• Information and Communications Technology
  • Software


EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 7/24/2017
Next Certification Due Date: 10/25/2020
Data Collected: NON-HR

Purpose of Data Collection

For the purpose of this section, we define the following terms: ● The Business – The direct client of the vCita platform ● A client – An end-user which becomes a client of the Business by communicating through the vCita platform. ● vCita Widgets – A set of scripts the Business can place on their website such as contact form, scheduler, payment form, etc ● vCita Client Portal – A secured area for the clients of the Business, in which they can view their communications, pay for services, share documents, etc ● vCita Back-Office – A secured area for the Business to manage clients, appointments and all communications (CRM). There are 4 types of data collected by vCita: (1) Information about the Business vCita collects information about the Business upon signup, product customization and subscription. The main purpose of collecting Business information is to publicly share it on the Business website. Additional uses can be for better matching the service to the Business, product subscription, and for the use of our support and sales team. The information includes: ● Account information such as username (email), password, industry, account holder name and phone number, payment details etc. This information is not publicly shared and is used for the account management and support ● Information the Business would like to share with their clients, such as contact details (phone, email, address etc.), business hours, services provided by the Business, pricing and any other textual information the Business would like to publish ● Website analytics information such as the website address and how many views were detected on the vCita widgets. This data is collected by the widgets, which the Business has to actively install (2) Communication Data vCita is mainly an engagement platform which allows the Business to communicate with their clients. vCita stores any message sent to or from the Business on top of the vCita platform. This information is shown to the Business owner when logging in to the vCita back office, to their clients when logging in to the online clients portal. In addition, some of this information is also shown to both parties via emails or mobile text messages. The vCita back office also allows the Business to manage these messages, mark them to follow up, delete them, assign them to a staff member etc. (3) Clients Data The vCita application acts as a CRM (Client Relationship Management tool) which helps the businesses collect information about leads and clients, edit them and manage their client relationship. Client data is collected from the following sources: • Information provided by clients • Analytics data and cookies • Data provided by the Business • Information collected from public data available online • Email analytics information (4) Analytics vCita collects analytics data in order to learn more about our Businesses and their clients’ behavior in order to improve our product and provide a better experience to our clients. The data includes usage and dimensions used to segment users like locale. General • vCita stores the aforementioned data on servers of cloud computing service providers. vCita may share personally identifiable information with others in cases such as: • to operate its services or web-app, including to store and process the Business information through third party hosting services and to process payments; • vCita may disclose personally identifiable information to comply with any applicable law, respond to lawful requests of personal information by public authorities, and assist law enforcement agencies as required, including to meet national security • vCita may share personally identifiable information with sub-contractors and other companies or organizations connected, or affiliated with vCita, such as subsidiaries, sister-companies and parent companies.

Privacy Policy

Non-HR Data

Document: Privacy Policy

The Privacy Policy includes explanation and reference to the Privacy Shield framework and is available publicly on our website.

Effective Date: 3/3/2019

Verification Method


Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact vCita, Inc. at:

Maya Steiner
vCita, Inc.
10900 NE 8th St, Suite 1490
Bellevue, Washington 98004

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from vCita, Inc. to your question or complaint, please contact the independent recourse mechanism listed below


Appropriate statutory body with jurisdiction to investigate any claims against vCita, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission