The European Union Directive 95/46/EC defines “Personal Data” as data that personally identifies or may be used to personally identify a person, including an individual’s name in combination with country of birth, marital status, emergency contact information, salary information, terms of employment, job qualifications (such as educational degrees), address, phone number, e-mail address, user ID, password, and identification numbers (but excludes data that is de-identified, anonymous, or publicly available). As applied to Switzerland, “person” can mean either a natural person or a legal entity, regardless of the legal entity’s form.
In compliance with the Privacy Shield Principles, VBrick commits to resolve complaints about our collection or use of your personal information. EU individuals with inquiries or complaints regarding our Private Shield policy should first contact VBrick at [email protected]. VBrick has further committed to refer unresolved Privacy Shield complaints to the ICDR/AAA, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit https://www.icdr.org/ for more information or to file a complaint. The services of ICDR/AAA are provided at no cost to you. Under this program, VBrick is open to, under certain conditions, binding arbitration.
VBrick is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC) for the matters covered herein, and is subject to liability in cases of unlawful onward transfers to third parties of your information. Notwithstanding anything herein, VBrick may be compelled to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
As a summary, please note the following answers to frequently asked questions:
What type of third parties does VBrick disclose personal information, and what is the purposes for which it does so is?
We do not disclose personal information to any third party at this point. It is entirely kept in our system for the sole use of our customer and for our own use to maintain the system.
What rights do you have to access your personal data?
Personal information that is stored with VBrick is either put there by your employer or by you personally. In the first case, it would be your employer’s responsibility to grant access according to their process, and in the latter the information should be accessible by simply logging into your account.
What are the choices and means VBrick offers individuals for limiting the use and disclosure of their personal data?
VBrick makes very minimal use of your personal data (only last name and email are required with a security question), primarily used for user logins only. Any other data stored in VBrick’s system is either put there by you or your employer. There is no need for the information provided to actually match any real information on a user.
“Customer” means an individual VBrick customer from EU or Switzerland, as well as any other individual, employee, end user, agent, or representative whose Personal Data VBrick has obtained from such Customer as part of its business relationship with VBrick.
“Data Subject” means a natural living person, who can be identified directly or indirectly by name or other factors unique to their person, including without limitation economic, physical, psychological, or social characteristics. For Customers residing in Switzerland, a Data Subject also may include a legal entity.
“Europe” or “European” refers to a country in the European Union.
“Sensitive Data” means Personal Data that discloses a Data Subject’s medical or health condition, sexual orientation, race or ethnicity, political, religious or philosophical affiliations or opinions, or trade union membership.
“Third Party” means any individual or entity that is neither VBrick nor a VBrick Employee.
“VBrick Employee” means an employee (whether temporary, permanent, part-time, or contract), agent or independent contractor of VBrick or any of its affiliates or subsidiaries.
- RESPONSIBILITIES AND MANAGEMENT
III. RENEWAL / VERIFICATION
- Confirm that the complaint process and any independent dispute resolution process have been made available to Customers, by methods such as web site or contractual clauses.
- Prepare a statement on the internal verification.
- COLLECTION AND USE OF PERSONAL DATA
VBrick collects Personal Data from Customers when they purchase its products, register with VBrick’s website, log-in to their account, complete surveys, request information or otherwise communicate with VBrick. For example, Customers’ Personal Data may be disclosed to VBrick when a Data Subject is registered or otherwise set up to receive VBrick subscription services, or when a Data Subject seeks live support or posts comments to a VBrick message board.
The Personal Data that VBrick collects depends on the Data Subject’s, or Customer’s, interaction with VBrick’s website and use of VBrick services. VBrick typically collects the following types of Personal Data: contact information, including, a contact person’s name, work email address, work mailing address, work telephone number, title, and company name.
