Lazarus Training — Privacy Policy (Marketing, Social Media & Lead Generation)

Effective date: 14 August 2025

Who we are: Lazarus Training Ltd (“Lazarus”, “we”, “us”). Registered in England & Wales. Registered office: Warren House, 10-20 Main Road, Hockley, Essex, SS5 4QS. Company number: 07735930.

Contact for privacy queries: info@lazarustraining.co.uk

Data Protection Officer (if appointed): Claire Walker

This Privacy Policy explains how we collect and use personal data for marketing, social media, and lead generation activities, including our website, landing pages, mobile apps, newsletters, and our presence on platforms such as LinkedIn, X/Twitter, Facebook/Instagram, and relevant app stores. It complements any course-specific or customer contract notices.

1) Scope & roles

For the activities described here, Lazarus is the “data controller” under the UK GDPR / Data Protection Act 2018 (and EU GDPR where applicable).
For our official social-media Pages (e.g., LinkedIn Page Insights), Lazarus and the platform may act as joint controllers for the aggregated analytics the platform provides. Each platform’s privacy policy still applies.
If we process personal data on behalf of a client (e.g., administering their delegate lists), we act as a processor and follow the client’s instructions and contract.

2) What data we collect

2.1 Data you provide directly

Contact details: name, job title, organisation, work email/phone, region.
Preferences & consents: areas of interest, language, marketing choices.
Communications: emails, meeting notes, messages sent via contact forms, social DMs, chat widgets.
Event interactions: business cards, badge scans at trade shows, webinar registrations, and training enquiries.
App inputs (if using our apps): account information you submit, in-app support requests.

2.2 Data we generate or observe

Lead intelligence: notes from discovery calls, publicly available risk context relevant to training (non-sensitive).
Lead scoring & segmentation: interactions with emails, pages visited, downloads, and event attendance.
Device & usage (web/app): IP address, device type, OS/browser, referral URLs, crash logs, general location (city/country), page views, button clicks.
Cookie/ID data: cookies, pixels and similar (see §9).

2.3 Data from third-party or public sources

Public sources: company websites, press releases, LinkedIn profiles, trade directories, exhibitor/visitor lists (e.g., ReBuild Ukraine), procurement portals, government supplier registers, news articles.
Partners & providers: marketing/CRM platforms, list validation tools, analytics and ad platforms. We obtain only business-relevant details and keep them current.

We do not intentionally collect special category data (e.g., health, political views) for marketing/leads. Please do not share such data in forms or emails.

3) Why we use your data (purposes) & legal bases

Purpose	Examples	Legal basis
B2B marketing & lead generation	Sending relevant emails/LinkedIn messages about courses; following up from trade shows; invitations to briefings	Legitimate interests (promoting and growing our business to relevant corporate contacts); Consent where required
Sales pipeline & CRM	Recording interactions, scheduling demos, and preparing quotes	Legitimate interests
Content personalisation & analytics	Understanding which sectors engage (e.g., energy, media), and improving pages	Legitimate interests; Consent for non-essential cookies
Social media engagement	Responding to DMs/comments; Page Insights	Legitimate interests; Joint controller arrangements with platforms
Compliance & security	Record-keeping, fraud prevention, do-not-contact lists	Legal obligation; Legitimate interests
App operations (if used)	Basic functionality, crash diagnostics, push notifications (opt-in)	Contract (to provide the app/service); Consent (notifications/analytics where required)

Balancing test (legitimate interests): we target business contacts likely to benefit from safety/medical training. We minimise data, offer easy opt-out, and limit retention (§8).

PECR (UK) & e-privacy: for corporate subscribers, we may send relevant B2B emails under legitimate interests; for individuals/sole trader,s we seek opt-in consent unless another exception applies. All emails include an unsubscribe link.

4) Social media specifics

LinkedIn Lead Gen Forms / Page Insights: When you submit a form or interact with our Page, we receive your profile information and form fields you consent to share. LinkedIn provides aggregated analytics (Page Insights) under a joint-controller arrangement—see LinkedIn’s Data Policy.
Direct messages & comments: we process content you send to respond to and manage enquiries.
Advertising audiences: we may use hashed business emails to create or exclude audiences on platforms (e.g., LinkedIn, Google). You can object at any time.

