The purpose of this Biometric Privacy Policy (“Policy”) is to outline how Push Technologies (“Push Operations”, “we”, “us”, or “our”) collects, uses, discloses, stores, and protects the biometric data of our clients’ employees who use our products and services (collectively, “biometric data”). Our clients are responsible for developing and complying with their own biometric data privacy notice, retention, and destruction policies as may be required under applicable law. Except as described below, we follow the same privacy practices as described in our Privacy Policy (www.pushoperations.com/privacy-policy)
As used in this policy, “biometric data” means information about your physical or biological characteristics that identify you (“biometric identifiers”) and any information we derive based on those characteristics (“biometric information”).
“Biometric identifiers” include things like scans of your eye, hand or face, fingerprints, or voiceprints. Your writing samples, written signatures, demographic data, or physical descriptions such as height, weight, hair color, or eye color are not biometric identifiers.
Our clients are responsible for compliance with applicable law governing any collection, storage, use, disclosure, and/or transmission of biometric data. To the extent required by law, our clients will obtain written authorization from each employee for the client, Push Operations and/or our authorized licensors or vendors to collect, store, use, disclose, and/or transmit biometric data prior to the collection of such data.
We collect, store, disclose, use and/or transmit biometric data solely for identity verification, workplace security, and fraud prevention pursuant to instructions of our clients. Neither Push Operations nor its vendors will sell, lease, or trade any biometric data that they receive from clients or client employees as a result of use of our products and services.
We will not disclose, disseminate and/or transmit any clients’ employee biometric data to any person or entity other than the client and our authorized licensors or vendors without / unless: (i) first having the client employee’s written consent; (ii) the disclosure is required to information completes a transaction authorized by the client’s employee; (iii) the disclosure is required or permitted by law; (iv) the disclosure is required pursuant to a valid warrant or subpoena; or (v) the disclosure is required to perform a business transaction (e.g., merger and acquisition, bankruptcy, financing, etc.) and is made in accordance with applicable laws.
Push Operations will retain client employee’s biometric data until the client notifies Push operations that it no longer has a requirement to retain a copy of the biometric data, or until otherwise required by law.