Framework, as offered by the relevant provider.

7. How Long We Keep Your Data

We keep personal data only for as long as is necessary for the purposes set out in this policy.

  • Cold outreach contacts: retained for as long as the contact is relevant to our outreach activity. If you opt out, we keep a minimal suppression record (for example, your email address) so that we do not contact you again.
  • Website enquiries that do not become clients: retained in HubSpot for up to 24 months from the last meaningful interaction, then deleted or anonymised.
  • Clients: retained for the duration of the engagement and for up to 7 years after the engagement ends, in line with HMRC record-keeping requirements.
  • Security and server logs: retained for short periods consistent with the provider’s standard practice.

8. Your Rights

Under UK GDPR you have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data we hold about you.
  • Right to rectification — to ask us to correct inaccurate or incomplete data.
  • Right to erasure — to ask us to delete your data in certain circumstances.
  • Right to restrict processing — to ask us to limit how we use your data in certain circumstances.
  • Right to object — in particular, to object to processing based on legitimate interests, including direct marketing. If you object to direct marketing, we will stop.
  • Right to data portability — to receive your data in a structured, commonly used format where applicable.
  • Right to withdraw consent — where we rely on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please email gdpr@sinclairpioneers.com. We will respond within one month.

Right to complain: If you are unhappy with how we have handled your personal data, you have the right to complain to the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to address your concerns before you contact the ICO.

ICO website: ico.org.uk

ICO helpline: 0303 123 1113

9. Marketing Preferences and How to Unsubscribe

You can opt out of marketing communications from us at any time, free of charge. You can do this by:

  • Replying to any of our emails with the word “unsubscribe” or “stop”
  • Clicking the unsubscribe link where one is provided
  • Emailing gdpr@sinclairpioneers.com and asking to be removed from our list

Once you opt out, we will keep a minimal suppression record (typically just your email address) so that we do not contact you again. You may continue to receive transactional or service-related emails (such as invoices or messages about an active engagement) where these are necessary.

10. How We Keep Your Data Secure

We take appropriate technical and organisational measures to protect personal data, including:

  • Use of reputable third-party platforms (Google Workspace, HubSpot, WordPress with Wordfence) that operate to recognised security standards.
  • Strong, unique passwords and two-factor authentication on business-critical accounts where available.
  • Email authentication for our domains (SPF, DKIM and DMARC) to reduce the risk of spoofing and phishing.
  • Limiting access to client data to the sole trader operating the business.

No method of transmission over the internet is completely secure. While we do our best to protect your personal data, we cannot guarantee absolute security.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner’s Office (ICO) within 72 hours of becoming aware of it, where required by UK GDPR. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify you directly without undue delay.

11. Automated Decision-Making and Profiling

We do not carry out automated decision-making or profiling that produces legal effects concerning you or that similarly significantly affects you. Decisions about whether to work with a prospect or client, the services we provide, and how we deliver them are always made by a human.

12. Cookies

Our website does not use analytics, advertising or other tracking cookies. WordPress and the Wordfence security plugin may set a small number of strictly necessary cookies that are required for the site and its security features to function. These cookies do not track you across websites and are not used for marketing.

If we add tracking or analytics in the future, we will update this policy and put a cookie consent mechanism in place before any non-essential cookies are set.

13. Third-Party Links

Our website and our communications may contain links to third-party websites and services that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We have no control over, and accept no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We recommend you read the privacy policy of every website you visit.

14. Testimonials and Case Studies

From time to time we may wish to publish client testimonials, quotes, logos, or case studies on our website, in proposals, or on social media. We will not publish any identifiable information about a client (including names, business names, logos, or quotes attributed to individuals) without first obtaining their consent. Consent can be withdrawn at any time by emailing gdpr@sinclairpioneers.com, in which case we will remove the relevant material as soon as reasonably practicable.

15. Children

Our services are aimed at businesses and we do not knowingly collect personal data from anyone under the age of 18. If you believe a child has provided us with personal data, please contact us so we can delete it.

16. Changes to This Policy

We may update this Privacy Policy from time to time. The current version will always be available on our website with the “Last updated” date at the top. Material changes will be highlighted where appropriate.

17. Contact

If you have any questions about this Privacy Policy or how we handle your personal data, please contact:

Tyler L. Sinclair

Sinclair Pioneers

Email: contact@sinclairpioneers.com

Website: sinclairpioneers.com