Privacy Notice

Last updated: 18.12.2025

Protecting your personal data is important to us. This Privacy Policy explains how Mipa USA, Inc. ("we", "us") processes personal data in connection with this website, our online services, and offline interactions. It applies to users in the European Union (GDPR) as well as in the United States of America, including applicable state privacy laws (in particular the California Consumer Privacy Act / California Privacy Rights Act – CCPA/CPRA), and to users in Canada in accordance with PIPEDA. This Privacy Policy is available on our website at all times and is made accessible wherever personally identifiable information may be requested.

Mipa USA, Inc.
13 American Way, Suite 15
Spotswood, NJ 08884
USA
Telephone: 1-732-416-9590
Email: [email protected]

Represented by: Matthew McGraw

Depending on how our services are used, we may process the following categories of personal data:

• Identification and contact data (e.g., name, email address, phone number)
• Communication data (e.g., emails, inquiries)
• Job application data (e.g., CVs, cover letters, certificates)
• Usage and access data (e.g., page views, anonymized IP address, device information)
• Newsletter data (email address, usage statistics)
• Location data (e.g., when using Google Maps after consent)

We do not process sensitive personal data as defined by the GDPR or the CCPA/CPRA (such as health data, biometric data, identification numbers, or social security numbers).

Personal data is processed for the following purposes:

• Operation, security, and optimization of the website
• Communication with users
• Processing inquiries and job applications
• Sending newsletters
• Statistical analysis and reach measurement
• Display of external content (e.g., maps, videos)
• Operation and maintenance of social media presences
• Consent management
• Security, fraud prevention, and error analysis
• Where applicable, marketing and communication activities, including potentially personalized content, subject to user consent

For users in the European Union, processing is based on Art. 6 GDPR (consent, performance of a contract or pre-contractual measures, legal obligation, or legitimate interest).
For users in the United States, processing is carried out in accordance with applicable federal and state privacy laws.

When visiting our website, our hosting provider automatically collects information in so-called server log files, including:

• Anonymized IP address
• Date and time of access
• Accessed pages or files
• Browser type and version
• Operating system

This data is processed exclusively to ensure the technical operation, security, and stability of the website. It is not combined with other data sources and is not used for personal profiling.

If you apply by email, we process the personal data you provide solely for the purpose of carrying out the application process and deciding on the establishment of an employment relationship.

We use CleverReach to send newsletters. Registration takes place using a double opt-in procedure. You may unsubscribe from the newsletter at any time using the link provided in each email.

We process personal data of customers, prospective customers, suppliers, service providers, and business partners in connection with the initiation, performance, and termination of business relationships.

Processing is carried out in particular for purposes of communication, contract performance, project planning, billing, administration, security, and – where legally permitted – relationship management and marketing activities.

The processed data may include contact and communication details, contractual and billing information, payment data, and other information necessary for a contractual or project-based relationship or voluntarily provided.

Processing is based – depending on applicable law – on the performance of a contract or pre-contractual steps, compliance with legal obligations, legitimate business interests, or consent where required.

We use the consent management tool "Cookieman" to manage user consents. In doing so, the consent status, time of consent, and an anonymous identifier are stored.

Videos are embedded using youtube-nocookie.com. Data is transmitted to Google only after your consent or when you actively play a video.

We maintain profiles on Instagram, Facebook, LinkedIn, Xing, YouTube, and TikTok. When visiting these platforms, the privacy policies of the respective providers apply.

Google Maps is loaded only after your consent. In doing so, personal data may be transferred to Google LLC (USA).

We use Matomo without cookies. The processed data is anonymized and does not allow identification of individual users. The data is not combined with other data sources.

Our website may contain links to external third-party websites. We are not responsible for the content or privacy practices of those websites.

We also process personal data offline, for example in connection with telephone inquiries, written correspondence, or personal contacts.

Users in the European Union have the rights granted under the GDPR, including the right of access, rectification, erasure, restriction of processing, data portability, objection, and withdrawal of consent.

Users in the United States, in particular California residents, have rights under applicable state privacy laws, including the right to access, delete, and correct personal data. We do not sell or share personal data as defined by the CCPA/CPRA.

Requests may be submitted via email or telephone. We may require reasonable identity verification. Authorized agents are accepted.

Where personal data is transferred to the United States or other third countries, this is done on the basis of appropriate safeguards (e.g., standard contractual clauses) or your consent.

We implement appropriate technical and organizational measures to protect personal data against loss, misuse, unauthorized access, disclosure, alteration, or destruction. These measures are reviewed regularly and adapted to the state of the art.

For users residing in Canada, the following additional provisions apply in accordance with the Personal Information Protection and Electronic Documents Act (PIPEDA) and, where applicable, provincial privacy laws:

Personal data is processed only with express or implied consent, depending on the nature of the information and the context in which it is collected and used. Consent may be withdrawn at any time with effect for the future, subject to statutory retention obligations.

We collect, use, and retain personal data solely for the purposes for which it was collected or as otherwise permitted or required by law. Personal data is retained only as long as necessary to fulfill those purposes and is subsequently securely deleted or anonymized.

We may engage third-party service providers to process personal data on our behalf. Such providers are contractually obligated to maintain confidentiality, implement appropriate security safeguards, and process personal data solely in accordance with our instructions.

Personal data may be processed outside of Canada, in particular in the United States or the European Union. In such cases, the data may be subject to the laws of those jurisdictions, including potential access by public authorities.

Canadian users have the right to access their personal data and request correction of inaccurate or incomplete information. Requests may be submitted using the contact details provided in this Privacy Policy.

If you believe that your personal data has not been handled in accordance with Canadian privacy laws, you may also contact the Office of the Privacy Commissioner of Canada (OPC).