1. Timekeeping System
New WinCup Holdings, Inc. and WinCup Plastics, Inc. (including their respective parents, affiliates, subsidiaries, and related entities, hereafter “WinCup”) have adopted this Biometric Data Policy (“Policy”) to address how it will collect, receive, access, use, store, capture, obtain, retain, disclose, and permanently destroy data used in connection with the Timekeeping System. The Timekeeping System means the time and attendance software (“the “Timekeeping System”) provided by WinCup’s Service Provider. By “Service Provider,” we mean Paycor, Inc. and/or any other third party service provider selected by WinCup, who is engaged to perform functions, provide services, and/or provide products on behalf of WinCup (such as provision of data storage or providing the Timekeeping System). WinCup uses the Timekeeping System solely as an authentication measure as part of the employee timekeeping and attendance tracking processes. This Policy is intended to comply with the Illinois Biometric Information Privacy Act (“BIPA”), the Texas Capture or Use of Biometric Identifier Act (“CUBI”) and any other applicable state and federal laws. WinCup hereby provides notice to the individual named below that:
2. Data Collected by the Timekeeping System
Any data collected by the Timekeeping System may constitute “Biometric Data.” As used in this Policy, Biometric Data is defined to include “biometric identifiers” and “biometric information” as defined in BIPA, CUBI, and any other applicable state and federal laws.
“Biometric identifier,” as defined by BIPA, means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color. Biometric identifiers do not include information captured from a patient in a health care setting or information collected, used, or stored for health care treatment, payment, or operations under the federal Health Insurance Portability and Accountability Act of 1996.
“Biometric information,” as defined by BIPA, means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers.
“Biometric identifier,” as defined by CUBI, means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry.
3. Retention and Destruction of Biometric Data
Biometric Data is collected, captured, stored, obtained, retained, or used by the Service Provider and/or by WinCup, for the duration of the Team Member’s employment relationship or temporary working assignment (as applicable) with WinCup. Following the end of the Team Member’s employment relationship or temporary working assignment (as applicable) with WinCup, WinCup and its Service Provider will permanently destroy any Biometric Data collected by the Timekeeping System relating to the Team Member within a reasonable timeframe, but no later than one (1) year from the date of the Team Member’s last use of the Timekeeping System.
WinCup will not disclose any Biometric Data unless the disclosure: (i) completes a financial transaction requested or authorized by the Team Member; (ii) is required by state or federal law, or municipal ordinance; (iii) is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction; or (iv) is otherwise made pursuant to the Team Member’s consent.
Additionally, WinCup, its Service Provider, affiliates, vendors, subsidiaries, subcontractors, and licensors may have access to Biometric Data to store such data, delete/maintain backup copies, and/or to service the systems, drives, or databases on which the Biometric Data is collected, used, or stored.
4. Safeguarding Biometric Data
WinCup and its Service Provider use reasonable standards of care within their industries for any storage, transmittal or protection from disclosure of any Biometric Data they may possess, in a manner that is the same as or more protective than the way they store, transmit, and protect other similar confidential and sensitive information. WinCup and its Service Provider also use reasonable technical, organizational, and physical safeguards intended to protect the security, confidentiality, privacy and integrity of any Biometric Data collected by the Timekeeping System against unauthorized access, modification, or destruction. WinCup and its Service Provider do not sell, lease, trade, or otherwise profit from any Biometric Data.
5. Changes to this Policy
WinCup reserves the right to amend this Policy at any time with or without prior notice by posting the updated Policy on this page. You can always check the “Last Updated” date at the top of this document to see when the Policy was last changed.