Loading...

Privacy Policy

TL;DR: The Enuclea "Client-First" Trust Model

Most Privacy Policies are walls of text. Here's the bottom line on how we handle your business:

  • We don't sell your data. Period. No brokers, no "monetizing" your info.
  • You own the keys. We provide and pay for a professional 1Password seat for your primary contact. You are the Owner; we are the Admins.
  • Immediate Severability. Because you own the vault, you can revoke our access at any time. We don't hold your passwords hostage.
  • Standard-Based Hygiene. Our OMS (Operational Maturity Score) is built on the same foundation as federal CMMC Level 1 standards. We keep it "Quiet" so you can stay secure.

Privacy: confirmed. Productivity: resumed.

Back to OMS

Enuclea LLC ("Enuclea," "we," "us," or "our") respects your privacy and is committed to protecting personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website or engage our managed IT services.

Effective Date: March 1, 2026
Last Updated: March 1, 2026

1. Scope

This Privacy Policy applies to:

  • Website visitors and individuals who contact us through our website ("Website Visitors").
  • Business clients and their authorized users ("Clients") who engage Enuclea for managed IT services.

2. Information We Collect

A) Information you provide

We may collect:

  • Contact information: name, business email address, phone number, company name, job title.
  • Inquiry and communications: information you include in forms, emails, calls, or messages to us.
  • Scheduling/engagement details: details needed to set appointments, prepare proposals, or deliver services.

B) Information collected automatically (Website Visitors)

When you browse our website, we may automatically collect:

  • Device and browser data: IP address, browser type, device identifiers, operating system, and similar technical information.
  • Usage data: pages viewed, time spent, referring/exit pages, and site interactions.
  • Cookies and tracking data: data collected via cookies, pixels, tags, and similar technologies (see Section 5).

C) Operational and administrative data (Clients)

To provide managed IT services, we may access or process:

  • Account and access information: usernames and administrative access required to deliver contracted services.
  • Systems and network information: device inventories, configuration details, logs, security telemetry, and related operational data generated by your environment and tooling.
  • Location and on-site service information: office location(s) and dispatch-related details needed for on-site support and asset handling.

3. How We Use Information

We use information for purposes including:

  • Providing and improving services: onboarding, support, troubleshooting, maintenance, monitoring, and security operations.
  • Communications: responding to inquiries, providing service notices, and coordinating support.
  • Account, billing, and administration: proposals, contracts, invoicing, and service management.
  • Website operations: site performance, debugging, analytics, and improving user experience.
  • Marketing and advertising (where permitted): promoting services, measuring campaign effectiveness, and delivering relevant ads.

4. Credential Handling and Access Security (Clients)

Enuclea may need administrative credentials to perform contracted services. We treat access data as highly sensitive and use a "client-first" access model:

  • Contractual requirement: Secure credential handling via 1Password is written into our service agreements and is a mandatory component of our security stack.
  • Password management: We use 1Password to handle shared credentials in encrypted vaults.
  • Client-owned vaults: When credentials are shared with Enuclea, they are shared through vaults controlled by the Client's organization (not Enuclea-owned vaults).
  • Immediate severability: Clients can revoke Enuclea's access to shared vaults at any time, which immediately terminates our ability to access those credentials.
  • Least-privilege access: We request and use only the access necessary to perform contracted services.

Important: Please do not submit passwords or secret keys through general website contact forms. If a credential exchange is required, we will provide secure channels and procedures.

5. Cookies, Pixels, and Tracking Technologies

We use cookies and similar technologies to operate our website and understand usage.

A) Meta Pixel (Advertising)

We may use the Meta Pixel to measure advertising performance and help deliver ads that may be relevant to you. This may involve collecting or receiving information about your device and your interactions with our site (such as pages viewed or actions taken). Meta may use that information in accordance with its own privacy policies.

B) Analytics

We may use analytics tools (such as Google Analytics or similar services) to understand how visitors interact with our site. These tools may collect information such as IP address, browser type, and pages visited.

