VBrick Systems, Inc. along with its subsidiaries, including VBrick Systems UK LTD (collectively “VBrick,” “we,” “our,” or “us”), provides this privacy notice to describe how we collect, use, process, and share the information, including information about our business partners and visitors to our site www.vbrick.com (“Site”), or information we obtain from individuals interact with VBrick employees offline.
1. Information Collection
VBrick collects information, including Personal Data, defined as information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household that is processed for or on behalf of VBrick, as it performs its services on your behalf.
Through the Site, we collect (1) an Internet protocol address (IP address); (2) information collected by cookies and similar technologies; and (3) any other personal data provided by you when you visit our Site. See the Digital Advertising & Analytics section of this privacy notice to learn more about the use of this information and the choices available to you. If you register on our Site, we collect any personal data you submit through registration including your name, email address, phone number, and company affiliation. By registering on our Site, the IP address, date, and time of the registration are also collected.
If you contact VBrick through the Site or through other forms of communication such as email, we collect the personal data you submit. If you apply for employment with VBrick, we collect the personal data you submit during the application process.
During offline interactions with VBrick employees, we collect any personal data you provide, such as your name, contact information, business information, and any other personal information you provide, including through the provision of identification cards such as business cards.
The provision of personal data is sometimes required by law, for example in the case of tax regulations, and at other times is a result of a contractual requirement. You may be required to provide personal data, for example in a case where VBrick signs a contract with you, and the non-provision of personal data could, in certain circumstances, prevent a transaction from concluding.
2. Information Use
We use Personal Data as necessary for the performance of our Site and services, to meet legal and contractual obligations, and to improve our services (including for example, to understand how our services are used, to learn how best to dedicate resources more efficiently, to provide effective customer service, and to best protect your use of our Site and services.
VBrick does not sell your Personal Data for the intents and purposes of the California Consumer Privacy Act (CCPA) and certifies that it will not use, or otherwise disclose, the Personal Data for any purpose other than for the specific purpose of performing the services you purchased from us, or as otherwise required by law.
Specifically, we use your personal data for the following purposes:
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
- To deliver the content of our Site, including to optimize the content of our Site as well as its advertisements, and recognize Site visitors;
- To deliver products and services you request;
- To respond to your inquiries, or contact you as you request;
- To advertise and market our products and services;
- To explore entering into business transactions or finalizing business transactions;
- To process employment applications;
- To ensure the long-term viability of our information technology systems and website technology;
- To prevent the misuse of our services, and, if necessary, to make it possible to investigate potential offenses, including to provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack;
- As required by VBrick to enable our business, including for analytics purposes;
- For VBrick’s internal business purposes;
- To protect the security of our interests, including our premises, assets, and systems;
- To comply with the law; and/or as otherwise disclosed at the time personal data is collected.
We do not use automatic decision-making or engage in profiling.
Where we intend to process your personal data for a purpose other than the purpose for which it was collected, we will provide you with information regarding the purpose for the processing, as well as other relevant information, prior to processing your personal data for the new purpose.
3. Information Sharing
We share your personal data with third parties, including the following:
- With other companies affiliated with VBrick for purposes related to VBrick’s business;
- With third parties performing services for the benefit of VBrick, such as email service providers and data storage providers working for VBrick; and
- As required by law.
We may share information that has been anonymized or aggregated without limitation.
4. Digital Advertising & Analytics
We may partner with ad networks and other ad serving providers (“Advertising Providers”) that serve ads on behalf of us and others on non-affiliated platforms. Some of those ads may be personalized, meaning that they are intended to be relevant to you based on information Advertising Providers collect about your use of the Site and other sites or apps over time, including information about relationships among different browsers and devices. This type of advertising is known as interest-based advertising.
We may also work with third parties that collect data about your use of the Site and other sites or apps over time for non-advertising purposes. VBrick uses Google Analytics and other third-party services to improve the performance of the Site and for analytics and marketing purposes. For more information about how Google Analytics collects and uses data when you use our Site, visit https://www.google.com/policies/privacy/partners/, and to opt out of Google Analytics, visit https://tools.google.com/dlpage/gaoptout/.
5. International Visitors
This section applies to residents of the European Union that visit our Site or interact with us offline.
Lawful Basis for Processing
On certain occasions, we process your personal data when it is necessary for the performance of a contract to which you are a party, such as to supply goods or provide services to you. We may also process your personal data to respond to your inquiries concerning our products and services.
On other occasions, we process your personal data where required by law, such as for the fulfillment of tax obligations. We may also process your personal data if necessary to protect your interests or the interests of a third party.
Additionally, we process your personal data when necessary to do so for direct marketing purposes, such as for company newsletters, monthly product releases, maintenance updates and press releases, but to the most minimal extent necessary to honor your data protection rights. Where we process your personal data for this purpose, our legitimate interest is to carry out our business in favor of the well-being of all our employees and the shareholders.
