Biometric Data Defined
As used in this policy, “biometric data” includes “biometric identifiers” and “biometric information” as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq. “Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color.
“Biometric information” means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers.
“Biometric data” also includes any similar state or local law definitions related to any biological characteristics of a person, or information based upon such a characteristic, including but not limited to, “biometric identifier” as defined under Tex. Bus. & Com. Code §503.001, “biometric identifier” as used in Wash. Rev. Code Ann. §19.375.020, “biometric information” as used in the California Consumer Privacy Act, “biometric information” as used in the New York Stop Hacks and Improve Electronic Data Security Act, and “biometric data” as used in Arkansas Code §4-110-103.
Purpose for Collection of Biometric Data
Our clients are responsible for compliance with applicable law governing any collection, storage, use, and/or transmission of biometric data they collect or facilitate collection of through the use of our Services. To the extent required by law, our clients will obtain written authorization from each employee or contractor for the benefit of the client, Netradyne and/or Netradyne’s authorized licensors or service providers to collect, store, use, and/or transmit biometric data prior to the collection of such data.
Our Services May Include the Collection of Biometric Data
We and/or our service providers also may collect, store, use and/or transmit biometric data in connection with providing certain products or services to Netradyne’s clients and client employees and contractors. Specifically, we may record a facial image of the employees and contractors of our clients that we use for verification of identity when they are using our Services and any vehicle of the client. With respect to such biometric data collected, stored, used and/or transmitted by Netradyne and/or its service providers, to the extent required by law, Netradyne’s clients will obtain written authorization from each employee or contractor for the benefit of Netradyne and/or Netradyne’s authorized licensors or service providers to collect, store, use, and/or transmit biometric data prior to the collection of such data.
Netradyne and/or its service provider will collect, store, use and/or transmit any biometric data solely for identifying employees and contractors of its client and for ensuring the security of its Services, and fraud prevention. Neither Netradyne nor its service providers will sell, lease or trade any biometric data that it receives from clients or client employees or contractors as a result of their use of Netradyne’s Services.
Netradyne will not sell, lease, trade, or otherwise profit from your biometric data; provided, however, that Netradyne may be paid for Services used by Netradyne’s clients that utilize such biometric data. In addition, Netradyne will not disclose or disseminate any biometric data to anyone other than its authorized service providers and clients without/unless:
- The subject of the biometric data or the subject’s legally authorized representative consents to the disclosure or dissemination;
- The disclosure or dissemination completes a financial transaction requested or authorized by the subject of the biometric data or the subject’s legally authorized representative;
- The disclosure or dissemination is required by state or federal law or municipal ordinance; or
- The disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Netradyne shall retain any client’s employee’s or contractor’s biometric data in Netradyne’s possession only until the first of the following occurs:
- Netradyne receives written notice from its client that the initial purpose for collecting or obtaining such biometric data has been satisfied, such as the termination of the employee’s or contractor’s employment with Netradyne’s client, the employee or contrator moves to a role within the client for which the biometric data is not used, or the client has discontinued using Netradyne’s Services for which the biometric data was used; or
- Within 3 years of Netradyne receiving written notice of the client’s employee’s or contractor’s last interaction with the client.
Netradyne shall use a reasonable standard of care to store, transmit, and protect from disclosure any paper or electronic biometric data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which Netradyne stores, transmits, and protects from disclosure other confidential and sensitive information.