Cookie Policy
Plain Language Summary
In short: We use cookies sparingly and transparently. This policy explains what cookies are, which ones we use, and how you can control them.
As a cybersecurity company, we take privacy seriously — including our own website practices. We use a minimal set of cookies, have chosen privacy-focused tools like Plausible Analytics, and do not use any advertising or tracking cookies.
| Cookie Category | Consent Required | Maximum Duration |
|---|---|---|
| Essential cookies | No (always active) | Session - 6 months |
| Functional cookies | Yes | 12 months |
| Analytics cookies | Yes | Opt-out only (5 years) |
| Marketing cookies | We don't use any | N/A |
You can change your cookie preferences at any time by clicking the "Cookie Settings" link in the footer of any page, or by adjusting your browser settings.
1. What Are Cookies?
Cookies are small text files that are placed on your computer, smartphone, or other device when you visit a website. They are widely used to make websites work more efficiently, as well as to provide information to the website owners.
Types of Cookies
| Type | Description |
|---|---|
| Session Cookies | Temporary cookies that are deleted when you close your browser. They enable website features during your visit. |
| Persistent Cookies | Remain on your device for a set period or until you delete them. They remember your preferences for future visits. |
| First-Party Cookies | Set by the website you are visiting (in this case, enigmacyber.com). |
| Third-Party Cookies | Set by external services embedded on our website (such as Intercom or X). |
Similar Technologies
In addition to cookies, we may use other similar technologies:
- Local Storage — Stores data in your browser with no expiration date
- Session Storage — Stores data only for the duration of your browser session
- Web Beacons/Pixels — Small invisible images used to track page views or email opens
2. How We Use Cookies
Enigma Labs uses cookies to:
- Ensure website functionality — Enable core features like user authentication and security
- Remember your preferences — Store language settings and consent choices
- Provide live chat support — Enable our Intercom chat functionality
- Understand website usage — Analyze how visitors interact with our site (using privacy-focused analytics)
Our Privacy-First Approach
We believe in data minimization and privacy by design. Our cookie usage reflects this commitment:
| Feature | Our Approach |
|---|---|
| Analytics | Plausible Analytics — no cookies, no personal data, EU-hosted |
| Advertising | None — we don't use any advertising cookies |
| Tracking | None — no cross-site tracking or profiling |
| Data Sharing | None — we don't sell or share data with advertisers |
3. Types of Cookies We Use
Cookie Categories Summary
| Category | Consent Required | Maximum Duration | Description |
|---|---|---|---|
| Strictly Necessary | No | 6 months | Essential for the website to function. Cannot be disabled. |
| Functional | Yes | 12 months | Enable enhanced features and personalization. |
| Analytics | Yes | 5 years (opt-out only) | Help us understand how visitors use our website. |
| Third-Party | Yes | 2 years | Set by external services embedded on our site. |
3.1 Strictly Necessary Cookies
These cookies are essential for the website and platform to function. They cannot be disabled in our cookie consent tool. These cookies do not store any personally identifiable information.
| Cookie Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
cc_cookie | Enigma Labs | Stores cookie consent preferences | 6 months | HTTP |
PHPSESSID or session_id | Enigma Labs | Maintains user session state for logged-in users | Session | HTTP |
csrf_token | Enigma Labs | Protects against cross-site request forgery attacks | Session | HTTP |
__Host-session | Enigma Labs | Secure session identifier for authenticated users | Session | HTTP (Secure, HttpOnly) |
geoDecision | Enigma Labs | Stores a signed geo/localization routing decision (region + confidence) for regional site delivery; raw timezone and locale values are not stored in this cookie | 24 hours | HTTP (Secure, HttpOnly) |
Why these are necessary:
cc_cookie— Required to remember your cookie consent choicesPHPSESSID/session_id— Essential for maintaining your login sessioncsrf_token— Security feature to protect against malicious attacks__Host-session— Secure authentication mechanism with enhanced security flagsgeoDecision— Required to remember reliable region routing decisions without persisting raw browser timezone/locale values
3.2 Functional Cookies
These cookies enable enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. You can consent to or decline these cookies through our cookie banner.
