This privacy notice provides you with details of how we collect and process your personal data through your use of our site: https://outlanderpastlives.com/ and associated tour enquiries and bookings.
Outlander: The Past Lives Experience
Outlander: The Past Lives Experience is a division of Tour the Scottish Highlands Limited, owned and run by Andrew & Diane Nicholson. The Company Number is SXC587710 and the registered office is in Culloden, Inverness.
Tour the Scottish Highlands Limited
Tour the Scottish Highlands Limited comprises of the following divisions:
- Outlander: The Past Lives Experience
- Tour the Scottish Highlands
- Connect To Your Potential
When referencing ‘we’, ‘our’ or ‘us’ we mean Tour the Scottish Highlands Limited.
We have created a comprehensive privacy policy in order to be open and transparent about how we might use your data.
It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us using the above options.
Privacy Policy
This privacy policy provides you with details about:
- The types of personal data that we collect from you,
- How we use your personal data
- The rights you have to control our use of your personal data.
We are committed to ensuring that your privacy is protected and continues to be fully compliant with the European Union’s General Data Protection Regulations (GDPR) in place from 25 May 2018.
Changes to this privacy statement
We may change this policy from time to time by updating this page to reflect company and customer feedback. You should check this page periodically to ensure you are happy with any changes and how we will protect your information.
General Data Protection Regulations
Under the GDPR (2018), we have a legal duty to protect any information we collect from you. We use leading technologies to safeguard your data, and keep strict security standards to prevent any unauthorised access to it. We hold your details in confidence and do not pass on to any third party other than those providing specific services, including transport, accommodation and/or activities/events for you and your party, to ensure your travel arrangements for the agreed package run smoothly.
You can learn more about GDPR and your data privacy rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
What information we collect
By requesting to use our services, agreeing to our Terms and Conditions and providing your personal data to us, you expressly consent to the processing of your personal data by us or on our behalf. We may collect the following information:
- Name, country of domicile
- Contact information including your telephone number and email address
- Familial relationships within the tour group
- Demographic information such as age, gender, tour preferences and interests
- Other information relevant to a customer’s experience including health condition, mobility/accessibility and dietary and any other special requirements
- With permission we may from time to time collect and securely store testimonials, these may include text, photographs or video content
- With your permission, we also take photographs of you as a memento of your tour. These photographs may contain images of other members of your tour group.
- Other information relevant to customer surveys and/or offers
- User IP addresses
- Device-specific information, such as the hardware model, operating system version, advertising identifier, unique application identifiers, unique device identifiers, browser type, language and mobile network information
- Anonymous statistical data involving the use of the website and regarding your computer, network and browser (including an IP address)
Apart from the above-mentioned data, we do not collect any other sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, genetic data or biometric data, criminal convictions or offences.
What we do with the information we collect
We want to give you the best possible customer experience before, during and after your visit to Scotland. We require certain information, as outlined above, to understand your needs and successfully deliver a bespoke personal service, as well as:
- To enter into a contract with us (e.g. when you make a purchase) so we can (i) process your order, (ii) take payment, and (iii) provide you with customer support
- To verify your identity and preventing and detecting fraud and other crime (such as identity theft)
- To share your name(s) and any dietary requirements with identified suppliers being used for your tour, typically a hotel where they are supplying food and/or accommodation where this is part of your tour package
- To gather customer feedback. We may contact you by email, phone or email
- To develop our existing or related new products and services
- To carry out our internal record keeping and company administrative functions
- To send periodic promotional emails about new products, offers and other information we think may be of interest to you using the email address which you have provided
- To determine the effectiveness of our promotional campaigns and advertising
- To customise the website according to your interests and to better understand how people interact with our websites
- We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners and trusted affiliates for the purposes outlined above.
