blank
Services
  • 5
    Engineering Services

Deliver structured MBSE execution with hands-on modelling, integration, and system development support

  • 5
    Custom Solutions

Tailored digital engineering solutions built around your architecture, workflows, and programme needs

  • 5
    Technology Consulting

Expert guidance to define architecture, toolchains, and modelling standards for scalable engineering

  • 5
    AI- Enabled DE

Accelerate digital engineering with AI-driven analysis, automation, and model intelligence

Training
Industries
  • 5
    Automotive Engineering

MBSE for vehicle systems engineering - ISO 26262 functional safety, powertrain, and autonomy

  • 5
    Energy and Infrastructure

MBSE for energy systems - IEEE 1547, IEC 61508/61513, nuclear, renewables, grid infrastructure

  • 5
    Aerospace Engineering

MBSE for aircraft and space systems - ARP4754, DoD 5000.97, SysML, digital engineering

  • 5
    Medical Device and Life Sciences Engineering

MBSE for medical device development - ISO 14971, IEC 62304, FDA, RAAML

  • 5
    Defence Programmes

MBSE for defence programmes - DoD 5000.97, UAF, DoDAF, MOSA, TS/SCI capability

About Us
Contact Us

 

PRIVACY POLICY

Enola Technologies LLC

 

1. Introduction

Enola Technologies LLC and its affiliates (“Enola,” “we,” “us,” or “our”) respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you visit our website, create an account, register for services or training, make a purchase, contact us, or otherwise interact with us online.

This Privacy Policy is designed to meet the requirements of applicable privacy and data protection laws across the jurisdictions in which we operate, including US federal and state privacy laws, the European Union General Data Protection Regulation (GDPR), United Kingdom GDPR, data protection laws in the United Arab Emirates and the Kingdom of Saudi Arabia, and applicable data protection laws in the Asia-Pacific region.

2. Scope

This Privacy Policy applies to personal information collected through:

      our website and related online services;

      ecommerce transactions, including account registration and checkout;

      business and individual signup forms;

      training, event, or service registration forms;

      contact forms and support requests;

      cookies, analytics, and similar technologies used on our website.

This Privacy Policy does not apply to third-party websites, services, or platforms that we do not control. Where we link to third-party sites, we encourage you to review their privacy policies.

3. Data Controller

For the purposes of applicable data protection law, the data controller responsible for your personal information is:

Enola Technologies LLC

1729 Cameron Street

Alexandria, VA 22314, USA

Email: solutions@enolatech.com

Phase II — International Expansion: When Enola begins actively serving customers in the European Economic Area, we will appoint a representative in accordance with Article 27 of the EU GDPR. Separately, when serving customers in the United Kingdom, we will appoint a UK representative in accordance with Article 27 of the UK GDPR (as the UK operates under its own data protection regime following Brexit). When serving customers in the UAE or Saudi Arabia, we will comply with applicable local representation requirements. Contact details for any appointed representatives will be published on this page.

4. Personal Information We Collect

4.1 Information You Provide Directly

Depending on how you interact with us, you may provide us with the following categories of personal information:

      name (first and last name);

      email address;

      phone number (office, business, and/or mobile);

      billing address;

      company name;

      job title;

      company size and industry;

      LinkedIn profile URL;

      account registration details (username and password);

      point of contact information (if different from account holder);

      license provider or value-added reseller (VAR) information;

      information submitted through forms, including training registration and service enquiries;

      order and transaction information;

      marketing and communication preferences;

      any other information you choose to provide when contacting us.

4.2 Information Collected Automatically

When you browse our website, we may automatically collect certain information, including:

      IP address;

      browser type and version;

      operating system;

      device information;

      pages viewed and interactions with website content;

      referring URLs and search terms;

      approximate location based on IP address;

      website usage patterns and session data;

      UTM parameters and referrer data for marketing attribution.

4.3 Information from Third Parties

We may receive information from service providers and platforms used to operate our business, including:

      ecommerce and website service providers (WooCommerce);

      payment processors;

      customer relationship management platforms (HubSpot);

      analytics providers (Google Analytics);

      advertising and marketing tools.