If the processing of personal data is necessary and there is no statutory basis for such processing, we will generally obtain consent from you. You have the right to withdraw your consent to processing of personal data at any time.
If you wish to exercise the right to withdraw consent, contact our Data Protection Officer or any VBrick employee.
Transfers of Personal Data
We transfer personal data to the United States and participate in the EU – U.S. Privacy Shield. You can review a copy of VBrick’s Privacy Shield self-certification at privacyshield.gov.
You have a right to the following:
- To request access to the personal data we hold about you;
- To request that we rectify or erase your personal data;
- To request that we restrict or block the processing of your personal data;
- Under certain circumstances, to receive personal data about you that we store and transmit to another without hindrance from us, including requesting that we provide your personal data directly to another, i.e., a right to data portability; and
- Where we previously obtained your consent, to withdraw consent processing your personal data.
All requests will be dealt with at the earliest opportunity. There are exceptions to these rights, however. For example, access to personal data may be denied in some circumstances if making the information available would reveal personal information about another person or if VBrick is legally prevented from disclosing such information. In addition, VBrick may be able to retain data even if you withdraw your consent where VBrick can demonstrate that it has a legal requirement to process your data.
To exercise these rights, contact our Data Protection Officer. See the “Contact” section below.
Additionally, you have the right to lodge a complaint against us. To do so, contact the supervisory authority in your country of residence.
6. Third-Party Links and Tools
The Site may provide links to third-party websites or apps, including news and other content aggregation services. We do not control the privacy practices of those websites or apps, and they are not covered by this privacy notice. You should review the privacy notices of other websites or apps that you use to learn about their data practices.
The Site may also include integrated social media tools or “plug-ins,” such as social networking tools offered by third parties. If you use these tools to share personal information or you otherwise interact with these features on the Site, those companies may collect information about you and may use and share such information in accordance with your account settings, including by sharing such information with the general public. Your interactions with third-party companies and your use of their features are governed by the privacy notices of the companies that provide those features. We encourage you to carefully read the privacy notices of any accounts you create and use.
VBrick has implemented technical and organizational measures to ensure commercially reasonable protection of personal data. However, Internet-based data transmissions may in principle have security gaps, so absolute protection is not guaranteed.
We will process and store your personal data only for the period necessary to achieve the purpose of the storage, or as permitted by law. The criteria used to determine the period of storage of personal data is the respective statutory retention period or the data retention terms of your agreement with us. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfillment of the contract or the initiation of a contract. If you would otherwise like your persona data purged from our systems, please contact email@example.com.
9. Your Choices
To change your contact information or communication preferences, please contact us through the methods provided in the “Contact” section below.
If we decide to change our privacy notice, we will post these changes on this page. We encourage you to visit this page periodically to learn of updates.
If you have questions, comments, or concerns about this privacy notice, please contact us, in our role as data controller, at firstname.lastname@example.org.
VBrick Systems, Inc.
607 Herndon Parkway
Herndon, VA 20170
Last Updated January 2020
The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
ACCEPTABLE USE POLICY
This Acceptable Use Policy (“AUP”) establishes what behavior is prohibited for any licensed customer’s user (“User”) of Vbrick’s systems, network, and related services (including without limitation access and use of subscription Rev and DMEs) (“the Vbrick System”).
Illegal or Improper Use
Users may not use (or encourage, promote, facilitate or instruct others to use) the Vbrick System for the transmission (including uploading to and streaming from the Vbrick System) or storage of content, images, or video, which:
- are harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another’s privacy, harmful to minors, hateful, or racially, ethnically or otherwise objectionable;
- the User does not have a right to transmit under any law or under contractual or fiduciary relationships (such as inside information, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
- infringes any patent, trademark, trade secret, copyright or other proprietary rights of any party;
- constitutes unsolicited or unauthorized advertising, including without limitation, promotional materials, “junk mail,” “spam,” “chain letters,” or “pyramid schemes”;
- by doing so violates any laws or regulations, including export control laws; or
- by doing so may subject Vbrick to criminal or civil liability, with such being solely determined by Vbrick.
Users shall not take any of the following actions without Vbrick’s express authorization:
- Seeking access to or use of another party’s data or any part of the Vbrick System not contemplated by the User’s applicable license(s);
- Any attempt to probe, scan or test the vulnerability of the Vbrick System or to breach security or authentication measures;
- Monitoring of data or traffic on the Vbrick System not contemplated by the User’s applicable license(s);
- The rebroadcasting of non-User media, such as television network and third-party internet feeds without appropriate third party consents;
- Falsification of Origin, including without limitation the forging of TCP-IP packet headers or any part of a message or transmission describing its origin or route, except that this prohibition does not include the use of aliases;
- Load or stress testing any part of the Vbrick System;
- Denial of service activities such as inundating a target with communications requests so the target either cannot respond to legitimate traffic or responds so slowly that it becomes ineffective; or
- Intentional interference with or overloading of any part of the Vbrick System, or service to any other User, including without limitation by mail bombing, news bombing, broadcast attacks, or flooding techniques.
