Privacy Policy

This privacy notice provides you with details of how we collect and process your personal data through your use of our site: https://www.connecttoyourpotential.com/ and associated personal development products and services.

Connect To Your Potential

Connect To Your Potential is a division of Tour the Scottish Highlands Limited, owned and run by Andrew & Diane Nicholson. The Company Number is SXC587710 and the registered office is: 70 Moraypark Terrace, Culloden, Inverness, IV2 7RW

Tour the Scottish Highlands Limited

Tour the Scottish Highlands Limited comprises of the following divisions:

  • Outlander: The Past Lives Experience
  • Tour the Scottish Highlands
  • Highland Personal Development Photography Tours
  • Connect To Your Potential

When referencing ‘we’, ‘our’ or ‘us’ we mean Tour the Scottish Highlands Limited.

We have created a comprehensive privacy policy in order to be open and transparent about how we might use your data.

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us using the above options.

Privacy Policy

This privacy policy provides you with details about:

  • The types of personal data that we collect from you,
  • How we use your personal data
  • The rights you have to control our use of your personal data.

We are committed to ensuring that your privacy is protected and continues to be fully compliant with the European Union’s General Data Protection Regulations (GDPR) in place from 25 May 2018.

Changes to this privacy statement

We may change this policy from time to time by updating this page to reflect company and customer feedback. You should check this page periodically to ensure you are happy with any changes and how we will protect your information.

General Data Protection Regulations

Under the GDPR (2018), we have a legal duty to protect any information we collect from you. We use leading technologies to safeguard your data, and keep strict security standards to prevent any unauthorised access to it.  We hold your details in confidence and do not pass on to any third party other than those providing specific services, including transport, accommodation and/or activities/events for you and your party, to ensure your travel arrangements for the agreed package run smoothly.

You can learn more about GDPR and your data privacy rights here: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

What information we collect

By requesting to use our services, agreeing to our Terms and Conditions and providing your personal data to us, you expressly consent to the processing of your personal data by us or on our behalf.  We may collect the following information:

  • Name, country of domicile
  • Contact information including your telephone number, address and email address
  • Demographic information such as age, marital status and gender
  • Where your requested activities with us include personal development and/or relationship coaching/mentoring, then we will, require you to complete and send us (i) a Life Assessment, or (ii) a Life and Relationship Assessment, plus an Enneagram Personality/Ego-Typing Spreadsheet. This may include (by your choice) some information deemed as ‘sensitive data’ as per the definition below.
  • With permission we may from time to time collect and securely store testimonials, these may include text, photographs or video content
  • Other information relevant to customer surveys and/or offers
  • User IP addresses
  • Device-specific information, such as the hardware model, operating system version, advertising identifier, unique application identifiers, unique device identifiers, browser type, language and mobile network information
  • Anonymous statistical data involving the use of the website and regarding your computer, network and browser (including an IP address)

Apart from the above-mentioned data, we do not collect any other sensitive data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, genetic data or biometric data, criminal convictions or offences.

What we do with the information we collect

We want to give you the best possible customer experience before, during and after we supply our services to you.  We require certain information, as outlined above, to understand your needs and successfully deliver a bespoke personal service, as well as:

  • To enter into a contract with us (e.g. when you make a purchase) so we can (i) process your order, (ii) take payment, and (iii) provide you with customer support
  • To verify your identity and preventing and detecting fraud and other crime (such as identity theft)
  • To tailor the services that we provide to meet your stated aspirations and requirements
  • Where you have completed and sent us a Life Assessment, a Life and Relationship Assessment, and/or an Enneagram Personality/Ego-Typing Spreadsheet, we will keep this strictly confidential and delete/destroy all physical or electronic records of these as soon as possible after we have finished our agreed programme of work with you, and in any case within not longer than one week after that date.
  • To gather customer feedback. We may contact you by email, phone or email
  • To develop our existing or related new products and services
  • To carry out our internal record keeping and company administrative functions
  • To determine the effectiveness of our promotional campaigns and advertising
  • To customise the website according to your interests and to better understand how people interact with our websites
  • We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners and trusted affiliates for the purposes outlined above.
  • We may use testimonials and photographs on our website, via social media, and for digital marketing material. Whilst we can remove such data from our database, we may be unable to recall all existing marketing material. In this situation, although permission has been released to us, we will ensure that we do as much as we can to prevent further use and remove any existing material. The social media channels that we use include but are not restricted to: Facebook, Twitter, YouTube, Vimeo, Google+ and LinkedIn

Whenever we process data for these purposes we will ensure that we always keep your Personal Data Rights in high regard and take account of these rights. You have the right to object so this processing if you wish, and if you wish to do so, please contact us using the contact information that we have provided below.  Please bear in mind that if you object, then this may affect our ability to carry out the tasks listed above for your benefit.

Apart from the above points, we will never distribute your personal information to third parties unless are required by law to do so. Regardless, we will never sell or lease your personal information to third parties.

How long we keep the information that we gather

As our customer you have a ‘legitimate interest’ in our business. As such, we will store your contact details for up to five years following us providing our services to you.

