YONA SOLUTIONS’ EMPLOYEE TIMEKEEPING POLICY AND WRITTEN RELEASE
Yona Solutions and all its affiliates (the “Company”) has instituted this Employee Timekeeping Policy to define the policy and procedures for its collection, possession, capture, storage, disclosure, use, retention, protection, and destruction of the data provided by employees using the Company’s time clocks/finger reader devices. Finger data is provided by employees in connection with the Company’s timekeeping practices to ensure employees ar accurately paid for their time worked in connection with the Company’s payroll and related financial transactions.
It is the Company’s policy to ensure that employee finger data is used and handled in accordance with the Illinois Biometric InformationPrivacy Act (“BIPA”) (to the extent that the finger reader data is covered byBIPA) and all other applicable laws. The Company reserves the right to revise this Policy at any time. A copy of this Policy is made available to all affected individuals. A copy is also made available to the public through the following link on the Company’s website: https://www.yonasolutions.com/privacy
This Policy applies to all of the Company’s facilities in Illinois and all employees using finger reader devices in Illinois.
As part of the timekeeping process, the Company uses time clocks and software, equipped with finger reader devices, purchased from its third-party vendor, NOVA time (“NTI”). NTI represents that the devices use unique points of your finger for purposes of verification, in connection with the Company’s timekeeping functions, to ensure that employees are recognized and paid for their time worked. The devices use a secure technology that generates an encoded alpha-numeric presentation, which NTI refers to as “data.” The Company securely stores this data in the time clocks and in the Company’s time and attendance database. Once employment ends the Company will destroy finger data upon the occurrence of the earliest of the following: (1) as soon as is reasonably possible after the employee’s separation of employment, typically by one year after the employee’s separation of employment; (2) after the purpose for which the biometric data, if any was collected, ceases to apply; or (3) within three years after an employee’s last interaction with the Company. The information obtained by the finger readers cannot be used as or converted into actual images or geometrical representations of the finger.
The Company requires employees, as a condition of initial or continued employment, to sign a written release authorizing the Company, NTI, or any third-party subcontractors to collect, capture, use, store, obtain, possess, disclose or re-disclose finger data for activities such as time keeping purposes, equipment servicing, database maintenance, software repair, data restoration or to maintain backup copies necessary for related activities, even if such activities never occur. NTI and its third-party subcontractors can only access such data pursuant to the Company’s instructions and authorization. The form of written release is attached asExhibit A. The Company will provide reasonable accommodations to those employees who present valid written objections to the collection and use of their finger data due to disability, religious belief or any other valid and lawful basis presented by the employee.
Employee finger data will only be used for the purposes and related activities set forth in this Policy. The Company will not sell, lease, trade, or otherwise profit from an employee’s finger data. The Company will not disclose, re-disclose, provide access to or otherwise disseminate any finger scan data outside of the terms of the Policy, unless:
● The employee or the employee’s legally authorized representative provides consent to such disclosure;
● The disclosed data completes a financial transaction requested or authorized by the employee or the employee’s legally authorized representative;
● The disclosure is required by state or federal law or county or municipal ordinance; or
● The disclosure is required pursuant to a valid warrantor subpoena issued by a court of competent jurisdiction.
The Company will use the reasonable standards of care within its industry for any storage, transmittal or protection from disclosureof any finger data, and it will follow standards of care that are the same or greater than the standards of care that the Company uses to protect other employee data.
Company vendors and contractors, including NTI, haverepresented that they do not sell, lease, trade or profit from such data, andthat they use reasonable standards of care within their industries for anystorage, transmittal or protection from disclosure of any such data.
The Human Resources Department of the Company is responsible for the enforcement and administration of this Policy. If you haveany questions regarding this policy or if you have questions that are not addressed in this policy, please contact Human Resources.
EXHIBIT A – WRITTEN RELEASE
As an employee of Yona Solutions and all its affiliates (the“Company”), I agree to use the Company’s finger reader as part of the timekeeping process. I acknowledge that, based on unique data points of my finger, the device creates a secure alpha-numeric representation called a template that is securely stored during my employment. Once my employment ends, the Company will destroy my finger data upon the occurrence of the earliest of he following: (1) as soon as is reasonably possible after my separation of employment, which is typically by one year after my separation of employment;(2) after the purpose for which the biometric data, if any was collected, ceases to apply; or (3) within three years after my last interaction with theCompany.
The finger data is used by the Company for verification and timekeeping functions. I have read and understand the Company’s EmployeeTimekeeping Policy regarding the collection, possession, capture, storage, disclosure, use, retention, protection and destruction of my template data. Asa condition of my initial or continued employment, I voluntarily consent to the collection, possession, capture, storage, access to, use, protection obtaining of, and/or disclosure or re-disclosure of my finger data by the Company, its payroll vendor and any of their subcontractors in accordance with this Policy. I provide this consent for purposes of ensuring compliance with the Illinois Biometric Information PrivacyAct (“BIPA”) (to the extent it is applicable) and any other applicable privacy laws.