4.4 Sensitive Personal Information

We do not intentionally collect sensitive personal information (such as health data, biometric data, racial or ethnic origin, political opinions, religious beliefs, or trade union membership) unless you voluntarily provide it or it is specifically required for a service engagement. Where we do process sensitive data, we will obtain your explicit consent or rely on another lawful basis as required by applicable law.

5. Lawful Basis for Processing

This section applies primarily to users located in jurisdictions where a lawful basis for processing is required (including the EU, UK, UAE, and Saudi Arabia). For US users, processing is governed by applicable US federal and state law, including the CCPA/CPRA.

Where the GDPR or UK GDPR applies, we process personal information on the following lawful bases:

      Contract:processing is necessary to perform a contract with you or to take steps at your request before entering into a contract, including account creation, order processing, and service delivery.

      Legitimate interests:processing is necessary for our legitimate interests (or those of a third party), provided those interests are not overridden by your rights. Our legitimate interests include operating and improving our website and services, communicating with customers and prospects, fraud prevention, and network security.

      Consent:where we rely on your consent, including for marketing communications, non-essential cookies, and certain data sharing activities. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

      Legal obligation:processing is necessary to comply with a legal obligation to which we are subject.

Where we process personal information on the basis of legitimate interests, you have the right to object. See Section 12 (Your Privacy Rights) for details.

6. Automated Decision-Making

We may use automated tools, including lead scoring within our customer relationship management platform, to prioritize and segment leads for our sales and marketing teams. These automated processes do not produce legal effects or similarly significant effects on individuals. They do not restrict your access to our services or affect your rights. If you are located in a jurisdiction where you have the right to contest automated decisions (including under GDPR Article 22), you may contact us at solutions@enolatech.com to request information about how automated processing is applied to your data, or to request human review of any automated decision.

7. How We Use Personal Information

We may use personal information for the following purposes:

      providing and operating our website, products, training programs, and services;

      creating and managing user accounts;

      processing purchases, payments, and related support;

      responding to inquiries and customer service requests;

      communicating with you about your account, purchases, support, training, or services;

      sending marketing communications, where permitted by law and consistent with your preferences;

      improving our website, products, and services through analytics and user research;

      analyzing website traffic and performance;

      segmenting and qualifying leads for sales and marketing purposes;

      detecting, investigating, and helping prevent fraud, misuse, and security incidents;

      complying with legal obligations and enforcing our terms and policies.

8. Cookies, Analytics, and Similar Technologies

We use cookies and similar technologies to operate our website, remember preferences, analyze traffic, and support marketing activities. For full details, please refer to our separate Cookie Policy.

These technologies may include:

      Strictly necessary cookies:required for the website to function (e.g., session management, shopping cart, security).

      Functionality cookies:remember your preferences and settings.

      Analytics cookies:help us understand how visitors use our website (e.g., Google Analytics).

      Marketing cookies:used to deliver relevant advertising and measure campaign effectiveness.

We use Google Analytics to help us understand how visitors use our website. We implement Google Consent Mode v2, which adjusts the behavior of Google tags based on your consent choices. Where required by law, non-essential analytics and marketing cookies are blocked until you have made a consent choice through our consent management tool.

You may manage your cookie preferences through our cookie consent banner or preference center, which is presented when you first visit our website and is accessible at any time via a link in our website footer.

9. Marketing Communications

Where you have given consent, or where otherwise permitted by applicable law, we may send you communications about our services, products, training, updates, and promotions.

You may opt out of marketing communications at any time by:

      using the unsubscribe link in any marketing email;

      adjusting your communication preferences in your account settings;

      contacting us at solutions@enolatech.com.

We will continue to send you non-marketing communications relating to your account, transactions, support requests, or services, as these are necessary for the performance of our contract with you.

For users in the European Economic Area, United Kingdom, and other jurisdictions requiring opt-in consent: we will only send marketing communications where you have provided explicit prior consent. For users in the United States: we comply with the CAN-SPAM Act, which permits commercial email provided it includes an unsubscribe mechanism and accurate sender information.

