Effective date: 10 June 2026
Overview
mist-peak is committed to ensuring compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This page outlines our approach to data protection and your rights as a data subject.
Data Controller
mist-peak acts as the data controller for personal information collected through our website and services. We determine the purposes and means of processing personal data.
Contact details:
mist-peak
42 Greenway Lane, Camden, London NW1 8QP
Email: [email protected]
Principles of Data Processing
We adhere to the following principles when processing personal data:
- Lawfulness, fairness, and transparency: We process data lawfully, fairly, and in a transparent manner.
- Purpose limitation: We collect data for specified, explicit, and legitimate purposes.
- Data minimisation: We collect only data that is adequate, relevant, and limited to what is necessary.
- Accuracy: We take reasonable steps to ensure personal data is accurate and kept up to date.
- Storage limitation: We retain data only for as long as necessary for the purposes for which it was collected.
- Integrity and confidentiality: We process data securely with appropriate technical and organisational measures.
- Accountability: We take responsibility for compliance with these principles.
Your Rights Under UK GDPR
As a data subject, you have the following rights:
Right to Access
You have the right to request a copy of the personal data we hold about you. We will provide this information free of charge within one month of your request.
Right to Rectification
You have the right to request correction of any inaccurate or incomplete personal data we hold about you.
Right to Erasure
You have the right to request deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purpose it was collected.
Right to Restrict Processing
You have the right to request that we limit the processing of your personal data in certain circumstances.
Right to Data Portability
You have the right to receive your personal data in a structured, commonly used, and machine-readable format.
Right to Object
You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.
Rights Related to Automated Decision-Making
You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects.
How to Exercise Your Rights
To exercise any of these rights, please contact us at [email protected] with your request. We will respond within one month. If your request is complex or we receive numerous requests, we may extend this period by an additional two months, in which case we will inform you.
We may need to verify your identity before processing your request to ensure the security of your personal data.
Data Breach Procedures
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the Information Commissioner's Office within 72 hours of becoming aware of the breach. If the breach is likely to result in a high risk to your rights, we will also notify you directly.
International Data Transfers
We primarily store and process data within the United Kingdom. If we transfer data outside the UK, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the UK authorities.
Complaints
If you are dissatisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Website: ico.org.uk
Updates to This Information
We may update this GDPR compliance information from time to time. Any changes will be posted on this page with an updated effective date.