Privacy Policy | Business data and intelligence | Enigma
Privacy Policy

Privacy at Enigma

Effective Date: February 25, 2020

We at Enigma (“we,” “us,” or “our”) understand that you care about protecting your information.  This privacy policy (“Privacy Policy”) explains how Enigma collects, shares, and protects your information. This includes the information we collect when you visit our website, www.enigma.com, or purchase and/or use our services (“Services”), as well as the information we collect to enable our Services. When you visit our website and use our Services, you agree to this Privacy Policy. 

Use of our website or Services is governed by our Terms of Service. Capitalized terms not defined in this Privacy Policy shall have the meaning set forth in our Terms of Service. 

Applicability – Legal Entities

For purposes of this Privacy Policy, “Enigma” includes Enigma Technologies, Inc., a Delaware limited liability company, and its affiliates.

Our Purpose for Collecting Information

Enigma collects personal information so that we can provide business intelligence products to other companies. Our Services enable companies to better understand who their current and prospective customers are, meet their compliance and regulatory obligations, and manage their financial risks.

Enigma also collects personal information to maintain and improve our website and Services, solicit your feedback, and inform you about new Services or changes to existing Services.

The Information We Collect:  What We Collect and How We Collect It

In general, Enigma collects information regarding U.S. businesses, business professionals, and users of our website and Services. The information we collect is either (a) provided directly by you through visits to our website, use of our Services, or engagement with our marketing or sales activities, (b) acquired by third-party data providers, or (c) otherwise publicly available information.

The specific categories of information Enigma collects and their sources are described below.

  • Information About Businesses and Business Professionals:  Through publicly available information, such as government records, and third-party data providers, Enigma collects information about companies and associated persons, such as names, titles, business addresses, email addresses, domain names, EIN numbers, and incorporation and tax records. From these same sources, Enigma also collects non-business personal information, such as personal, non-business addresses and email addresses, to increase the precision of our business information. Enigma may obtain similar information regarding businesses and business professionals directly from you, through your use of the Services (e.g., through your API queries). In such cases, the original source of the information you provide is anonymous to Enigma. 

  • Information You Provide Through Our Website:  When you visit our website, we automatically collect certain information that, on its own, cannot be used to identify you.  Examples of such information include IP address, browser type and language, referring and exit pages and URLs, the particular pages of our website that you visit and the time spent on each, and similar information concerning your use of the website. We also collect “cookies” - small data files that a website stores on the hard drive of your computer or mobile device to “remember” information about your visit. If you do not want us to place a cookie on your hard drive, you may be able to turn that feature off on your computer or mobile device. Please consult your Internet browser’s documentation for information on how to do this and how to delete persistent cookies. Please note, however, that if you decide not to accept cookies from us, our website and/or Services may not function properly.

  • Personal Information You Provide Through Our Website:  When you engage with our website by, for example, choosing to contact us, you may be asked to provide additional information, such as your name and email address. When you provide this information, Enigma may link it to the information we collect automatically through our website (described above).

  • Personal Information You Provide Through Your User Account:  To purchase and/or use our Services, including both free and paid Services, you are required to create a User Account. Upon creation of a User Account, Enigma collects your name, email address, and a password.  As with the rest of our website, Enigma will automatically collect information associated with any subsequent use of your User Account, such as IP address, log-in time stamps, and features viewed.  

  • Personal Information You Provide Through Marketing or Sales Activities:  Enigma may collect your personal information, including name, company and email address, when you engage with marketing activities, such as subscribing to company updates or alerts or downloading a white paper. Enigma may collect similar information through sales activities, such as phone conferences or meetings. 

  • Payment Information:  To purchase our Services, you may be required to submit credit card and other payment information (e.g., billing zip code). This information is collected and processed by our third-party payment processor operating as our agent (See, Onward Transfers to Third-Party Service Providers). Enigma does not directly process any payment information.

  • Sensitive Personal Information: Enigma may collect sensitive personal information associated with certain customers’ clients, such as individuals’ social security numbers and dates of birth, in order to provide certain Services.  We will collect this sensitive personal information only if it is necessary for a business purpose and only when voluntarily provided by our customers with the consent of their clients.

