Privacy Policy

Last updated: May 9, 2026.

This Privacy Policy explains how Miptz Pixel Converter (“Miptz”, “we”, “our” or “us”) collects, uses and shares information when you visit miptz.com or use any of our image conversion, resizing and cropping tools (the “Service”). It applies to information collected through the Service, in e-mail and other electronic messages, and in any related interactions you have with our team. By using the Service you agree to the practices described here. If you disagree with any element of this Policy, please discontinue use of the Service immediately.

Editorial intent on data protection

Miptz is a small Paris atelier and the team is small enough that data-handling decisions are not delegated to a sub-processor we have never met. The CNIL framework that protects you under French law is real, and the operational hygiene that backs it — short retention, no analytics on image content, no model training — is real too.

Cropped photos never reach Miptz servers in the first place because the cropper runs inside your browser tab. That is a privacy win the legal scaffolding cannot create on its own; it is an architectural choice. Converted and resized files stay on our infrastructure for at most twenty-four hours.

1. Who is responsible for your data

The data controller for the purposes of the EU GDPR (Règlement général sur la protection des données) and the French « Loi Informatique et Libertés » is Miptz Pixel Converter, with operating address 10 Rue de la Paix, 75002 Paris, France, France. You can contact our privacy team at support@miptz.com for any question, complaint or rights request relating to this Policy. The supervisory authority competent for the Service is the Commission nationale de l’informatique et des libertés (CNIL) (https://www.cnil.fr); you can lodge a complaint directly with that authority if you are dissatisfied with how we have handled a request.

2. Information we collect

Miptz is intentionally a low-data product. The categories of information we collect are limited to the following:

• Image content you upload. When you use the converter or resizer, your image is sent to our processing server, written to a temporary working directory, and processed by Imagick. The cropper does its work entirely inside your browser, so cropped photos are not transmitted to us.
• Technical request data such as your IP address, user-agent string, requested URL, referrer header, response code and approximate request timing. This data lives in standard web-server access logs.
• Optional contact form data — name, e-mail, message body — if you choose to write to us through the contact form.
• Cookies and similar storage placed by us or our advertising partners, as described in section 6.

2.a. What we never collect

We do not ask for and do not collect government-issued identification, payment cards, full names, dates of birth or other sensitive identifiers. The Service does not require an account, so we do not maintain user profiles tied to long-term identifiers.

3. How we use information

Miptz uses the data described above for the following purposes only:

• To deliver the conversion, resize or crop you requested and to make the resulting file available to you for download.
• To detect and mitigate abuse, automated scraping or attempts to overwhelm the Service.
• To investigate and respond to your support enquiries.
• To produce aggregated, anonymous performance and audience statistics that help us decide which features deserve more engineering time.
• To serve and measure relevant advertising, in line with section 6.

4. How long we keep information

Uploaded images and converted output files are removed by an automatic sweeper within twenty-four hours of being created. Server access logs are kept in rotated form for up to ninety days for security investigation purposes, after which they are deleted or anonymised. Contact form messages are retained as long as the customer relationship is active and for up to two years after the last interaction. Aggregated, anonymous statistics may be kept indefinitely because they cannot be tied back to an individual.

5. Legal basis for processing

For users protected by the EU GDPR (Règlement général sur la protection des données) and the French « Loi Informatique et Libertés », we rely on the following legal bases under Article 6 of the GDPR (or its equivalent national provision): (a) performance of a contract with you when we run the conversion you requested; (b) legitimate interests for security, fraud prevention and aggregated analytics; and (c) consent for non-essential cookies, advertising personalisation and any e-mail marketing you may explicitly subscribe to. Where consent is the basis, it can be withdrawn at any time without affecting the lawfulness of processing carried out before withdrawal. For Swiss users protected by the revised Federal Act on Data Protection, the same legal bases apply by analogy through Article 31 FADP.

