Contact us

MIMABS’ Website Privacy & Cookies Policy

MIMABS (S.A.S) (“MIMABS”, “we”, “us” or “our”) has established its website privacy and cookies policy (the “Policy”) in compliance with applicable regulations, especially the Regulation (EU) 2016/679 of 27 April 2016 (“GDPR”) and French Law N°78-17 of 6 January 1978 (Loi Informatique et Libertés) as amended pertaining to data protection.

Data of a personal nature (or “Personal Data”) denotes any information relating to an identified or identifiable natural person. A person is deemed to be identifiable when he or she can be directly or indirectly identified, especially via an ID number or any of a number of elements specific to his or her physical, physiological, psychological, economic, cultural or social identity.

This Policy applies to the processing of Personal Data controlled by MIMABS and explains how and why your Personal Data are collected, used and stored by MIMABS.

Please read the following carefully to understand MIMABS’s views and practices regarding your Personal Data and how MIMABS will treat it.

I.WHO WE ARE

MIMABS is a privately-owned biotechnology company located within 117 Avenue de Luminy, 13009 Marseille and specializing in production and pharmacological characterization activities in relation to monoclonal antibody drug candidates and drug candidate antibodies derived from monoclonal antibodies, and in in-vitro, ex-vivo and in-vivo immuno-oncology and oncology preclinical models and target validation.

For the purpose of data protection legislation in force, MIMABS is acting as the controller of the Personal Data according to the GDPR.

II.PURPOSE OF THE POLICY

MIMABS is committed to protecting the Personal Data of visitors and users (the “User(s)” or “you”) of its website www.mimabs.com  (the “Site”).

This Policy explains:

  • how we collect and use your Personal Data,
  • how we use cookies and similar technologies,
  • and what rights you have under the GDPR and the French Law N°78-17 of 6 January 1978.

By using the Site, you acknowledge that you have read this Policy.

III.PERSONAL DATA WE COLLECT

MIMABS  may collect several and various categories of Personal Data from you, depending on how you interact with the Site, including but not limited to the following Personal Data as described below:

3.1 Personal Data you provide directly

Via our forms or direct contact, for example:

  • Identification and professional data:
    • first name, last name
    • job title / role
    • company name
  • Contact data:
    • professional email address
    • telephone number
  • Content of your messages:
    • details of your request, project information, feedback, etc.

This Personal Data is typically collected when you:

  • fill in a contact form,
  • request information about our solutions,
  • register for an event, demo or webinar,
  • or contact us directly by email or phone.

3.2 Personal Data collected automatically via cookies

When you browse the Site, MIMABS may also automatically collect technical and usage Personal Data via cookies and similar technologies whenever you interact with the Site, such as:

  • IP address,
  • browser type and settings,
  • device type and operating system,
  • pages visited, time and duration of visits,
  • clickstream data, interactions with pages or forms.

This Personal  Data are collected through tools such as:

  • Google Tag Manager (GTM) – tag management,
  • Google Analytics – audience measurement and usage statistics,
  • Axeptio – consent management platform for cookies.

IV PURPOSE AND LEGAL BASES OF PROCESSING

MIMABS may process your Personal Data on the basis of a legal obligation, your consent, and a contractual relationship with you.

MIMABS collects and processes your Personal Data for the following purposes and on the following legal bases:

4.1 Managing contact and information requests

  • Processing your enquiries submitted via contact forms or email,
  • Answering your questions about our products and services,
  • Organizing follow-up calls or meetings.

Legal bases:

  • Pre-contractual measures taken at your request,
  • Our legitimate interest in responding to prospects and clients.

4.2 Managing B2B business relationships and opportunities

  • Recording your details in our Creatio CRM,
  • Following up on opportunities with you and your company,
  • Preparing and sending proposals,
  • Managing contractual relationships with corporate clients.

Legal bases:

  • Performance of a contract (where you act on behalf of a client),
  • Our legitimate interest in managing and developing our B2B commercial activity through our Creatio CRM.

