Ready for a Challenge?

Privacy & Cookies

Your information is protected with strict privacy and security policies

Last updated: April 6, 2026

1 Introduction

ENIAX is seriously committed to respecting and protecting your privacy. Personal data collected through the various forms available on our website is processed in accordance with the data protection legislation applicable in each of the jurisdictions where we operate, including:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council (hereinafter, "GDPR").
  • Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights (LOPDGDD) — Spain.
  • Law No. 58/2019, of August 8, ensuring the implementation of the GDPR in the Portuguese legal system — Portugal.
  • Law 19,628 on the Protection of Private Life — Chile.
  • Law 25,326 on Personal Data Protection — Argentina.
  • Statutory Law 1581 of 2012 and Decree 1377 of 2013 — Colombia.

Through this information, we provide you with details about how we process your personal data.

2 Who Are the Data Controllers?

Chile

Company name: Eniax Care SpA

Tax ID (RUT): 77.763.063-8

Address: Avenida Vitacura 2909, Floor 19, Las Condes, Santiago, Metropolitan Region, Chile

Phone: (+56) 22 7983580

Email: contacto@eniaxcare.com

Spain

Company name: Eniax Care UE Lda, Spanish Branch

Tax ID (CIF): W4160199J

Address: Calle Juan Ignacio Luca de Tena No. 12, 28027, Madrid, Spain

Email: contacto@eniaxcare.com

Portugal

Company name: Eniax Care UE Lda.

Tax ID (NIF): 516926652

Address: Avenida da Liberdade, 110, 3rd Floor, 1269-046, Lisbon, Portugal

Email: contacto@eniaxcare.com

Argentina

Company name: Eniax Care Argentina S.R.L.

Tax ID (CUIT): 30-71822648-7

Address: Avenida Eduardo Madero 942, 9th Floor, Office 901, Ciudad Autónoma de Buenos Aires (C1106ACT), Argentina

Email: contacto@eniaxcare.com

3 For What Purpose Do We Process Your Data?

The data you provide at the time of collection will be processed for the following purposes:

Contact and Communication

To respond to inquiries from interested parties, send requested quotes, and send commercial newsletters (with prior consent).

Legal basis: Data subject's consent (Art. 6.1.a GDPR) and performance of pre-contractual measures (Art. 6.1.b GDPR).

Contract Management

To maintain the contractual relationship, manage provided information, and handle commercial, administrative, and technical relationships.

Legal basis: Performance of a contract (Art. 6.1.b GDPR) and legitimate interest of the controller (Art. 6.1.f GDPR).

Legal Obligations

To comply with legal requirements in matters of data protection, tax, and healthcare regulations.

Legal basis: Compliance with a legal obligation applicable to the controller (Art. 6.1.c GDPR).

4 What Data Do We Process and From What Sources?

The processed data comes from:

  • Data provided by the data subject through the completion of forms and relationships established with ENIAX.
  • Type of data:

    Identifying data (name, surname, identity document, postal address, email address, phone number).

    Professional data (company or organization name, job title).

    Browsing data (IP address, browser type, pages visited, data collected through cookies and similar technologies).

5 With Whom Do We Share Your Data?

Personal data will be shared solely and exclusively with individuals, organizations, and institutions that can demonstrate a legitimate interest or legal obligation. In particular, the categories of recipients are as follows:

Cloud infrastructure providers: Google Cloud Platform (Google LLC), as a sub-processor, for data hosting and processing.
CRM providers: Sistema Impulsa, for commercial management and prospect tracking.
Analytics and marketing services: Google Analytics (web traffic analysis) and LinkedIn (conversion measurement), exclusively with anonymized or pseudonymized data.
Security services: Google reCAPTCHA Enterprise, for anti-fraud verification in forms.
Public administrations and bodies: When required by law or by administrative or judicial request.
Eniax group entities: The various group companies (Eniax Care SpA, Eniax Care UE Lda, Eniax Care Argentina S.R.L.) may access data when necessary for the provision of the contracted service.

All sub-processors are subject to contractual agreements that ensure compliance with applicable data protection obligations.

