Data Privacy and Security
Information Policy - At Heart of Scotland Tours we take your data protection and privacy very seriously. We never pass your personal information to any 3rd party or organisation. The information we collect will only be used in accordance with the Data Protection Act 1998 and General Data Protection Regulation 2018.
Why do we collect information - We collect personal information about you only to process your booking or subscribe you to our mailing list.
What information do we collect - Should you book, we collect several pieces of information about you - your name, address, phone number, email address, and booking preferences. This information is stored by our booking platform partner, Checkfront. See Security below. If you subscribe to our newsletter, we only collect your email address and full name.
Sensitive information - Some of the information we collect about you could be considered sensitive. That is why it is never passed on to any parties outside of Heart of Scotland Tours, except where your tour is run by a tour partner when we will supply details of your booking to them. Your personal information is held securely in accordance with the law.
Your email address - Your email address is kept for contact purposes, allowing our staff to keep you up to date on any changes that may occur between you booking a tour and going on the tour. In addition we will send you one email for feedback shortly after completion of your tour. If you have subscribed to our mailing list, we will use your email address to send you our newsletter. You can unsubscribe from the list at any time - by clicking a link in a newsletter, or by contacting us.
Your rights - You can ask us to verify that the information we hold about you is accurate, modify it or even have it deleted from our records. To enquire about the information we hold about you send us a message by clicking here or email firstname.lastname@example.org. For your security the email address on the request must match the email address on our records. If it does not match then further identification will be required.
For more information about cookies, visit https://ico.org.uk/for-the-public/online/cookies/
Anonymous browsing of our site - To browse our site anonymously, follow the advice above to block cookies and use an anonymous virtual private network to hide your internet protocol address.
The security of your information is our top priority. This is why we use the award winning Checkfront booking platform to handle and store your booking information. Checkfront is PCI DSS compliant, Trustwave certified, GDPR compliant and a US/EU SafeHarbour. Checkfront do not store your credit card information. It is securely tranmitted to our payment processor Stripe via 168 bit encryption. Stripe is a world leader in secure on-line transactions. Read more here: https://stripe.com/docs/security/stripe.
All communication from your computer to our servers and those of Stripe and Checkfront is encrypted.
Cyber Essentials certified - Heart of Scotland Tours is also Cyber Essentials certified. Cyber Essentials policies help prevent the vast majority of cyber attacks and the certification demonstrates that we take the security of your information seriously.