Privacy at Enigma
Effective Date: February 25, 2020
Applicability – Legal Entities
Our Purpose for Collecting Information
Enigma collects personal information so that we can provide business intelligence products to other companies. Our Services enable companies to better understand who their current and prospective customers are, meet their compliance and regulatory obligations, and manage their financial risks.
Enigma also collects personal information to maintain and improve our website and Services, solicit your feedback, and inform you about new Services or changes to existing Services.
The Information We Collect: What We Collect and How We Collect It
In general, Enigma collects information regarding U.S. businesses, business professionals, and users of our website and Services. The information we collect is either (a) provided directly by you through visits to our website, use of our Services, or engagement with our marketing or sales activities, (b) acquired by third-party data providers, or (c) otherwise publicly available information.
The specific categories of information Enigma collects and their sources are described below.
Information About Businesses and Business Professionals: Through publicly available information, such as government records, and third-party data providers, Enigma collects information about companies and associated persons, such as names, titles, business addresses, email addresses, domain names, EIN numbers, and incorporation and tax records. From these same sources, Enigma also collects non-business personal information, such as personal, non-business addresses and email addresses, to increase the precision of our business information. Enigma may obtain similar information regarding businesses and business professionals directly from you, through your use of the Services (e.g., through your API queries). In such cases, the original source of the information you provide is anonymous to Enigma.
Information You Provide Through Our Website: When you visit our website, we automatically collect certain information that, on its own, cannot be used to identify you. Examples of such information include IP address, browser type and language, referring and exit pages and URLs, the particular pages of our website that you visit and the time spent on each, and similar information concerning your use of the website. We also collect “cookies” - small data files that a website stores on the hard drive of your computer or mobile device to “remember” information about your visit. If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or mobile device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. Please note, however, that if you decide not to accept cookies from us, our website and/or Services may not function properly.
Personal Information You Provide Through Our Website: When you engage with our website by, for example, choosing to contact us, you may be asked to provide additional information, such as your name and email address. When you provide this information, Enigma may link it to the information we collect automatically through our website (described above).
Personal Information You Provide Through Your User Account: To purchase and/or use our Services, including both free and paid Services, you are required to create a User Account. Upon creation of a User Account, Enigma collects your name, email address, and a password. As with the rest of our website, Enigma will automatically collect information associated with any subsequent use of your User Account, such as IP address, log-in time stamps, and features viewed.
Personal Information You Provide Through Marketing or Sales Activities: Enigma may collect your personal information, including name, company and email address, when you engage with marketing activities, such as subscribing to company updates or alerts or downloading a white paper. Enigma may collect similar information through sales activities, such as phone conferences or meetings.
Payment Information: To purchase our Services, you may be required to submit credit card and other payment information (e.g., billing zip code). This information is collected and processed by our third-party payment processor operating as our agent (See, Onward Transfers to Third-Party Service Providers). Enigma does not directly process any payment information.
Sensitive Personal Information: Enigma may collect sensitive personal information associated with certain customers’ clients, such as individuals’ social security numbers and dates of birth, in order to provide certain Services. We will collect this sensitive personal information only if it is necessary for a business purpose and only when voluntarily provided by our customers with the consent of their clients.
How We Use and Share Your Information
Enigma collects the categories of information described above to operate our website and Services, including delivering intelligence on U.S. businesses, responding to user inquiries, providing customer service, sending administrative information, and personalizing your user experience. Enigma will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized and will take reasonable steps to ensure that the personal information we collect is relevant for its intended use, accurate, complete, and current.
Enigma will not disclose your information to any third party except in connection with a legitimate use as described below.
For Google Analytics, please visit: https://www.google.com/analytics
For Mixpanel, please visit: https://mixpanel.com
For Google Adwords, you can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely adjusting your by cookie settings or permanently using a browser plugin.
Sharing of Aggregate Data: We may analyze the information you provide through our website and Services in aggregate form in order to operate, maintain, manage, and improve the site and Services. This aggregate information does not identify you personally. We may share this aggregate data with agents and business partners. We may also disclose aggregated user statistics in order to describe our Services to current and prospective business partners and to other third parties for other lawful purposes. In addition, we may provide aggregated statistical collective user information to our partners so that they understand how often people use specific components of our Services.
Disclosures to Public Authorities: In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas.
Your Choices Matter
Enigma respects your privacy preferences and offers the following ways through which you may control how we contact you, maintain your information, and share your information.
