The EU General Data Protection Regulation (GDPR) 2016/679 took effect on 25th May 2018. Enigma Strategy complies with applicable GDPR regulations as a data controller and data processor.
We are committed to ensuring that your privacy is protected. When we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this policy statement.
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 30th March 2020.
If you have any requests concerning your personal information or any queries regarding these practices, please contact Enigma Strategy at [email protected]
“Personal Data” is Data about any identifiable living person in so far as this relates to a Client. It means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Acting as a Controller, Joint-Controller or Processor, Enigma Strategy collects personal information:
- from visitors to the Website through the use of online forms,
- obtained from your product or service provider, if you wish to invest in through our services,
- obtained from another entity where Enigma Strategy offers administration or investment services,
- every time you email us your details.
- from completing any MCL applications whether online or on hard copy documentation
Acting as a Controller, Joint-Controller or as an agent or other entity who is a Controller of your Data, we may collect information about you and process it; this information may include, for example:
- your name,
- your postal address,
- your email address,
- your telephone number,
- your bank account details,
- your employment details,
- your date of birth,
- your national insurance number,
- your wallet ID on our FCA-regulated payment service provider, MangoPay, World Pay
- a copy of proof of identity, such as a passport or similar document,
- information about your investments made with Enigma Strategy, such as the invested amount, the product acquired, etc.
If you act on behalf of a company, we may collect, for example:
- Certificate of Incorporation,
- Memorandum and Articles of Association,
- copy of proof of identity (such as a passport or similar document) for its shareholders and directors,
- administrative and managerial contact information (email and phone number).
Use of personal information
Enigma Strategy controls and/or processes personal information for the following purposes:
To comply with our legal or regulatory obligations, we may use your personal data (and if you do not provide this personal data, we may not be able to provide our services to you):
- to confirm your identity in order to create your account with our recommended brokers, and ensure that you are eligible to use the services provided on the Website,
- to conduct required anti-money laundering checks on you, and associated financial crime and fraud monitoring, in connection with transactions you may conduct through the Website,
- in the case of investors, to confirm that you are eligible to make investments through the Website in accordance with relevant legislation,
- to enable us to comply with our obligations as an FCA regulated financial services business, including transaction recording, updates on your investment and fundraising activity on the Website, other compliance responsibilities, and reporting to regulators and governmental authorities.
To carry out our obligations under our contracts with you or others, we may use your personal data:
- to process and administer payments and investments in connection with the services provided on the Website,
- to facilitate the investment transactions,
- to create and maintain a register of Clients and investments
What Information does Enigma Strategy collect about me through the website, software and services?
- When you interact with our Site, Software, and/or Services, we collect information that alone or in combination with other data, could be used to identify you (“Personal Data”). Some of the Information we collect is stored in a manner that cannot be linked back to you (“Non-Personal Data”).
Information you provide us when you create an account
When you sign up for or use our Services, you voluntarily give us certain Personal Data, including:
- Your username, email address, and contact and language preferences. If you log into Enigma Strategy with a social networking credential, such as with your Facebook or Google+ account, we will ask permission to access basic information from that account, such as your name and email address. You can stop sharing that information with us at any time by removing Enigma Strategy access to that account.
Other Information we collect
We collect this information as you use the Site, Software, and/or Services:
- User Content. This consists of all text, documents, or other content or information uploaded, entered, or otherwise transmitted by you in connection with your use of the Services and/or Software.
Automatically collected Information
Certain data about the devices you use to connect with Enigma Strategy and your use of the Site, Software, and/or Services are automatically logged in our systems, including:
- Location information. This is the geographic area where you use your computer and mobile devices (as indicated by an Internet Protocol [IP] address or similar identifier) when interacting with our Site, Software, and/or Services.
- Log data. As with most websites and technology services delivered over the internet, our servers automatically collect data when you access or use our Site, Software, and/or Services and record it in log files. This log data may include the IP address, browser type and settings, the date and time of use, information about browser configuration, language preferences, and cookie data.
- Usage information. This is information about the Enigma Strategy Site, Software, and/or Services you use and how you use them. We may also obtain data from our third-party partners and service providers to analyse how users use our Site, Software, and/or Services. For example, we will know how many users access a specific page on the Site and which links they clicked on. We use this aggregated information to better understand and optimize the Site.
