Enguard Logo
HIPAA compliance for healthcare

PRIVACY POLICY

Last Updated: January 22, 2026
Effective Date: Februrary 22, 2026

Enterprise Guardian Inc. (“EnGuard”) is committed to protecting the privacy of our website visitors and clients. This policy applies to our marketing website, www.enguard.com, and our client billing portal, billing.enguard.com.

1. HIPAA Exemption & Scope

EnGuard is a HIPAA-compliant service provider. Information collected from our clients in the course of providing encrypted email and security services is governed by our Business Associate Agreements (BAA) and HIPAA privacy standards. This website Privacy Policy applies only to information collected for marketing and general business purposes on our public-facing websites that is not subject to HIPAA.

2. Compliance with California Privacy Laws (CIPA & CCPA/CPRA)

In accordance with the California Invasion of Privacy Act (CIPA) and the California Consumer Privacy Act (CCPA), EnGuard has implemented strict protocols regarding “pen registers” and “trap and trace” technologies (Cal. Penal Code § 638.50 et seq.):

  • Consent-First Architecture: We do not deploy tracking pixels or software designed to capture dialing, routing, addressing, or signaling information (including “fingerprinting” for the purpose of identifying anonymous visitors) until a visitor provides affirmative, opt-in consent via our cookie management interface.

  • Meta Pixel Remediation: While the Meta Pixel was previously used on our Marketing Site for ad conversion tracking, it has been completely removed. We do not use the Meta Pixel or any similar software to identify or correlate user data without express legal authorization or user consent.

  • Secure Billing Environment: We do not deploy Google Tag Manager (GTM), Meta Pixels, or any third-party marketing tracking scripts on billing.enguard.com. Data collection on our Billing Portal is strictly limited to essential cookies and information necessary to facilitate secure, HIPAA-compliant billing and account access.

3. Information Collected via Automated Tracking

On our Marketing Site (enguard.com), we use Google Tag Manager to coordinate analytics and advertising. These tools may capture browser/device data and site interactions. With your explicit consent, we utilize the following:

  • Google Ads & GA4: To measure marketing effectiveness and site traffic.

  • Microsoft Advertising (UET): To track conversions and optimize ad delivery.

  • Google Tag: To understand general site usage patterns.

4. No Sale of Personal Information

EnGuard is in the business of providing secure communication services, not selling data. We do not sell, rent, or lease your personal information, customer data, or metadata to third parties for monetary or other valuable consideration. We have not sold personal information in the preceding 12 months and will not do so in the future.

While we do not “sell” data, we do “share” data with the third-party service providers listed above (Google and Microsoft) for analytics and targeted advertising. You can opt-out of this sharing at any time.

5. Data Retention & Minimization

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • Client Billing Data: For users of our billing portal (billing.enguard.com), we have a strict data minimization policy. Personal information and account data associated with your billing profile are permanently deleted 60 days after the cancellation of your services, unless a longer retention period is required by law or for pending financial disputes.

  • Marketing Data: Information collected via cookies on our marketing site is retained in accordance with the settings of our third-party partners (Google/Microsoft), or until you withdraw your consent.

6. U.S. State-Specific Privacy Rights

Residents of California, Colorado, Connecticut, Delaware, Iowa, Montana, Nebraska, Nevada, New Hampshire, New Jersey, Oregon, Texas, Utah, and Virginia have specific legal rights regarding their personal data. These rights include:

  • Right to Know/Access: To confirm whether we are processing your data and to access the specific pieces of personal information we have collected.

  • Right to Correct: To request that we fix inaccuracies in your personal data.

  • Right to Delete: To request the deletion of personal information collected from you.

  • Right to Opt-Out: To opt-out of the “sharing” of your data for Targeted Advertising.

  • Right to Portability: To receive a copy of your data in a portable and readily usable format.

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

7. How to Exercise Your Rights

If you wish to submit a request to access, correct, or delete your information, or to opt-out of targeted advertising, please use one of the following methods:

  • Opt-Out Tool: Visit our Your Privacy Choices / Opt-Out Page.

  • Email: privacy@enguard.com

  • Phone: (949) 335-7080

  • Mailing Address: Enterprise Guardian Inc. Attn: Privacy Department 3070 Bristol St Ste 320 Costa Mesa, CA 92626

8. Global Privacy Control (GPC)

Our website is configured to recognize Global Privacy Control (GPC) signals. If your browser or extension has GPC enabled, we will automatically treat that as a request to opt-out of third-party tracking and targeted advertising cookies.