| Cookie Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
locale / lang | Enigma Labs | Remembers user's language preference | 12 months | HTTP |
intercom-id-* | Intercom | Identifies user for live chat support | 9 months | HTTP |
intercom-session-* | Intercom | Maintains live chat session state | 1 week | HTTP |
intercom-device-id-* | Intercom | Identifies device for chat continuity | 9 months | HTTP |
What these enable:
- Language preference memory — No need to reselect your language on each visit
- Live chat functionality — Seamless support experience with conversation history
3.3 Analytics Cookies
These cookies help us understand how visitors use our website. We use privacy-focused analytics that minimize data collection.
| Cookie Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
plausible_ignore | Plausible Analytics | Allows users to opt-out of analytics | 5 years | HTTP |
About Plausible Analytics
We use Plausible Analytics, a privacy-focused alternative to Google Analytics. Plausible:
- Does NOT use cookies for tracking by default
- Does NOT collect personal data
- Does NOT track users across websites
- Is fully GDPR, CCPA, and PECR compliant without requiring consent
- Processes all data in the European Union
The only Plausible-related cookie (plausible_ignore) is set only when a user explicitly opts OUT of analytics, not for tracking purposes.
Because Plausible does not use cookies for tracking and does not collect personal data, analytics consent is technically not required under GDPR. However, we include it in our consent options for full transparency and to give you complete control.
3.4 Third-Party Cookies
These cookies are set by third-party services embedded on our website. We only load these services after you have given consent.
| Cookie Name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
guest_id | X (formerly Twitter) | Set when X share button is displayed | 2 years | HTTP |
guest_id_ads | X (formerly Twitter) | Advertising-related identifier | 2 years | HTTP |
guest_id_marketing | X (formerly Twitter) | Marketing-related identifier | 2 years | HTTP |
personalization_id | X (formerly Twitter) | Personalization of X content | 2 years | HTTP |
ct0 | X (formerly Twitter) | Security cookie for X functionality | Session | HTTP |
X (formerly Twitter) Share Button
The X share button may set cookies when loaded. We only load the X button after you have consented to third-party cookies. You can control these cookies through:
- Our cookie consent banner (X button only loads after consent)
- X's own privacy settings at https://twitter.com/settings/privacy
- Your browser settings to block third-party cookies
4. Cookies We Do NOT Use
Unlike many websites, we do NOT use any advertising or marketing cookies. Specifically, we do not:
| What We Don't Do | Why It Matters |
|---|---|
| Run retargeting campaigns | No ads following you around the web |
| Use Google Ads | No Google tracking pixels |
| Use Facebook Pixel | No Meta/Facebook tracking |
| Use LinkedIn Insight Tag | No professional profile tracking |
| Share data with advertising networks | Your data stays with us |
| Build advertising profiles | No behavioral profiling |
| Sell visitor data | Your information is never sold |
Our commitment: As a cybersecurity company, we believe in practicing what we preach. Your privacy is not for sale.
5. Cookie Consent
5.1 How We Obtain Consent
Enigma Labs uses CookieConsent, an open-source cookie consent management tool. When you first visit our website:
- A cookie banner appears at the bottom of the screen
- You can choose to accept all cookies, reject non-essential cookies, or customize your preferences
- Non-essential cookies are blocked until you give consent
- Your preferences are stored in the
cc_cookiecookie for 6 months
Our consent mechanism complies with GDPR and ePrivacy requirements:
| Requirement | Our Implementation |
|---|---|
| Consent before non-essential cookies | ✅ Non-essential cookies blocked until consent |
| Freely given | ✅ Equal prominence for accept/decline options |
| Specific and informed | ✅ Granular categories with clear descriptions |
| Unambiguous | ✅ Clear affirmative action required |
| No pre-ticked boxes | ✅ All non-essential options unchecked by default |
| Easy to refuse | ✅ "Reject All" option equally accessible |
| No cookie walls | ✅ Content accessible without consent |
5.2 Your Consent Choices
When you see our cookie banner, you have three options:
| Option | What Happens |
|---|---|
| Accept All | All cookie categories are enabled (Necessary + Functional + Analytics + Third-Party) |
| Reject Non-Essential | Only Strictly Necessary cookies are enabled |
| Customize | You choose which categories to enable individually |
5.3 Withdrawing Consent
You can change your cookie preferences at any time:
- Via our website: Click the "Cookie Settings" link in the footer of any page
- Via browser settings: Clear cookies for enigmacyber.com (see Section 6: Managing Cookies)
- Contact us: Email privacy@enigmacyber.com
When you withdraw consent:
- Non-essential cookies are immediately deleted
- Associated data processing stops
- Your preference is recorded for 6 months
5.4 Consent Expiration and Renewal
Your cookie consent preferences are stored for 6 months. After this period:
- The cookie consent banner will reappear on your next visit
- You will be asked to confirm or update your preferences
- This ensures your consent remains current and informed
We may also re-display the consent banner if:
- We add new cookie categories
- We add new third-party services
- There are material changes to how we use cookies
6. Managing Cookies
6.1 Using Our Cookie Settings
The easiest way to manage cookies on our website is through our built-in cookie settings:
- Click "Cookie Settings" in the footer of any page
- Toggle individual cookie categories on or off
- Click "Save Preferences"
Your choices take effect immediately.