5) Who we share data with (categories)

CRM & marketing platforms (e.g., reputable email automation, form builders, webinar tools).
Analytics & ads (e.g., privacy-centric analytics, ad networks to measure performance).
Event & ticketing providers (for registrations/badge scans).
Cloud hosting/IT support (secure infrastructure services).
Professional advisers (legal/accounting) where necessary.
Authorities where required by law or to protect rights/safety.

We do not sell personal data. Vendors are screened for security and data-protection commitments and bound by contracts (DPAs).

6) International transfers

If data is transferred outside the UK/EEA, we rely on adequacy regulations or approved safeguards such as Standard Contractual Clauses (SCCs) and, where required, the UK International Data Transfer Addendum. We assess vendor risk and apply supplementary measures where appropriate.

7) Your rights

Subject to applicable law (UK GDPR/EU GDPR), you can:

Access your data and request a copy
Correct inaccuracies
Delete your data (in some cases)
Restrict or object to processing (including direct marketing and related profiling)
Port data you provided (where technically feasible)
Withdraw consent at any time (doesn’t affect prior processing)

To exercise rights: privacy@lazarustraining.co.uk. We may need to verify identity. You can also unsubscribe via any marketing email.

Complaints: You can contact the UK Information Commissioner’s Office (ICO) at www.ico.org.uk or your local EU regulator.

8) Retention

Lead & marketing records are typically retained for 24 months from the last interaction, then securely deleted or anonymised, unless a minimal suppression record (do-not-contact) is required.
Event registrations & badge scans: up to 18 months post-event for follow-up and reporting.
App logs/diagnostics: shortest operational period, typically 90–180 days.
Contracts/quotes: retained according to legal/accounting requirements (usually 6–7 years in the UK).

9) Cookies, pixels & similar tech

We use cookies/pixels to operate our site, remember preferences, provide analytics, and (where consented) measure advertising.

Essential cookies: required for security and core functions.
Analytics/measurement: helps us improve content (we prefer privacy-friendly settings).
Advertising pixels (e.g., LinkedIn Insight Tag): only if you accept non-essential cookies.

You can manage choices via our cookie banner and browser settings. If you use Do Not Track, we honour it where technically possible in conjunction with our consent tools.

10) Children

Our marketing and lead-generation activities target business professionals. We do not knowingly collect data from children.

11) Security

We implement appropriate technical and organisational measures: role-based access, encryption in transit, MFA for admin accounts, vendor due diligence, staff training, and incident response procedures. No system is 100% secure; we’ll notify authorities and, where required, affected individuals of significant breaches.

12) Automated decision-making & profiling

We do not make decisions that produce legal or similarly significant effects based solely on automated processing. We may use light profiling/lead scoring to prioritise outreach (e.g., sector, engagement level). You can object at any time.

13) Third-party links

Our website and posts may link to external sites (e.g., news, conference pages). We’re not responsible for their privacy practices. Please review their policies.

14) App-specific disclosures (for App Store/Play)

If you use a Lazarus app:

We may process app usage data, device identifiers, crash logs, and optional push notification tokens.
We do not track precise location unless you grant permission for a feature that requires it (you can revoke it in device settings).
Any in-app analytics or advertising follows the same consent choices and legal bases as above.

15) Changes to this policy

We may update this policy from time to time. Significant changes will be highlighted on our website/app. The “Effective date” shows the latest version. Archived versions are available on request.

16) How to contact us

Email: info@lazarustraining.co.uk
Post: Lazarus Training Ltd, Warren House, 10-20 Main Road, Hockley, Essex, SS5 4QS

If you need this policy in an alternative format, please let us know and we’ll accommodate reasonable accessibility requests.

Short-form notice (for forms & LinkedIn Lead Gen)

By submitting this form, you agree that Lazarus Training may process your business contact details to respond to your enquiry and, if you opt in (or where permitted for corporate subscribers), to send you relevant updates on safety and medical training. You can opt out at any time via the link in our emails or by contacting info@lazarustraining.co.uk. For details, see our full Privacy Policy above.