EU-US Privacy Shield Policy

Home | EU-US Privacy Shield Policy
EU-US Privacy Shield Policy2022-02-23T13:33:29-05:00

EU-US Privacy Shield Policy

VBrick Systems, Inc. complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  VBrick Systems, Inc. certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit

The European Union Directive 95/46/EC defines “Personal Data” as data that personally identifies or may be used to personally identify a person, including an individual’s name in combination with country of birth, marital status, emergency contact information, salary information, terms of employment, job qualifications (such as educational degrees), address, phone number, e-mail address, user ID, password, and identification numbers (but excludes data that is de-identified, anonymous, or publicly available). As applied to Switzerland, “person” can mean either a natural person or a legal entity, regardless of the legal entity’s form.

This Privacy Policy applies to the safeguarding of Personal Data that VBrick may collect from Customers (as defined below), in the European Union and Switzerland. VBrick has committed to handling all Personal Data in accordance with the US-EU Privacy Shield Framework as set forth by the US Department of Commerce.  VBrick has certified that it adheres to the Privacy Shield Privacy Principles of notice, choice, accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability (the “Principles”).

Note that VBrick complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States.  VBrick has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit

In compliance with the Privacy Shield Principles, VBrick commits to resolve complaints about our collection or use of your personal information.  EU individuals with inquiries or complaints regarding our Private Shield policy should first contact VBrick at [email protected].  VBrick has further committed to refer unresolved Privacy Shield complaints to the ICDR/AAA, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit for more information or to file a complaint.  The services of ICDR/AAA are provided at no cost to you.  Under this program, VBrick is open to, under certain conditions, binding arbitration.

VBrick is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) for the matters covered herein, and is subject to liability in cases of unlawful onward transfers to third parties of your information.  Notwithstanding anything herein, VBrick may be compelled to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

As a summary, please note the following answers to frequently asked questions:

What type of third parties does VBrick disclose personal information, and what is the purposes for which it does so is?

We do not disclose personal information to any third party at this point.  It is entirely kept in our system for the sole use of our customer and for our own use to maintain the system.

What rights do you have to access your personal data?

Personal information that is stored with VBrick is either put there by your employer or by you personally.  In the first case, it would be your employer’s responsibility to grant access according to their process, and in the latter the information should be accessible by simply logging into your account.

What are the choices and means VBrick offers individuals for limiting the use and disclosure of their personal data?

VBrick makes very minimal use of your personal data (only last name and email are required with a security question), primarily used for user logins only.  Any other data stored in VBrick’s system is either put there by you or your employer.  There is no need for the information provided to actually match any real information on a user.


The following capitalized terms in this Privacy Policy shall be defined as follows:

Customer” means an individual VBrick customer from EU or Switzerland, as well as any other individual, employee, end user, agent, or representative whose Personal Data VBrick has obtained from such Customer as part of its business relationship with VBrick.

Data Subject” means a natural living person, who can be identified directly or indirectly by name or other factors unique to their person, including without limitation economic, physical, psychological, or social characteristics.  For Customers residing in Switzerland, a Data Subject also may include a legal entity.

Europe” or “European” refers to a country in the European Union.

Sensitive Data” means Personal Data that discloses a Data Subject’s medical or health condition, sexual orientation, race or ethnicity, political, religious or philosophical affiliations or opinions, or trade union membership.

Third Party” means any individual or entity that is neither VBrick nor a VBrick Employee.

“VBrick Employee” means an employee (whether temporary, permanent, part-time, or contract), agent or independent contractor of VBrick or any of its affiliates or subsidiaries.

  1. SCOPE

This Privacy Policy applies to the processing of Personal Data that VBrick receives in the United States concerning Customers who reside in the European Union and Switzerland.   This Privacy Policy does not apply to pseudonyms or other data by which individual persons cannot be identified. (Pseudonyms mean false names or other identifiers which prevent the identification of individual persons by that data alone.)


The VBrick Legal Department oversees VBrick’s compliance with the EU and Swiss Privacy Shield programs, and shall review and approve material changes to this program. Please direct questions or comments regarding this Privacy Policy to [email protected].  VBrick will monitor, test, and update its data security policies and practices in its ongoing efforts to protect Personal Data. VBrick Employees will receive the applicable training to follow this Privacy Policy.


VBrick will renew its EU and Swiss Privacy Shield certifications annually, performing internal verification prior to any such recertification to ensure ongoing compliance with this Privacy Policy and the Principles. Accordingly, VBrick will:

  1. Confirm that this Privacy Policy and the public posting of such Privacy Policy accurately describe VBrick’s Customer Personal Data collection and safeguarding practices.
  2. Confirm that the public posting of this Privacy Policy notifies Customers of VBrick’s participation in the EU and Swiss Privacy Shield programs, as well as where to obtain a copy of the Privacy Policy and any additional information.
  3. Confirm that this Privacy Policy remains in compliance with the Principles.
  4. Confirm that the complaint process and any independent dispute resolution process have been made available to Customers, by methods such as web site or contractual clauses.
  5. Review its applicable VBrick Employee training processes and procedures for the handling of an individual’s Personal Data in compliance with this Privacy Policy and the Principles.
  6. Prepare a statement on the internal verification.

VBrick collects Personal Data from Customers when they purchase its products, register with VBrick’s website, log-in to their account, complete surveys, request information or otherwise communicate with VBrick. For example, Customers’ Personal Data may be disclosed to VBrick when a Data Subject is registered or otherwise set up to receive VBrick subscription services, or when a Data Subject seeks live support or posts comments to a VBrick message board.

