Skip to main content
This document explains user-facing continuity expectations for Enigm services at a public architecture level. It does not create contractual commitments, service-level commitments, recovery commitments, or legal advice. It does not expose internal recovery procedures, infrastructure details, backup systems, third-party names, or operational playbooks.

Overview

Enigm business continuity is designed to support critical platform operation while preserving privacy, data minimization, and end-to-end encryption boundaries. Continuity processes must not become a way to bypass end-to-end encryption, recover private keys outside the designed recovery model, or obtain plaintext messages from encrypted storage.

User-Controlled Data

User-controlled data lifecycle decisions include account deletion, message deletion, Enigm Server deletion, Enigm eSIM deletion or retirement, Enigm Key revocation, and managed-device lifecycle actions where enabled. Deletion affects availability immediately for user-controlled account and server lifecycle actions, subject only to legal preservation obligations that existed before deletion.

Encrypted Messages

Enigm cannot provide plaintext messages from encrypted storage when Enigm does not possess plaintext. Encrypted messages follow the message lifecycle model:
  • User-defined lifetime up to a maximum of 30 days.
  • Manual deletion where authorized.
  • Server-side storage as encrypted content only where delivery requires storage.
  • No backup model intended to provide plaintext access.

Enigm Server

Enigm Server deletion affects server-scoped encrypted content availability. Enigm Server administrators can delete encrypted content created within their server environment, including server-scoped encrypted messages, encrypted multimedia, encrypted content belonging to a specific user, or the entire server environment where policy allows. Administrative deletion does not provide plaintext access. Enigm Server administrators cannot read message plaintext, attachment plaintext, user communications, or private keys. If a dedicated server is deleted, server-scoped content may become unavailable according to deletion policy.

Enigm Command

Enigm Command provides account, session, device, product lifecycle, and administrative workflows. If Enigm Command is unavailable, user-facing management actions such as session review, device removal, Enigm Server administration, Enigm eSIM lifecycle actions, or Enigm Key lifecycle review may be delayed until service availability is restored. Enigm Command unavailability does not create plaintext access to protected content.

Enigm Key

Enigm Key emergency workflows depend on:
  • Account state.
  • Configured emergency contacts.
  • Device state.
  • Connectivity state.
  • Service availability.
  • Emergency workflow lifecycle state.
Enigm Key is designed for event-bound emergency alerting, not continuous tracking. If required services or connectivity are unavailable, emergency alert delivery can be delayed or unavailable.

Enigm eSIM

Enigm eSIM continuity depends on service availability, balance or entitlement state, lifecycle state, supported device state, and applicable network conditions. Enigm eSIM is a data-only connectivity product. It does not replace Enigm App cryptography, secure messaging, Device Trust, VPN Service, Proxy Network, or endpoint security.

Enigm OS

Enigm OS devices can remain locally usable according to device state and local security policy. Platform-dependent features may require active Enigm services, including managed-device reporting, Trust status synchronization, OTA update discovery, Remote Attestation workflows, Enigm Command management, or Enigm App service access.

Account Deletion

Account deletion removes the account from normal service operation and deletes associated account data immediately. Deletion does not affect information already disclosed by authorized users, captured outside Enigm controls, or preserved under valid legal, security, or compliance obligations.

Server Deletion

Server deletion retires the dedicated server environment immediately. Server deletion can affect:
  • Server membership.
  • Join request state.
  • Server-scoped encrypted content availability.
  • Server lifecycle records.
  • Server-scoped administrative visibility.
Server deletion does not provide plaintext access to encrypted content.

Key Loss

If a user loses access to private key material and that material is not recoverable by design, Enigm cannot recover it outside the documented recovery model. Recovery flows must remain separated from normal message access and must not weaken message confidentiality.

Data Export

Enigm does not currently provide user data export workflows. Enigm cannot export plaintext messages, plaintext attachments, secure call content, private keys, or data that is technically unavailable. The absence of export workflows supports the privacy and minimization model, but it also means users should not rely on Enigm as a general-purpose data export or archival system.

Service Discontinuation

If a product or service is discontinued, Enigm should provide user-facing guidance where legally and operationally appropriate. Discontinuation planning should consider:
  • Account lifecycle.
  • Product entitlements.
  • Encrypted content lifecycle.
  • Enigm Server lifecycle.
  • Enigm eSIM lifecycle.
  • Enigm Key lifecycle.
  • Enigm OS platform-dependent features.
This documentation does not create a contractual discontinuation process or timeline.

Security Limitations

Continuity planning improves resilience, but it does not eliminate all risk. Limitations include:
  • Encrypted backups do not provide plaintext access.
  • Private keys cannot be recovered if unrecoverable by design.
  • Deleted or expired data can be unavailable.
  • External network conditions can affect Enigm eSIM and Enigm Key behavior.
  • Platform-dependent Enigm OS features can require active Enigm services.
  • User disclosure or external capture remains outside Enigm controls.