- We may use testimonials and photographs on our website, via social media, and for digital marketing material. Whilst we can remove such data from our database, we may be unable to recall all existing marketing material. In this situation, although permission has been released to us, we will ensure that we do as much as we can to prevent further use and remove any existing material. The social media channels that we use include but are not restricted to: Facebook, Twitter, YouTube, Vimeo, Instagram, Pinterest, Google+, LinkedIn and Flickr.
- Where we have taken photographs of you as a memento of your tour, to share with you, we will keep those photographs for three months, after which any that include you or identify you will be deleted from our records. These photos will be shared with you, via e-mail, using a GDPR compliant file transfer solution i.e. wetransfer.com, whose terms and GDPR compliance are available here:
Whenever we process data for these purposes we will ensure that we always keep your Personal Data Rights in high regard and take account of these rights. You have the right to object so this processing if you wish, and if you wish to do so, please contact us using the contact information that we have provided below. Please bear in mind that if you object, then this may affect our ability to carry out the tasks listed above for your benefit.
Apart from the above points, we will never distribute your personal information to third parties unless are required by law to do so. Regardless, we will never sell or lease your personal information to third parties.
Our Liability and Actions of Suppliers
We will not accept or have any liability for any acts or omissions (whether negligent or otherwise) of any supplier or person providing services in connection with any tour unless such a person is employed by or under the direct control of the Tour the Scottish Highlands Limited. This does not, however, affect your statutory rights under:
- The Package Travel, Package Holidays and Package Tours Regulations 1992, to the extent applicable to your booking
- From July 2018 – The Package Travel and Linked Travel Arrangements Regulations 2018, to the extent applicable to your booking
How long we keep the information that we gather
As our customer you have a ‘legitimate interest’ in our business. As such, we will store your information and tour details for up to five years following your trip with us.
For all other individuals with an interest in us and our products and services, we will always ask you if you would like to be added to our database so that we can keep in touch with our latest news and offers. We will keep a record of this. If you do, then your name and email address will be added to our database and stored securely for up to three years. Whether a customer or not, you are entitled at any point during this time to ask us to remove your information from our records.
Links to third party websites
Our websites may contain hyperlinks to third-party websites. We cannot be held responsible for the content of any pages referenced by an external link that is not operated by us. We are also not responsible for the protection and privacy of any information which you provide whilst visiting such sites, all of which are not governed by this Privacy Notice. Use of any such third-party websites is carried out solely at your own risk. We do not accept any liability in connection with any third-party websites.
These third-party websites have their own privacy statements, which will let you know how personal information collected on those websites will be used. Third party websites are also likely to use cookies and will have their own policy on this also. We, therefore, urge you to review their privacy statement and cookies policy when using these websites.
Cookie Policy
Our website may use cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our websites, and allow us to improve our website and services. Cookies may also be used to analyse user behaviour and for advertising purposes.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device if you agree. Cookies contain information that is transferred to your device’s hard drive. You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website and online booking system for which we require the use of cookies.
You can manage cookies within your browser settings via the following links:
- Chrome: https://support.google.com/chrome/answer/95647?hl=en
- Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
- Safari: https://support.apple.com/kb/PH21411
- Firefox: https://support.mozilla.org/en-US/search?q=cookies
- Opera: http://www.opera.com/help/tutorials/security/cookies/
We use Google Analytics on all of our websites. This allows us to see how users interact with content which means that we can optimise your experience and provide new content that is interesting to our visitors. You can opt out of your data being used by Google Analytics using the information and links provided by Google here: https://tools.google.com/dlpage/gaoptout/.
Pixel tags (also known as web beacons and clear GIFs). We have Facebook Pixel tracking code implemented on our websites and may use this for targeted advertising.
More information on advertising cookies and how you can opt out of them is provided in the following links:
- https://policies.google.com/technologies/ads
- http://optout.networkadvertising.org/?c=1#!/
- https://www.facebook.com/ads/preferences/
- http://www.pixelyoursite.com/gdpr-cookie-compliance
Online Bookings and Payments
Our secure online booking system is supplied by TuriTop. When booking using TuriTop, your payments will be processed by Stripe. We also use Transferwise to accept payments. For accounting purposes a reference relating to a customer may be included in a banking transaction and within accounting software.
