Privacy policy.

EnforceAuth, Inc. ("EnforceAuth," "we," "us," or "our") respects your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit enforceauth.com or interact with our services. By using the site you agree to the practices described here.

Information you provide. Name, email address, phone number, company, role, and the contents of any message you submit through our forms or by email.

Information collected automatically. Device, browser, and OS information; IP address and approximate geolocation; pages viewed, interactions, referrer; and cookie identifiers.

We process personal data under one or more of the following GDPR legal bases: consent, legitimate interests, contractual necessity, and compliance with a legal obligation. You may withdraw consent at any time.

We use cookies for three purposes: essential (site functionality), analytics (aggregate usage), and preference (remember settings). EEA / UK visitors are asked to consent before non-essential cookies are set.

• Operate, maintain, and improve the site and our services.
• Respond to your inquiries and provide customer support.
• Send updates, security notices, and product news you've opted into.
• Run analytics to understand how the site is used.
• Detect, prevent, and respond to fraud or abuse.
• Comply with legal obligations.

We do not sell personal information. We share it only with: trusted service providers acting on our behalf, parties when required by law, parties to protect our rights or the safety of others, or in connection with a corporate transaction (e.g. merger or acquisition).

We retain personal information only as long as necessary for the purposes described in this policy and as required by applicable law.

All users may request access to, correction of, or deletion of their personal information; or opt out of marketing communications.

EEA / UK users (GDPR) additionally have rights to data portability, restriction, objection, withdrawing consent, and lodging a complaint with their supervisory authority.

California residents (CCPA / CPRA) have the right to know, delete, opt out of sale, and not be discriminated against for exercising those rights.

Canadian residents (PIPEDA) may access, challenge, and withdraw consent to the processing of their personal data. Contact us at info@enforceauth.com to exercise any of these rights.

We may process information in the United States and other jurisdictions. For EEA / UK transfers we rely on Standard Contractual Clauses; for Canadian transfers we maintain PIPEDA-compliant safeguards.

We use administrative, technical, and physical safeguards designed to protect personal information — including encryption in transit and at rest, role-based access controls, and secure storage. No system is perfectly secure; we cannot guarantee absolute security.

The site is not intended for children under 13 (or under 16 in the EEA / UK). We do not knowingly collect personal information from children.

We may update this policy from time to time. Updates take effect when posted to this page with a revised "Last updated" date. Material changes will be notified via email where appropriate.

EnforceAuth, Inc. — questions about this policy or our handling of your personal data: info@enforceauth.com. EEA / UK users may also lodge a complaint with their local data protection authority.