Use, Bandwidth, and Storage:
- Content delivery network (“CDN”) publishing points are provisioned by Vbrick for the express purposes of supporting video distribution by the Vbrick System of webcast events and associated testing to named, anonymous, and consumption based Users. Streaming to CDN publishing points outside of production webcasting and webcast testing, including without limitation any use outside of the Vbrick System is prohibited, including without limitation any form of continuous streaming, such as video surveillance or IPTV applications.
- Video on Demand (“VOD”) CDN integrations are provided by Vbrick for the express purpose of enabling recorded video distribution by the Vbrick System for named, anonymous, and consumption based Users. Use of VOD CDN integrations for caching outside of the Vbrick System is prohibited.
- If a User’s license includes unlimited CDN streaming for named users, such usage shall be limited to live streaming events, VOD, and any other uses reasonably contemplated by the User’s applicable license(s). . Continuous streaming use, including without limitation streaming for digital signage, IPTV, surveillance, and any form of constant playback from cloud CDN is prohibited.
- Any cloud storage provided by Vbrick is limited per the User’s license purchase and the User is responsible for reducing usage or purchasing more storage as needed.
Vbrick may notify User of actions they have taken which breach the terms of this AUP and any such violation of this AUP may result in immediate suspension of termination of all services, including without limitation use of the Vbrick System, with no liability to Vbrick.
Vbrick may notify User of actions they have taken (intentionally or inadvertently) which expose a previously unidentified vulnerability or opportunity for exploitation of the Vbrick System not contemplated by this AUP or the User’s applicable license(s) (“New Vulnerability”). If User is asked to desist in actions regarding a New Vulnerability, they must do so until such New Vulnerability has been addressed by Vbrick. Any violation of such a request to desist in such actions regarding a New Vulnerability by a User after such a request may result in (a) immediate suspension of termination of all services, including without limitation use of the Vbrick System, with no liability to Vbrick and (b) additional service charges being owed to Vbrick by the User, equaling no less than additional costs incurred by Vbrick as a result of the use or exploitation of the New Vulnerability by the User.
Violations of network security are prohibited, and may result in criminal and civil liability. Vbrick investigates all such incidents and will involve and cooperate with law enforcement for any potential criminal violations.
Vbrick reserves the right to modify the AUP at any time, effective upon posting of the modified AUP to the Vbrick website.
For complaints regarding illegal use or system or network security issues, please contact Vbrick at email@example.com.
What is GDPR?
On May 25, 2018, the EU General Data Protection Regulation (GDPR) became law in EU Member States and governs the processing ofEU personal data.
The GDPR replaces the existing patchwork of national data protection laws in EU Member States and brings a degree of consistency to the data protection landscape in Europe. GDPR includes the well-recognized privacy principles of transparency, fairness, and accountability. The GDPR also adopted a risk-based approach that balances individual rights with participation in the global digital economy.
VBrick Commitment to GDPR as a Data Processor
Security: VBrick data protection and security processes have been developed based on NIST 800-53 revision 4 and are regularly subjected to third-party audits and testing for security, confidentiality, availability, processing integrity, and privacy controls. VBrick allows customers to manage and control their users’ access to Workday application via role-based access.
Cross-border data flows: The GDPR continues to allow the flow of personal data across country borders, and includes provisions ensuring existing data transfer mechanisms remain valid going forward. VBrick customers may leverage VBrick’s EU Privacy Shield Certification or sign model contractual clauses with VBrick to legitimize their cross-border data flows.
Privacy impact assessments (PIAs): The GDPR requires PIAs for many types of data processing. VBrick’s privacy team regularly and methodically conducts PIAs on features, technology, third party on boarding, and operations related to our service. While we do not anticipate any significant changes to our already-thorough existing methods, our privacy team continues to monitor the GDPR to help ensure our PIAs fulfill any new requirements.
Security breaches: The GDPR introduces new notification rules for security breaches that result in a variety of harms to individuals. VBrick has a formal internal incident response plan in place that aligns with these notification requirements.
Helping our Customers as Data Controllers
In addition to VBrick’s own compliance obligations under the GDPR as a processor of customers’ personal data, VBrick also assists our customers in meeting their obligations as data controllers under the GDPR in a variety of ways. Here are some highlights.
Data purging: To support customers’ compliance with the Right to be Forgotten, VBrick offers a wide range of functionality and services to delete and purge data.
Access rights: VBrick offers role based features to help customers comply with access rights under the GDPR.
Activity logging: To help customers protect personal data against security threats, VBrick can log activity for each account. That includes successful logins and failed attempts as well as changes or additions to data by our customers and their end users. This will also help customers demonstrate access monitoring and oversight, displaying a high level of compliance assurance.
A list of Vbrick Rev data subprocessors is posted here: https://www.vbrick.com/ca/DPAsubs