About Enigma Software Solutions Ltd
Enigma Software Solutions Ltd (company registration number 10173289) is committed to protecting and respecting your privacy. Enigma Software Solutions Ltd ensures that the information you provide to us is protected and managed in accordance with the requirements of all relevant Data Protection Regulation (General Data Protection Regulation 2018 (GDPR) and Data Protection Act 2018).
Our registered address is: Enigma Software Solutions Ltd, North London Business Park Building 3-4, Suite 420, Oakleigh Road South London N11 1GN
Throughout this policy “Enigma”, “we”, “our” or “us” refers to Enigma Software Solutions Ltd. “You” and “your” refers to you as the user.
About this notice.
This privacy notice tells you what to expect when we collect personal information about you.
Enigma understands that your privacy is important to you and that you care about how your personal data is used. We are data controllers and data processors for the purposes of GDPR legislation. We respect and value the privacy of everyone who visits this website, http://enigmasoftware.eu and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
‘Website’ is the http://enigmasoftware.eu website operated by Enigma Software Solutions Ltd.
‘Personal Data’ means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
‘Cookies’ are small pieces of data stored on your device (computer or mobile device).
‘Data Controller’ means the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal information are, or are to be, processed.
‘Data Processor’ (or Service Provider) means any natural or legal person who processes the data on behalf of the Data Controller.
We may use the services of various Service Providers in order to process your data more effectively.
‘Data Subject’ or ‘user’ is any living individual who is using our Service and is the subject of Personal Data.
What is covered by this notice?
We collect the personal data, such as name, address, contact information, etc of the following types of people to allow us to undertake our business:
- Individual clients;
- Corporate clients;
- Supplier contacts to support our services;
- Consultants, temporary workers;
- Visitors to our website;
We collect this information about you in order to carry out our core business and additional activities.
This privacy notice also covers:
- Retention of your personal information;
- Your right to withdraw consent to our processing of your information;
- Your right to access information we hold about you.
This will include terms and conditions and privacy notices for sites that we partner with to take payments for services offered, for example https://www.astropay.com/ . For any third-party sites linked from our website you will need to visit them for clarity on their privacy notice and policies.
Information we may collect about you
We may collect and process the following data from (and about) you:
- Your name, gender, address, email address, telephone number.
- details of your correspondence with Us and any other information you have given to us.
- details of your transactions and other activities carried out on our Services.
- details of your visits to our websites and/or Apps including, traffic data, location data, IP address, device ID, web logs, page views, ad data and other similar data, whether this is required for our own purposes or otherwise; and
- your response to marketing campaigns from us or through our third parties.
Personal information is collected for the following purposes
- to contact you regarding our products and services.
- to make our websites and easier to use by removing the need for you to repeatedly enter the same information;
- Subject to any applicable preferences, to enable Enigma to send you promotional offers relating to our products and services.
Legal Basis for Processing
Our lawful basis for processing personal data include:
- To fulfil a contract, we have with you.
- When it is our legal duty to do so.
- When it is in our legitimate interest.
- When you consent to it.
Who we share your personal information with
Subject to relevant data processing agreements, and in full compliance with data protection regulation, we may share your personal data with:
- members of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, together with their employees or agents.
- third party marketing services.
- fraud and risk services.
- law enforcement agencies or regulators in accordance with legal requirements.
- to potential purchasers or investors.
All processing of information will be governed by the appropriate data protection laws.
We will not send promotional or direct marketing, inclusive of email, SMS, or automated calls, without first obtaining your specific consent.
The consent requires a positive Opt-In verbally or in writing; it must be clear and specific, granular, separate from other Terms and Conditions, name any third parties relying on the consent and be easily withdrawable.
For example, we may record your personal information that you have volunteered to us at a conference/convention where Enigma is promoting its services. We will only use your data if you have consented for us to do so.
Data Transfers outside the EEA
Occasionally we will transfer Personal Data to recipients in Third Party countries that are outside of the EEA or are not currently recognised by EU law as having an adequate level of legal protection for the rights and freedoms of data subjects. We will only do so if the following applies:
- The Processor is certified under the EU-U.S. Privacy Shield Framework.
- The existence of any other specifically approved safeguard for data transfers (as recognised under EU Data Protection Laws) and/or a European Commission finding of adequacy can be demonstrated.
In the event that data is transferred between Enigma and an International company, a Joint Controller Agreement will be in place that will clarify the responsibilities of both companies in relation to any personal data that is exchanged or transferred.
You have the following rights:
- The right to access the personal data we hold about you.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we hold.
- The right to restrict or prevent the processing of your personal data.
- The right to object to us using your personal data for a particular purpose or purposes.
- The right to withdraw consent. This means that, if we are relying on your consent as the legal basis for using your personal data, you are free to withdraw that consent at any time.
- The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
The above rights may be exercised by contacting us at firstname.lastname@example.org
You may request that your Personal Data be anonymised in the following circumstances:
- Where the Personal Data is no longer necessary in relation to the purpose for which it was originally collected/processed.
- When you withdraw consent, if consent is being used as the Legal Basis for Processing.
- If you object to the Processing and there is no overriding Legitimate Interest or Legal Obligation to continue the Processing.
- The Personal Data was unlawfully processed.
- The Personal Data must be erased to comply with a legal obligation
We will only retain data for the necessary time to complete the task that the data was collected for, or to meet our legal obligations.
How can you access information we hold about you?
If you want to know what personal data that we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
All subject access requests should be made in writing and sent to the email address shown.
There is not normally any charge for a subject access request. If your request is deemed to be ‘unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within and, in any case, not more than one month of receiving it. Please note that in some cases, particularly if your request is complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
Subject Access Request (SAR)
You are entitled to a file a Subject Access Request (SAR) to obtain a copy of the personal information which we hold about you. If you wish to receive a copy of this information, please contact your account manager, or the DPO directly, and allow up to thirty calendar days for the information to be collated and provided to you, your identity will need to be confirmed.
Changes to our Privacy Notice.
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
Right to Lodge a complaint
Please let us know if you are unhappy with how we have used your personal information. You also have the right to complain to the Information Commissioner’s Office.
You may contact us about any questions you have in respect of this privacy notice by emailing email@example.com