Opt-In to Certain Onward Transfers: We will not transfer your personal information to a third party acting as a controller without first providing you with information regarding the identity of such controller or the nature of such controller’s business and obtaining your opt-in consent.
Opt-Out for Direct Marketing: You may opt out at any time from the use of your personal information for direct marketing purposes by e-mailing the instructions to this email address: email@example.com or by clicking on the “unsubscribe” link located on the bottom of any Enigma marketing email. Please allow us a reasonable time to process your request. Please also note that we may continue to send you transactional or service-related e-mails despite your desire to not receive promotional or marketing related e-mails.
Enigma takes commercially reasonable security measures to protect personal information from unauthorized access and disclosure. These measures include the implementation of reasonable technical, physical, and administrative data security safeguards that are consistent with our business operations and industry standards.
While we take reasonable precautions, no method of internet transmission or electronic storage is 100% secure or error-free. We therefore cannot guarantee your information’s absolute security and encourage you to take special care in deciding what information you send to us via e-mail or other electronic means.
Retention of Personal Information
Links to External Websites
Consent to Transfer
It is important to note that our website, the Services, and their servers are operated in the United States. If you are located outside of the United States, please be aware that any information provided to or collected by us, including personal information, will be transferred from your country of origin to the United States. Except in the case of data transfers under the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Framework, your decision to provide such data to us, or allow us to collect such data through our website and Services, constitutes your consent to this data transfer.
The General Data Protection Regulation (“GDPR”)
Enigma endeavors to comply with the provisions of the GDPR as to any information in its possession regarding EU-based persons (“data subjects”). As such, Enigma only processes personal information on data subjects where it has a lawful basis to do so, which may include consent of the data subject (especially in the case of website visitors who provide their information), performance of a contract, compliance with a legal obligation, or the legitimate interest of the controller or a third party. Enigma provides notice to all data subjects as required by GDPR Article 13 or 14, as appropriate, and honors the rights of data subjects provided in Articles 12-23, including the right to be forgotten.
Important Notice for Residents of the European Economic Area, the United Kingdom, and Switzerland
Enigma has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to BBB PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Enigma, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. If these processes do not result in a resolution, you may also contact your local data protection authority, the U.S. Department of Commerce, and/or the Federal Trade Commission for assistance. If your complaint still remains unresolved, then you have the right to invoke binding arbitration by the Privacy Shield Panel upon written notice to Enigma at firstname.lastname@example.org.
Publicly Available Information
California Privacy Notice
Your Rights as a Consumer
Pursuant to Section 1798.83 of the California Civil Code, also known as the California Consumer Privacy Act of 2018 (“CCPA”), "consumers" have specific rights in and to their personal information. Your rights as a consumer are as follows:
Right of Access to Collected Information: You have the right to request that Enigma disclose the categories and specific pieces of personal information that we have collected about you.
Right of Access to Information Sold or Disclosed for a Business Purpose: You have the right to request that Enigma disclose the categories of personal information that we have sold or otherwise disclosed to a third party about you.
Right to Request Deletion: You have the right to request that Enigma deleted any of your personal information that we have collected and retained about you, subject to certain exceptions. We may deny your deletion request if retaining your personal information is necessary for us to: complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, comply with a legal obligation, or otherwise as set forth in the CCPA.
Right to Opt-Out of the Sale of Your Personal Information: You have the right to prohibit Enigma from selling your personal information.
Right of Non-Discrimination: You have the right to exercise any or all of the rights identified above free of discrimination. You do not need to request this right – it is a right Enigma will always give you in regard to any CCPA request.
If you wish to exercise your CCPA rights, please contact Enigma via email at email@example.com or call 1-800-510-2856 and clearly state that you are a resident of the state of California and wish to exercise your CCPA rights. We will ask for additional information to verify your identity.
Information that We Have Collected, Sold, or Disclosed for a Business Purpose
Information that we may have collected, sold, or disclosed for a business purposes in the last 12 months includes:
Personal information listed in the California Customer Records statute
Internet or other similar network activity information
Professional or employment related-information
Questions or Concerns
If you have any questions or concerns regarding privacy at Enigma, please send us a detailed message to firstname.lastname@example.org or to Enigma Technologies, Inc. at 245 Fifth Avenue, 17th Floor, New York, NY 10016. Your privacy is important to us and we will make every effort to resolve your concerns.