Our Privacy Policy is designed to transparently outline how we process client data, the measures we have in place to protect it, and the principles that guide our data handling practices. At Enactia, we recognize the significance of privacy in the modern world and strive to provide a secure environment where our clients can confidently engage with our services. This introduction sets the stage for an in-depth exploration of our commitment to privacy and the robust mechanisms we employ to safeguard your valuable information.
Effective date: December 04, 2018
Enactia Ltd (“us”, “we”, or “our”) operates the www.enactia.com website (the “Service”).
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from www.enactia.com
At Enactia we are committed to protecting personal data and to fair and transparent processing. Please read our privacy policy, it will help you to understand how we collect and use personal data from individuals, our clients, suppliers or others during the course of our business. We will only use personal data for the purposes described in this privacy policy or as stated at the point of collection.
We regularly review this privacy statement and may make changes at any time without giving prior notice.
Enactia Ltd is a limited liability company registered in Cyprus with registration number 385736. Our registered office is 117 Athalassas Avenue, 2nd Floor, Office 201, 2013 Nicosia, Cyprus.
This privacy policy only applies to Enactia Ltd. We are not responsible for the privacy practices of any other organization our website may link to.
We rely on several lawful fundamentals of processing when we collect and use personal data to operate our business and provide products and services to our clients. These include:
We collect several different types of information for various purposes to provide and improve our Service to you.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personal identifiable information may include, but is not limited to:
We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
For more details refer to our Cookie Policy.
Enactia.com uses the collected data for various purposes:
We only share personal data with others when absolutely necessary for the purposes for which we hold it and when necessary for our legitimate professional and business needs, for the purpose of executing your instructions or requests and/or as required or permitted by applicable legislation, professional standards or any applicable agreement between us, and where appropriate contractual arrangements and security mechanisms are in place.
We share personal data only with affiliates for our lawful professional and business necessities which comprise of:
Whilst we store personal data on servers within the European Economic Area (EEA), we may transfer personal data outside the EEA or other third parties that help us run our business. Contractual obligations are imposed on the recipients of any data transferred in order to ensure all personal data is protected to the standard required in the EEA.
We use a select number of trusted external service providers for certain technical data processing and/or service offerings. These service providers are carefully selected and meet high data protection and security standards. We only share information with them that is required for the services offered and we contractually bind them to keep any information we share with them as confidential and to process Personal Data only according to our instructions.
Enactia uses the following sub-processors to process the data collected by our website and Enactia GRC Application:
Subprocessor | Data location and security | Service |
Simplex | Europe, Cyprus | Secure infrastructure for servers and databases and logs hosted in Larnaca, Cyprus. |
When you visit our websites, or purchase products or services, we use the following third party services which may collect personal data:
Recipient | Purpose of processing | Lawful basis | Data location and security | Personal data collected by the third party | Privacy policy |
Google Analytics | To collect and analyze information about how you interact with our websites (web analytics), and to recognize and stop any misuse. | Legitimate interest | Europe | Anonymized IP address, Pages visited, browser and device used, mouse movements, anonymised key strokes. | link |
YouTube | To play videos. | Legitimate interest | USA | IP address | link |
Amazon AWS | For Client Instances Encrypted Daily Backups. | Legitimate interest | Ireland | Whole Backup of Client Enactia instances. | |
Mixpanel | User experience tracking – MixPanel does not record the data being entered on Enactia instance but, the frequency and the usage of the various Enactia Modules and features in order to enable Enactia to enhance its capabilities. | Legitimate interest | Europe | Anonymized IP address, Pages visited. | link |
Calendly | Booking meetings, presentations, and demos with the Enactia Sales Team. | Legitimate interest | Europe | Name, Surname, Company, Email Address | link |
Freshworks | Accessing Enactia Knowledgebase, Raising Tickets to the Enactia Support team. | Legitimate interest | Europe | Name, Surname, Company, Email Address, Tickets raised. | link |
OpenAI | Providing AI-powered insights, recommendations, or responses based on user-submitted text to enhance functionality or provide tailored services. | Consent | Ireland | Any text that would be submitted by the end user. | link |
The personal data you submit to us will only be held for as long as is required for the purposes for which it was collected and as required by applicable law.
We keep personal data only for as long as necessary and this will reflect the requirements of:
Individuals have certain rights over their personal data that we process as data controllers.
If we process your personal data and you exercise any of your rights, we will aim to respond promptly and within any required time limit. However, please note that the length of time it will take us to respond will be dependent on the nature and extent of your request.
You have a right to:
If you wish to exercise any of the rights, please send an email to Data Protection Officer (DPO) – see the contact details below.