The Personal Data that VBrick collects from Customers is primarily used for login verification, reporting, invoicing, renewals, and other operations related to providing services and products to the Customer. For certain products, VBrick serves as a software subscription provider, and as such, may enable Customer to use VBrick’s software to store, manage, record, encrypt, and stream Customer video data. In some cases, such video data may contain Personal Data, unbeknownst to VBrick. In such cases, VBrick may host and store such video data, while only the Customer dictates the disclosure of the video data to Third Parties. VBrick will only allow its software and hosting services to disclose such video data via Customers’ operation of the VBrick software or at the explicit direction of the Customer.
- DISCLOSURES / ONWARD TRANSFERS OF PERSONAL DATA
Except as otherwise provided herein, VBrick may disclose Personal Data only to Third Parties who act as agents, consultants, and contractors to perform tasks on behalf of and under VBrick’s instructions and who reasonably need to receive such data solely to assist VBrick to meet its obligations to the Customer. For example, VBrick may store such Personal Data in a data storage facility operated by Third Parties. Such Third Parties must (i) agree to abide by confidentiality obligations consistent with the Principles, (ii) agree to use such Personal Data only for the purposes for which they have been engaged by VBrick and (iii) either:
- comply with the Privacy Shield principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of Personal Data; or
Notwithstanding the foregoing, note the following exceptions:
- When a Data Subject has consented to or requested disclosure of Personal Data to any Third Party, VBrick also may effect such disclosure.
- VBrick may be required to disclose an individual’s personal information in response to a lawful request by public authorities, including requests to meet national security or law enforcement requirements.
VBrick is liable for appropriate onward transfers of personal data to Third Parties.
- SENSITIVE DATA
VBrick does not collect Sensitive Data from its Customers.
VII. DATA INTEGRITY AND SECURITY
VBrick shall take reasonable actions to ensure the confidentiality of Personal Data, including physical and technical safeguards to protect Personal Data from misuse, unauthorized access, or disclosure. All electronically stored Personal Data is stored on a secure network with firewall protection, and access to such Personal Data requires user authentication via password. VBrick also limits the scope of employees who have access to Customer Personal Data with physical and electronic access restrictions. As well, VBrick uses secure encryption technology to protect Customer Personal Data. Despite these precautions, data security safeguards cannot guarantee error-free security all of the time.
- ACCESSING PERSONAL DATA
VBrick Employees may access and use Personal Data if they are authorized to do so and solely for the purpose for which they are authorized.
- RIGHT TO ACCESS, CHANGE OR DELETE PERSONAL DATA
Right to Access. Each Customer has the right to know the Personal Data in VBrick’s possession and to be able to confirm that such Personal Data is correct and pertinent to the purpose for which it was disclosed to VBrick. Customers may review their Personal Data as possessed by VBrick and amend, delete, or restrict any portion of such data that is inaccurate, per VBrick policies and applicable law. As reasonably requested by a Customer and required by the Principles, VBrick shall grant Customers access to their Personal Data, in order to enforce this provision.
Data Subjects may edit their Personal Data themselves by logging into their account profile, or by contacting VBrick by email at [email protected]. In making modifications to their Personal Data, Data Subjects must provide only complete and accurate information. Data Subjects should submit a written request to VBrick at [email protected] in order to have their Personal Data erased. In some cases, VBrick is fed the Personal Data from the applicable Customer and the Data Subject may need to coordinate desired modifications or deletions of the Personal Data with such Customer.
Requests for Personal Data. VBrick will monitor the following and provide notice to the appropriate Data Subjects and Customers when either (a) a representative of law enforcement makes a legally enforceable request for the Personal Data of the applicable Data Subject; or (b) the applicable Data Subject requests their own Personal Data. If VBrick receives a request for Personal Data from a Customer VBrick will refer the Customer to the applicable Data Subject, unless otherwise required by law or binding agreement with such Customer.
Satisfying Requests for Access and Changes. VBrick will strive to address all reasonable written requests to access, edit or delete Personal Data in a timely manner.
XII. QUESTIONS OR COMPLAINTS
XIII. ENFORCEMENT AND DISPUTE RESOLUTION