Our Privacy Policy

Effective: November 1, 2025

At Enata, we take your privacy seriously. Please read this Privacy Policy to learn how we treat your personal data. By using or accessing our Services in any manner, you acknowledge that you accept the practices and policies outlined below, and you hereby consent that we will collect, use and share your information as described in this Privacy Policy.

Remember that your use of Enata’s Services is at all times subject to our Platform Terms of Service (the “Terms”), which incorporates this Privacy Policy. Any terms we use in this Policy without defining them have the definitions given to them in the Terms.

Before we get into the details, here are a few key points we’d like you to know:

  • We do not and will not allow third parties (such as model providers like OpenAI or Anthropic) to use your Personal Data to train AI models.

  • We store your Personal Data in Amazon Web Services (AWS) servers located in the U.S. All Personal Data is encrypted at rest and in transit.

  • We implement a variety of security measures aligned with our pursuit of SOC 2 Type II and HIPAA-aligned safeguards, including firewalls, virtual private cloud (VPC) architecture, audit logging, and intrusion detection systems.

As we continue to improve our Services, we may need to update this Privacy Policy. We will notify you of material changes by posting a notice on our website, sending you an email, and/or other appropriate means. If you use the Services after any changes are posted, you agree to the revised policy.

What this Privacy Policy Covers

This Privacy Policy covers how we treat Personal Data that we gather when you access or use our Services. “Personal Data” means any information that identifies or relates to a particular individual, and also includes information referred to as “personally identifiable information” or “personal information” under applicable data privacy laws. This Privacy Policy does not cover the practices of companies we don’t own or control or people we don’t manage.

Personal Data

Categories of Personal Data We Collect

This chart details the categories of Personal Data that we may collect and have collected over the past 12 months.

Category of Personal DataExamples of Personal Data We CollectCategories of Third Parties With Whom We ShareProfile or Contact DataFirst and last name, emailService Providers, Parties You Authorize, Access or AuthenticatePayment DataPayment card type, last 4 digits, billing addressService Providers (e.g., payment processors like Stripe, Inc.)Device/IP DataIP address, device ID, operating system/browserService Providers, Security VendorsWeb AnalyticsPage interactions, referral sourcesService ProvidersProfessional/Employment DataJob title, employerService Providers, Parties You AuthorizeRecordings and TranscriptionsAudio/video recordings and transcripts created through our ServicesService Providers, Parties You AuthorizeOther Voluntary IdentifiersCalendar events, uploaded files, meeting data, communicationsService Providers, Parties You Authorize

Categories of Sources of Personal Data

We may collect Personal Data about you from:

  • You directly: when you create an account, interact with our Services, provide information via forms, or contact us.

  • Your devices and browsers: through cookies, analytics, and log data.

  • Third-party accounts: if you link services (e.g., calendar, CRM, or messaging tools) with Enata.

  • Vendors and partners: including analytics providers and service integrations.

Our Commercial or Business Purposes for Collecting Personal Data

We use your Personal Data to:

  • Provide, personalize, and improve the Services.

  • Process payments and transactions.

  • Secure our Services (fraud detection, access control, debugging).

  • Support compliance with SOC 2 Type II and industry best practices for healthcare data handling.

  • Communicate with you, including responding to inquiries.

  • Conduct research, development, and testing.

  • Train AI models only with De-Identified Data (never with Personal Data).

De-Identified Data

We may create anonymized, de-identified data from the Personal Data we collect. This De-Identified Data does not identify you and may be used for lawful business purposes such as analytics, product improvement, and AI model training.

Data Storage and Security

We implement industry-standard measures to protect your Personal Data:

  • Encryption: All data encrypted at rest and in transit.

  • Infrastructure: AWS-hosted servers in the U.S. with VPC isolation.

  • Security Programs: Alignment with SOC 2 Type II trust principles (security, availability, confidentiality, processing integrity, and privacy).

  • Healthcare Safeguards: While Enata is not yet HIPAA certified, we are implementing safeguards designed to align with HIPAA requirements for protecting sensitive health-related data.

Despite these efforts, no method of transmission or storage is 100% secure.

Data Retention

We retain Personal Data only as long as necessary to provide our Services and fulfill business purposes. Retention periods vary depending on data type (e.g., profile information while you maintain an account, payment data while required for billing, logs for system security). We may retain anonymized data longer for analytics.

Children’s Privacy

We do not knowingly collect or solicit Personal Data from children under 18. If we learn we have collected data from a child under 18, we will delete it promptly. If you believe a child has provided us Personal Data, contact us at info@enata.ai.

State and International Privacy Rights

  • California Residents (CCPA/CPRA): You may request information about how we handle your data and request deletion.

  • Nevada Residents: You may opt out of the sale of Personal Data, but we do not sell Personal Data.

  • EU/UK/Swiss Residents (GDPR): You have rights including access, rectification, erasure, portability, and objection. To exercise these rights, contact us at info@enata.ai.

Transfers of Personal Data

Our Services are hosted in the U.S. If you are located outside the U.S., your Personal Data will be transferred and processed in the U.S. with appropriate safeguards in place, such as standard contractual clauses where required.

Contact Information

If you have any questions or concerns about this Privacy Policy, or how we process your Personal Data, please contact us at:

Enata, Inc.
Email: info@enata.ai
San Francisco, California, USA

Get started with Enata today

Transform field chaos into sales clarity - let us show you how Enata helps your team get back to what they love doing - selling.

Turn field notes into sales wins, faster than ever.

hello@enata.ai

Home

Features

About

Comparison

FAQ’s

Pursuing

© 2025 Enata AI, Inc. All rights reserved.

Privacy Policy

Get started with Enata today

Transform field chaos into sales clarity - let us show you how Enata helps your team get back to what they love doing - selling.

Turn field notes into sales wins, faster than ever.

hello@enata.ai

Home

Features

About

Comparison

FAQ’s

Pursuing

© 2025 Enata AI, Inc. All rights reserved.

Privacy Policy

Get started with Enata today

Transform field chaos into sales clarity - let us show you how Enata helps your team get back to what they love doing - selling.

Turn field notes into sales wins, faster than ever.

hello@enata.ai

Home

Features

About

Comparison

FAQ’s

Pursuing

© 2025 Enata AI, Inc. All rights reserved.

Privacy Policy