We have developed the following Biometric Information Privacy Policy. The purpose of this Policy is to define the policies and procedures for the collection, use, safeguarding, storage, retention, protection, and destruction of biometric data in accordance with applicable standards, Utah and Federal laws.
Biometric Data Defined
As used in this Policy, “Biometric Data” means fingerprints, and “Biometric Information” means any demographic information also known as Personal Identifiable Information (PII), regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual.
Personally Identifiable Information
Personally Identifiable Information or PII means all information that can be used to identify, locate, contact, or impersonate a particular individual. PII is contained in public and non-public records. Examples may include but are not limited to a specific individual’s first name (or initial), middle name (or initial), and last name (current or former); geographical address; electronic address (including an e-mail address); personal cell phone number; telephone number or fax number dedicated to contacting the individual at his or her physical place of residence; social security number; biometric identifiers, including but not limited to, fingerprints, palm prints, facial recognition, full face image, and iris scans; driver identification number; birth date; and physical description. When connected with one or more of the items of information specified above, PII includes any other information concerning an individual that, if disclosed, identifies or can be used to identify a specific individual physically or electronically.
Disclosure and Authorization Procedures
We will not disclose, redisclose, or disseminate any Biometric Data or PII to anyone other than the individual who provided the Biometric Data or PII, and to State or Federal agencies to conduct a background check. PII may be released if;
- We have obtained verbal or written consent from the individual to disclosure, redisclosure, or disseminate, and only after positive identification is made from the individual;
- Disclosure is required by state or federal law or municipal ordinance;
- Disclosure is required by a Bureau of Criminal Identification (BCI) audit, Federal Bureau of Investigation (FBI) audit; or
- Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.
Retention
We securely retain Biometric Data and PII for the individual’s personal future use, also known as “Archiving,” except as required by an order from a court of competent jurisdiction. We retain the Biometric Data and PII unless the individual who provided them requests that the information be deleted, in which case we will permanently destroy such data.
- All Biometric Data and PII collected for Direct Submission to the Utah Bureau of Criminal Identification (BCI) to conduct a Utah Background Check shall be deleted 30 days after such submission unless Archived.
- As required by Federal law all Biometric Data and PII collected for Direct Submission to the FBI to conduct a Background Check (Identity History Summary) shall be deleted 30 days after such submission unless Archived.
Data Storage
We have very strict policies for storing, transmitting, and protecting from disclosure any paper or electric Biometric Data and PII collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which the company stores, transmits, and protects from disclosure of other confidential and sensitive information.
Any forms used to collect Biometric Data or PII are kept secure until it is destroyed within a reasonable amount of time or as required under Utah or federal law.
In case of system or electronic device failure, we maintain a backup of all system files on a Apricorn Aegis Fortress L3 256-bit AES XTS encrypted external drive which is not vulnerable to software or hardware-based key-loggers or software-based brute force attacks. Your data is protected with a programmable “Brute Force Hack Defense Mechanism” which, if four consecutive incorrect password entries has been attempted, the device will delete its own encryption key and destroy the ability to decrypt its stored data.
NO BIOMETRIC DATA OR PERSONAL IDENTIFIABLE INFORMATION (PII) IS STORED ON SERVERS, THIS WEBSITE, OR ANY OTHER ONLINE LOCATION
Our Biometric Information Privacy Policy was last updated on October 1st, 2023