4.3 Professional communication and marketing (B2B)

  • Sending you information about MIMABS (product updates, scientific content, events, webinars, newsletters),
  • Sending targeted communications to professional contacts who have shown interest in our solutions.

Legal bases:

  • Our legitimate interest in promoting our B2B solutions to professional contacts,
  • And, where required by local rules, your consent (which can be withdrawn at any time).

You can opt out of marketing emails at any time by clicking the unsubscribe link included in each message.

4.4 Site security, quality and audience measurement

  • Ensuring the security and integrity of the Site,
  • Measuring the performance and audience of the Site (via Google Analytics),
  • Improving navigation and content based on aggregated statistics.

Legal bases:

  • Our legitimate interest in securing our Site and understanding how it is used,
  • Your consent for non-essential cookies (analytics, marketing), collected and managed via Axeptio.

V. HOW ARE YOUR DATA COLLECTED AND BY WHO ?

MIMABS will collect your Persona Data through:

  • the Site (including when creating a client account, buying a service or sending a message to MIMAB’s support team);
  • Dedicated website for job application
  • Exchanges with you whether you are client or prospect;

Your Personal Data may be accessed by or communicated to:

  • Internal teams of MIMABS SAS:
    • teams in charge of marketing, sales, communication, IT, production, management and support, strictly on a need-to-know basis.
  • Service providers and subcontractors, acting on our instructions and on the basis of contracts that include data protection clauses, in particular:
    • Hosting providers of the Site,
    • Google (Google Tag Manager, Google Analytics),
    • Axeptio (cookie consent management platform),
    • Other IT, support or analytics providers where necessary.
  • Public authorities, regulators or courts, where the law requires us to do so, or for the establishment, exercise or defence of legal claims.

VI.TRANSFER OF PERSONAL DATA

If your Personal Data are stored and are transferred outside the European Economic Area (EEA), to a third party in a country that does not provide an adequate level of protection for Personal Data, MIMABS will take suitable steps to ensure that your Personal Data is treated just as safety and securely as it would be under the GDPR.  

Some of our service providers (for example Google) may be located or store data outside the European Economic Area (EEA).

In such cases, we ensure that appropriate safeguards are in place, in compliance with GDPR requirements.

MIMABS does not sell or otherwise transfer your Personal Data to any third party for their own direct use.

In some limited circumstances, MIMABS may also transfer your Personal Data to third parties if it is required by legal or regulatory provisions or as part of requests by third parties with a legitimate interest (e.g., intellectual property rights enforcement).

You may contact us for more details about such transfers and the applicable safeguards.

VII. HOSTING PERSONAL DATA AND PERSONAL DATA RETENTION DURATION

Your Personal Data on the Site is hosted only on secure servers located in France at the following address:

Host name: O2SWITCH

Address: Chemin des Pardiaux 63000 Clermont-Ferrand SAS au capital de 100 000 euros

Website: www.o2switch.fr

Personal Data are kept in compliance with legal and tax provisions for a duration that shall not exceed that which is necessary for the purposes data were collected and processed for. Therefore, MIMABS retains your Personal Data only for as long as strictly necessary for the purposes previously mentioned or to satisfy legal requirements.

MIMABS has set retention periods for Personal Data in line with MIMABS’s internal data retention policy according with criteria such the nature of the Personal Data, its perceived accuracy and MIMABS’s legal obligations.

In particular:

  • Prospects / professional contacts:
    • Kept for up to 5 years from the last interaction initiated by you (click in an email, visit to the Site via a tracked link, reply to an email, meeting, etc.), unless you object earlier.
  • Client-related data:
    • Kept for the duration of the contractual relationship, then archived for the applicable statutory limitation periods (for example for accounting or legal purposes).
  • Cookies and trackers:
    • Retention periods depend on the type of cookie (see Section11). Analytics cookies are typically kept for a maximum of 13 months in line with CNIL recommendations, and consent is kept for a maximum of 6 months or 13 months (depending on configuration) via Axeptio.

After these periods, data are deleted or anonymised, unless a longer retention period is required or permitted by law.

VIII. LINK TO OTHER WEBSITES

The Site may contain links to third party websites that may offer useful information to you. Please be aware that MIMABS’ Policy does not apply to processing of Personal Data by those third-party websites. Therefore, MIMABS cannot hold responsible for these third-party websites’ processing of your Personal Data. MIMABS recommends communicating with such parties directly for information on their respective website privacy policy.

IX. INTELLECTUAL PROPERTY

All content available on the Site (texts, images, graphics, logos, icons, and layout) is protected by intellectual property laws and is the property of MIMABS or its partners.

Any reproduction or use of this content, in whole or in part, without prior written authorization from MIMABS is prohibited.

 Photos Credits : Adobe Photostock, photographers : Ludovic Perez et GIELLA Caroline, 9, rue Jean-François Leca 13002 Marseille FRANCE

X. RESPONSIBILITY AND GARANTEES RELATING TO SITE ACESS

MIMABS takes appropriate measures to maintain the continuity and quality of the Site.

Thus MIMABS implements appropriate technical and organisational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorised access or disclosure.

These measures include, where relevant:

  • access control and authentication mechanisms,
  • secure hosting and communication channels (e.g. HTTPS),
  • backup and recovery procedures,
  • limiting access to data to authorized persons only.

MIMABS shall not be held responsible for disruptions on the Internet due to force majeure within the definition of the French Court of Cassation’s jurisprudence or as a result of MIMABS’s programmed Service Maintenance Operations. Neither can MIMABS be held responsible for the installation and functioning of the devices used by the Users to access the Site’ services and not provided by MIMABS.

MIMABS can in no event be held responsible for the repair of any indirect damage suffered by users while using the Site’s services. Indirect damage means any damage not resulting exclusively and directly from any failure of the Site’s services.

XI. COOKIE PROCESSING POLICY

11.1 Use and definition

Our Site uses cookies. Continuing to browse on our Site signifies your consent to our use of cookies in compliance with the terms of this Policy.

Cookies are small text files placed and stored on your device (computer, smartphone, tablet) when you visit the Site. They are widely used to make websites work, improve their efficiency, and provide information to site owners.

Similar technologies (tags, pixels, local storage, etc.) may also be used. For simplicity, we refer to all of these as “cookies”.

In general cookies do not contain any information allowing a User to be identified personally, but the personal information that we store about you may be linked to information stored in the cookies and retrieved from them.

Subject to the alternatives deriving from your browser’s parameters, we use various cookies on our web Site which are described below.

11.2 Cookie management via Axeptio

The Site uses Axeptio as a cookie consent management platform.

When you visit the Site for the first time, an Axeptio banner allows you to:

  • obtain information about the cookies used,
  • accept or refuse non-essential cookies (in particular analytics cookies),
  • configure your preferences by category (e.g. analytics, marketing), if applicable.

You can change your cookie preferences at any time by clicking on the “Cookie settings” / “Axeptio” widget visible on the Site.

11.3 Types of cookies used on the Site

We may use the following categories of cookies:

(a) Strictly necessary cookies

These cookies are essential for the proper functioning of the Site and cannot be disabled in our systems. They are generally set only in response to actions you take such as setting your privacy preferences, logging in or filling in forms.

They enable, for example:

  • basic Site operations and navigation,
  • security features,
  • saving your cookie choices made via Axeptio.

Legal basis: our legitimate interest in providing a functional and secure website.

(b) Analytics / audience measurement cookies (Google Analytics via GTM)

These cookies help us understand how visitors use the Site, in order to measure and improve its performance:

  • pages visited,
  • time spent on each page,
  • navigation paths,
  • technical information about your browser and device (in an aggregated way).


We use Google Analytics, implemented via Google Tag Manager, possibly with IP anonymisation features.

Legal basis: your consent, collected via Axeptio. 

If you refuse these cookies, your visit will not be tracked in Google Analytics.

(c) Functional and personalization cookies (if used)

These cookies allow the Site to remember your choices and preferences (e.g. language selection). They may be used to offer a more tailored experience.