6.2 Browser Settings
You can also control cookies through your browser settings. Here's how to manage cookies in popular browsers:
| Browser | Settings Path | Instructions Link |
|---|---|---|
| Google Chrome | Settings → Privacy and security → Cookies and other site data | Chrome Help |
| Mozilla Firefox | Settings → Privacy & Security → Cookies and Site Data | Firefox Help |
| Apple Safari | Preferences → Privacy → Cookies and website data | Safari Help |
| Microsoft Edge | Settings → Cookies and site permissions → Manage and delete cookies | Edge Help |
Browser-level options include:
- Block all cookies
- Block third-party cookies only
- Clear cookies when you close the browser
- Create exceptions for specific websites
- View and delete existing cookies
Note: Blocking all cookies may prevent some features of our website from functioning properly.
6.3 Mobile Devices
On mobile devices, you can manage cookies through:
| Device | Path |
|---|---|
| iOS (Safari) | Settings → Safari → Block All Cookies / Prevent Cross-Site Tracking |
| Android (Chrome) | Chrome → Settings → Site settings → Cookies |
6.4 Third-Party Opt-Outs
For cookies set by third-party services, you can also use their dedicated opt-out mechanisms:
| Service | Opt-Out Method |
|---|---|
| Intercom | Intercom Privacy Portal or disable functional cookies in our settings |
| X (formerly Twitter) | X Privacy Settings |
| General (EU) | Your Online Choices |
7. Third-Party Services
We use a limited number of third-party services that may set cookies. Here's detailed information about each:
| Service | Purpose | Privacy Policy | Opt-Out |
|---|---|---|---|
| Intercom | Live chat support | Intercom Privacy | Disable functional cookies |
| X (formerly Twitter) | Social sharing button | X Privacy | X Settings |
| Plausible Analytics | Website analytics (privacy-focused) | Plausible Privacy | No opt-out needed — no tracking cookies |
7.1 Intercom (Live Chat)
Purpose: Provides live chat functionality for customer support
Data collected:
- Anonymous user ID for chat continuity
- Chat conversation history
- Device identifier for session management
Data location: Intercom processes data in the United States with appropriate safeguards
Data retention: 9 months for user/device identifiers, 1 week for session data
How to opt out: Disable "Functional Cookies" in our cookie settings or contact Intercom through their Privacy Portal
7.2 X (formerly Twitter) Share Button
Purpose: Allows visitors to share content on X
Data collected:
- X user identifiers (if logged into X)
- Advertising and marketing identifiers
- Personalization data
Data retention: Up to 2 years
How to opt out: Disable "Third-Party Cookies" in our cookie settings or adjust X privacy settings at https://twitter.com/settings/privacy
Note: The X button only loads after you consent to third-party cookies.
7.3 Plausible Analytics
Purpose: Privacy-focused website analytics
Data collected:
- No personal data
- Aggregated page view statistics
- Country-level location (derived from IP, not stored)
- Browser type and operating system (anonymized)
- Referrer information (anonymized)
Data location: All data is processed and stored in the European Union
Data retention: No cookie-based tracking; aggregated data retained per Plausible's policy
How to opt out: Not applicable — Plausible does not use tracking cookies. If you wish to exclude yourself from analytics entirely, you can use their manual opt-out feature which sets the plausible_ignore cookie.
8. Do Not Track
What is Do Not Track (DNT)?
Do Not Track is a browser setting that signals your preference not to be tracked across websites. When enabled, your browser sends a DNT header with each web request.
