Nordur Expeditions (“Nordur”, “we”, “us”, “our”) is committed to protecting your personal data and respecting your privacy. We comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

1) Who we are (Data Controller)

Nordur Expeditions
Strathbay House, Gairloch, Highlands, Scotland, IV21 2BP
Email: info@nordur.co.uk
Phone: 07854197584

2) Personal data we collect

Identity: name, date of birth, nationality, passport/ID details.
Contact: email, phone, postal address.
Booking & payment: booking history, billing details (card details handled securely by our payment processor; we do not store full card numbers).
Health & safety: relevant medical information, dietary needs, emergency contacts (only where necessary to run trips safely).
Marketing preferences: consents and opt-outs.
Technical/usage: IP address, device/browser info, pages viewed, cookies/analytics data.

3) How we collect data

We collect data directly from you (e.g., enquiries, bookings, forms, emails, calls, events), through our website (including cookies and analytics), and from trusted service partners when needed to deliver your booking.

4) How we use data (purposes)

Administering enquiries, bookings, payments, and customer accounts.
Trip planning, safety management, and essential communications.
Meeting legal, insurance, and regulatory obligations.
Website performance, security, and service improvement (analytics — used with consent where required).
Marketing with your consent (you can withdraw at any time, for example via unsubscribe links in our emails or by contacting us).

5) Lawful bases for processing

Contract: to provide services you request.
Legal obligation: e.g., tax, insurance, safety compliance.
Legitimate interests: running and improving our services, ensuring safety — always balanced against your rights.
Consent: e.g., for marketing emails or processing certain special category data.

6) Special category data

Where health information is required for safety, we process it with your explicit consent and/or because it is necessary for providing safe expedition services. Access is strictly limited and safeguards are applied.

7) Sharing your data

We share personal data only when necessary with:

Guides and operational staff (for safety and service delivery).
Payment processors, insurers, transport/accommodation providers, and IT/website service providers.
Authorities in emergencies or where required by law.

We only use third-party providers who meet UK GDPR standards. We never sell personal data.

8) International transfers

If we transfer personal data outside the UK (e.g., to overseas providers), we use appropriate safeguards such as the UK International Data Transfer Agreement/Clauses or rely on an adequacy decision.

9) Retention

Booking, finance, and insurance records: retained for up to 7 years to meet legal and insurance requirements.
Health and safety information: kept for the duration of the trip and any legal/insurance retention period; otherwise deleted when no longer needed.
Marketing data: kept until you unsubscribe or withdraw consent.

We review retention regularly and securely delete data when no longer required.

10) Your rights

You can request to:

Access, correct, erase, restrict, or object to processing of your data.
Port your data.
Withdraw consent where used.

Contact us at info@nordur.co.uk or 07854197584 to exercise your rights.
You can also complain to the UK Information Commissioner’s Office (ICO): ico.org.uk.

11) Cookies & analytics

We use cookies and similar technologies for site functionality, security, and analytics. Non-essential cookies (including analytics) are only set with your consent, in line with PECR.
You can manage cookies in your browser. See our Cookie Policy [link] for details.

12) Data security

We apply appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or loss. Access is restricted to those who need it for legitimate purposes.

13) Children’s data

Our services are primarily for adults. Where we handle a young person’s data for a programme, we obtain parental/guardian authority and apply additional safeguards. We do not knowingly collect children’s personal data without such consent. If you believe we have received data in error, contact us to have it deleted.

14) Changes to this policy

We may update this notice from time to time. The latest version will always be posted here with a new effective date. If we make material changes, we will notify customers directly (e.g., by email).

15) Contact

Questions or requests about this policy or your data:
info@nordur.co.uk | 07854197584
Nordur Expeditions, Strathbay House, Gairloch, Highlands, Scotland, IV21 2BP

📨 We’re hiring!

Nordur is a small-group expedition company guiding linked journeys and challenges in remote places – from ski crossings of Arctic plateaus to long mountaineering routes and packrafting in the Highlands.

We’re look

FOLLOW US ON INSTAGRAM

@nordurguides

GET IN TOUCH

info@nordur.co.uk

UK +44 (0)7854197584

OUR GUIDES

The Association of Mountaineering Instructors (AMI) is the representative body for professionally qualified Mountaineering and Climbing Instructors in the UK and Ireland.

UIMLA is an international governing body which is representing International Mountain Leaders across the world. One of the most important targets for UIMLA is to represent the profession at the international level as well as setting equal standards of qualifications for all International Mountain Leaders (IMLs). UIMLA promotes the profession and supports the cooperation between IMLs from different countries.