  • Information Accessible Through Third-Party Providers: If you register for the Services and grant Enigma access to accounts you have with third-party providers, including providers of social networking services (“Third-Party Providers”), we may receive personal information that you provided to such Third-Party Providers, or information that is posted on your accounts with them which is viewable on or through the Services, subject to the privacy policies of such Third-Party Providers and privacy settings you have chosen in your accounts with them. By granting us access to your Third-Party Provider accounts, you are authorizing Enigma to collect, store, and use, in accordance with this Privacy Policy, any and all information that you have authorized the Third-Party Provider to  provide to Enigma.

How We Use and Share Your Information

Enigma collects the categories of information described above to operate our website and Services, including delivering intelligence on U.S. businesses, responding to user inquiries, providing customer service, sending administrative information, and personalizing your user experience. Enigma will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized and will take reasonable steps to ensure that the personal information we collect is relevant for its intended use, accurate, complete, and current.

Enigma will not disclose your information to any third party except in connection with a legitimate use as described below.

  • Third-Party Analytics and Remarketing: We use one or more third–party analytics services (such as Google Analytics) to evaluate your use our website and the Services, compile reports on activity (based on their collection of IP addresses, Internet service provider, browser type, operating system and language, referring and exit pages and URLs, data and time, amount of time spent on particular pages, what sections of the website you visit, number of links clicked while on the website, search terms and other similar usage data), and analyze performance metrics. These third parties use cookies and other technologies to help analyze and provide us the data. By visiting our website, and accessing and using the Services, you consent to the processing of data about you by these analytics providers in the manner and for the purposes set out in this Privacy Policy. For more information on these third parties, including how to opt out from certain data collection, please visit the sites below. Please be advised that if you opt out of any service, you may not be able to use the full functionality of the website or the Services.

We also use one or more third-party remarketing services (including Google Adwords) to advertise on third-party websites to previous visitors to our website. These third-party remarketing service providers use cookies to serve ads based on a past visit to the website. Any data collected by such third-party remarketing service providers will be used in accordance with this Privacy Policy and the privacy policy of such third-party remarketing services provider. 

For Google Adwords, you can set preferences for how Google advertises to you using the Google Ad Preferences page, and if you want to you can opt out of interest-based advertising entirely adjusting your by cookie settings or permanently using a browser plugin.

  • Sharing of Aggregate Data:  We may analyze the information you provide through our website and Services in aggregate form in order to operate, maintain, manage, and improve the site and Services.  This aggregate information does not identify you personally. We may share this aggregate data with agents and business partners. We may also disclose aggregated user statistics in order to describe our Services to current and prospective business partners and to other third parties for other lawful purposes.  In addition, we may provide aggregated statistical collective user information to our partners so that they understand how often people use specific components of our Services.

  • Onward Transfer to Third-Party Service Providers:  Like many businesses, we contract with other companies to perform certain business-related services. We may disclose information, including personal information in some cases, to certain types of third-party companies, but only to the extent needed to enable them to provide such services, including, without limitation, monitoring and analyzing website activity, operations and marketing assistance, hosting provider, and payment processing. All such third parties function as our agents, performing services at our instruction and on our behalf pursuant to contracts which require they provide at least the same level of privacy protection as is required by this Privacy Policy and implemented by Enigma. We may also disclose your information, including any personal information, to any of our parent companies, subsidiaries, joint ventures, or other companies under common control with us in order to support delivery of our products and Services.

  • Business Transfers: In the event of a merger, dissolution, or similar corporate event or the sale of all or substantially all of our assets, we expect that the information that we have collected and/or received, including personal information, would be transferred to the surviving entity in a merger or to the acquiring entity.  All such transfers shall be subject to our commitments with respect to the privacy and confidentiality of such personal information as set forth in this Privacy Policy.

  • Disclosures to Public Authorities: In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose personal information to other third parties when compelled to do so by government authorities or required by law or regulation including, but not limited to, in response to court orders and subpoenas. 

