Global CFS (“the Company”), its vendors, and/or the licensor of the Company’s time and attendance software will not sell, lease, trade, or otherwise profit from employees’ or contractors’ biometric data; provided, however, that the Company’s vendors and the licensor of the Company’s time and attendance software may be paid for products or services used by the Company that utilize such biometric data.
Disclosure
The Company will not disclose or disseminate any biometric data to anyone other than its vendors and the licensor of the Company’s time and attendance software providing products and services using biometric data without/unless:
a. First obtaining written employee or contractor consent to such disclosure or dissemination;
b. The disclosed data completes a financial transaction requested or authorized by the employee or contractor;
c. Disclosure is required by state or federal law or municipal ordinance; or
d. Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Retention Schedule
The Company shall retain employee and contractor biometric data only until, and shall request that its vendors and the licensor of the Company’s time and attendance software permanently destroy such data when, the first of the following occurs:
• The initial purpose for collecting or obtaining such biometric data has been satisfied, such as the termination of the employee or contractor’s employment with the Company, or the employee or contractor moves to a role within the Company for which the biometric data is not used; or
• Within 3 years of the employee or contractor’s last interaction with the Company.
Data Storage
The Company shall use a reasonable standard of care to store, transmit and protect from disclosure any paper or electronic biometric data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which the Company stores, transmits and protects from disclosure other confidential and sensitive information, including personal information that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers and social security numbers.