- Device information. These are data from your computer or mobile device, such as the type of hardware and software you are using (for example, your operating system and browser type), as well as unique device identifiers for devices that are using ENIGMA STRATEGY Software.
We have a legitimate interest in ensuring that the Website and our services operate effectively, and to do this we may use personal data:
- to provide our services (which may include the detection, prevention of security and technical issues), and to monitor, improve and administer the Website,
- to respond to customer support requests and enquiries, and to ensure customer satisfaction, administering orders and accounts relating to our Clients,
- to maintain information as a reference tool or general resource,
- to manage Clients’ accounts with our recommended brokers.
- to provide you with information about products and services,
- to provide administration and software support for product providers with who you are investing with or for other entities helping them with this process.
Your Personal Data may be profiled in any form of automated processing.
Enigma Strategy as a processor
Enigma Strategy is a processor of personal data acting as an agent on behalf of product or services providers, abiding by the provisions set out in article 5 of the GDPR (that information is processed lawfully and fairly), and in articles 28 and 29 of the GDPR. We:
- provide sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR and ensure the protection of your rights.
- ensure that our processing is governed by a contract binding us with regard to the controller and that sets out the subject-matter and duration of the processing, the nature and purpose of the processing, the type of personal data and categories of data subjects and the obligations and rights of the controller;
- ensure that persons authorised to process the personal data have committed themselves to confidentiality or are under an appropriate statutory obligation of confidentiality.
- delete or return all the personal data to the controller after the end of the provision of services relating to the processing.
- Respecting the conditions referred to in art. 28 and subsequent articles of GDPR, Enigma Strategy may engage another processor.
Enigma Strategy as a Controller or Joint-Controller of personal data
Enigma Strategy is also a controller of personal data. This means that we determine the purposes and means of the processing of personal data. Enigma Strategy is registered as a data controller under the Data Protection Act 1998 with the Information Commissioner’s Office in the UK.
If you have provided your personal details with us and you wish to change your preferences, please inform us at the address provided below if you do not wish to receive information about:
- our products or services,
- products or services offered by other companies within our group,
- products or services offered jointly with or on behalf of other organisations.
Alternatively, you may opt-out of receiving additional information from Enigma Strategy or related third parties at any time by sending us an email to [email protected], by calling us on 0203 983 9499
Enigma Strategy may also use and disclose information in aggregate (so that no individuals are identified) for marketing and strategic development purposes.
Enigma Strategy will only disclose personal information to other companies within its group of companies, business partners, government bodies and law enforcement agencies, successors in title to its business and suppliers engaged to process information on its behalf. Your details will never be sent to any third party.
Enigma Strategy may disclose personal data:
- to service providers used by Enigma Strategy and will take reasonable precautions to ensure that these service providers are obliged to keep your personal data secure and confidential, in compliance with relevant legal requirements.
- to HM Revenue & Customs and the Financial Conduct Authority – if we are required to do so by law – or by order of any legitimate government body or arbitration panel.
- in the event that we intend to enter into a major corporate transaction, such as a sale of control of our or another business, we may disclose certain of your personal data to potential buyers, underwriters or advisors.
If we disclose personal data to another entity, we will take reasonable precautions to ensure that the recipients of your personal data are obliged to keep it secure and confidential, in compliance with relevant legal requirements.
Given that the Internet is a global environment, using the Internet to collect and process personal information necessarily involves the transmission of information on an international basis. Therefore, by browsing the website and communicating electronically with us, you acknowledge and agree to Enigma Strategy processing personal information in this way.
Subject access rights
You have the right to request from Enigma Strategy Limited, as a Controller, access to and rectification or erasure of Personal Data or restriction of processing concerning the data subject or to object to the processing as well as the right to data portability.
You have a right to a copy of and details of the personal information held about you, including the purposes of the processing and the categories of personal data. To obtain a copy of the personal information Enigma Strategy holds about you, please write to us at Enigma Strategy, 28 Bruton Street, Mayfair, London, W1J 6QH . A charge of £10.00 will be made by Enigma Strategy for providing this information.
Information on the Data Protection Act 1998 is also on the Information Commissioner’s website at ico.gov.uk.
