Policies to support data protection and privacy
- Business Continuity Policy
- Data Protection Policy
- Freedom of Information Procedure Publication Policy
- Generative AI Policy
- IT Acceptable Use Policy
- Mobile BYOD Policy
- Model Complaints
- Password policy
On this page you will find VisitScotland policies which support data protection and privacy, including employment and cookies policies.
These policies govern how we collect, use and dispose of personal data.
- Procurement Strategy and Policy Framework or Procurement Policy
- Records Management Policy
- Restricted Transfer Guidance
- Risk Management Policy
- Security policy
- Social Media Policy
- Whistleblowing Policy
Incident management and data breach procedures
The following policies and guidance combine to inform incident management and data breach procedures:
| Data protection policy | Information security policy |
|
|
Cookies policy
Cookies policy information for all the VisitScotland websites can be found on these dedicated pages;
- Read the cookies policy for our business events, consumer, and travel trade websites on visitscotland.com
- Read the cookies policy for our business support website on support.visitscotland.org
- Read the cookies policy for our media toolkit on toolkit.visitscotland.org
- Read the cookies policy for VisitScotland.org
Employment policies and handbooks
- Corporate retention schedule
- Security policies
- Information Security Policy
- IT Acceptable Use Policy
- Data sharing requests or Data sharing agreement
- Data Protection Policy
- Data Protection Handbook
- Data incident management guidelines