Book a demo

Book a demo

Privacy Policy

This personal data policy has been drafted by société par actions simplifiée Enroll, registered with the Paris Trade and Companies Register under number 992 744 847, whose registered office is located at 9 rue des colonnes, Paris (75002) (hereinafter “Enroll”).

Enroll is a company that develops a software solution whose purpose is to automate the administrative work of HR teams with the help of artificial intelligence.

This privacy policy is intended solely to describe the personal data processing carried out by Enroll as a data controller. The policy is published and accessible at any time on the website.

This privacy policy is established in light of the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, as well as Law No. 78-17 of 6 January 1978 on data processing, data files and individual liberties in its latest version (the “Personal Data Rules”).

1. Definitions

The following definitions apply to this entire privacy policy:

  • “Data Subject”: means a Visitor, a client’s employee, a prospect, or any other person whose personal data would be processed by Enroll as a data controller.

  • “Website”: means Enroll’s website accessible at https://enroll.work/ as well as its subdomains.

  • “Solution”: means the software solution developed by Enroll, whose purpose is to automate the administrative work of HR teams with the help of artificial intelligence.

  • “Visitor”: means any person consulting or browsing the Website.

Unless otherwise required by the context, definitions in the singular include the plural, and vice versa.

2. Personal data collected

Enroll may process the following personal data, which will be processed for the purposes mentioned below:

  • General information (first and last name(s), email address, telephone number);

  • Information related to the company associated with the Data Subject;

  • Navigation data within the Solution or the Website;

  • Data relating to the Data Subject’s consent to receive emails from Enroll;

  • Visitors’ browsing preferences on the Website (language and display preferences);

  • Data related to the signing and performance of contracts;

  • Data exchanged during interactions with Enroll’s customer support (e.g., issues encountered, solution proposed by Enroll).

3. Processing activities, purposes and legal bases

No. Processing Purpose Legal basis 1 Contacting interested Visitors Contacting Visitors who left their contact details Consent 2 Newsletter Informing any interested person about Enroll news Consent 3 Handling support requests Responding to support requests and enabling the client to benefit from the services as contractually agreed Performance of the contract 4 Prospecting Developing Enroll’s customer base Legitimate interest 5 Visit statistics Producing statistics about Website Visitors (e.g., number of Visitors per page) Consent 6 Navigation analysis Analyzing navigation on the Website and/or the Solution Consent 7 Contract tracking Tracking and keeping evidence of acceptance of contracts entered into between Enroll and its clients or partners Performance of the contract 8 Business relationship management Managing the business relationship with Enroll’s clients and partners Legitimate interest 9 Disputes Enabling Enroll to organize its defense in the event of a dispute or pre-litigation Enroll’s legitimate interest in defending itself 10 Compliance with legal obligations Ensuring Enroll’s compliance with legal obligations Legal obligations

4. Recipients of the personal data processed

The personal data collected about Data Subjects and processed are necessary for pursuing all the purposes listed above and are intended exclusively for Enroll’s internal management departments and, where applicable, its processors.

The categories of processors to whom personal data may be disclosed are as follows:

  • Day-to-day operations: processors providing digital solutions useful for Enroll’s daily operations, such as data hosting solutions, error/bug detection for the Solution or the Website, monitoring usage of the Solution and the Website, updates, and ensuring proper operation of the Solution or the Website.

  • Marketing and communication operations: processors offering online communication solutions and social media services, and enabling data analysis notably for marketing purposes.

  • Maintenance operations: processors that have access to Enroll’s technology to perform maintenance operations or address technical issues affecting the Solution or the Website in an emergency.

  • Management and advisory operations: processors supporting Enroll in its compliance management (whether accounting, legal, financial, or audit-related).

It is specified that neither Enroll nor its processors sell, in any way whatsoever, Data Subjects’ personal data.

5. Retention of personal data

Data Subjects’ data are not retained beyond the period strictly necessary for the purposes pursued and set out in Article 3 of this privacy policy, in particular:

  • Data processed in connection with support requests are retained for the time needed to handle the request.

  • Prospects’ data are retained until consent is withdrawn or the prospect objects, or for 3 years from the prospect’s last contact.

  • Data related to the signing and performance of contracts are retained for the entire duration of the relationship with the client or partner.

  • Cookies are retained for up to 13 months, subject to the limitations imposed by your browser.

Enroll anonymizes, archives, or deletes Data Subjects’ data as soon as the purpose and retention period expire, subject to the time needed to comply with its legal obligations, in particular in light of civil and commercial limitation periods.

