Privacy Policy
Last updated: 11/03/26
This Privacy Policy describes how personal information is collected, used, and protected when you (the "Visitor") use this website (“Site”).
By using this Site or submitting information through any forms, you agree to the practices outlined in this Privacy Policy.
1. Introduction
Lauren Dorling trading as Lauren Dorling Fitness (“we”, “us”, “our”) is the data controller for personal data collected via this website, our funnels and our coaching services.
Email: [email protected]
Phone:
Platform Provider
We use The Coaching Core and its platform (powered by HighLevel) to deliver forms, funnels, CRM, communications and client management. The Coaching Core acts as a data processor on our behalf for this personal data and processes it under our instructions.
The Coaching Core may act as an independent data controller for limited platform administration purposes (for example, billing, platform security and support requests). If this applies, The Coaching Core will provide its own privacy information for those activities.
This policy explains how we use your data when you visit our website/funnels, enquire about coaching, or become a client and how you can exercise your rights.
2. Data we collect
We may collect the following types of personal information:
• Identity: name, date of birth, gender
• Contact: email, phone, social handles (if you provide them).
• Coaching + Health/Fitness: weight, measurements, progress photos, training history, injury/medical-relevant info, nutrition habits, lifestyle data you share for coaching.
• Service/admin: onboarding responses, check-ins, feedback, booking details, communications and notes relating to your coaching (e.g. messages sent through forms, email, or our coaching platform).
• Payments: billing/contact details and transaction metadata. Payments are processed by Stripe; we do not store full card details.
• Technical/usage: device data, IP address, page visits and events via cookies/pixels (see Cookies below).
3. How we use your data
We use your personal information to:
• Deliver coaching services - create and update your training plan, support you, review check-ins, track progress, and adjust your programme.
• Manage your account and provide customer support - onboarding, scheduling, service messages, handling questions, and day-to-day administration.
• Process payments and keep records - take payments and maintain accounting/tax records.
• Operate, improve and protect the business - analytics, troubleshooting, preventing misuse/fraud, and maintaining platform security.
• Handle cancellations, complaints and disputes - including enforcing our Terms of Service and maintaining relevant records.
• Marketing (email/SMS) - only where you have opted in, or where “soft opt-in” applies and you have not opted out.
Lawful bases
• We usually process service/admin data because it is necessary to provide the service (contract) and/or for our legitimate interests in running and protecting the business.
• We send marketing by email/SMS based on consent (or soft opt-in where applicable).
Special category (health/fitness) data
Where we process health/fitness information (special category data), we will usually rely on explicit consent to provide coaching safely and effectively. You can withdraw consent at any time, but this may limit our ability to provide coaching.
4. SMS, email and marketing preferences
Service messages (non-marketing): We may contact you by email and/or SMS about your coaching, bookings, account updates, support requests, and important service information. You cannot opt out of essential service messages while you are an active client, as they’re needed to deliver the service.
Marketing messages: We only send marketing by email/SMS if you have given consent (or where soft opt-in applies).
How to Opt-out: You can unsubscribe at any time using the link in our emails. Opt-outs will be applied as soon as reasonably possible.
5. Cookies and tracking
Our website/funnels may use cookies and similar technologies (including pixels) to make the site work, remember preferences, and understand how visitors use our pages.
Essential Cookies: These are necessary for the website/funnels to function (for example, security and form/session functionality). These do not require consent.
Non-Essential Cookies: We may use non-essential cookies/pixels to measure performance, understand page usage, and improve marketing. These will only be set if you actively consent via our cookie banner/tool.
Managing Cookies
You can manage your cookie preferences at any time via the cookie consent tool on our website. You can also manage or disable cookies through your browser settings, though this may affect the functionality of our services/sites/funnels.
6. Who we share data with (processors/sub-processors)
We share data with trusted providers that help us run the business, such as:
• CRM, funnels and communications platform: HighLevel (used to host funnels/forms and manage contacts and communications).
• Payments: Stripe and/or PayPal (used to process payments and manage transactions).
• Email and SMS delivery: Mailgun and/or Twilio (used to send service messages and, where consented, marketing messages).
• Coaching platform: Trainerize to deliver programmes, track progress and manage client communication.
• Scheduling and video calls: Google Calendar / Calendly / Zoom / Google Meet (for bookings and calls).
• File storage: Google Drive / Dropbox (for storing client resources, progress photos, or coaching documents).
• Analytics and tracking: Meta (Facebook/Instagram) Pixel, Google Analytics (only with cookie consent where required).
We only share what is necessary for the purposes described in this policy and we put appropriate contractual safeguards in place with service providers.
7. International transfers
Some of our service providers may process or store personal data outside the UK (for example, in the EEA and/or the United States).
Where personal data is transferred internationally, we use appropriate safeguards to protect it, such as the UK Addendum to the EU Standard Contractual Clauses (or other approved transfer mechanisms), and we take steps to ensure providers maintain appropriate security standards.
You can contact us if you would like more information about the safeguards used for international transfers.
8. Data retention
We keep personal data only for as long as necessary for the purposes described in this policy (to provide services, meet legal/accounting obligations, and handle any disputes).
Leads (non-clients): typically retained for 12 months from your last interaction, unless you opt in to ongoing marketing (in which case we retain your details until you unsubscribe or ask us to delete them).
Clients: retained for the duration of coaching plus typically 12 months afterwards (for programme continuity, queries, disputes, and record keeping), then deleted or anonymised where possible.
Financial records: retained for as long as required by tax/accounting laws (often up to 6 years in the UK).
We may retain information for longer where necessary to comply with legal obligations or to establish, exercise, or defend legal claims.
9. Your rights
Under the UK GDPR, you have the right to:
• access your personal data;
• correct inaccurate data;
• request deletion (where applicable);
• restrict processing (in some circumstances);
• object to processing (in some circumstances, including some types of marketing);
• data portability (for data you provided to us, in some circumstances);
• withdraw consent at any time where we rely on consent (e.g., marketing consent, health-data consent).
To exercise these rights, please contact the Data Controller Lauren Dorling at [email protected].
We may ask for proof of identity before fulfilling your request. We aim to respond in one month.
You also have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we handle your personal data.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
The latest version will always be available on this page with an updated “Last Updated” date.
11. Contact
For all privacy-related questions or data access requests, please contact the Data Controller: Lauren Dorling) at [email protected].