Privacy Policy


This is the Privacy and Cookie Policy of MIRICO Ltd. In this document, “MIRICO”, “we”, “our” or “us” refer to MIRICO Ltd.  This privacy policy applies to MIRICO Ltd, its business operations and MIRICO’s website at (the “website”).

This privacy policy aims to give you information on how we collect and processes your personal data when you become a client of ours, when you sign up for a newsletter and through your use of our website and sets out the basis on which all personal data that we collect from you or that you provide to us will be processed by us.

We take your privacy very seriously. This policy covers the collection, processing and other use of personal data under the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”)

Please read this policy carefully and ensure that you understand it. Your acceptance of the Privacy Policy is deemed to occur upon first use of our website. If you do not accept this Privacy Policy you should stop using our website immediately.


MIRICO Ltd is a private limited company, registered in England under company number 09376628. Our registered address and main trading address is Unit 6, Zephyr Building, Eighth Street, Harwell Campus, Didcot OX11 0RL

For the purpose of GDPR MIRICO is the data controller and any enquiry regarding the collection or processing of your data should be addressed to:

The Data Protection Officer

Name: Rob Gibbs (Digital Marketing Manager)


Tel: +44 (0) 1235 612400

Address: MIRICO Ltd, Unit 6, Zephyr Building, Eighth Street, Harwell Campus, Didcot OX11 0RL


Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.


Depending upon your use of our website, online forms or in the process of enquiring about our products or services or in purchasing goods or services for us we may collect some or all of the following personal data:

  • Your name:
  • Business address:
  • Business email address:
  • Business telephone number:
  • Business mobile number:
  • Business name:
  • Job title:
  • IP address:
  • Web browser type and version:
  • Operating system:
  • Order history:


Under GDPR we must have a lawful basis for using your personal information. This may be because data is necessary in the performance of a contract with you, because you have consented to our use of your personal information or because it is in our legitimate business interest to use it.

We use the information you provide us when you contact us, for example in relation to enquiries, orders, comments or complaints made by you for conducting business with you and for our legitimate interest of communicating with you about our products and services.

If you are one of our customers, suppliers or prospects, we use your information to establish and fulfil our contract with you. This may include verifying your identity, communicating with you and arranging the provision of products and services. We also use your information for our legitimate interest of documenting and managing our internal administration.

We also may use personal information for additional purposes. We will identify these additional purposes at the time of collection if any.


Please see our Cookie Policy here


Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.


Where possible, we try to only process your information within the UK and European Economic Area (EEA). If we or our service providers transfer personal data outside of the UK or EEA, we always require that appropriate safeguards are in place to protect the information when it is processed.

We use a number of third-party data processors who are carefully chosen and comply with relevant Data Protection legislation. 

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United Kingdom and process it there.

Your agreement to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.


We are also working closely with third parties (including, for example, suppliers, manufacturers, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may share your information with them.

We may share your information with selected third parties including:

  • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
  • Analytics and search engine providers that assist us in the improvement and optimisation of our site.
  • Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
  • We may disclose your personal information to third parties:
    • If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
    • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.

If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.

If any personal data is transferred outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR.

We do not sell, rent, share or trade your Personal Information to third parties for marketing purposes unless you have granted us permission to do so.


We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

We will take reasonable precautions to prevent the loss, misuse or alteration of your personal information. Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.


Unless a longer retention period is required or permitted by law, we will only hold your personal information on our systems for the period necessary to fulfil the purposes outlined in this Privacy Policy or until you request that it is deleted.

For example, if you are a customer or supplier of MIRICO, we will keep your information for the duration of the contractual relationship you or your company has with us and after the end of that relationship for as long as necessary to perform the purposes set out above or to comply with legal obligations.

We will actively review the personal data we hold and delete it securely, or in some cases anonymise it, when there is no longer a legal, business or consumer need for it to be retained.


You have the following rights (if applicable):

  • The right to Access

You have the right to request a copy of the personal data we are processing about you.  There is not normally any charge for a subject access request. We will respond to your request without undue delay and by no later than one month from receipt of your request.

We will usually act on requests and provide information free of charge, but may charge a reasonable fee to cover our administrative costs of providing information for:

  • baseless or excessive/repeated requests
  • further copies of the same information.

Alternatively, we may be entitled to refuse to act on the request.

  • The Right to Rectification

You have the right to have incomplete or inaccurate personal data that we process about you rectified.

  • The right to erasure (the ‘right to be forgotten’)

You have the right to request that we delete personal data that we process about you, except we are not obliged to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.

  • The right to restrict processing

You have the right to restrict our processing of your personal data where you believe such data to be inaccurate; our processing is unlawful; or if we no longer need to process such data for a particular purpose unless we are not able to delete the data due to a legal or other obligation or because you do not wish us to delete it.

  • The right to data portability

You may, in certain circumstances, have the right to data portability for the information you provide to us. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.

  • The right to Object

Where the legal justification for our processing of your personal data is our legitimate interest, you have the right to object to such processing on grounds relating to your particular situation. We will abide by your request unless we have compelling legitimate grounds for processing which override your interests and rights, or if we need to continue to process the data for the establishment, exercise or defence of a legal claim.

  • Withdrawing Consent

If you have consented to our processing of your personal data, you have the right to withdraw your consent at any time, free of charge such as where you wish to opt out from marketing messages that you receive from us.

You can make a request to exercise any of these rights in relation to your personal data by sending the request to our Data Protection Office whose contact details are shown at Section 2 above.

For your own privacy and security, at our discretion we may require you to prove your identity before providing the requested information. 


If you have any queries relating to our use of your personal information or any other related data protection questions, please contact us using the information provided at Section 2 above.

Please be sure to include sufficient information so we can understand and respond to your specific question or request.


Should you wish to discuss a complaint, please contact us using the contact details provided at Section 2 above.  All complaints will be treated in a confidential manner.

If you’re not satisfied with our response to your complaint or believe our processing of your information does not comply with data protection law, you can make a complaint to the UK data protection authority, the Information Commissioner’s Office (“ICO”) the UK Data protection regulator.


This Policy may be updated from time to time and the latest version is published on this page.  You should review this notice periodically to stay informed of any changes. Please note the date of the notice below, so that you know when it was last updated.

Last updated: 4th February 2021