Last updated April 14, 2022
What information we collect
In order to provide you with the Services, we must collect information including personally identifiable data (“Personal Information”).
The Personal Information we collect includes the following categories:
- Contact information: first and last name, username, alias, mailing address, home/business address, email and phone number;
- Other identifying information: unique personal identifiers such as Social Security number, driver’s license, state identification card number, passport number or similar identifiers, social media usernames, passwords and other security information for authentication and access, physical characteristics or description, medical information or health insurance information; billing details, main contact persons, business needs and preferences; and videos and photos;
- Demographic information: gender, age, employment information and salary information;
- Financial Information: though we do not collect credit card or debit card numbers, we do collect bank account information and other financial information such as the four last digits of your credit card; transactions associated with your use of the Services, including the transaction ID, transaction category and type, merchant name, amount, currency, date, and location;
- Geolocation data;
- Internet and other electronic activity: IP address, browser type, search and click history; navigation within and use of our Websites and Services;
- Commercial information: products or services you offer or purchase using the Services;
- Inferences drawn from the categories described above in order to create customized Services to reflect your preferences, characteristics and behavior; and
- Free Text: Personal Information you provide us in an email/chat/text messaging or any other free-text entry box, either as part of your account or as part of any use the Services while connecting with other Users.
How we collect information
We collect Personal Information you provide us from your use of the Services, from any interaction between you and us and from other sources, all as further described below:
1. Information you provide us
- When you register as a Customer, use the Services or purchase an App on our App Market you will be required to provide us with information. To the extent applicable, such details will be provided by using your social network account (e.g. connecting your Facebook or Google account to our Services).
- When communicating with us through support tickets, emails and recorded calls you participate in.
- Unsolicited information you provide us through the Services or through any other means, for example by posting to any public areas and other unsolicited submissions, will be accessible to others and will not be treated as confidential.
Please use caution when providing information to us and avoid any involuntary disclosure of Personal Information related to you, or to others without their consent.
2. Information we collect when you use our Services or from third parties
- Third-Party Services: when you link certain third-party services (e.g., Gmail, Outlook Calendar) to your account or when you otherwise interact with these services through or in connection with our Services you allow us to receive certain personal information retained by such third-party services.
- Social Platforms: social platforms give us automatic access to certain personal information retained by these social networks about you. This will include Facebook sign-in, Google sign-in and information from your public profile. In some cases, we will collect Personal Information from lead enhancement companies which help us to improve our service offering. You control the Personal Information you allow us to have access to through the privacy settings on the applicable social platforms and the permissions you give us when you grant us access to the Personal Information retained by the respective social platforms about you.
- Third-Party Service Providers: from third party services provider such as (i) analytics software and communication providers; (ii) security providers, fraud detection and prevention providers helping us for example to screen out Users associated with fraud; and (iii) advertising and marketing partners in order to monitor, manage and measure our ad campaign; all who have assured us that they have either obtained your consent for the provision of such information or that you have freely and publicly provided such information yourself.
- Non-Identifiable Information: when you interact with vcita through the Services, we receive and store certain personally non-identifiable information. Such information, which is collected passively using various technologies, cannot presently be used to specifically identify you. We will store such information ourselves or such information will be included in databases owned and maintained by our affiliates, agents or service providers. Our Services will use such information and pool it with other information. It is important to note that no Personal Information is available or used in this process.
- Aggregated Personal Information: Iin an ongoing effort to better understand and serve our Users, we often conduct research on our Users’ interests and behavior based on the Personal Information and other information provided to us, including through third party service providers. This research will be compiled and analyzed on an aggregate basis, and vcita will share this aggregate data with its affiliates, agents and business partners. This aggregate information does not identify you personally.
How we use Personal Information related to you
We will use information that we collect about you for the following purposes:
- to provide and operate the Services;
- to determine and ascertain accounts, verify User identity;
- to process payments for you;
- to personalize the Services, customize your user experience with the Services, communicate with you and enable you to retrieve information related to you;
- to develop, improve, customize and provide maintenance to the Services, the experience of other Users and the offerings available through the Services;
- to be able to contact you for the purpose of providing technical assistance and support, to handle requests and complaints, and to collect feedback in connection with our performance of the Services;
- to send you updates, notices, announcements, and additional information related to the Services;
- to comply with any applicable laws and regulations;
- to analyze our performance and marketing activities;
- to use the information to create statistical, aggregated or anonymous data which will be used at our discretion for any purpose; and
- to allow us, and our selected third parties, to provide you with personalized interest based advertisements, which will be served either on the Services and/or on other websites, apps, and services, and to better understand your activity.
Use of your Google data
- vcita uses Google OAuth in order to get access to your Google data as part of your registration to certain Services and if you choose to synchronize your Google Calendar or your Google Contacts with our Service.
- vcita also uses Google OAuth when you use WiseStamp Service with Gmail via Gmail API where you will be required to link your account with one or more of your e-mail accounts (e.g. Gmail), and permit our WiseStamp Services to automatically update your signature settings with the WiseStamp Service generated content.