Our Response to DNT Signals
| Aspect | Our Approach |
|---|---|
| DNT Detection | We respect DNT signals from your browser |
| Analytics | Plausible Analytics automatically respects DNT (no tracking when DNT is enabled) |
| Third-Party Cookies | X and Intercom may not respect DNT; we only load these after consent regardless |
| Essential Cookies | Still required for website functionality regardless of DNT |
Alternative Options
If your browser doesn't support DNT or you want additional control:
- Use our cookie consent banner to reject non-essential cookies
- Install privacy-focused browser extensions (uBlock Origin, Privacy Badger)
- Use browser settings to block third-party cookies
- Use private/incognito browsing mode
9. Updates to This Policy
We may update this Cookie Policy from time to time to reflect:
- Changes in the cookies we use
- New third-party services
- Changes in legal requirements
- Improvements to our privacy practices
How We Notify You of Changes
| Change Type | Notification Method |
|---|---|
| Minor updates (clarifications, typo fixes) | Updated date in document header |
| Material changes (new cookie categories, new third parties) | Cookie banner re-display + email to registered users |
| Version changes | Document version number incremented |
Version History
| Version | Date | Changes |
|---|---|---|
| 1.0 | January 22, 2026 | Initial release |
Current version: 1.0 (Last updated: January 28, 2026)
We recommend reviewing this policy periodically. Continued use of our website after changes constitutes acceptance of the updated policy.
10. Your Rights
Under the General Data Protection Regulation (GDPR), you have certain rights regarding cookies and the data they may collect:
| Right | Description | How to Exercise |
|---|---|---|
| Right to Information | Know what cookies are used and why | This policy provides full transparency |
| Right of Access | Access any personal data collected via cookies | Contact privacy@enigmacyber.com |
| Right to Rectification | Correct inaccurate personal data | Contact privacy@enigmacyber.com |
| Right to Erasure | Delete personal data collected via cookies | Clear cookies or contact us |
| Right to Restrict Processing | Limit how your data is used | Adjust cookie preferences |
| Right to Data Portability | Receive your data in a usable format | Contact privacy@enigmacyber.com |
| Right to Object | Object to certain types of processing | Reject non-essential cookies |
| Right to Withdraw Consent | Withdraw cookie consent at any time | Use "Cookie Settings" or clear cookies |
For more detailed information about your privacy rights, please refer to our Privacy Policy.
You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been violated.
11. Contact Us
If you have any questions, concerns, or requests regarding this Cookie Policy or our use of cookies, please contact us:
| Contact Method | Details |
|---|---|
| Privacy Email | privacy@enigmacyber.com |
| Data Protection Officer | dpo@enigmacyber.com |
| Company Address | Enigma Labs Technology Limited, IH-00-01-01-OF-01, Level 1, Innovation One, Dubai International Financial Centre, Dubai, United Arab Emirates |
| Privacy Policy | https://enigmacyber.com/privacy |
| Terms of Service | https://enigmacyber.com/terms |
We aim to respond to all privacy-related inquiries within 30 days.
Document Information
| Field | Value |
|---|---|
| Document Title | Cookie Policy |
| Company | Enigma Labs Technology Limited |
| DIFC License Number | CL13349 |
| Legal Entity | Limited Liability Company (DIFC) |
| Registered Address | IH-00-01-01-OF-01, Level 1, Innovation One, Dubai International Financial Centre, Dubai, United Arab Emirates |
| Country of Incorporation | United Arab Emirates |
| Website | https://enigmacyber.com |
| Cookie Policy URL | https://enigmacyber.com/cookies |
| Privacy Policy URL | https://enigmacyber.com/privacy |
| Terms of Service URL | https://enigmacyber.com/terms |
| Effective Date | January 22, 2026 |
| Last Updated | January 28, 2026 |
| Version | 1.0 |
| Cookie Consent Tool | CookieConsent (Open Source) |
Legal Framework
This Cookie Policy complies with:
-
EU ePrivacy Directive (2002/58/EC) — Cookie consent requirements
-
GDPR (Regulation (EU) 2016/679) — Personal data processing via cookies
-
EDPB Guidelines on Consent — Granular, freely given, informed consent
Related Documents
- Privacy Policy — Full details on how we process personal data
- Terms of Service — Terms governing use of our services
This Cookie Policy was last updated on January 28, 2026. For the most current version, please visit https://enigmacyber.com/cookies.
© 2026 Enigma Labs Technology Limited. All rights reserved.