6 International Personal Data Transfers

Due to the global nature of ENIAX's operations and the provision of technology services across multiple jurisdictions, personal data may be transferred to the following countries:

Recipient countries

Chile — Headquarters of Eniax Care SpA. Primary data processing and storage.

Spain — Operations of Eniax Care UE Lda, Spanish Branch. Service delivery within the European Union.

Portugal — Headquarters of Eniax Care UE Lda. Operations within the European Union.

Argentina — Operations of Eniax Care Argentina S.R.L. Service delivery in Latin America.

United States — Cloud infrastructure services (Google Cloud Platform) used for data processing and storage.

Colombia — Service delivery to clients in that jurisdiction.

Legal bases for international transfers

International personal data transfers are carried out under the following legal mechanisms, as applicable:

Standard Contractual Clauses (SCCs): Standard contracts approved by the European Commission that ensure an adequate level of data protection in transfers to third countries.
Adequacy Decisions: For transfers to countries that the European Commission has recognized as providing an adequate level of data protection (such as Argentina, per European Commission Decision 2003/490/EC).
Explicit consent of the data subject: Where no other adequate safeguards exist, explicit and informed consent from the data subject will be obtained before proceeding with the transfer.
Contractual necessity: Where the transfer is necessary for the performance of a contract between the data subject and ENIAX, or for pre-contractual measures taken at the data subject's request.

ENIAX will promptly inform its clients of any changes to the legal bases for international transfers, as well as any new destination jurisdiction. This communication will be made through the update of this policy and, where necessary, through direct notification to the client.

7 Regulatory Compliance in Data Processing

In cases where ENIAX acts as a data processor on behalf of a client (data controller), ENIAX commits to:

Notification of non-compliant instructions

Immediately inform the client if, in its opinion, a processing instruction provided by the data controller infringes the applicable legislation and/or regulations on personal data protection, including the GDPR, Organic Law 3/2018 (LOPDGDD), Law 19,628 (Chile), Law 25,326 (Argentina), and any other data protection legislation in force in the jurisdictions where ENIAX operates.

Documented processing

Process personal data solely following documented instructions from the data controller, unless required to do so by EU law or applicable national legislation.

Proactive communication

Notify the data controller of any relevant changes in applicable data protection legislation that may affect the contracted processing, as well as any request or inspection by supervisory authorities.

This notification obligation is set forth in the Data Processing Agreements (DPA) entered into between ENIAX and its clients, in compliance with Article 28 of the GDPR and equivalent legislation in each jurisdiction where it operates.

8 Security Measures and Incident Notification

ENIAX implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

Encryption of data in transit and at rest.
Role-based access controls and least privilege principle.
Monitoring and logging of access to personal data.
Backup procedures and disaster recovery.
Periodic assessments of the effectiveness of implemented security measures.

In the event of a security breach affecting personal data, ENIAX commits to:

Notify the supervisory authority: Within a maximum of 72 hours from becoming aware of the breach, in accordance with Article 33 of the GDPR.
Notify the data subject: Without undue delay when the breach is likely to result in a high risk to the rights and freedoms of natural persons, in accordance with Article 34 of the GDPR.
Notify the data controller: When ENIAX acts as a processor, communicate the breach to the controller immediately so they can fulfill their own notification obligations.

9 How Long Will We Retain Your Data?

Personal data will be retained for the time necessary to provide the service and as long as it is necessary for the intended purpose, according to the following criteria:

Commercial contact and prospect data: Retained for the duration of the active commercial relationship and, once concluded, for a maximum of 2 years unless a legal obligation requires a longer period.
Contractual data: For the duration of the contractual relationship and, thereafter, for the statute of limitations period for any legal actions that may arise (generally between 3 and 6 years depending on the applicable jurisdiction).
Data collected by consent: Until the data subject withdraws their consent.
Data arising from legal obligations: For the periods established by the applicable tax, healthcare, or data protection regulations in each jurisdiction.

After the specified periods, data will be deleted or, where applicable, blocked in accordance with applicable regulations, being available only at the request of judges and courts, the Ombudsman, the Public Prosecutor's Office, or competent public administrations.