The Personal Data that VBrick collects depends on the Data Subject’s, or Customer’s, interaction with VBrick’s website and use of VBrick services.  VBrick typically collects the following types of Personal Data: contact information, including, a contact person’s name, work email address, work mailing address, work telephone number, title, and company name.

The Personal Data that VBrick collects from Customers is primarily used for login verification, reporting, invoicing, renewals, and other operations related to providing services and products to the Customer.  For certain products, VBrick serves as a software subscription provider, and as such, may enable Customer to use VBrick’s software to store, manage, record, encrypt, and stream Customer video data.  In some cases, such video data may contain Personal Data, unbeknownst to VBrick. In such cases, VBrick may host and store such video data, while only the Customer dictates the disclosure of the video data to Third Parties.  VBrick will only allow its software and hosting services to disclose such video data via Customers’ operation of the VBrick software or at the explicit direction of the Customer.


Except as otherwise provided herein, VBrick may disclose Personal Data only to Third Parties who act as agents, consultants, and contractors to perform tasks on behalf of and under VBrick’s instructions and who reasonably need to receive such data solely to assist VBrick to meet its obligations to the Customer.  For example, VBrick may store such Personal Data in a data storage facility operated by Third Parties. Such Third Parties must (i) agree to abide by confidentiality obligations consistent with the Principles, (ii) agree to use such Personal Data only for the purposes for which they have been engaged by VBrick and (iii) either:

  1. comply with the Privacy Shield principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Data; or
  2. agree to provide adequate protections for the Personal Data that are no less protective than those set out in this Privacy Policy.

Notwithstanding the foregoing, note the following exceptions:

  1. When a Data Subject has consented to or requested disclosure of Personal Data to any Third Party, VBrick also may effect such disclosure.
    1. VBrick may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including requests to meet national security or law enforcement requirements.

VBrick is liable for appropriate onward transfers of personal data to Third Parties.


VBrick does not collect Sensitive Data from its Customers.


VBrick shall take reasonable actions to ensure the confidentiality of Personal Data, including physical and technical safeguards to protect Personal Data from misuse, unauthorized access, or disclosure. All electronically stored Personal Data is stored on a secure network with firewall protection, and access to such Personal Data requires user authentication via password. VBrick also limits the scope of employees who have access to Customer Personal Data with physical and electronic access restrictions.  As well, VBrick uses secure encryption technology to protect Customer Personal Data.  Despite these precautions, data security safeguards cannot guarantee error-free security all of the time.


VBrick shall notify Customers regarding its compliance with the Principles through its publicly posted website, available at: and shall get approval and agreement to the Privacy Policy from each Customer during the contractual process.


VBrick Employees may access and use Personal Data if they are authorized to do so and solely for the purpose for which they are authorized.


Right to Access. Each Customer has the right to know the Personal Data in VBrick’s possession and to be able to confirm that such Personal Data is correct and pertinent to the purpose for which it was disclosed to VBrick. Customers may review their Personal Data as possessed by VBrick and amend, delete, or restrict any portion of such data that is inaccurate, per VBrick policies and applicable law. As reasonably requested by a Customer and required by the Principles, VBrick shall grant Customers access to their Personal Data, in order to enforce this provision.

Data Subjects may edit their Personal Data themselves by logging into their account profile, or by contacting VBrick by email at [email protected]. In making modifications to their Personal Data, Data Subjects must provide only complete and accurate information. Data Subjects should submit a written request to VBrick at [email protected] in order to have their Personal Data erased.  In some cases, VBrick is fed the Personal Data from the applicable Customer and the Data Subject may need to coordinate desired modifications or deletions of the Personal Data with such Customer.

Requests for Personal Data. VBrick will monitor the following and provide notice to the appropriate Data Subjects and Customers when either (a) a representative of law enforcement makes a legally enforceable request for the Personal Data of the applicable Data Subject; or (b) the applicable Data Subject requests their own Personal Data.  If VBrick receives a request for Personal Data from a Customer VBrick will refer the Customer to the applicable Data Subject, unless otherwise required by law or binding agreement with such Customer.

Satisfying Requests for Access and Changes. VBrick will strive to address all reasonable written requests to access, edit or delete Personal Data in a timely manner.


This Privacy Policy, which may be amended from time to time, is consistent with the Principles and applicable laws. VBrick will make all VBrick Employees aware of any changes to the Privacy Policy via email, intranet postings, or other internal communications.   VBrick will notify Customers of any material changes to this Privacy Policy or to the manner VBrick handles collected Personal Data, allowing Customers to choose whether their Personal Data may be used in such materially different manner.


Customers in the EU may contact VBrick with questions or concerns regarding this Privacy Policy at [email protected].


All VBrick Employees who deal with Personal Data from Europe and Switzerland shall comply with this Privacy Policy and the Principles stated herein.

VBrick shall address and resolve all questions or concerns about privacy and its collection and use of Personal Data In compliance with the Principles.   If VBrick fails to acknowledge a question or concern submitted per this Privacy Policy, or such question or complaint is unsatisfactorily addressed by VBrick, Customer in the EU (including Switzerland) may bring a complaint before the independent dispute resolution mechanism operated by the American Arbitration Association (“AAA”). Information about how to file a EU Shield privacy complaint before the AAA can be found at:  Also, in some situations, and as a last resort, Customers in the EU may seek resolution and assistance from the binding arbitration mechanism of the EU Privacy Shield Panel.

In any conflict between this Privacy Policy and the Principles, the Principles shall govern. To learn more about the Privacy Shield program, and to view VBrick’s certification page, please visit  The Federal Trade Commission (FTC) has jurisdiction over compliance with the Privacy Shield.

Go to Top