Security and Data Protection

Posted on by ViBIM

Effective Date: January 01, 2015

ViBIM is a specialized Scan to BIM service provider focusing exclusively on converting point cloud scan data into accurate and detailed Revit models for international clients. With 10 years’ experience and 1000+ projects, our expert engineers convert complex Point Clouds into precise Revit models for international clients. This process adheres to key international standards, including the UK-originated ISO 19650 series, prominent US standards like the US Institute of Building Documentation (USIBD) Level of Accuracy (LOA) Specification, and relevant AIA contract documents such as E202™, E203™, and G202™.

At ViBIM our security infrastructure represents an investment in cutting-edge technologies and strict protocols developed since our founding.

The current ViBIM IT architecture implements multiple security layers through domain-based server management, purpose-restricted internet access, and disabled USB connections. We transfer final products only through a secure FTP channel designed specifically for confidential file exchange. Our multi-layered firewall system blocks unauthorized external access while internal regulations prohibit staff from uploading project data to the internet without explicit approval.

These measures create a secured environment where clients confidently share proprietary building information, knowing their project data remains protected through every phase of the BIM modeling process.

Specific Data We Collect

ViBIM collects only essential information necessary for Scan to BIM modeling services:

  • Basic contact details (name, email, phone number) when clients reach out through our website or email
  • Project information required for consultation, bidding, and implementation
  • Point cloud data sets provided by clients
  • Scope of work documents describing project parameters
  • Specific standards and technical requirements
  • Additional project documentation necessary for service delivery

All collected information resides on ViBIM’s secure server system and serves only the agreed-upon services.

Purposes for Collecting Data

Client data collection serves specific purposes connected directly to our service delivery:

  • Creating accurate Building Information Models from point cloud data
  • Executing contract obligations according to client specifications
  • Managing project communications effectively
  • Maintaining accurate records for project tracking and reporting
  • Providing relevant notifications about service-related updates

Client data remains exclusively for Scan to BIM service execution and will not be shared with third parties without explicit written consent. While ViBIM may use contact information for service-related communications, clients maintain the right to opt out of such notifications at any time.

Legal Basis for Data Collection

Our collection practices follow five distinct legal foundations that protect client rights while enabling effective project delivery:

Client Consent: ViBIM collects specific data categories only after obtaining explicit client approval. Clients maintain full control over this consent and may withdraw permission at any point during our business relationship.

Contractual Necessity: Data collection becomes necessary to execute agreed-upon services between ViBIM and clients. This includes project specifications, technical requirements, communication records, and deliverable documentation needed to complete BIM modeling projects successfully.

Data Security Measures

ViBIM implements comprehensive security protocols to protect client information throughout the project lifecycle. Our data security infrastructure consists of:

  • Secure server systems with advanced firewalls restricting unauthorized access
  • Regular automated backup procedures to prevent data loss
  • Strict access controls limiting data availability to authorized personnel only
  • One-way data flow architecture allowing downloads but preventing uploads to internet environments
  • Physically disabled USB ports on workstations to prevent unauthorized data transfers
  • Limited project data access restricted to necessary team members
  • Multi-layered firewall system utilizing hardware and software advances to block external intrusion attempts
  • Internal monitoring systems that track access patterns and alert to unusual activity

Data Retention Policy

ViBIM maintains a robust data infrastructure designed for both security and continuity. Our production server operates alongside a parallel backup system that ensures uninterrupted project operations even during potential system disruptions.

The Network Attached Storage (NAS) architecture automatically creates daily backups with restoration capabilities for incident recovery. Temperature-controlled server environments protect storage drives and data integrity, while our large-capacity storage systems retain project information securely.

Project data is retained for a minimum of five years to support project warranties, legal obligations, and client needs. Clients may request earlier data deletion if no longer needed for the original purpose, subject to legal requirements. After the retention period, data is securely deleted.

Data Confidentiality for Clients

ViBIM recognizes that different projects require varying levels of confidentiality. Clients maintain the right to request enhanced security measures tailored to their specific needs, including:

  • Project anonymization within our systems to limit identifying information. This allows sensitive projects to proceed with minimal exposure even within our organization.
  • Personnel restrictions that limit project access to the minimum number of team members required for completion. This creates a contained information environment where fewer individuals interact with sensitive data.
  • Restricted internal information circulation that compartmentalizes project details on a need-to-know basis. This prevents unnecessary data exposure even among authorized staff.

For each confidentiality request, ViBIM applies appropriate management protocols and technological measures to meet client requirements. Clients may also request Non-Disclosure Agreements (NDAs) prior to sharing detailed project information, creating a legally binding confidentiality framework before exchanges begin.

Third-Party Data Sharing

ViBIM does not share client data with third parties without explicit consent, except where required by law.

Contact Information

For questions or concerns about our privacy practices, please contact us:

FAQs

How can I request my data?

You can request your data by contacting us directly through our email or phone number. Please provide your details and specify the information you would like to access, and we will assist you with your request.

What happens if I opt out of communications?

If you opt out of communications, you will no longer receive promotional emails or updates from us. However, we may still contact you regarding crucial account-related information or service-related notices necessary for your ongoing relationship with ViBIM.

Updates to This Policy

We may update this policy to reflect legal or operational changes. The latest version will be posted on our website with the effective date. For significant changes, we will notify clients via email.