6. Cookies, third-party advertising and DoubleClick

The Service uses cookies and similar technologies to operate properly and to support advertising-funded access. We distinguish between three categories:

• Strictly necessary cookies, such as the session cookie used by the dark / light mode preference.
• Analytics cookies set by aggregated analytics providers such as Google Analytics. These cookies help us understand which pages and tools are popular without identifying you personally.
• Advertising cookies, including the Google DoubleClick (DART) cookie, placed by Google or other third-party vendors to serve advertisements based on your prior visits to this site or other sites on the internet.

Miptz participates in the Google AdSense / DoubleClick programme. As a third-party vendor, Google may use cookies to serve ads on miptz.com. Google's use of advertising cookies enables it and its partners to serve ads to you based on your visit to our Service and other sites on the Internet. You may opt out of personalised advertising by visiting Google's Ads Settings page, by visiting the EDAA's Your Online Choices portal (EU users) or the Network Advertising Initiative opt-out page. Disabling advertising cookies will not stop advertising entirely, but the advertisements you see will no longer be personalised based on your activity.

You can also disable, block or delete cookies directly from your browser settings. Doing so may affect parts of the Service that depend on persistent preferences.

7. Sharing of information

Miptz does not sell your personal information. Data is shared only with: (a) infrastructure providers who host the Service and process data strictly under our instructions; (b) analytics and advertising partners as described in section 6; and (c) law enforcement or regulatory authorities where we are required by law to disclose information.

8. International data transfers

Our infrastructure is operated within the European Economic Area or the United Kingdom. Our advertising and analytics partners may transfer aggregated data to countries outside the EEA / UK, including the United States. Where we rely on such partners, we require them to implement appropriate safeguards using EU Standard Contractual Clauses and CNIL recommendations, in line with the EU GDPR (Règlement général sur la protection des données) and the French « Loi Informatique et Libertés ». You can request a copy of the relevant safeguards by contacting support@miptz.com.

9. Your rights

You have the right, under the EU GDPR (Règlement général sur la protection des données) and the French « Loi Informatique et Libertés » and equivalent legislation, to: (a) access the personal data we hold about you; (b) request rectification of inaccurate data; (c) request deletion (the “right to be forgotten”); (d) request restriction of processing; (e) object to processing on the basis of legitimate interests; (f) request data portability; and (g) withdraw consent at any time where consent is the legal basis. You also have the right to lodge a complaint with the competent supervisory authority — for users of the miptz.com service, this is the Commission nationale de l’informatique et des libertés (CNIL).

To exercise any of these rights, write to support@miptz.com with a description of your request and enough information to verify your identity. We will respond within thirty days, or within the shorter window required by your jurisdiction. There is no fee for ordinary requests; manifestly unfounded or excessive requests may attract a reasonable administrative fee or be refused.

10. Automated decision-making and profiling

Miptz does not use the personal data we process for any automated decision-making within the meaning of Article 22 GDPR (or its national equivalent). We do not build behavioural profiles on individual visitors. The advertising cookies described above are operated by third parties and are subject to those parties’ own profiling and opt-out arrangements.

11. Children’s privacy

Miptz is not directed at children under the age of 15 (the age of digital consent under the EU GDPR (Règlement général sur la protection des données) and the French « Loi Informatique et Libertés ») and we do not knowingly collect personal information from them. If you believe a child has submitted information through the Service, contact us at support@miptz.com and we will delete the data promptly.

12. Security of processing

We apply technical and organisational measures appropriate to the risk presented by processing, including transport-layer encryption (HTTPS) for every interaction with the Service, prepared-statement database access to mitigate injection attempts, file-name regeneration and MIME-type validation on every upload, and short retention windows for working files. No system can be perfectly secure; you should still take reasonable precautions on your end (use a current browser, keep operating-system updates installed, do not upload files containing sensitive information you would not want to risk).

13. Changes to this Policy

We may revise this Privacy Policy from time to time to reflect operational, legal or regulatory changes — for example, when the Commission nationale de l’informatique et des libertés (CNIL) issues new guidance relevant to advertising-funded websites, or when our infrastructure footprint changes. The “last updated” date at the top of the page indicates when the most recent revision took effect. Material changes will be highlighted on the home page for a reasonable period after publication.

14. Contact