- In this respect please note that our use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements. The specific access and use privileges requested are displayed in the notice which appears during the account linking process. Please read this notice carefully, and make sure that you understand which privileges are granted and what information you make available to us by linking your Google account.
- Necessary to Perform a Contract: we collect and process Personal Information related to you in order to provide you with the Services.
- With your consent: we ask for your agreement to process Personal Information related to you for additional specific purposes, and you have the right to withdraw your consent at any time.
Who we share Personal Information with and how
- Service Providers: we use third party service providers whose services and solutions complement, facilitate and enhance our Services, and who have confirmed that their privacy practices are consistent with ours. Some examples of such third-party service providers will include hosting and data storage services, maintenance and management services, marketing and promotions, cyber security services, billing and payment processing services, web analytics, text messaging and monitoring services, session recording and remote access services, performance measurement, data optimization, content providers, and others (“Service Providers”). We only provide our Service Providers with the information necessary for them to perform these services on our behalf and each Service Provider must agree to use reasonable security procedures and practices and are prohibited from using Personal Information other than as specified by us.
- Change in Corporate Control: in the event vcita or any of its affiliates undergo any change in control, including by way of merger, acquisition or purchase of substantially all of its assets or shares, Personal Information related to you will be shared with the parties involved in such transaction.
- Legal Requirements: we will disclose Personal Information related to you and any other information about you to government or law enforcement officials or private parties if we will be required to do so by law or if we believe in good faith that it is necessary or appropriate in order to (i) comply with a legal obligation; (ii) protect and defend our rights or properties; (iii) act in urgent circumstances to protect the personal safety of Users of the Services or the public; or (iv) protect against legal liability.
Where do we hold/transfer Personal Information
Our subsidiary, vcita Systems Ltd. which provides us with certain services is located in Israel which is considered by the European Commission to be offering an adequate level of protection for the Personal Information of EU Member State residents.
Additionally to the USA and Israel, we process information in multiple locations, including without limitation, the Ukraine, the Philippines and other territories. Such countries may be different from the country in which Personal Information related to you originated and where data protection laws are not equivalent to, or offer the same protection as, those in your country. By using our Services, you agree to any such transfers.
Our affiliates and Service Providers who store and process Personal Information on our behalf are contractually committed to keep it protected and secured, in accordance with industry standards and regardless of any lesser legal requirements which applies in their jurisdiction.
Transfer of EU Personal Information: If you are located in the EU, when we transfer Personal Information related to you to the United States or anywhere outside Europe, we will make sure that (i) there is a level of protection deemed adequate by the European Commission; or (ii) that the relevant Standard Contractual Clauses approved by the European Commission or other suitable safeguards are in place to manage such data transfers and protect the privacy and security of information related to you; all in accordance our Data Processing Addendum.
vcita will collect, store and process certain Personal Information of Clients (“Client Personal Information”), solely on our Customer’s behalf and at their direction and further serves as “Processor” rather than a “Controller” (as such terms are used by the European Union General Data Protection Regulation (“GDPR”)) with respect to such Client Personal Information.
Customers are considered as “Controllers” of such Client Personal Information and are responsible for complying with all laws and regulations that will apply to the collection and control of such Client Personal Information, including all privacy and data protection laws of all relevant jurisdictions.
vcita cannot provide legal advice to Customers or Clients, however we do recommend you as a Customer to publish and maintain clear and comprehensive privacy policies on your website or Client Portal in accordance with any applicable laws and regulations, and that all Clients carefully read those policies and make sure that they understand and, to the extent required by applicable law, consent to them.
The processing and transfer of Client Personal Information subject to GDPR will be in accordance our Data Processing Addendum.
If you are a Client of any of our Customers please note:
Third party links
We take great care in implementing and maintaining the security of our Services and our Users’ Personal Information. vcita employs industry-standard procedures and policies to ensure the security of its Users’ Personal Information and to prevent unauthorized access, disclosure or alteration of any such information. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centers and information access authorization controls as will be found here. We also regularly monitor our systems for possible vulnerabilities and attacks, and regularly seek new ways to further enhance the security of our Services and protection of our Users’ privacy.
However, we cannot guarantee absolute protection and security and that unauthorized access will never occur. We encourage you to set strong passwords to your account and avoid providing us or anyone with any sensitive Personal Information of which you believe its disclosure could cause you substantial or irreparable harm.
Job applicants’ information
Privacy Notice for California Residents
1. Access to Specific Information and Data Portability Rights
You have the right to request that we disclose to you certain information about our collection and use of Personal Information related to you over the past 12 months. After verifying your request, we will disclose to you:
- The categories of Personal Information we collected about you;
- The categories of sources for the Personal Information we collected about you;
- Our business or commercial purpose for collecting that Personal Information;
- The categories of third parties with whom we share that Personal Information;
- The specific pieces of Personal Information we collected about you;
- If we disclosed Personal Information related to you for a business purpose, we will provide you with a list which will identify the Personal Information categories that each category of recipient obtained.