Legal basis: our legitimate interest in providing a convenient user experience, or your consent where required.

11.4 How to manage or delete cookies

You can manage cookies in several ways:

  1. Via Axeptio (recommended)
    • Use the cookie banner when you first visit the Site to accept or refuse analytics cookies.
    • Change your preferences at any time by clicking the “Cookie settings” / Axeptio widget on the Site.
  2. Via your browser settings

You can configure your browser to:

  1. block all cookies,
  2. accept only certain types of cookies,
  3. delete cookies already stored on your device.
  4. The procedure depends on your browser (Chrome, Firefox, Safari, Edge, etc.). Please refer to your browser’s help section.

If you disable certain cookies, please note that some features of the Site may not function properly.

XII. YOUR RIGHTS

12.1 Your rights under GDPR

Under the GDPR and the French Law N°78-17 of 6 January 1978, you have the following rights regarding your Personal Data:

  • Right of access: obtain confirmation that we process your Personal Data and receive a copy.
  • Right to rectification: request correction of inaccurate or incomplete Personal Data.
  • Right to erasure (“right to be forgotten”): in certain cases, request deletion of your Personal Data.
  • Right to restriction of processing: request that we temporarily limit the use of your Personal Data.
  • Right to object:
    • to processing based on our legitimate interest, on grounds relating to your particular situation;
    • at any time, to the processing of your Personal Data for direct marketing purposes.
  • Right to data portability: receive the Personal Data you provided to us in a structured, commonly used and machine-readable format, and transmit it to another controller where technically feasible.
  • Right to withdraw your consent: where processing is based on consent, you may withdraw it at any time (this will not affect the lawfulness of processing carried out before withdrawal).

For any inquiry regarding your rights or to exercise them, you may contact our Data Protection Officer (DPO):

  • via email: contact@mimabs.com
  • via mailing address: “att Delegate for the Protection of Personal Data “

MIMABS

Legal form:  SAS with a share capital of 711 040,00 €

Registered office: 117 AVENUE DE LUMINY, 13009 MARSEILLE

Registration number (RCS): 891 034 282 R.C.S. Marseille

Should you request deletion of Personal Data, this will be effective upon reception of the request and definitive one (1) month afterward.

12.2 Your Rights under  the CNIL

If you believe that we have not respected your rights or that your Personal Data has been processed in a way that does not comply with applicable regulations, you have the right to lodge a complaint with the Commission Nationale de l’Informatique et des Libertés (French IT and Liberty Commission) (“CNIL”), the supervisory authority in charge of compliance with obligations relating to data of a personal nature, located at :

  • 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, France.

Telephone: +33.1.53.73.22.22

We encourage you to contact us first, so that we can try to resolve your issue directly.

XIII. GOVERNING LAW AND JURISDICTION

This Policy is subject to law of France. Any difficulties relating to the validity, application or interpretation of this policy shall be submitted, failing amicable agreement, to the courts of Marseille, France to whom the Parties assign territorial jurisdiction, regardless of the place of performance or residence of the defendant.

XIV. CONTACT DETAILS AND CHANGE TO THIS POLICY

14.1 Contact Details

This Site belongs to and is operated by MIMABS.

 Legal form:  MIMABS SAS with a share capital of 711 040,00 €

Registered office: 117 AVENUE DE LUMINY, 13009 MARSEILLE

Registration number (RCS): 891 034 282 R.C.S. Marseille

VAT number: FR41891034282117 Avenue de Luminy, 13009 MARSEILLE FRANCE.

Contact e-mail address: contact@mimabs.com

Publishing Director: Nadège LABORDE

14.2 Change to this Policy

We may update Policy from time to time, in particular to reflect changes:

  • in our processing activities,
  • in the tools we use (e.g. analytics or CRM),
  • or in applicable legal and regulatory requirements.

Any update will be published on this page and, where appropriate, notified to you by a suitable means (e.g. banner or email).

The “Last update” date at the top of this page indicates the most recent revision.