Privacy Policy

Date Last Revised: 31/01/2025

Mitie is committed to complying with its legal obligations under the General Data Protection Regulation 2016/679 (“GDPR”), the UK GDPR, and the Data Protection Act 2018 for the protection of the rights and freedoms of individuals whose personal data Mitie obtains or generates as part of its business operations. You can read more about how Mitie uses your data when you visit the www.mitie.com website or use other services we provide here: Privacy | Mitie.

In this notice, “we”, “us”, “our” means Custom Solar, a Mitie Group business responsible for any personal information collected about you. This privacy notice tells you how and why we use your personal information when you visit our website, contact us, or use our services. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

What personal data do we collect and process?

We will only process personal data where we have a lawful basis on which to do so. The lawful basis on which data is processed will depend on the nature of the information collected and the purposes for which we use it, but will be one or more of the following:

  • Consent: you have provided your consent for us to process their personal data for a specific purpose.
  • Contract: the processing is necessary for a contract you have with us or because you have asked us to take specific steps before entering a contract.
  • Legal obligation: the processing is necessary for us to comply with our legal obligations.
  • Vital interests: the processing is necessary to protect someone’s life.
  • Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party. Where we use legitimate interests as our lawful basis, we have assessed the processing’s necessity, proportionality, and reasonability.

What is personal data?

Personal data is defined by the General Data Protection Regulation (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

This is any information about you that enables you to be identified. Personal data covers information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

Non-personal data refers to any information that does not identify you as a specific individual. This policy may include non-personal information where both types may be linked by the same document.

How and what personal data we collect

We can collect data in a number of ways, including the following (this may vary according to your relationship with us):

  • Personal information – such as name, address, phone number and contact details
  • Business contact details – such as name, address, phone number, contact details and job title.
  • While using our website – we may ask you to provide us with certain personally identifiable information which can be used to contact or identify you. This may include your name, your contact information i.e. phone or email.
  • Cookies when using our website – for more information please see our Cookie Policy.
  • If you are a job candidate, please see the section for job applicants on https://www.mitie.com/legal/privacy/.
  • If you are an existing employee, please see the Employee Privacy Policy on the Mitie Intranet.
  • CCTV may be collected when you visit our offices.
  • Marketing – if you consent to receiving marketing emails from us, we may hold your contact details.

How long will we keep your personal data?

We keep your personal details for as long as necessary for the reasons we are using them, and this will vary depending on our relationship with you.

Further information on how long we hold your data concerning the Custom Solar service can be requested by contacting us via [email protected]

Transferring and storing your data

We must transfer your data to our staff and suppliers outside the EEA for billing and finance administration purposes. We will ensure that we use appropriate safeguards to protect your data, including authorised standard contractual clauses and supplementary measures to ensure that your data has an equivalent level of protection to that of the UK or EEA. We will take all necessary steps to ensure that your data is secure and treated per this Privacy Notice. If you wish to find out more about the safeguards we use when transferring your data, please contact us at [email protected] or use the contact details provided in this Privacy Notice.

Data security and integrity

Mitie is committed to ensuring your data is kept secure from loss, misuse or alteration. We use technical, physical, and organisational security measures and comply with ISO27001 standards to keep your data secure.

We store all information provided via our websites on secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website. As such, any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to prevent unauthorised access.

Disclosure of your information

We may disclose your personal information to any member of our group, which means Mitie Group plc, its subsidiaries, and subsidiary undertakings from time to time (as defined in the Companies Act 2006).

We may also share or disclose your personal information to third parties in certain circumstances:

We may provide personal data to clients, third-party suppliers, service providers, professional advisors, and other business partners to enable us to provide or receive products or services.

In connection with the administration and operation of our business we may provide personal data to third parties who provide support services including IT, finance and accounting, and HR services and research, marketing, business development, and consultancy services.

If we sell or buy any business or assets, we may disclose your personal data to the prospective seller or buyer of such business or assets.

We may disclose or share your personal data if we are under a duty to do so to comply with any legal obligation or, where necessary, to enforce any legal right or contractual agreement, or to protect the rights, property, or safety of Mitie, our employees, Clients, or others. This includes exchanging information with other companies, organisations, and bodies for the purposes of fraud protection and credit risk reduction.

If you want to know more about how we share your data, please email us at [email protected].

Links to other websites

Our websites may contain links to and from the websites of our partner networks, advertisers, and affiliates.  If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data to these websites.

Changes to our privacy notice

This Privacy Notice was last updated in January 2025. Any changes we may make to our Privacy Notice in the future will be posted on this page, and we suggest that you check back frequently to see any updates or changes.

Your rights

You have certain rights which you can exercise if we are processing your personal data:

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right of erasure – you have a right, in certain circumstances, to ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply, you have a right to restrict the processing of your personal data.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing, such as direct marketing.
  • To exercise these rights, please contact us using the details given in this Privacy Notice or at [email protected]

Contact information

If you wish to make a complaint about how your personal data is being processed by us (or the third parties referred to in this Privacy Notice), or how your complaint has been handled, you have a right to lodge a complaint with our Data Protection Officer using the following contact details or by contacting [email protected].

If you have any questions about this Privacy Notice or your rights, you can contact us using the following details:

Data Protection Officer
Mitie Group plc
Level 12, The Shard
32 London Bridge Street
London SE1 9SG

You can also email us at:

[email protected]

You have the right to complain to the Information Commissioner’s Office (ICO). You can visit the ICO website for more information. Alternatively, you can contact them by post:

Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow
Cheshire
SK9 5AF