WorkEasy Biometric Data Privacy Policy
WorkEasy Software Corporation (“WorkEasy”) created this Biometric Data Privacy Policy (“Policy”) for customer reference only. This Policy may not be comprehensive of all customer obligations under applicable laws concerning Biometric Data (defined below). Customers shall develop their own policies related to Biometric Data, in accordance with any applicable law, regulations, or international conventions. This Policy does not constitute legal advice. Customers should seek independent legal counsel to determine their legal duties and obligations related to Biometric Data, as necessary.
WorkEasy’s software collects, retains, and uses mathematical representations of certain information that may constitute biometric data (“Biometric Data”) for its customers’ administrative purposes, including identification and recording time entries when customers’ employees use certain WorkEasy products.
Disclosure
WorkEasy will not sell, lease, trade, or otherwise profit from Biometric Data belonging to an employee of customer. WorkEasy will not disclose or disseminate any Biometric Data to a third party unless:
- disclosure is required by state or federal law or municipal ordinance; or
- disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Retention
WorkEasy retains all data belonging to a customer, including their employees’ Biometric Data, only as long as necessary to fulfill the purpose of collection or within three (3) years of the applicable employee ceasing to use WorkEasy’s software or products. Once the purpose is fulfilled or within three (3) years of the applicable employee ceasing to use WorkEasy’s software or products, WorkEasy, through its periodic process of removal, will permanently remove all Biometric Data, belonging to the applicable employee. Alternatively, upon a written request by customer, at any time, WorkEasy will remove the Biometric Data belonging to the applicable employee within a reasonable timeframe.
Data Storage
WorkEasy, or a third-party hosting provider, stores Biometric Data as a unique mathematical representation of extracted unique points of the individual. WorkEasy does not store actual images. WorkEasy shall use reasonable care, but no less than the care WorkEasy employs to protect its own confidential and sensitive information, when storing and transmitting Biometric Data to provide protection from disclosure of such data.
Customer Responsibilities
WorkEasy expects its Customers to comply with all applicable laws concerning Biometric Data including but not limited to:
- Create an internal biometric privacy policy;
- Provide written notice to Customer’s employees that WorkEasy will collect, store, and use Biometric Data for Customer’s administrative purposes, and outlines the length of term for which EasyWorkfoce will retain such Biometric Data; and
- Obtain a Written Release2 from each employee authorizing WorkEasy to collect, store, or use their Biometric Data, prior to the transfer of Biometric Data to WorkEasy.
- “Biometric Data” includes Biometric Identifiers and Biometric Information as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/10, et seq.
- "Written release" means a release executed by an employee as a condition of employment.