Your Choices Matter

Enigma respects your privacy preferences and offers the following ways through which you may control how we contact you, maintain your information, and share your information.

  • Opt-In to Certain Onward Transfers:  We will not transfer your personal information to a third party acting as a controller without first providing you with information regarding the identity of such controller or the nature of such controller’s business and obtaining your opt-in consent.  

  • Opt-Out for Direct Marketing:  You may opt out at any time from the use of your personal information for direct marketing purposes by e-mailing the instructions to this email address: privacy@enigma.com or by clicking on the “unsubscribe” link located on the bottom of any Enigma marketing email.  Please allow us a reasonable time to process your request. Please also note that we may continue to send you transactional or service-related e-mails despite your desire to not receive promotional or marketing related e-mails.

  • Accessing and Modifying Personal Information and Communication Preferences:  Upon request to privacy@enigma.com, we will provide you with confirmation as to whether we are processing your personal information, and have the data communicated to you within a reasonable time. You have the right to correct, amend, or delete your personal information where it is inaccurate or has been processed in violation of this Privacy Policy. Please allow us a reasonable time to respond to your inquiries and requests. When you update information, however, we often maintain a copy of the unrevised information in our records. You may delete your Enigma User Account by following the deletion process set forth on the Services. Some information may remain in our records after you discontinue your User Account.

Information Security

Enigma takes commercially reasonable security measures to protect personal information from unauthorized access and disclosure. These measures include the implementation of reasonable technical, physical, and administrative data security safeguards that are consistent with our business operations and industry standards.

While we take reasonable precautions, no method of internet transmission or electronic storage is 100% secure or error-free. We therefore cannot guarantee your information’s absolute security and encourage you to take special care in deciding what information you send to us via e-mail or other electronic means. 

Retention of Personal Information

We will retain your personal information in a form that identifies you for as long as it serves the purposes for which it was initially collected as stated in this Privacy Policy or subsequently authorized. We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements. 

Links to External Websites 

Our website and the Services may contain links to third-party websites ("External Sites"). Enigma has no control over the privacy practices of these External Sites. As such, we are not responsible for the privacy policies of those External Sites. You should check the applicable third-party privacy policy and terms of use when visiting any External Sites, and before providing any personal information to such External Sites.

Children 

We do not knowingly collect any personal information from children under the age of thirteen through our website and the Services. If you are under the age of thirteen, please do not give us any personal information. We encourage parents and legal guardians to monitor their children's Internet usage and to help enforce our Privacy Policy by instructing their children never to provide personal information to us without their permission. If you have reason to believe that a child under the age of thirteen has provided personal information to us, please contact us at privacy@enigma.com, and we will endeavor to delete that information from our databases.

Consent to Transfer

It is important to note that our website, the Services, and their servers are operated in the United States. If you are located outside of the United States, please be aware that any information provided to or collected by us, including personal information, will be transferred from your country of origin to the United States. Except in the case of data transfers under the EU-U.S. Privacy Shield and the Swiss-U.S. Privacy Shield Framework, your decision to provide such data to us, or allow us to collect such data through our website and Services, constitutes your consent to this data transfer. 

The General Data Protection Regulation (“GDPR”)

Enigma endeavors to comply with the provisions of the GDPR as to any information in its possession regarding EU-based persons (“data subjects”). As such, Enigma only processes personal information on data subjects where it has a lawful basis  to do so, which may include consent of the data subject (especially in the case of website visitors who provide their information), performance of a contract, compliance with a legal obligation, or the legitimate interest of the controller or a third party. Enigma provides notice to all data subjects as required by GDPR Article 13 or 14, as appropriate, and honors the rights of data subjects provided in Articles 12-23, including the right to be forgotten.  

Important Notice for Residents of the European Economic Area, the United Kingdom, and Switzerland

Enigma complies with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from the European Union, the United Kingdom and/or Switzerland. Enigma has certified that it adheres to the Privacy Shield principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access and Recourse, and Enforcement and Liability (the “Privacy Shield Principles”).  If there is a conflict between this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern for EU, UK, and Swiss individuals only. To learn more about the Privacy Shield program and to view our certification page, please visit https://www.privacyshield.gov/.

