eNigel and British Airways

Please refer to the terms and conditions for details of eNigel's data protection policies and conditions.

How does eNigel work?

The applications on eNigel work in a similar way that a "screen scraping" website/application would work. Screen scraping is where an application or website visits various other websites to gather information and then process it for further use. Some good examples of screen scraping include confused.com (which gets insurance quotes from insurers) and First Direct's Internet Banking Plus (which collates all of your online bank accounts in one place).

eNigel works by mimicking a web browser and accessing pages on ESS in the same way that a normal "human" user would do i.e it logs in, visits Crewlink, eMaestro, FICO etc. and then notes the information down. The applications on eNigel only access ESS applications when you are present at the computer and have entered your BSAFE password; eNigel will NOT access ESS at any other time.

British Airways PLC

eNigel is EG801 compliant and is registered with British Airways as detailed by FAN 49/13 (see eManuals / Crewlink for details).

Applications on eNigel make use of your personal access to British Airways's Employee Self Service (ESS - my.baplc.com) which includes Crewlink, Staff Travel and eMaestro. Access and data protection policies for British Airways can be found on the British Airways intranet under Employment Guides EG801, EG802 and EG803.

To access the data on ESS, eNigel must send your ESS username and BSAFE password to British Airways' server. Your BSAFE password is NEVER stored or recorded on the eNigel server, it is passed through the server and straight through to British Airways. The data connection between your web browser (ie iPad, laptop, smartphone) and the eNigel server is encrypted with a 256 bit strength connection. The data connection between the eNigel server and British Airways' server is encrypted using a 128 bit strength encryption as provided by British Airways.

All users of third party applications should familiarise themselves with the employment policies listed above and also FAN 49/13.

Keep yourself secure!

It goes without saying that you should keep your eNigel password secure and not divulge it to anyone else. It's also recommended that you use a different password for eNigel than you do for any other online accounts/applications.

Please ensure that when you visit the eNigel website that the address bar in your browser starts with "https://www.enigel.co.uk" and that the padlock icon is present (this indicates that you are accessing the site over an encrypted connection). If you click on that icon you should also see the details of the security certificate and that it has been issued by "Go Daddy" for "www.enigel.co.uk". If you have any concerns as to the authenticity of the site then do not log in or register.