2. Deletion Rights
You have the right to request that we delete any of Personal Information related to you. Upon confirmation of your request, we will delete Personal Information related to you from our records, unless an exception applies.
3. Exercising Your Rights
To exercise the access, data portability, and deletion rights described above, please submit your request by sending an email to vcita.com/contact.
Only you or a person authorized to act on your behalf, will make a request related to Personal Information related to you. You will also make a verifiable consumer request on behalf of your minor child.
A request for access can be made by you only twice within a 12-months period. We cannot respond to your request or provide you with the requested Personal Information if we cannot verify your identity or authority to make the request and confirm the Personal Information relates to you. We will only use the Personal Information provided in your request to verify your identity or authority to make the request.
We will do our best to respond to your request within 45 days of its receipt. If we require more time (up to additional 45 days), we will inform you of the reason and extension period in writing. We will deliver our written response by email. Any disclosures that we provide will only cover the 12-month period preceding receipt of your request. The response we provide will also explain the reasons for our inability to comply with your request, if applicable.
We do not charge a fee to process or respond to your request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will inform you of the reasons for such decision and provide you with a cost estimate before processing further your request.
We do not discriminate against any User for exercising their rights under the CCPA.
Some web browsers offer a “Do Not Track” (“DNT”) signal. A DNT signal is an HTTP header field indicating your preference for tracking your activities on our services or through cross-site user tracking. Our Websites do not respond to DNT signals.
Communication from vcita
vcita will contact you with information regarding our Services or your use thereof. For example, we will notify you (through any of the means available to us) of changes or updates to our Services, including changes to our Terms of Service, transactions performed, payment issues, service maintenance, etc. It is important that you are always able to receive such messages and for this reason, you will not be able to opt-out of receiving such service messages.
Promotional and Surveys Messages
In addition to communications that are an inherent part of our Services, occasionally we will also use your contact information to contact and notify you about new related services and special opportunities or promotions we think you will find valuable and will also contact you in connection with surveys we conduct with respect to our Services, either on our own behalf or on behalf of our partners. We will contact you through e-mail, push notifications, through notices on the Services themselves or through any other contact methods available to us, including with the help of our service providers.
If you do not wish to receive such promotional messages or calls, you will notify vcita at any time or follow the “unsubscribe” or “stop” instructions contained in the promotional communications you receive.
At any time you can opt out of vcita’s mailing lists, by sending us a removal request to vcita.com/contact, or, with respect to WiseStamp Service to [email protected]. It can take up to ten (10) business days for your opt-out request to take effect.
If you find that the information on your personal account is not accurate, complete or updated, then you can make all necessary changes to correct it. Otherwise, you can contact us at vcita.com/contact.
If you wish to delete Personal Information related to you stored on vcita’s database, you can send a request to delete information to vcita.com/contact, or, with respect to WiseStamp Service to [email protected]. vcita will inform you whether it can accept your request. vcita will strive to accept requests to delete personally identifiable information. vcita can refuse your request, for example, if it believes that removal of certain information can harm other users. Before fulfilling your request, we will ask you for additional information in order to confirm your identity and for security purposes.
You will bear full responsibility for any damage, costs, fines and expenses resulting from the deletion of data pursuant to your request to exercise the right to be forgotten and hold vcita harmless thereof.
EU Residents: A summary and further details about your rights under EU data protection laws, is available on the EU Commission’s website at: https://ec.europa.eu/info/law/law-topic/data-protection/reform/rights-citizens_en.
Notwithstanding anything to the contrary in this policy, vcita can keep any aggregated or anonymized information for statistical, marketing and other purposes, indefinitely and it is vcita’s policy to keep Customer Personal Information on file unless specifically requested to be deleted.
We maintain a data retention policy which we apply to Personal Information in our care.
vcita has appointed a Data Protection Team for monitoring and advising on its ongoing privacy compliance and to serve as a point of contact on privacy matters for data subjects and supervisory authorities. To contact vcita’s Data Protection Team please email us at [email protected].
EU Residents: Our EU-GDPR representative according to Art. 27 of the GDPR is Rickert Rechtsanwaltsgesellschaft mbH, at Colmantstraße 15, 53225 Bonn, Germany and may be reached at [email protected].
UK Residents: Our UK-GDPR representative according to Art. 27 of the GDPR is Rickert Services Ltd UK, at PO Box 1487, Peterborough, PE1 9XX, United Kingdom and may be reached at [email protected].
You maintain the right to file a complaint with your national data protection authority if you have a concern about our privacy practices, including the way we handle Personal Information related to you.
By contacting us, you represent that you are free to do so and that you will not knowingly provide information that infringes upon the rights of third parties, including any intellectual property rights. You further acknowledge that, notwithstanding anything herein to the contrary, any and all rights, including without limitation any intellectual property rights in such information provided, shall belong exclusively to vcita, and we may use or refrain from using such information at our sole discretion.