10. How We Share Personal Information

We may share personal information with the following categories of recipients:

      website hosting and ecommerce service providers;

      payment processors and fraud prevention providers;

      customer relationship management and communications platforms (HubSpot);

      ecommerce integration providers (MakeWebBetter / HubSpot for WooCommerce);

      analytics and advertising providers (Google);

      cloud infrastructure and storage providers;

      professional advisors (legal, accounting, audit);

      legal, regulatory, or law enforcement authorities where required by law;

      affiliates or vendors supporting our operations.

10.1 Data Processing Agreements

Where required by applicable law (including GDPR), we enter into Data Processing Agreements (DPAs) with third-party processors. For Phase I (US launch), our primary processors include WooCommerce (Automattic), HubSpot, Google Analytics, CookieYes, MakeWebBetter, and our payment service provider (Stripe). A list of our sub-processors is available upon request.

We require all third-party service providers to process personal information only on our instructions and in accordance with applicable data protection law.

We do not sell personal information for monetary consideration. However, certain data sharing activities involving cookies, analytics, advertising, or similar technologies may be considered “selling” or “sharing” under the California Consumer Privacy Act (CCPA/CPRA) or similar state laws. Where required, we provide a mechanism to exercise applicable opt-out rights (see Section 13).

11. International Data Transfers

Enola Technologies LLC is based in the United States. If you access our website or provide personal information from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.

These countries may have data protection laws that differ from those in your jurisdiction. Where required by applicable law, we implement appropriate safeguards for international data transfers, including:

      EU:Standard Contractual Clauses (SCCs) approved by the European Commission under Article 46(2)(c) of the GDPR.

      UK:The UK International Data Transfer Agreement (UK IDTA) or the UK Addendum to the EU SCCs, as approved by the UK Information Commissioner’s Office (ICO) under Section 119A of the Data Protection Act 2018.

      Middle East:contractual arrangements and security measures consistent with the requirements of applicable data protection laws in the UAE and Saudi Arabia.

      APAC:contractual arrangements and compliance measures consistent with the requirements of applicable data protection laws in Australia, Singapore, Japan, and other APAC jurisdictions where we operate.

By creating an account or using our services, you acknowledge that your personal information may be processed in countries outside your country of residence, subject to the safeguards described in this section.

12. Your Privacy Rights

Depending on your location and applicable law, you may have rights regarding your personal information. The rights available to you may vary depending on the jurisdiction in which you reside.

12.1 Rights Available in All Jurisdictions

We provide the following rights to all users, regardless of location:

      Access:request a copy of the personal information we hold about you.

      Correction:request correction of inaccurate or incomplete personal information.

      Deletion:request deletion of your personal information, subject to applicable legal exceptions.

      Marketing opt-out:opt out of marketing communications at any time.

12.2 Additional Rights Under EU/UK GDPR

If you are located in the EEA or UK, you may also have the right to:

      restrict processing of your personal information in certain circumstances;

      object to processing based on legitimate interests;

      receive your personal information in a portable, machine-readable format (data portability);

      withdraw consent at any time, where processing is based on consent;

      lodge a complaint with your local data protection supervisory authority (for UK residents, this is the Information Commissioner’s Office (ICO) at ico.org.uk; for EEA residents, contact your national data protection authority).

12.3 Additional Rights Under US State Privacy Laws

See Section 13 (US State Privacy Notice) for rights available under California and other US state privacy laws.

12.4 Additional Rights Under Middle East Data Protection Laws

If you are located in the United Arab Emirates or the Kingdom of Saudi Arabia, you may have additional rights under the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) or the Saudi Arabia Personal Data Protection Law, including rights related to data processing, correction, and deletion.

12.5 Additional Rights Under APAC Data Protection Laws

If you are located in Australia, Singapore, Japan, or another APAC jurisdiction with applicable data protection law, you may have rights to access, correction, and in some cases deletion of your personal information, as well as the right to lodge complaints with the relevant regulatory authority.

12.6 How to Exercise Your Rights

To exercise any of these rights, please contact us at solutions@enolatech.com. We may need to verify your identity before processing your request. We will respond to verified requests within 45 days for US state law requests (CCPA/CPRA), 30 days for GDPR requests (EU/UK), and 30 days for UAE/KSA PDPL requests. These timeframes may be extended where permitted by law, and we will notify you of any extension.

