Biometric Information Security Policy

  1. Purpose
    1. This Biometric Information and Security (“Policy”) defines Cemco Systems’ policy and procedure for collection, use, safeguarding, storage, retention, and destruction of biometric data collected by Cemco Systems
    2. Cemco Systems uses biometric identification systems for employee timekeeping with regard to payroll. Cemco Systems collects, stores, and uses employee biometric data for the purpose of giving employees secure access to Cemco Systems’s timekeeping systems and to document employees’ (i) clock in/out time(s); (ii) clock in/out location(s); and (iii) attempts/failures/errors in biometric data scans.
  2. Policy Statement
    1. This Policy replaces and supersedes all previous policies related to biometric information. Cemco Systems reserves the right to amend this Policy at any time, without notice.  Cemco Systems may expand its use of biometric data in the future.
    2. In the event Cemco Systems begins collecting biometric data for any additional purpose, Cemco Systems will update this Policy.
    3. A copy of this document will be made available to the public at, or upon request.
  3. Definition of Biometric Data
    1. Biometric data means personal information stored by Cemco Systems about an individual’s physical characteristics that can be used to identify that person. Biometric data specifically includes fingerprints.
    2. As technology and systems advance, biometric data may also include voiceprints, retina or iris scan, or scan of hand of face geometry.
  4. Policy
    1. Cemco Systems’ policy is to protect and store biometric data in accordance with applicable standards and laws including, but not limited to, the Illinois Biometric Information Privacy Act.
    2. An individual’s biometric data will not be collected or otherwise obtained by FlexiCorps Inc. without prior written consent of the individual. Cemco Systems will inform the employee of the reason his or her biometric information is being collected and the length of time the data will be stored.  A sample consent statement is included in this policy and will be tailored to fit the type of biometric data collected and purpose(s) for collection.
    3. Cemco Systems will not sell, lease, trade, or otherwise profit from an individual’s biometric data. Biometric data will not be disclosed by Cemco Systems unless (i) consent is obtained, (ii) required by law, or (iii) required by legal subpoena.
    4. Biometric data will be stored using a reasonable standard for care for Cemco Systems’s industry and in a manner that is the same or exceeds the standards used to protect other confidential and sensitive information held by Cemco Systems
    5. Cemco Systems will destroy biometric data within a reasonable period of time of when the purpose for obtaining or collecting such data has been fulfilled. Generally, this means within six (6) months of an employee’s termination of employment.
  5. Procedure
    1. Prior to collecting an employee’s biometric data, Cemco Systems will obtain the consent of the employee.
    2. Employees will have their biometric data registered.
    3. When an employee uses a biometric identification system, they are identified by digital data encryption. The biometric data itself is not recorded or stored, and cannot be regenerated from the digital data encryption.
    4. Cemco Systems will store, transmit, and protect biometric data using the same standard of care and security controls it provides other confidential and sensitive information in its possession. Biometric data is securely stored on a stand-alone server. No Cemco Systems employee will have direct access to biometric data.
    5. Cemco Systems will delete from its systems the biometric data of former employees on a biannual basis.
  6. Consent to Collections of Biometric Data

Your hand and/or finger geometry will be collected and stored by Cemco Systems for the purpose of verifying your identity for access to the Cemco Systems timekeeping system.  Your hand and/or finder geometry data will not be disclosed by Cemco Systems without your consent unless the disclosure is required by law or by valid legal subpoena.  Your hand and/or finger geometry data will be permanently deleted from FlexiCorps Inc.’s systems within a reasonable period after your termination of employment pursuant to the Company’s biometric data retention policy.  A copy of Cemco Systems’s Biometric Information Security Policy is available upon request.