Purpose: Advance Services, Inc. (the “Company”) has adopted this Policy for collection, use, safeguarding, storage, retention, and destruction of Biometric Information collected by the Company. The purpose of the Policy is to define Biometric Information and establish a retention schedule and disposal schedule for Biometric Information.
This Policy applies to all Company employees, agents, contractors, customers, or third-parties providing services to the Company who have access to Biometric Information that the Company has collected or otherwise has in its possession.
Definitions: “Biometric Information” means personal information stored by the Company about an individual’s physical characteristics that can be used to identify that person. Biometric Information can include, but is not limited to: fingerprints; voice patterns; face, hand, retina or ear features; and other biological traits that can be used to identify an individual.
- The Company shall protect and store Biometric Information in accordance with applicable standards and laws including, but not limited to, the Illinois Biometric Information Privacy Act, the Texas Capture or Biometric Identifier Act (CUPI), and Washington’s Biometric Privacy Law.
- The Company will not sell, lease, trade, or otherwise profit from an individual’s Biometric Information.
- Biometric Information will not be disclosed by the Company unless (a) consent is obtained, or (b) disclosure is required by law, including required disclosure to law enforcement authorities. This Policy is not intended to restrict communications or actions protected or required by state or federal law.
- Biometric Information will be stored using a reasonable standard of care to guard against unauthorized access to and acquisition of the Biometric Information, which will be reasonable for the Company’s industry, in a manner that is the same or exceeds the standards used to protect other confidential information held by the Company.
- The Company will destroy biometric data when the initial purpose for obtaining or collecting such data has been fulfilled or within three (3) years of the individual’s last interaction with the Company, whichever occurs first.
- A copy of this Policy is publicly available at www.asinc.net.
This Policy may be revised from time to time by the Company.