Search Search image
Search image Close Search

Mercat Tours Ltd trading as Mercat Tours takes your privacy seriously. We ask that you read this Privacy Policy carefully as it contains important information about what to expect when we collect personal information about you and how we will use your personal data.

Any personal data collected through this website will be treated as confidential in line with the principles of General Data Protection Regulation (GDPR) 2018.


This Privacy Policy applies to information we collect about visitors to our website.  By visiting our website, you are accepting and consenting to the practices described in this policy.


We do not store credit card details nor do we share customer details with any third parties.

All data we collect is deleted or anonymised after 12 months.

We may collect the following data about you:

Information you give us. You give us information about you by buying our product, completing forms on our site or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use our site, sign up for our newsletter, place an order or otherwise contact us. The information you give us may include your name, address, email address and phone number and financial and credit card information.

Information we collect about you. With regard to each of your visits to our site, we may automatically collect data from cookies.


A cookie is a text file which asks permission to be placed on your computer’s hard drive.

We use traffic log cookies to identify which pages are being used. This helps us to analyse data about web page traffic and to improve our website in order to tailor it to customer needs. We only use this information for statistical analysis.

Overall, cookies help us provide you with a better website. You can choose to accept or decline cookies. For further information about cookies visit


PHPSESSID - This cookie is a reference to a unique session ID set by our website for the current browsing session. No personal data is stored in it. The session is ended when a user’s browser is closed. This allows us to link you to the website if you are logged in and processing through the checkout and enable core site functionality.

Google Analytics (_utma, _utmb, _utmc, _utmz ….) - This cookie allows us to record page visits and sources so we can measure the performance of our site, using a service called Google Analytics. For more information about Google’s privacy policy, and more details on how this cookie operates, visit:

Add This (_atuvc, _atuvs) - The site uses Add This to allow the user to share content from the website over multiple social networks.  Add This set a few cookies on your computer to improve user experience. The Add This cookie is used to track the content you view and share.

Facebook (Pixel Pixel ID: 885013461591137) - This cookie allows us to record page visits and sources from Facebook so we can measure the performance of our Facebook content, using a service called Facebook Pixel. For more information about Facebook’s privacy policy, and more details on how this cookie operates, visit: .


We gather this information to understand your needs and provide you with a service, and in particular for the following reasons:

  • We may use the information to improve our products and services.
  • If you have signed up to our newsletter, we will send emails about new products, special offers or other information which we think you may enjoy. This information is collated using a third party service, Rocket Science Group LLC (trading as 'Mailchimp'). Mailchimp will have access to and will store and process your email, but will only do so on our instructions. MailChimp helps us to track the reception of our newsletters. If you have not signed up to our newsletter, we will not disclose your personal information to Mailchimp.
  • If you have signed up to our newsletter, we may use your data to tailor adverts and marketing messages to you on third party websites like Google and Facebook.
  • From time to time, we may also use your information to contact you for market research purposes.
  • If requested, we may contact you by email, phone or mail.
  • We may use the information to customise the website according to your interests.
  • From time to time we may provide anonymised information to our customer service agencies for research purposes so that we can monitor and improve the goods and services we provide.


We have put in place the following security measures to safeguard your personal information:

PCI Certificate

PCI DSS are a set of standards to help protect businesses and shoppers from data theft and fraud.  It is mandatory for all businesses who accept card payments to comply by getting a PCI certificate.   This applies to all types of card payments: online, by mail, over the phone or using card machines.

Mercat Tours recertify every year.

TLS Transport Layer Security

Transport Layer Security (TLS) is technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two systems (for example our website and your browser). This prevents others from reading or modifying any information transferred, including personal details.

Mercat Tours recertify every three years.

Cyber Essentials Certificate

Cyber Essentials is a Government-backed scheme that helps protect our website against a range of the most common cyber-attacks.

Mercat Tours recertify every year.

Password Encryption

All accounts created on our website have encrypted password data, making it unreadable. Server and database access is IP address limited with tight access controls.

Firewall and anti-malware scans

A firewall reduces the ability for unauthorized data access. Mercat Tours ensures a maintained firewall to increase the security surrounding your data. Additionally, our systems constantly look to detect malware.


We keep our Privacy Policy under regular review. If we change our Privacy Policy we will post those changes on this page and other places we deem appropriate so our users are always aware of what information we collect and how we use it.


Mercat Tours are prepared to address any requests made by our customers related to their individual rights:

  • Right to be forgotten: You may terminate your account with us at any time, in which case we will permanently delete your account and all data associated with it.
  • Right to object: You may opt out of inclusion of your data in any way simply email
  • Right to rectification: You may access and update your account settings at any. You may also contact us at any time to access, correct, amend or delete information that we hold about you.
  • Right of access: This policy describes what data we collect and how we use it. If you have specific questions about data, you can contact us for further information at any time.
  • Right of portability: We will export your data to a third party at any time upon your request.


This website contains links to other sites. Please be aware that Mercat Tours are not responsible for the privacy practices of any other sites. This privacy statement applies solely to information collected by this website.


If you would like to contact us with any queries or comments:

Mercat Tours, 28 Blair Street, Edinburgh EH1 1QR


Updated 30th October 2021

Subscribe for updates

For all the latest information, tour updates and promotions.
I am the notification bar, pleased to meet you.