Enigma is subject to the investigatory and enforcement powers of the Federal Trade Commission. In compliance with the EU-U.S. and the Swiss-U.S. Privacy Shield Principles, Enigma commits to resolve complaints about your privacy and our collection or use of your personal information.  EU, UK, or Swiss individuals with inquiries or complaints regarding this Privacy Policy should first contact Enigma at privacy@enigma.com.

Enigma has further committed to refer unresolved privacy complaints under the EU-U.S. and Swiss-U.S. Privacy Shield Principles to BBB PRIVACY SHIELD, a non-profit alternative dispute resolution provider located in the United States and operated by the Council of Better Business Bureaus. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by Enigma, please visit www.bbb.org/EU-privacy-shield/for-eu-consumers/ for more information and to file a complaint. If these processes do not result in a resolution, you may also contact your local data protection authority, the U.S. Department of Commerce, and/or the Federal Trade Commission for assistance. If your complaint still remains unresolved, then you have the right to invoke binding arbitration by the Privacy Shield Panel upon written notice to Enigma at privacy@enigma.com. 

Publicly Available Information

In accordance with the Privacy Shield Principles, in cases where Enigma discloses publicly available information from the European Union, the United Kingdom, and/or Switzerland without combining that information with non-public information, our policies on Notice, Choice, and Accountability for Onward Transfer set forth in this Privacy Policy may not apply.

California Privacy Notice

Your Rights as a Consumer

Pursuant to Section 1798.83 of the California Civil Code, also known as the California Consumer Privacy Act of 2018 (“CCPA”), "consumers" have specific rights in and to their personal information.  Your rights as a consumer are as follows:

  • Right of Access to Collected Information:  You have the right to request that Enigma disclose the categories and specific pieces of personal information that we have collected about you.

  • Right of Access to Information Sold or Disclosed for a Business Purpose:  You have the right to request that Enigma disclose the categories of personal information that we have sold or otherwise disclosed to a third party about you.

  • Right to Request Deletion:  You have the right to request that Enigma deleted any of your personal information that we have collected and retained about you, subject to certain exceptions.  We may deny your deletion request if retaining your personal information is necessary for us to: complete the transaction for which we collected the personal information, provide a service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, comply with a legal obligation, or otherwise as set forth in the CCPA.  

  • Right to Opt-Out of the Sale of Your Personal Information:  You have the right to prohibit Enigma from selling your personal information.

  • Right of Non-Discrimination:  You have the right to exercise any or all of the rights identified above free of discrimination.  You do not need to request this right – it is a right Enigma will always give you in regard to any CCPA request.

If you wish to exercise your CCPA rights, please contact Enigma via email at privacy@enigma.com or call 1-800-510-2856 and clearly state that you are a resident of the state of California and wish to exercise your CCPA rights.  We will ask for additional information to verify your identity. 

Information that We Have Collected, Sold, or Disclosed for a Business Purpose

Information that we may have collected, sold, or disclosed for a business purposes in the last 12 months includes:

  • Identifiers

  • Personal information listed in the California Customer Records statute

  • Commercial information

  • Internet or other similar network activity information

  • Professional or employment related-information

Changes to this Privacy Policy

This Privacy Policy is effective as of the date stated at the top of this Privacy Policy. We may change this Privacy Policy from time to time, and will post any changes on our website and the Services as soon as they go into effect. By accessing our website and/or the Services after we make any such changes to this Privacy Policy, you are deemed to have accepted such changes. Please refer to this Privacy Policy on a regular basis.

Questions or Concerns

If you have any questions or concerns regarding privacy at Enigma, please send us a detailed message to privacy@enigma.com or to Enigma Technologies, Inc. at 245 Fifth Avenue, 17th Floor, New York, NY 10016. Your privacy is important to us and we will make every effort to resolve your concerns.

Previous versions of Enigma's Privacy Policy can be found here.