6. Transfer of personal data

The personal data processed by Enroll are hosted by Amazon Web Services, whose servers are located in France (backup in Germany).

Some personal data processed by processors may be transferred outside the European Union, in particular to the United States. In such a case, if transfers are made to countries that do not benefit from an adequacy decision, Enroll ensures that the relevant processors implement appropriate legal, technical, and organizational measures to govern any transfer of personal data, notably by using standard contractual clauses adopted by the European Commission.

7. Cookies and other trackers

Enroll uses cookies and trackers, which are small computer files stored on your devices in order to collect data related to your browsing habits, indicate your visit to a given page, and provide an additional service such as improving your browsing comfort.

In accordance with Article 82 of the French Data Protection Act (Loi informatique et libertés), any subscriber or user of an electronic communications service must be informed clearly and comprehensively, unless they have been informed beforehand, by the data controller or its representative, (i) of the purpose of any action intended to access, by electronic transmission, information already stored on their terminal equipment or to store information in their terminal equipment, and (ii) of the means available to refuse it. Such access or storage may only take place provided that the subscriber or user has given their consent after receiving this information. Data Subjects may withdraw their consent to the use of these trackers by clicking here.

It is also provided that these rules do not apply if access to information stored in the user’s terminal equipment or the storage of information in the user’s terminal equipment (i) has the sole purpose of enabling or facilitating electronic communications, or (ii) is strictly necessary for providing an online communication service at the user’s express request.

Within the scope of this exception, Enroll uses the following types of cookies:

  • Cookies for detecting errors and malfunctions of the Solution. These cookies are retained for approximately thirty (30) days from their placement.

  • Cookies that store the choice expressed regarding the placement of cookies. These cookies are retained for a period of six (6) months from the user’s last acceptance, refusal, or customization.

8. Data subjects’ rights

8.1 Nature of the rights

In accordance with the Personal Data Rules, the Data Subject has rights over their personal data, namely:

  • Right of access: any Data Subject may know what personal data Enroll holds about them and obtain a copy.

  • Right to rectification and erasure: any Data Subject may request that inaccurate or outdated personal data concerning them be rectified, and that such data be deleted.

  • Right to object and to restrict processing: any Data Subject may object to the way Enroll processes their personal data or request that processing concerning them be restricted, insofar as possible and subject to any compelling legitimate grounds Enroll may have to continue processing, such as legal obligations regarding anti-money laundering and counter-terrorist financing.

  • Right to withdraw consent: any Data Subject may withdraw their consent for processing carried out on that basis.

  • Right to data portability: any Data Subject may request that Enroll send their personal data in a structured, commonly used and machine-readable format so that it can be transmitted to another data controller, provided this is possible.

  • Right to set instructions for the handling of personal data after death: any person may provide Enroll with instructions regarding the handling of their data in the event of death, including whether their data should be communicated to third parties.

  • Right to lodge a complaint with a supervisory authority: any Data Subject may contact the CNIL or any other competent supervisory authority if they consider that Enroll has not complied with certain rules provided by the Personal Data Rules (information on how to refer a matter to the CNIL is available on its website).

8.2 Exercising rights

For any questions regarding the processing of their personal data or to exercise their rights, Data Subjects may contact Enroll at the following addresses:

  • By email: writing to dpo@enroll.work.

  • By post: ENROLL, 39 rue des colonnes, 75002 Paris, France.

The exercise of rights granted by the Personal Data Rules is not unlimited (Enroll is entitled not to respond to requests that are manifestly unfounded or excessive) and each of these rights is subject to conditions imposed by the Personal Data Rules. In this respect, the following points are specified:

  • Identity: any Data Subject must prove their identity and indicate the address at which they wish to be contacted.

  • Response time: requests are handled by Enroll within a reasonable timeframe, taking into account the complexity, the number of requests made, and the Personal Data Rules.

  • Free of charge: exercising rights is in principle free of charge. Where a request would entail significant costs, the Data Subject may be required to bear fees.

These requirements must be complied with; otherwise requests may not be processed.

9. Security measures

Enroll takes all physical, logical, and organizational security measures to ensure a high level of security for the protection of personal data and in particular to prevent such data from being altered, damaged, or disclosed to unauthorized persons. If the means used to ensure the security of personal data are modified, Enroll undertakes not to reduce the level of security.

10. Changes to the privacy policy

In such a case, Data Subjects will be informed of updates either by email or by means of a notice in the Solution or on the Website, at least fifteen (15) days prior to any material change to the policy.

Privacy

Terms

Contact

© 2026 Enroll. All rights reserved.

Privacy

Terms

Contact

© 2026 Enroll. All rights reserved.