Biometric Information Privacy Act

POLICY ON THE COLLECTION, RETENTION, AND DESTRUCTION OF EMPLOYEE BIOMETRIC INFORMATION

The Facility has adopted this policy to address how it will collect, use, store, disclose and destroy biometric information, including any handprint information. This policy is intended to promote compliance with state and federal laws, including the Illinois Biometric Information Privacy Act (collectively, the “Laws”). The Facility reserves the right to amend this policy at any time, with or without advance notice.

As an employee of the Facility, you may be required as a condition of your employment to provide your handprint (“Biometric Identifier”). Your Biometric Identifier will be used only for workrelated purposes in accordance with the Laws, including for door entry/access, timekeeping, payroll or similar purposes. All affected employees will be required to acknowledge receipt and agreement to the terms of this policy, and consent to the Facility’s use and disclosure (or redisclosure) of his or her Biometric Identifier for such work-related purposes, and, in certain instances, in the course of workplace investigations by the Facility.

The Facility has undertaken measures to safeguard all personal information connected to the Biometric Identifier to minimize the risk of fraud or identity theft, and it is understood that the Facility will use the same reasonable standard of care in the storage, transmission, disclosure, and protection of the Biometric Identifier as it does in the storage, transmission, and protection other confidential and sensitive employee information.

The Facility’s use of the Biometric Identifier is limited to lawful purposes, which primarily include controlling or limiting access to biometric equipment (the “Equipment”) and related data to authorized Facility personnel. In accordance with the applicable Laws, the Facility does not sell, lease, trade or otherwise profit from a Biometric Identifier. In addition, the Facility will not disclose an employee Biometric Identifier unless: (1) the disclosure completes a financial transaction requested or is authorized by the employee; (2) the disclosure is required by state or federal law, or municipal ordinance; (3) the disclosure is required pursuant to a valid warrant or subpoena; or (4) the employee otherwise consents to the disclosure. The Biometric Identifier will be stored and used by the Facility during the course of employment, and for an additional period of time thereafter in accordance with the applicable Laws.

The Biometric Identifier will be permanently destroyed no later than 3 years following the employee’s date of separation from the Facility or when the initial purpose for collecting or obtaining the Biometric Identifier has been satisfied, whichever occurs first.

The Facility will take reasonable steps in an effort to ensure that its payroll provider and/or any other vendor who receives or may have access to the Biometric Identifier complies with this Policy.

This policy is available to the public at any time upon request and on the Facility’s website at: www.sheridanshores.com. Additionally, this policy will be posted in a conspicuous location at the Facility.