BIOMETRIC INFORMATION WRITTEN RELEASE

The following information is provided about the Company’s policy on collecting and storing biometric information and includes a Release for you to sign evidencing your informed consent to this Policy.

1. As used in this Release, biometric data includes “biometric identifiers” and “biometric information” as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1 to 14/99, and elsewhere. A “biometric identifier” is defined to include a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Other laws may provide for additional modes of identification. However, biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening (inclusive of donated organs, tissues, or parts as defined in the Illinois Anatomical Gift Act (755 ILCS 50/1-10), blood or serum stored on behalf of recipients or potential recipients of living or cadaveric transplants and obtained or stored by a federally designated organ procurement agency, and biological materials regulated under the Illinois Genetic Information Privacy Act), demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color. Biometric identifiers do not include information captured from a patient in a health care setting or information collected, used, or stored for health care treatment, payment, or operations under the federal Health Insurance Portability and Accountability Act of 1996. States other than Illinois, including Texas and Washington, currently have enacted similar statutes and additional states have pending legislation. This policy and Release form is designed to be as broad as possible to cover the allowable uses and restrictions in each of the individual jurisdictions.

2. “Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers.

3. Purpose for Collection of Biometric Data

   Information Controls, Inc. (“the Company”), its vendors, and/or the licensor of the Company’s Time Terminal software collect, store, and use biometric data solely for employee identification, fraud prevention, and pre-employment hiring purposes.

4. Disclosure and Authorization

   To the extent that the Company, its vendors, and/or the licensor of the Company’s Time Terminal software collect, capture, or otherwise obtain biometric data relating to an employee, the Company must first:

   a. Inform the employee in writing that the Company, its vendors, and/or the licensor of the Company’s Time Terminal software are collecting and storing the employee’s biometric data, and that the Company is providing such biometric data to its vendors and the licensor of the Company’s Time Terminal software (by provision of this policy and the end user license agreement to you, you acknowledge receipt of such written/electronic notice and agree to execute this Release form with informed consent);

   b. Inform the employee in writing of the specific purpose and length of time for which the employee’s biometric data is being collected, stored, and used (by provision of the end user license agreement, you acknowledge receipt of the purpose and length of such collection and storage); and

   c. Receive a written release signed by the employee (or his or her legally authorized representative) authorizing the Company, its vendors, and/or the licensor of the Company’s Time Terminal software to collect, store, and use the employee’s biometric data for the specific purposes disclosed by the Company, and for the Company to provide such biometric data to its vendors and the licensor of the Company’s Time Terminal software (by clicking Agree, you agree that you are electronically agreeing to the terms in writing).

Disclosure

5. The Company will not disclose or disseminate any biometric data to anyone other than its vendors and the licensor of the Company’s Time Terminal software providing products and services using biometric data without/unless:

   a. First obtaining written employee consent to such disclosure or dissemination;

   b. The disclosed data completes a financial transaction requested or authorized by the employee;

   c. Disclosure is required by state or federal law or municipal ordinance; or

   d. Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.

   Note: The sale, merger or other transaction involving the ownership of the Company or the Time Terminal product/service line, and therefore its data/information, which transfers data/information to the new Company shall also be permitted. In addition, vendors who assist the Company with its processes, including but not limited to the maintenance of servers, disposal or recycling of equipment, shall also be encompassed within the Company’s authorized recipients and holders of such data/information. You also further understand that the Company may be required to turn over data and information if compelled, requested or directed subject to a subpoena, litigation or government inquiry and you consent to same.

Data Retention Schedule

6. The Company shall retain biometric data only until, and shall request that its vendors and the licensor of the Company’s Time Terminal software permanently destroy such data when, the first of the following occurs:

   a. The initial purpose for collecting or obtaining such biometric data has been satisfied, such as the termination of the employee’s employment with the Company, or the employee moves to a role within the Company for which the biometric data is not used; or

   b. Three (3) years following the employee's last interaction with the Company.

Data Storage

7. The Company shall use a reasonable standard of care to store, transmit and protect any biometric data collected from disclosure. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which the Company stores, transmits and protects from disclosure other confidential and sensitive information, including personal information, that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers and social security numbers.

RELEASE FORM

By signing the following RELEASE FORM physically or electronically (or Clicking “Agree” which electronically will act as your written consent), you agree to the terms of this Biometric Information Written Release policy, disclosure and informed consent acknowledgement.

1. The individual named below has been advised and understands that the Company, its vendors, and/or the licensor of the Company’s Time Terminal software collect, retain, learn from, and use biometric data for the purpose of identifying individuals, obtaining learned information and recording time entries when utilizing the Company’s biometric timeclocks or timeclock applications. Biometric timeclocks are computer-based systems that capture an individual’s biometric information for purposes of identification.

2. The Illinois Biometric Information Privacy Act, 740 ILCS 14/1 – 14/99 (“BIPA”) and other state statutes regulate the collection, storage, use, and retention of “biometric identifiers” and “biometric information” as defined above.

3. The individual agreeing to the terms of this policy understands that he or she is free to decline to provide biometric identifiers and biometric information to the Company, its vendors, and/or the licensor of the Company’s Time Terminal software without any adverse employment action. The employee may revoke this consent at any time by notifying the Company in writing.

The individual signing this RELEASE form (or Clicking “Agree” which electronically will act as your written consent) acknowledges that he/she has received and reviewed (and had the opportunity for legal counsel to review) the Biometric Information Written Release, and that he/she voluntarily consents to the Company’s, its vendors’, and/or the licensor of the Company’s Time Terminal software’s collection, storage, learning and use of biometric data through a biometric timeclock, including to the extent that it utilizes the employee’s biometric identifiers or biometric information as defined in BIPA or other state statutes, and voluntarily consents to the Company providing such biometric data to its vendors, and/or the licensor of the Company’s Time Terminal software, as well as any successor in interest to the Company, or Company’s Time Terminal software.

Last Updated: October 21, 2021