Enactia.com may disclose your Personal Data in the good faith belief that such action is necessary to:
We may mention, in appropriate circumstances, that you are, or have been, a client of ours and the type of services provided. This will not involve the disclosure of your private or confidential information. You agree that we may consider it appropriate to seek publicity on our involvement with the provision of the Services unless you withhold your consent for such publicity.
Security is of utmost importance to us. Whilst no data transmission over the internet or any other network can be guaranteed as 100% secure, we take all reasonable steps to safeguard the personal data we hold, and we have in place appropriate technical and organizational security measures in order to protect personally identifiable data and information from loss, misuse, alteration or destruction. These include detailed policies, procedures and training of our people relating to data protection, confidentiality and information security. These are regularly reviewed to ensure they are effective and fit for purpose to prevent any unauthorized or unlawful disclosure or processing of such information and data and the accidental loss or destruction of or damage to such information and data.
We may employ third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics
Google Analyticsis a web analytics service offered that tracks and reports website traffic. Google Analyticsuses the data collected to track and monitor the use of our Service. You can opt-out of having made your activity on the Service available to Google Analytics.
For more information on the privacy practices of Google Analytics, please visit the Google Analytics Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Visitors to our website are usually in control of the personal data shared with us. We may automatically collect a limited amount of personal data about visitors to our website by using cookies (refer to our Cookie Policy). We accept personal data, such as name, title, company address, email address, and telephone and fax numbers, from website visitors; for example, when an individual fills out our contact form.
When you register with us, use our services, make an enquiry, order products or services from us, you may be asked to provide some personal data such as your name, address, job title, company, phone number and email address. We log your Internet Protocol (IP) address in order to receive and send information from and to you over the internet. We may also log the details of the pages you visit and which browser you are using.
We would not expect to receive any sensitive personal data from any inquiry made using our website, such as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sex life or sexual orientation, or criminal records. If you choose to provide such sensitive data, you are giving your explicit consent for us to process it for reasons you are choosing to provide it.
Where you do provide personal data to us, we will only use it for the stated purpose at collection or any purpose obvious in the circumstances of the collection, e.g.:
Unless asked not to, we may use your contact details to provide information about us, our services and activities, including events that may be of interest.
Personal data collected via our website will be retained by us for as long as necessary.
When applying online for a role with us, applicants will need to supply sufficient information for us to be able to evaluate their application. We will usually require that you provide your name, contact details, details of your qualifications, skills, experience, employment history and information about your expectations. We may ask for other personal data (including special categories of data and criminal records) during your application or after we’ve made an offer, we will explain why and how it will be processed when it is requested. We may also collect personal data about you from third parties, such as references supplied by former employers or conduct background checks.
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
We would like to keep your personal data accurate and up to date. If you become aware of any errors or inaccuracies please let us know by contacting us at our registered office or our Data Protection Officer (DPO) – see the contact details below.
If you have any questions about this privacy policy, wish to complain about our use of personal data or exercise one of your rights, please send your correspondence to our Data Protection Officer:
Data Protection Officer (DPO)
E-mail: dpo@enactia.com
Effective date: December 04, 2018
Enactia Ltd (“us”, “we”, or “our”) operates the www.enactia.com website (the “Service”).
This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms and Conditions, accessible from www.enactia.com
At Enactia we are committed to protecting personal data and to fair and transparent processing. Please read our privacy policy, it will help you to understand how we collect and use personal data from individuals, our clients, suppliers or others during the course of our business. We will only use personal data for the purposes described in this privacy policy or as stated at the point of collection.
We regularly review this privacy statement and may make changes at any time without giving prior notice.
Enactia Ltd is a limited liability company registered in Cyprus with registration number 385736. Our registered office is 117 Athalassas Avenue, 2nd Floor, Office 201, 2013 Nicosia, Cyprus.
This privacy policy only applies to Enactia Ltd. We are not responsible for the privacy practices of any other organization our website may link to.
We rely on several lawful fundamentals of processing when we collect and use personal data to operate our business and provide products and services to our clients. These include:
We collect several different types of information for various purposes to provide and improve our Service to you.
While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). Personal identifiable information may include, but is not limited to:
We may also collect information on how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
We use cookies and similar tracking technologies to track the activity on our Service and hold certain information.
Cookies are files with small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
Examples of Cookies we use:
For more details refer to our Cookie Policy.
Enactia.com uses the collected data for various purposes:
We only share personal data with others when absolutely necessary for the purposes for which we hold it and when necessary for our legitimate professional and business needs, for the purpose of executing your instructions or requests and/or as required or permitted by applicable legislation, professional standards or any applicable agreement between us, and where appropriate contractual arrangements and security mechanisms are in place.
We share personal data only with affiliates for our lawful professional and business necessities which comprise of:
Whilst we store personal data on servers within the European Economic Area (EEA), we may transfer personal data outside the EEA or other third parties that help us run our business. Contractual obligations are imposed on the recipients of any data transferred in order to ensure all personal data is protected to the standard required in the EEA.