13. US State Privacy Notice

This section provides additional disclosures required under US state privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), and similar laws in Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states with applicable privacy legislation.

As additional US states enact privacy legislation, we will update this section to reflect applicable requirements. States with privacy laws in effect or scheduled to take effect include California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, Iowa, Indiana, Tennessee, Delaware, New Hampshire, New Jersey, Nebraska, Minnesota, Maryland, and Rhode Island.

13.1 Categories of Personal Information

In the preceding twelve months, we may have collected the following categories of personal information as defined under the CCPA:

      identifiers (name, email, phone, IP address, account name);

      commercial information (purchase history, products or services considered);

      internet or other electronic network activity (browsing history, website interactions);

      geolocation data (approximate location from IP address);

      professional or employment-related information (job title, company, industry);

      inferences drawn from the above (lead scoring, customer segmentation).

13.2 Sale and Sharing of Personal Information

We do not sell personal information for monetary consideration. However, our use of certain advertising cookies and analytics technologies may constitute “selling” or “sharing” under the CCPA/CPRA. You may opt out of this activity by:

      clicking the “Do Not Sell or Share My Personal Information” link on our website;

      adjusting your cookie preferences via our consent management tool;

      contacting us at solutions@enolatech.com.

13.3 Your California Rights

If you are a California resident, you have the right to:

      know what personal information we collect, use, disclose, and sell/share;

      request deletion of your personal information;

      opt out of the sale or sharing of your personal information;

      correct inaccurate personal information;

      not be discriminated against for exercising your privacy rights.

We will not discriminate against you for exercising any of these rights.

14. Payment Information

If you make a purchase through our website, payment information is collected and processed by Stripe, our payment service provider. We do not store full payment card details on our own systems. Stripe handles payment information in accordance with the Payment Card Industry Data Security Standard (PCI DSS) and its own security and privacy obligations. For details on how Stripe processes your data, please refer to Stripe’s privacy policy at https://stripe.com/privacy.

15. Data Retention

We retain personal information for specific periods based on the type of data and applicable legal requirements:

      Account data:retained for 3 years after account closure or last activity.

      Transaction and order records:retained for 7 years (US tax and accounting requirements).

      Marketing consent records:retained for the duration of the relationship plus 3 years.

      Website analytics data:retained per Google Analytics default settings (currently 14 months).

      Support correspondence:retained for 3 years after resolution.

      Cookie consent records:retained for the duration of the consent plus 1 year.

When personal information is no longer needed, we will securely delete or anonymize it.

16. Security

We implement reasonable administrative, technical, and organizational measures to protect personal information from unauthorized access, use, disclosure, alteration, and destruction. These measures include encryption in transit (TLS/SSL), access controls, and regular security reviews.

However, no method of transmission or storage is completely secure. We cannot guarantee the absolute security of your personal information.

17. Children's Privacy

Our website and services are not directed to children under the age of 16 in the EEA, 13 in the United Kingdom (in accordance with the UK Age Appropriate Design Code), or such other age as required by applicable law in your jurisdiction. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child without appropriate authorization, we will take steps to delete that information.

18. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices or content of those third parties. We encourage you to review their privacy policies before providing personal information.

19. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated version on this page, revise the “Last Updated” date, and where required by law, notify you by email or through a prominent notice on our website.

20. Contact Us

If you have questions about this Privacy Policy, wish to exercise any of your privacy rights, or wish to make a complaint, please contact us at:

Enola Technologies LLC

1729 Cameron Street

Alexandria, VA 22314, USA

Email: solutions@enolatech.com

Phone: +1 877 281 7341

For data protection inquiries specifically related to EU/UK GDPR rights, please include 'GDPR Request' in your email subject line. For CCPA/CPRA requests, please include 'CCPA Request.'

If you are located in the EEA or UK, you also have the right to lodge a complaint with your local data protection supervisory authority. For UK residents, the supervisory authority is the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom (ico.org.uk). For EEA residents, a list of national supervisory authorities is available on the European Data Protection Board website (edpb.europa.eu).