Value Through Solutions®

Security Policy

BIOMETRIC INFORMATION SECURITY POLICY

Semblex uses biometric time clocks at certain work sites through which an employee’s fingerprint is scanned for time and attendance purposes.  Semblex currently uses NOVAtime Technology/Sure Path and its licensors as its time and attendance tracking system manufacturer and UltiPro is its payroll vendor (“Vendors 1”).  Semblex also uses a personnel management solution kiosk for employee check-in and temperature verification capabilities. The kiosk can also be programmed for facial identification for ease of reference. Semblex currently uses Meridian as its vendor for this personnel management solution(“Vendor 2”). Vendors 1 and Vendor 2 are collectively referred to as “Vendors.” In accordance with Illinois law, Semblex has implemented this policy relating to the retention, collection, disclosure and destruction of biometric information.  All employees whose biometric information is collected will be required to sign an Employee Consent Form upon hire and as requested thereafter by Semblex.

The terms “biometric data” and “biometric information” as used in this Policy and Employee Consent Form are intended to have the same definition provided in the Illinois Biometric Information Privacy Act, 740 ILCS §14/1, et seq.

Purpose for Collection of Biometric Data

Semblex, through its Vendors, collects, stores, and uses biometric data only for the purpose of employee identification, fraud prevention, the recording and tracking of an employee’s time and attendance, and helping to protect the health and safety of employees by preventing anyone with a temperature of 100.4 or greater from entering a facility. For more information about the Vendors’ timeclock and personnel management solution kiosk, please visit:

https://novatime.com/privacy-policy/

https://www.meridiankiosks.com/solutions/personnel-management-solution/

Disclosure 

Semblex will not disclose or disseminate any biometric data to any third party, including its Vendors, unless it obtains the employee’s written consent to such disclosure or dissemination or as required or authorized by law. 

Retention Schedule and Destruction of Biometric Information

Semblex, through its Vendors, will retain employee biometric information collected pursuant to this Policy until such time as employment is terminated or Semblex discontinues its use of biometric information pursuant to this Policy.  Upon termination of employment or discontinued use of timeclock or personnel management solution kiosk, Semblex will notify its Vendors.  Once Semblex provides such notice, both Semblex and the Vendors will automatically destroy any biometric information in Semblex or the Vendors’ possession. As such, an employee’s biometric data will be permanently destroyed within thirty (30) days of an employee’s separation from employment.  

Semblex and its Vendors use appropriate information security safeguards designed to protect biometric data when it is being collected, stored and transmitted.  These safeguards include firewalls, physical and digital security measures, encryption, access restrictions, password authorization, system logging, and file backup.  Semblex only has access to encrypted biometric data as required to fulfill the necessary job functions. 

Download PDF Form