C) Your choices

We do not currently offer an on-site cookie consent or preference tool. You can limit cookies and similar technologies through:

  • Your browser settings (including blocking or deleting cookies)
  • Device-level privacy controls (mobile operating systems)
  • Advertising platform controls (e.g., Meta ad preferences)
  • Industry opt-out tools (where available)

Disabling cookies may affect site functionality.

6. How We Share Information

We do not sell personal information for money. We share information only as described below:

A) Service Providers (Vendors)

We share information with trusted vendors and service providers as necessary to operate our business and deliver services. Examples include providers of:

  • Cloud, email, productivity, and identity services (e.g., Microsoft, Google)
  • Hardware and warranty/fulfillment services (e.g., Dell and other manufacturers/distributors)
  • Hosting, analytics, communications, support, security, and MSP tooling (e.g., RMM/PSA, documentation platforms, and password management)

These providers are authorized to use personal information only to perform services for us (or for the Client, where applicable) and are expected to protect it.

B) Legal, Safety, and Compliance

We may disclose information to comply with law, legal process, or governmental requests, and to protect the rights, property, or safety of Enuclea, our clients, or others (including fraud prevention and security investigations).

C) Business Transfers

If we are involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction, subject to appropriate confidentiality protections.

7. DO NOT SELL / DO NOT SHARE (Virginia + Advertising)

Some privacy laws treat certain forms of online advertising and measurement (including the use of third-party cookies/pixels) as "sharing" for targeted advertising, even when no money changes hands.

  • We do not sell personal information for monetary consideration.
  • You may opt out of "sharing" personal information for targeted advertising.

How to opt out (since we do not provide an on-site preference tool):

  • Adjust your browser cookie settings and/or use browser tools that limit cross-site tracking.
  • Use device-level ad privacy controls (mobile).
  • Adjust ad preferences on advertising platforms you use (e.g., Meta).

Important note about vendors: Opting out of "sale/sharing" for targeted advertising does not apply to disclosures we make to service providers that help us deliver services (for example Microsoft, Google, Dell, hosting, security, and MSP tooling) or to comply with law.

8. Data Retention

We retain information only as long as necessary for legitimate business purposes, including providing services, complying with legal obligations, resolving disputes, and enforcing agreements.

  • Website inquiries: retained for a reasonable period to follow up and maintain records of communications.
  • Client service data: retained for the duration of the relationship and thereafter as required for operational continuity, contractual obligations, legal compliance, or security and audit purposes.
  • Credentials: access is intended to be managed through Client-controlled vaults; clients can revoke access at any time.

9. Security Measures

We use administrative, technical, and physical safeguards designed to protect information, which may include:

  • Access controls and least-privilege practices
  • Multi-factor authentication where available
  • Encryption in transit and at rest (where supported by systems)
  • Security monitoring and logging

No method of transmission or storage is 100% secure, but we work to maintain safeguards appropriate to the sensitivity of the data we handle.

10. Virginia Privacy Rights (VCDPA)

If you are a Virginia resident, you may have rights regarding your personal data, subject to certain exceptions:

  • Access: confirm whether we process your personal data and access it.
  • Correction: correct inaccuracies in your personal data.
  • Deletion: request deletion of personal data we maintain about you (subject to exceptions).
  • Portability: obtain a copy of certain personal data in a portable format.
  • Opt out: opt out of targeted advertising, certain profiling, and the sale of personal data (as defined by law).

To exercise these rights, contact us (Section 12). We will respond as required by applicable law. If we deny your request, you may appeal by replying to our response and stating you wish to appeal the decision.

11. Children's Privacy

Our services and website are not directed to children under 13, and we do not knowingly collect personal information from children.

12. Contact Us

Enuclea LLC
Stafford, VA
info@enuclea.com
970-368-2532

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last Updated" date above.

Lawyer Confirmed. Move on.

Back to Business