top of page

Privacy Policy

Effective Date: 25/05/25
Last Updated: 04/08/25

Stamford Sports Performance ("we", "our", or "us") values your privacy and is committed to protecting your personal data. This Privacy Policy outlines how we collect, use, share, and protect your information when you use our website, online coaching services, or any related applications or communications.

This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR) for users located in the European Economic Area (EEA).

1. Who We Are

Data Controller:
Stamford Sports Performance
Unit 153442

PO Box 7169

Poole

B15 9EL


Email: privacy@stamfordsportsperformance.com
 

We are the data controller of your personal data, meaning we determine how and why your personal data is used.

2. Information We Collect

We collect the following types of personal data, either directly from you or automatically through your use of our services:

a. Identity and Contact Data

  • Name, email, phone number, date of birth, gender

 

b. Health and Fitness Data

  • Medical history, injuries, fitness goals, workout data, coaching feedback

 

Note: Health data is considered “special category data” under GDPR and is only processed with your explicit consent.

 

c. Payment and Billing Data

  • Payment details (processed by third-party processors)

  • Billing address, transaction history

 

d. Technical and Usage Data

  • IP address, device and browser type, usage logs, cookies, and interaction data

 

e. Communications

  • Emails, messages, survey responses, testimonials

 

 

3. Legal Bases for Processing (Under GDPR)

We rely on one or more of the following lawful bases to process your data:

Purpose                                                                     Legal Basis

To create and manage your account                      Performance of a contract

To deliver coaching and training programs           Performance of a contract

To process payments                                               Performance of a contract / Legal obligation

To send service updates or reminders                   Legitimate interest

To send marketing emails                                       Consent (you can withdraw at any time)

To process health data                                            Explicit consent

To comply with legal obligations                            Legal obligation

4. How We Use Your Information

We use your information to:

  • Provide and personalize strength and conditioning coaching

  • Manage accounts, subscriptions, and bookings

  • Process payments securely

  • Send reminders, updates, and relevant content

  • Improve our services and digital platforms

  • Comply with legal obligations and respond to legal requests

5. Payments and Billing Security

We use trusted, PCI-DSS compliant third-party payment processors to handle all transactions. We do not store full card numbers or CVV codes.

Only necessary billing details (e.g., name, address, transaction IDs) are stored securely to support accounting, subscriptions, invoicing, or dispute resolution.

The payment processors we use are:

Tide Platform Limited - view their privacy policy here

Adyen N.V - view their privacy policy here

ClearBank - view their privacy policy here

6. Sharing Your Information

We may share your data with:

  • Third-party service providers: e.g., hosting, analytics, marketing, payment platforms

  • Legal and regulatory bodies: where required by law

  • Business partners: only with your consent (e.g., physiotherapists or nutritionists)

We require all third parties to respect the security of your personal data and process it in accordance with data protection laws.

7. International Data Transfers

If you are located in the EEA, please note that your personal data may be transferred outside the EEA (e.g., to the United States), where data protection laws may differ.

We ensure such transfers are protected by:

  • Standard Contractual Clauses (SCCs) approved by the European Commission

  • Binding corporate rules or certification schemes (e.g., Privacy Shield–like mechanisms) where applicable

8. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this policy, including legal, accounting, or reporting obligations.

You can request deletion of your account or personal data at any time (see Section 10).

9. Data Security

Bookings and Forms

When you book a session or submit a form to Stamford Sports Performance, your information is collected and processed through Microsoft Forms and Microsoft Bookings, both services provided by Microsoft Corporation.

These tools are GDPR-compliant and hosted within the Microsoft 365 ecosystem. Submitted data is encrypted in transit and at rest, and is only accessible to the data controller (Stamford Sports Performance) and authorised personnel as required.

Microsoft does not use the contents of your submissions for advertising or profiling purposes.

You can view Microsoft's full Privacy Policy here.

Databases

Some of the information you submit, such as booking details, training preferences, and progress tracking, may be securely stored and organised using Airtable, MailerLite, and Make (Integromat). These are GDPR-compliant cloud services used to manage client information efficiently and deliver a streamlined coaching experience.

  • Airtable is used to store and organise client records, training logs, and progress data.

  • MailerLite is used for managing email communication, including welcome emails, updates, and training resources.

  • Make is used to automate workflows between services (e.g. syncing form submissions to databases), ensuring a smooth and timely experience.
     

All data stored is encrypted and access is limited to authorised personnel only. Your information is never sold or shared with third parties and is used solely to support and improve your coaching services.

You can view the security and privacy policies for each provider here:

10. Your Rights Under GDPR

You have the following rights under GDPR:

  • Access: Request a copy of the personal data we hold about you

  • Rectification: Request correction of inaccurate or incomplete data

  • Erasure (“Right to be Forgotten”): Ask us to delete your data

  • Restriction: Request restriction of processing

  • Data Portability: Receive your data in a structured, machine-readable format

  • Objection: Object to processing based on legitimate interests or direct marketing

  • Withdraw Consent: Withdraw your consent at any time (for example, for marketing or health data)

To exercise your rights, contact us at privacy@stamfordsportsperformance.com We will respond within 30 days as required by GDPR.

If you believe your data rights have been violated, you have the right to lodge a complaint with your local data protection authority.

11. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Monitor website usage

  • Improve performance and functionality

  • Deliver targeted ads (only if consented)

You can manage your cookie preferences in your browser or via our cookie banner.

Please refer to our Cookie Policy for more information.

12. Children’s Privacy

Our services are intended for individuals 18 years or older. We do not knowingly collect data from anyone under 18. If we learn we have collected data from a minor, we will delete it promptly.

13. Changes to This Policy

We may update this policy occasionally. Any significant changes will be posted here and/or sent via email. Your continued use of the site or services after changes are posted constitutes your acceptance.

14. Contact Information

If you have any questions or concerns about this Privacy Policy or your personal data, please contact:

Stamford Sports Performance
Email: privacy@stamfordsportsperformance.com
Website: www.stamfordsportsperformance.com
Address:

Stamford Sports Performance

Unit 153442

PO Box 7169

Poole

BH15 9EL

bottom of page