For all other individuals with an interest in us and our products and services, we will always ask you if you would like to be added to our database so that we can keep in touch with our latest news and offers. We will keep a record of this. If you do, then your name and email address will be added to our database and stored securely for up to three years.  Whether a customer or not, you are entitled at any point during this time to ask us to remove your information from our records.

Links to third party websites

Our websites may contain hyperlinks to third-party websites. We cannot be held responsible for the content of any pages referenced by an external link that is not operated by us.  We are also not responsible for the protection and privacy of any information which you provide whilst visiting such sites, all of which are not governed by this Privacy Notice.  Use of any such third-party websites is carried out solely at your own risk. We do not accept any liability in connection with any third-party websites.

These third-party websites have their own privacy statements, which will let you know how personal information collected on those websites will be used. Third party websites are also likely to use cookies and will have their own policy on this also.  We, therefore, urge you to review their privacy statement and cookies policy when using these websites.

Cookie Policy

Our website may use cookies to distinguish you from other users. This helps us to provide you with a good experience when you browse our websites, and allow us to improve our website and services. Cookies may also be used to analyse user behaviour and for advertising purposes.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your device if you agree. Cookies contain information that is transferred to your device’s hard drive. You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website and online booking system for which we require the use of cookies.

You can manage cookies within your browser settings via the following links:

We use Google Analytics on all of our websites. This allows us to see how users interact with content which means that we can optimise your experience and provide new content that is interesting to our visitors. You can opt out of your data being used by Google Analytics using the information and links provided by Google here: https://tools.google.com/dlpage/gaoptout/.

Pixel tags (also known as web beacons and clear GIFs). We have Facebook Pixel tracking code implemented on our websites and may use this for targeted advertising.

More information on advertising cookies and how you can opt out of them is provided in the following links:

Online Payments

Our secure electronic invoicing and online payment system is Stripe. We also use Transferwise to accept payments. For accounting purposes a reference relating to a customer may be included in a banking transaction and within accounting software.

The relevant companies and links to their privacy policies are as follows:

Mailing List

Our mailing list database and electronic newsletter functionality is provided by Mailchimp. Mailchimp records both the open rates and clicks by an individual. Pixel tags (also known as web beacons and clear GIFs) enable us to send email messages in a format customers can read and they tell us whether mail has been opened.

Our mailing list sign-up forms are GDPR-compliant. You can read Mailchimp’s Privacy Policy here: https://mailchimp.com/legal/privacy/  (The Rocket Science Group LLC).

You can manage your personal information and subscription status using the link provided in the electronic newsletter, or by contacting us using our contact information provided below.

Online Chat

We use tawk.to on our website to allow you to chat with us. It also alerts us in real-time to traffic on our websites. You can see tawk.to’s privacy policy here: https://www.tawk.to/privacy-policy/ and their GDPR statement here: https://www.tawk.to/data-protection/gdpr/.

Website Hosting

Our website content management system is WordPress. Certain visitors to our website may choose to interact with in ways that require WordPress.org to gather personally-identifying information. You can read the WordPress privacy policy here: https://wordpress.org/about/privacy/.

Our website content is hosted by Paragon Internet Group trading under the name Tsohost. More information about their data security and GDPR is available via the following links:

Viruses

It is our policy to virus check documents and files before they are posted on the website. However, we cannot guarantee that documents or files downloaded from our website will be free from viruses and we do not accept any responsibility for any damage or loss caused by any virus. Accordingly, for your own protection, you must use virus-checking software when using the Site.

Safety and Security of Data

We will take all reasonable precautions to protect your data from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.

Examples of such precautions include:

  • Data encryption
  • Installing the latest updates to software and operating systems
  • Secure access to all our websites using ‘https’ (SSL) technology
  • Firewalls and Anti-virus software
  • Physical protection of premises where data is stored

Your consent

By using our website, you consent to the collection and use of your information by us.  If this privacy notice changes in any way, we will place an updated version on this page.  Regularly reviewing this page ensures you are always aware of what information we collect, and how we use it.  You may request details of personal information which we hold about you under the General Data Protection Regulations (GDPR).

This Privacy Policy was last reviewed and updated on 24th May 2018.

How to find out what personal information you hold about me

You can find out if we hold any personal information on you by making a ‘subject access request’ under the Data Protection Act 1998 or GDPR. If we do hold information about you we will:

  • Confirm that has been recorded
  • Provide you with a description of it
  • Tell you why we are holding it and how long for

How to delete your data

You can always request to delete personal information that we hold on you. To proceed with such request:

Deleting your records from our datasets will erase any personal information we have about you and it will mean any data we hold about how you will be made anonymous.

Our Contact information

We welcome any feedback regarding this Privacy Notice.  If you have any questions or believe the information we may be holding on you is incorrect or incomplete, please contact us as soon as possible at team@connecttoyourpotential.com or team@tourthescottishhighlands.com; or our Contact Us page for more options.

We will use commercially reasonable efforts to promptly determine and remedy your query, but at most within one month.

If you are still unsatisfied you can find out how to get in touch with the Information Commissioner’s Office (ICO) here: www.ico.org.uk/concerns.

If you are based outside of the UK then you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

Share the knowledge