Cookies are small files that collect anonymous information about how visitors use our site, which is then used to help improve the site. The information collected includes the number of site visitors, where visitors come to the site from and the pages they visited. For further information visit www.aboutcookies.org. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
This website operates an email newsletter program, used to inform subscribers about products and services supplied by this website. Users can subscribe through an online automated process should they wish to do so but do so at their own discretion. Some subscriptions may be manually processed through a prior written agreement with the user.
Subscriptions are taken in compliance with UK Spam Laws detailed in the Privacy and Electronic Communications Regulations 2003. All personal details relating to subscriptions are held securely and in accordance with the Data Protection Act 1998. No personal details are passed on to third parties nor shared with companies/people outside of the company that operates this website. Under the Data Protection Act 1998 you may request a copy of personal information held about you by this website’s email newsletter program. A small fee will be payable. If you would like a copy of the information held on you, please write to the business address at the bottom of this policy.
Email marketing campaigns published by this website or its owners may contain tracking facilities within the actual email. Subscriber activity is tracked and stored in a database for future analysis and evaluation. Such tracked activity may include the opening of emails, forwarding of emails, the clicking of links within the email content, times, dates and frequency of activity [this is by no far a comprehensive list].
This information is used to refine future email campaigns and supply the user with more relevant content based on their activity.
In compliance with UK Spam Laws and the Privacy and Electronic Communications Regulations 2003 subscribers are given the opportunity to un-subscribe at any time through an automated system. This process is detailed at the footer of each email campaign. If an automated un-subscription system is unavailable clear instructions on how to un-subscribe will by detailed instead.
Social Media Platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate/engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened Links in Social Media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses] (this is an example: https://bit.ly/3h5tPec
Users are advised to take caution and good judgement before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Does Enigma Strategy review User Content?
As a rule, Enigma Strategy employees do not monitor or view your User Content stored in or transferred through our Site, Software, and/or Services, but it may be viewed if we believe the Terms of Service have been violated and confirmation is required, if we need to do so to respond to your requests for user support if we otherwise determine that we have an obligation to review it as described in the Terms of Service, or to improve our algorithms as described in the User Content section of our Terms of Service. Finally, your Information may be viewed where necessary to protect the rights, property, or personal safety of Enigma Strategy and its users, or to comply with our legal obligations, such as responding to warrants, court orders, or other legal processes.
Data STORAGE, TRANSFER, RETENTION, AND DELETION
Where is my Information stored?
Information submitted to Enigma Strategy will be transferred to, processed, and stored in the United Kingdom. When you use the Software on your computing device, User Content you save will be stored locally on that device and synced with our servers. If you post or transfer any Information to or through our Site, Software, and/or Services, you are agreeing to such Information, including Personal Data and User Content, being hosted and accessed in the United Kingdom.
How secure is my Information?
Enigma Strategy is committed to protecting the security of your Information and takes reasonable precautions to protect it. However, Internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of information you transmit to us, including Personal Data and User Content; accordingly, you acknowledge that you do so at your own risk.
We use industry-standard encryption to protect your data in transit. This is commonly referred to as transport layer security (“TLS”) or secure socket layer (“SSL”) technology.
Once we receive your data, we protect it on our servers using a combination of technical, physical, and logical security safeguards.
Software installed on your computing device requires that you make use of the security features of your device. We recommend that you take the appropriate steps to secure all computing devices that you use in connection with our Site, Software, and Services.
If ENIGMA STRATEGY learns of a security system breach, we may attempt to notify you and provide information on protective steps, if available, through the email address that you have provided to us or by posting a notice on the Site. Depending on where you live, you may have a legal right to receive such notices in writing.
Who is Enigma Strategy data processor?
Active Campaigns have been appointed as Enigma Strategy’s data processors in the EEA for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union.
Resources & Further Information
- Data Protection Act 1998
- Privacy and Electronic Communications Regulations 2003
- Privacy and Electronic Communications Regulations 2003 – The Guide
Enigma Strategy (“ES” or “the Firm”) Limited, company number 12315940. Enigma Strategy is authorised and regulated by the Financial Conduct Authority (“FCA”). Financial Reference Number: 926961