We use a select number of trusted external service providers for certain technical data processing and/or service offerings. These service providers are carefully selected and meet high data protection and security standards. We only share information with them that is required for the services offered and we contractually bind them to keep any information we share with them as confidential and to process Personal Data only according to our instructions.
Enactia uses the following sub-processors to process the data collected by our website and Enactia GRC Application:
Simplex (Europe, Cyprus): Secure infrastructure for servers and databases and logs hosted in Larnaca, Cyprus.
When you visit our websites, or purchase products or services, we use the following third party services which may collect personal data.Please access the desktop version of our website to view our third-party service providers.
The personal data you submit to us will only be held for as long as is required for the purposes for which it was collected and as required by applicable law.
We keep personal data only for as long as necessary and this will reflect the requirements of:
Individuals have certain rights over their personal data that we process as data controllers.
If we process your personal data and you exercise any of your rights, we will aim to respond promptly and within any required time limit. However, please note that the length of time it will take us to respond will be dependent on the nature and extent of your request.
You have a right to:
If you wish to exercise any of the rights, please send an email to Data Protection Officer (DPO) – see the contact details below.
Enactia.com may disclose your Personal Data in the good faith belief that such action is necessary to:
We may mention, in appropriate circumstances, that you are, or have been, a client of ours and the type of services provided. This will not involve the disclosure of your private or confidential information. You agree that we may consider it appropriate to seek publicity on our involvement with the provision of the Services unless you withhold your consent for such publicity.
Security is of utmost importance to us. Whilst no data transmission over the internet or any other network can be guaranteed as 100% secure, we take all reasonable steps to safeguard the personal data we hold, and we have in place appropriate technical and organizational security measures in order to protect personally identifiable data and information from loss, misuse, alteration or destruction. These include detailed policies, procedures and training of our people relating to data protection, confidentiality and information security. These are regularly reviewed to ensure they are effective and fit for purpose to prevent any unauthorized or unlawful disclosure or processing of such information and data and the accidental loss or destruction of or damage to such information and data.
We may employ third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics
Google Analytics is a web analytics service offered that tracks and reports website traffic. Google Analytics uses the data collected to track and monitor the use of our Service. You can opt-out of having made your activity on the Service available to Google Analytics .
For more information on the privacy practices of Google Analytics , please visit the Google Analytics Privacy & Terms web page: https://policies.google.com/privacy?hl=en
Visitors to our website are usually in control of the personal data shared with us. We may automatically collect a limited amount of personal data about visitors to our website by using cookies (refer to our Cookie Policy). We accept personal data, such as name, title, company address, email address, and telephone and fax numbers, from website visitors; for example, when an individual fills out our contact form.
When you register with us, use our services, make an enquiry, order products or services from us, you may be asked to provide some personal data such as your name, address, job title, company, phone number and email address. We log your Internet Protocol (IP) address in order to receive and send information from and to you over the internet. We may also log the details of the pages you visit and which browser you are using.
We would not expect to receive any sensitive personal data from any inquiry made using our website, such as race or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, genetic data, biometric data, sex life or sexual orientation, or criminal records. If you choose to provide such sensitive data, you are giving your explicit consent for us to process it for reasons you are choosing to provide it.
Where you do provide personal data to us, we will only use it for the stated purpose at collection or any purpose obvious in the circumstances of the collection, e.g.:
Unless asked not to, we may use your contact details to provide information about us, our services and activities, including events that may be of interest.
Personal data collected via our website will be retained by us for as long as necessary.
When applying online for a role with us, applicants will need to supply sufficient information for us to be able to evaluate their application. We will usually require that you provide your name, contact details, details of your qualifications, skills, experience, employment history and information about your expectations. We may ask for other personal data (including special categories of data and criminal records) during your application or after we’ve made an offer, we will explain why and how it will be processed when it is requested. We may also collect personal data about you from third parties, such as references supplied by former employers or conduct background checks.
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site you visit.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service does not address anyone under the age of 18 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.
We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the “effective date” at the top of this Privacy Policy.
You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.
We would like to keep your personal data accurate and up to date. If you become aware of any errors or inaccuracies please let us know by contacting us at our registered office or our Data Protection Officer (DPO) – see the contact details below.
If you have any questions about this privacy policy, wish to complain about our use of personal data or exercise one of your rights, please send your correspondence to our Data Protection Officer:
Data Protection Officer (DPO)
E-mail: dpo@enactia.com
Enactia serves as a comprehensive platform that addresses Governance, Risk, and Compliance (GRC) with a specific emphasis on compliance in the realms of Cybersecurity and Data Protection.