Biometric Information Security Policy

  1. Purpose
    1. This Biometric Information and Security (“Policy”) defines Vertex Resource Group’ policy and procedure for collection, use, safeguarding, storage, retention, and destruction of biometric data collected by Vertex Resource Group
    2. Vertex Resource Group uses biometric identification systems for employee timekeeping with regard to payroll. Vertex Resource Group collects, stores, and uses employee biometric data for the purpose of giving employees secure access to Vertex Resource Group’s timekeeping systems and to document employees’ (i) clock in/out time(s); (ii) clock in/out location(s); and (iii) attempts/failures/errors in biometric data scans.
  2. Policy Statement
    1. This Policy replaces and supersedes all previous policies related to biometric information. Vertex Resource Group reserves the right to amend this Policy at any time, without notice.  Vertex Resource Group may expand its use of biometric data in the future.
    2. In the event Vertex Resource Group begins collecting biometric data for any additional purpose, Vertex Resource Group will update this Policy.
    3. A copy of this document will be made available to the public at flexicorps.com, or upon request.
  3. Definition of Biometric Data
    1. Biometric data means personal information stored by Vertex Resource Group about an individual’s physical characteristics that can be used to identify that person. Biometric data specifically includes fingerprints.
    2. As technology and systems advance, biometric data may also include voiceprints, retina or iris scan, or scan of hand of face geometry.
  4. Policy
    1. Vertex Resource Group’s policy is to protect and store biometric data in accordance with applicable standards and laws including, but not limited to, the Illinois Biometric Information Privacy Act.
    2. An individual’s biometric data will not be collected or otherwise obtained by FlexiCorps Inc. without prior written consent of the individual. Vertex Resource Group will inform the employee of the reason his or her biometric information is being collected and the length of time the data will be stored.  A sample consent statement is included in this policy and will be tailored to fit the type of biometric data collected and purpose(s) for collection.
    3. Vertex Resource Group will not sell, lease, trade, or otherwise profit from an individual’s biometric data. Biometric data will not be disclosed by Vertex Resource Group unless (i) consent is obtained, (ii) required by law, or (iii) required by legal subpoena.
    4. Biometric data will be stored using a reasonable standard for care for Vertex Resource Group’s industry and in a manner that is the same or exceeds the standards used to protect other confidential and sensitive information held by Vertex Resource Group
    5. Vertex Resource Group will destroy biometric data within a reasonable period of time of when the purpose for obtaining or collecting such data has been fulfilled. Generally, this means within six (6) months of an employee’s termination of employment.
  5. Procedure
    1. Prior to collecting an employee’s biometric data, Vertex Resource Group will obtain the consent of the employee.
    2. Employees will have their biometric data registered.
    3. When an employee uses a biometric identification system, they are identified by digital data encryption. The biometric data itself is not recorded or stored, and cannot be regenerated from the digital data encryption.
    4. Vertex Resource Group will store, transmit, and protect biometric data using the same standard of care and security controls it provides other confidential and sensitive information in its possession. Biometric data is securely stored on a stand-alone server. No Vertex Resource Group employee will have direct access to biometric data.
    5. Vertex Resource Group will delete from its systems the biometric data of former employees on a biannual basis.
  6. Consent to Collections of Biometric Data

Your hand and/or finger geometry will be collected and stored by Vertex Resource Group for the purpose of verifying your identity for access to the Vertex Resource Group timekeeping system.  Your hand and/or finder geometry data will not be disclosed by Vertex Resource Group without your consent unless the disclosure is required by law or by valid legal subpoena.  Your hand and/or finger geometry data will be permanently deleted from FlexiCorps Inc.’s systems within a reasonable period after your termination of employment pursuant to the Company’s biometric data retention policy.  A copy of Vertex Resource Group’s Biometric Information Security Policy is available upon request.