top of page
Need Help?

Feel Free to Contact Us

Terms & Conditions | Frequently Asked Questions | Contact Us

Privacy Policy

Last Updated: 25 September 2025

This Privacy Policy explains how Timeless North Limited (trading as The Scottish Luxury Experience) (“we”, “our”, “us”) collects, uses, and protects your personal information when you visit our website, contact us, or book a trip.

We are registered in Scotland (Company No. SC860505), and our services are governed by Scots law.


1. Who We Are

Data Controller: Timeless North Limited t/a The Scottish Luxury Experience

Registered Office: Suite 53, Bonnington Bond, 2 Anderson Place, Edinburgh, EH6 5NP

Contact: contact@timelessnorth.com

We are responsible for deciding how your personal data is processed in connection with your enquiries and bookings.


2. Information We Collect

We may collect the following types of personal data:

  • Identity data: name, title, date of birth, and passport details (for travel arrangements).

  • Contact data: email address, telephone number, and postal address.

  • Booking data: travel preferences, dietary requirements, mobility or access needs, insurance details, and emergency contacts.

  • Payment data: billing address and limited payment details (card data is processed securely by third-party payment providers such as Stripe).

  • Technical data: IP address, browser type, and cookies (see Section 10).

  • Marketing data: your preferences regarding newsletters, updates, or promotions.

We only collect what is necessary to provide and manage your services.


3. How We Use Your Information

We process your data to:

  • Create, manage, and deliver your booking or enquiry.

  • Communicate with you before, during, and after your trip.

  • Meet legal, financial, and regulatory obligations.

  • Improve our products, services, and website experience.

  • Send marketing communications where you have opted in (you can opt out at any time).

We will never sell your personal data.


4. Legal Bases for Processing

Under UK GDPR, we rely on the following lawful bases:

  • Contract: processing necessary to provide and manage your booking.

  • Legal obligation: such as accounting, tax, or regulatory reporting.

  • Consent: for optional marketing communications.

  • Legitimate interests: ensuring efficient service delivery, business management, fraud prevention, and network security.


5. Sharing Your Information

We only share your personal data where necessary to deliver our services or comply with the law. This may include:

  • Trusted suppliers (e.g. hotels, guides, chauffeurs, or activity providers) who require limited details to fulfil your trip.

  • Payment processors and banks (e.g. Stripe).

  • Legal, tax, or regulatory authorities where required.

  • Our associated entities (such as within the Timeless North Group) if needed to support your booking.

All third parties must respect your data and comply with UK data protection law.

We ensure appropriate contracts and safeguards are in place.


6. International Data Transfers

Where your itinerary involves suppliers outside the UK, your data may be transferred internationally.

We will ensure appropriate safeguards are applied, such as adequacy regulations or standard contractual clauses approved by the UK Information Commissioner’s Office (ICO).


7. Data Retention

We retain your data only as long as necessary for the purposes collected or as required by law:

  • Booking and contract data: typically 7 years after travel completion (for tax and legal compliance).

  • Marketing data: until you withdraw consent.

  • Technical and cookie data: as per our Cookie Policy.

After these periods, your data will be securely deleted or anonymised.


8. Your Rights

Under UK data protection law, you have the right to:

  • Access the personal data we hold about you.

  • Request correction of inaccurate data.

  • Request erasure of your data (where legally possible).

  • Object to or restrict processing, including for marketing.

  • Request portability of your data to another controller.

  • Withdraw consent at any time (where processing is based on consent).

To exercise these rights, contact us at contact@timelessnorth.com.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO): www.ico.org.uk


9. Children’s Data

Our services are not directed at children under 18. We only process minors’ data where necessary for family travel bookings and with parental or guardian consent.


10. Cookies and Website Use

Our website uses cookies to enhance functionality and performance.

Some cookies are essential, while others (such as analytics) are optional and require your consent.

Full details are available in our Cookie Policy.


11. Data Security

We implement appropriate technical and organisational measures to protect your personal data against loss, misuse, and unauthorised access, including encrypted systems, password controls, and restricted internal access.


12. Financial Protection and Third Parties

As a member of Protected Trust Services (PTS), client funds for Package bookings are held securely in a trust account with independent oversight.

We may need to share limited data with PTS or insurers for financial protection or compliance purposes.


13. Updates to This Policy

We may update this Privacy Policy periodically.

Any changes will be posted on this page with an updated “Last updated” date.

Substantial changes may be communicated directly where appropriate.


14. Contact Us

For any questions or to exercise your data rights, please contact:

Data Protection Officer

Timeless North Limited t/a The Scottish Luxury Experience

Suite 53, Bonnington Bond, 2 Anderson Place, Edinburgh, EH6 5NP

Email: contact@timelessnorth.com

bottom of page