Privacy policy

Last Updated: February 2026

This Privacy Policy explains how Mimios (“we”, “us”, “our”) collects, processes, stores, and protects personal data when you visit our website or make a purchase.

We are committed to safeguarding personal information in accordance with:

  • The UK General Data Protection Regulation (UK GDPR)

  • The Data Protection Act 2018

  • The Privacy and Electronic Communications Regulations (PECR)

By accessing our website or purchasing from Mimios, you acknowledge that your information will be handled in accordance with this Privacy Policy.

1. Introduction

Mimios is a UK-based online home décor retailer operating exclusively within the United Kingdom.

Operating Name: Mimios
Business Address: Unit 1, Liberty 196, Rhosili Road, Northampton, NN4 7JE, United Kingdom

Email: support@mimios.com
Phone: +44 7562 844930

We act as the “data controller” for the purposes of applicable UK data protection legislation.

Our objective is to ensure transparency, lawful processing, and responsible data stewardship across all customer interactions.

2. Categories of Personal Data Collected

We collect only the data necessary to operate our business effectively and fulfil contractual obligations.

2.1 Identity and Contact Information

  • Full name

  • Billing address

  • Delivery address

  • Email address

  • Telephone number

2.2 Order and Transaction Data

  • Products purchased

  • Order number

  • Payment confirmation details

  • Delivery tracking information

  • Refund and return records

Important: We do not store full credit or debit card numbers. Payment processing is handled through secure third-party gateways compliant with PCI-DSS standards.

2.3 Technical and Usage Data

  • IP address

  • Browser type and version

  • Device information

  • Time zone setting

  • Website interaction behaviour

  • Cookie identifiers

2.4 Marketing and Communication Preferences

  • Newsletter subscription status

  • Promotional communication preferences

  • Customer service interaction records

3. Lawful Basis for Processing

We process personal data only where we have a lawful basis under UK GDPR:

3.1 Performance of a Contract

Processing necessary to:

  • Confirm and fulfil orders

  • Process payments

  • Arrange delivery

  • Provide customer service

  • Process returns and refunds

3.2 Legal Obligation

Processing required to:

  • Comply with tax regulations

  • Prevent fraud

  • Maintain accounting records

  • Respond to lawful requests from authorities

3.3 Legitimate Interests

Processing for:

  • Website optimisation

  • Fraud detection and risk prevention

  • Business analytics

  • Improving customer experience

We ensure legitimate interests do not override your fundamental rights.

3.4 Consent

Where required (e.g., marketing communications), we rely on your explicit consent. Consent may be withdrawn at any time.

4. How We Use Your Information

Personal data is used strictly for operational and compliance purposes:

  • Processing and confirming purchases

  • Managing shipping and delivery timelines (1–4 business day processing; 8–11 business day transit)

  • Communicating order status updates

  • Verifying identity in cases of suspected fraud

  • Handling cancellation requests within 24-hour window

  • Managing 30-day return eligibility

  • Processing approved refunds within 7 business days

  • Responding to customer enquiries

We do not sell personal data to third parties.

5. Sharing of Personal Data

We may share data only where operationally necessary.

5.1 Service Providers

We work with vetted third parties including:

  • Payment processors

  • UK courier partners

  • Cloud hosting providers

  • Email communication services

  • Fraud detection and risk screening services

These partners process data strictly under contractual obligations and data protection safeguards.

5.2 Legal Disclosure

We may disclose information if required by:

  • Court order

  • UK law enforcement authorities

  • Regulatory bodies

5.3 Business Transfers

In the event of a merger, acquisition, or asset transfer, personal data may be transferred under strict confidentiality and subject to data protection compliance.

6. International Transfers

Although Mimios operates in the UK, some service providers may process data outside the United Kingdom.

Where this occurs, we ensure:

  • Adequacy regulations approved by the UK government, or

  • Standard Contractual Clauses (SCCs), or

  • Equivalent safeguards ensuring UK GDPR-level protection

7. Cookies and Tracking Technologies

We use cookies to enhance website functionality and security.

7.1 Essential Cookies

Required for:

  • Cart functionality

  • Checkout process

  • Order session management

7.2 Performance & Analytics Cookies

Used to:

  • Measure site traffic

  • Improve layout and user experience

  • Identify technical errors

7.3 Marketing Cookies

Used only where consent has been granted.

You may adjust cookie preferences through your browser settings. Disabling certain cookies may affect site performance.

8. Fraud Prevention & Security Monitoring

To protect customers and prevent fraudulent activity:

  • Orders may be screened for unusual activity

  • IP consistency checks may be performed

  • Payment verification protocols may apply

  • Suspicious transactions may be temporarily held

This processing is based on legitimate interest and legal obligation to prevent financial crime.

Chargeback abuse or payment disputes may result in review and data retention for evidentiary purposes.

9. Data Retention

We retain personal data only as long as necessary for:

  • Contractual fulfilment

  • Legal compliance

  • Tax record obligations

  • Fraud prevention

Order records may be retained in accordance with UK accounting regulations.

Marketing data is retained until consent is withdrawn.

10. Data Security

We implement appropriate technical and organisational safeguards including:

  • SSL encryption

  • Secure hosting environments

  • Restricted administrative access

  • Payment gateway tokenisation

  • Regular system monitoring

While no online system is entirely immune from risk, we take commercially reasonable measures to protect personal data.

11. Your Rights Under UK GDPR

You have the following rights:

  • Right of access

  • Right to rectification

  • Right to erasure (subject to legal obligations)

  • Right to restrict processing

  • Right to data portability

  • Right to object

  • Right to withdraw consent

To exercise your rights, contact: support@mimios.com

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been handled improperly.

12. Children’s Privacy

Our services are not directed toward individuals under the age of 13. We do not knowingly collect data from children.

13. Third-Party Links

Our website may include links to external websites or social media platforms. We are not responsible for the privacy practices of those third parties. We recommend reviewing their policies independently.

14. Policy Updates

We may revise this Privacy Policy to reflect operational, legal, or regulatory changes.

The “Last Updated” date will reflect the most recent revision.

Continued use of our website following updates constitutes acceptance of the revised policy.

Store Information

Operating Name: Mimios
Email: support@mimios.com

Address: Unit 1, Liberty 196, Rhosili Road, Northampton, NN4 7JE, United Kingdom

Phone: +44 7562 844930
Customer Service Hours: Monday to Friday 9:00 – 18:00 (GMT – London)
Response Time: 12–24 business hours