The relevant companies and links to their privacy policies are as follows:
- TuriTop –
- Stripe – https://stripe.com/gb/privacy
- TransferWise Ltd – https://transferwise.com/privacy-policy
- Starling Bank – https://www.starlingbank.com/legal/privacy-notice/
Mailing List
Our mailing list database and electronic newsletter functionality is provided by Mailchimp. Mailchimp records both the open rates and clicks by an individual. Pixel tags (also known as web beacons and clear GIFs) enable us to send email messages in a format customers can read and they tell us whether mail has been opened.
Our mailing list sign-up forms are GDPR-compliant. You can read Mailchimp’s Privacy Policy here: https://mailchimp.com/legal/privacy/ (The Rocket Science Group LLC).
You can manage your personal information and subscription status using the link provided in the electronic newsletter, or by contacting us using our contact information provided below.
Online Chat
We use tawk.to on our website to allow you to chat with us. It also alerts us in real-time to traffic on our websites. You can see tawk.to’s privacy policy here: https://www.tawk.to/privacy-policy/ and their GDPR statement here: https://www.tawk.to/data-protection/gdpr/.
Website Hosting
Our website content management system is WordPress. Certain visitors to our website may choose to interact with in ways that require WordPress.org to gather personally-identifying information. You can read the WordPress privacy policy here: https://wordpress.org/about/privacy/.
Our website content is hosted by Paragon Internet Group trading under the name Tsohost. More information about their data security and GDPR is available via the following links:
- https://help.tsohost.com/knowledge-base/article/8194
- https://www.tsohost.com/assets/images/DataProcessingAgreementTsohost.pdf
- https://www.tsohost.com/data-centre-and-network
- https://www.tsohost.com/legal/new-terms-and-conditions-1
Viruses
It is our policy to virus check documents and files before they are posted on the website. However, we cannot guarantee that documents or files downloaded from our website will be free from viruses and we do not accept any responsibility for any damage or loss caused by any virus. Accordingly, for your own protection, you must use virus-checking software when using the Site.
Safety and Security of Data
We will take all reasonable precautions to protect your data from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.
Examples of such precautions include:
- Data encryption
- Installing the latest updates to software and operating systems
- Secure access to all our websites using ‘https’ (SSL) technology
- Firewalls and Anti-virus software
- Physical protection of premises where data is stored
Your consent
By using our website, you consent to the collection and use of your information by us. If this privacy notice changes in any way, we will place an updated version on this page. Regularly reviewing this page ensures you are always aware of what information we collect, and how we use it. You may request details of personal information which we hold about you under the General Data Protection Regulations (GDPR).
This Privacy Policy was last reviewed and updated on 24th May 2018.
How to find out what personal information you hold about me
You can find out if we hold any personal information on you by making a ‘subject access request’ under the Data Protection Act 1998 or GDPR. If we do hold information about you we will:
- Confirm that has been recorded
- Provide you with a description of it
- Tell you why we are holding it and how long for
How to delete your data
You can always request to delete personal information that we hold on you. To proceed with such request:
- email team@outlanderpastlives.com or team@tourthescottishhighlands.com to request deletion
Deleting your records from our datasets will erase any personal information we have about you and it will mean any data we hold about how you will be made anonymous.
Our Contact information
We welcome any feedback regarding this Privacy Notice. If you have any questions or believe the information we may be holding on you is incorrect or incomplete, please contact us as soon as possible at team@outlanderpastlives.com or team@tourthescottishhighlands.com; see bottom of page or our Contact Us page for more options.
We will use commercially reasonable efforts to promptly determine and remedy your query, but at most within one month.
If you are still unsatisfied you can find out how to get in touch with the information Commissioner’s Office (ICO) here: www.ico.org.uk/concerns.
If you are based outside of the UK then you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.