10 What Are Your Rights?

The General Data Protection Regulation establishes that you may exercise the following rights:

Right of Access

Access your data to know how your personal data is being processed.

Right of Rectification

Request the rectification of incorrect or inaccurate data.

Right of Erasure

Request the deletion of your personal data.

Right to Restriction

Request the restriction of processing of your data.

Right to Data Portability

Request your data in a structured and portable format.

Right to Object

Object to the processing of your data in specific circumstances.

Right to Withdraw Consent

Withdraw consent at any time without affecting the lawfulness of processing based on consent given prior to its withdrawal.

Right Not to Be Subject to Automated Decisions

Not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significantly affects you. Currently, ENIAX does not carry out automated decision-making without human intervention.

How to Exercise Your Rights?

To exercise your rights, you can send us a written request to:

Postal address:
Eniax Care UE Lda, Spanish Branch
Calle Juan Ignacio Luca de Tena No. 12
28027, Madrid, Spain

Email:
dpo@eniax.care
Subject: "Data Protection Policy"
Note: The Data Protection Officer (DPO) function is outsourced through Grupo HLA, which acts as the designated DPO for ENIAX.

Additionally, if you believe that the processing of your data does not comply with applicable regulations, you have the right to file a complaint with the competent supervisory authority in your jurisdiction:

Spain: Spanish Data Protection Agency (AEPD) — www.aepd.es

Portugal: National Data Protection Commission (CNPD) — www.cnpd.pt

Chile: Council for Transparency — www.consejotransparencia.cl

Argentina: Agency for Access to Public Information (AAIP) — www.argentina.gob.ar/aaip

Colombia: Superintendence of Industry and Commerce (SIC) — www.sic.gov.co

🍪 What Are Cookies?

Cookies are small text files that websites store on your device when you visit them. They are widely used to make websites work more efficiently, as well as to provide information to website owners.

At Eniax Care, we use cookies to improve your browsing experience, analyze site usage, and personalize content and advertising.

📂 Types of Cookies We Use

🔒

Necessary Cookies

Always Active

These cookies are essential for the basic functioning of the website. They enable functions such as page navigation and access to secure areas. The website cannot function properly without these cookies.

  • Session control and authentication
  • Privacy preferences and cookie consent
  • Website security features
⚙️

Functional Cookies

These cookies allow the website to remember choices you make (such as your language or region) and provide enhanced, more personalized features.

📊

Analytics Cookies

These cookies help us understand how visitors interact with the website, collecting and reporting information anonymously.

  • Google Analytics 4: Traffic and behavior analysis
  • Most visited pages and time spent
  • Traffic sources and navigation paths

⚠️ Important: This data is completely anonymous and does not allow users to be personally identified.

📢

Marketing Cookies

These cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user.

  • LinkedIn Insight Tag: Remarketing and conversion measurement

⚠️ Note: You can opt out of these cookies at any time by adjusting your preferences.

🎛️ How to Control Cookies

You have full control over which cookies you accept. You can manage your cookie preferences in the following ways:

  • Cookie Banner: When you first visit our website, you can accept or reject non-essential cookies.
  • Browser Settings: You can configure your browser to block cookies or alert you when cookies are sent.
  • Withdraw Consent: You can change your preferences at any time by clicking the button below.

Manage Your Preferences

By clicking, the cookie banner will be reset so you can modify your preferences.

🔗 Third-Party Cookies

Some third-party services place cookies on your device when you visit our website. We do not control the use that these third parties make of cookies. For more information about third-party cookies, consult the privacy policies of the following services:

Retention Period

The retention period for cookies depends on their type:

Session cookies: Automatically deleted when you close your browser.
Persistent cookies: Remain on your device for a specific period (generally between 30 days and 2 years).
Consent cookie: Retained for 365 days to remember your preferences.

Questions?

If you have any questions about our privacy or cookie policies, please don't hesitate to contact us:

Email: contacto@eniaxcare.com

Data Protection: dpo@eniax.care