AMGtime Global Biometric Privacy Policy

This document sets forth the Biometric Privacy Policy of AMG Employee Management Inc., doing business as AMGtime (“AMGtime”). AMGtime respects the privacy of our clients’ and the client employees’ that use AMGtime products and services (“users” and/or “customers”). AMGtime’s customers are responsible for developing, implementing, and complying with biometric policies regarding the collection, use, retention, dissemination, and destruction of biometric data as required under applicable law.

Background

Certain countries, states, and/or local government agencies have enacted privacy laws governing the collection and storage of an individual’s biometric data. The customer who purchases or licenses software and/or hardware from AMGtime and uses it to collect and/or store biometric data is solely responsible for ensuring compliance with applicable privacy laws. AMGtime is not responsible and shall not be held liable for use of AMGtime products or services used by customers in a manner that is not compliant with applicable privacy laws.

AMGtime strongly encourages customers to provide adequate notice and obtain prior consent from the individuals who will be interacting with biometric devices before collecting Biometric Identifiers. AMGtime has provided guidance via sample policies and consent forms, however, these should be reviewed and approved by the customer and their legal advisors prior to use.

Defining Biometric Data

As used in this policy, the following terms are defined as:

1)  "Biometric Identifier" means data generated by automatic measurements of an individual's biological characteristics, such as a fingerprint, voiceprint, eye retinas, irises, or other unique biological patterns or characteristics that is used to identify a specific individual. "Biometric identifier" does not include a physical or digital photograph, video or audio recording or data generated therefrom, or information collected, used, or stored for health care treatment, payment, or operations under the Federal Health Insurance Portability and Accountability Act of 1996.

2) "Biometric Information" means any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers.

3) "Biometric System" means an automated identification system capable of capturing, processing, and storing a biometric identifier, comparing the biometric identifier to one or more references, and matching the biometric identifier to a specific individual.

4) "Commercial Purpose" means a purpose in furtherance of the sale or disclosure to a third party of a biometric identifier for the purpose of marketing of goods or services when such goods or services are unrelated to the initial transaction in which a person first gains possession of an individual's biometric identifier. "Commercial purpose" does not include a security or law enforcement purpose.

5) "Enroll" means to capture a biometric identifier of an individual, convert it into a reference template that cannot be reconstructed into the original output image, and store it in a database that matches the biometric identifier to a specific individual.

Collection, Use, and Retention of Biometric Information

AMGtime’s customers are responsible for collection, use, and retention of Biometric Information in compliance with applicable law governing biometric data. To the extent required by law, the customer will obtain written consent from employees (or their legally authorized representative) prior to Enrollment, storage, and use of Biometric Information in the Biometric System conducted by the user, AMGtime, and/or any authorized affiliate. Customers must indicate the specific purpose(s) for the collection of biometric data and the period in which it will be collected, stored, and used.

AMGtime’s products and solutions collect, use, store, disseminate, and retain biometric data solely for employee identification, workplace security, and/or fraud prevention. AMGtime shall use a reasonable standard of care when storing, transmitting, and protecting biometric data. AMGtime will not use Biometric Information for Commercial Purpose.

Disclosure

AMGtime will not disclose or disseminate any biometric data to any person or entity other than the customer and AMGtime’s authorized affiliates or licensors without/unless:

1. First having the customer’s employee’s written consent;

2. The disclosed data completes a financial transaction requested or authorized by the customer’s employee;

3. Disclosure is required by federal or state law or municipal ordinance; or

4. Disclosure is required pursuant to a valid warrant or subpoena.

Retention Schedule and Guidelines

AMGtime’s standard policy is to delete employee Biometric Information one calendar year after their last interaction with AMGtime’s products or services. AMGtime’s system has the ability for customers to decrease the number of days they would like to retain biometric data.

The customer is solely responsible for taking any steps necessary to ensure compliance with applicable biometric privacy laws when using AMGtime products or services. Nothing in this notice is intended to constitute or provide legal advice.

Children’s Privacy

AMGtime’s site, products, and services are not directed to anyone under the age of 13. We will not knowingly collect or solicit information from anyone under the age of 13. If we learn that we have gathered personal information from anyone under the age of 13 without the consent of a parent or guardian, we will delete that information as soon as possible. If you believe we have collected such information, please contact us at 800.960.3735.

Updates to Privacy Policies

AMGtime reserves the right to make changes to this Privacy Policy for any reason, at any time, without notice to you. There will be an updated version number at the bottom of this policy. Any changes made to our Privacy Policy will become effective upon posting the revision on our site. Use of the site and/or any of our products and services constitutes your acceptance of the revised Privacy Policy.