BIS Policy

Biometric Information Security Policy

  1. Purpose
    1. This Biometric Information and Security (“Policy”) defines FlexiCorps, Inc.’s policy and procedure for collection, use, safeguarding, storage, retention, and destruction of biometric data collected by FlexiCorps, Inc.
    2. FlexiCorps, Inc. uses biometric identification systems for employee timekeeping with regard to payroll. FlexiCorps, Inc. collects, stores, and uses employee biometric data for the purpose of giving employees secure access to FlexiCorps, Inc.’s timekeeping systems and to document employees’ (i) clock in/out time(s); (ii) clock in/out location(s); and (iii) attempts/failures/errors in biometric data scans.
  2. Policy Statement
    1. This Policy replaces and supersedes all previous policies related to biometric information. FlexiCorps, Inc. reserves the right to amend this Policy at any time, without notice.  FlexiCorps, Inc. may expand its use of biometric data in the future.
    2. In the event FlexiCorps, Inc. begins collecting biometric data for any additional purpose, FlexiCorps, Inc. will update this Policy.
    3. A copy of this document will be made available to the public at, or upon request.
  3. Definition of Biometric Data
    1. Biometric data means personal information stored by FlexiCorps, Inc. about an individual’s physical characteristics that can be used to identify that person. Biometric data specifically includes fingerprints.
    2. As technology and systems advance, biometric data may also include voiceprints, retina or iris scan, or scan of hand of face geometry.
  4. Policy
    1. FlexiCorps Inc.’s policy is to protect and store biometric data in accordance with applicable standards and laws including, but not limited to, the Illinois Biometric Information Privacy Act.
    2. An individual’s biometric data will not be collected or otherwise obtained by FlexiCorps Inc. without prior written consent of the individual. FlexiCorps, Inc. will inform the employee of the reason his or her biometric information is being collected and the length of time the data will be stored.  A sample consent statement is included in this policy and will be tailored to fit the type of biometric data collected and purpose(s) for collection.
    3. FlexiCorps, Inc. will not sell, lease, trade, or otherwise profit from an individual’s biometric data. Biometric data will not be disclosed by FlexiCorps, Inc. unless (i) consent is obtained, (ii) required by law, or (iii) required by legal subpoena.
    4. Biometric data will be stored using a reasonable standard for care for FlexiCorps, Inc.’s industry and in a manner that is the same or exceeds the standards used to protect other confidential and sensitive information held by FlexiCorps, Inc.
    5. FlexiCorps, Inc. will destroy biometric data within a reasonable period of time of when the purpose for obtaining or collecting such data has been fulfilled. Generally, this means within six (6) months of an employee’s termination of employment.
  5. Procedure
    1. Prior to collecting an employee’s biometric data, FlexiCorps, Inc. will obtain the consent of the employee.
    2. Employees will have their biometric data registered.
    3. When an employee uses a biometric identification system, they are identified by digital data encryption. The biometric data itself is not recorded or stored, and cannot be regenerated from the digital data encryption.
    4. FlexiCorps, Inc. will store, transmit, and protect biometric data using the same standard of care and security controls it provides other confidential and sensitive information in its possession. Biometric data is securely stored on a stand-alone server. No FlexiCorps, Inc. employee will have direct access to biometric data.
    5. FlexiCorps, Inc. will delete from its systems the biometric data of former employees on a biannual basis.
  6. Consent to Collections of Biometric Data

Your hand and/or finger geometry will be collected and stored by FlexiCorps, Inc. for the purpose of verifying your identity for access to the FlexiCorps, Inc. timekeeping system.  Your hand and/or finder geometry data will not be disclosed by FlexiCorps, Inc. without your consent unless the disclosure is required by law or by valid legal subpoena.  Your hand and/or finger geometry data will be permanently deleted from FlexiCorps Inc.’s systems within a reasonable period after your termination of employment pursuant to the Company’s biometric data retention policy.  A copy of FlexiCorps, Inc.’s Biometric Information Security Policy is available upon request.