A. Definitions.

“Workwell Technologies” refers to “Workwell Technologies, Inc.”

“uAttend” refers to the uAttend Time & Attendance System and associated software as a service platform provided by Workwell Technologies as well as any other related media form, media channel, mobile website or mobile application.

“You” or “Your” refer to any individual or entity ordering or using uAttend.

“Your Data” refers to any data or images that you input, scan or import into uAttend or is derived from uAttend, including, but not limited to, information regarding employees, time cards, hours worked, users, departments, or other data.

As used in this policy, biometric data includes “biometric identifiers” and “biometric information” as defined in the Illinois Biometric Information Privacy Act, 740 ILCS § 14/1, et seq. or such other statutes or regulations that apply in your state. “Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, scan of hand or face geometry, or body temperature. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color. Biometric identifiers do not include information captured from a patient in ahealth care setting or information collected, used, or stored for health care treatment, payment, or operations under the federal Health Insurance Portability and Accountability Act of 1996.

“Biometric information” refers to any information, regardless of how it is captured, converted, stored, or shared, based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excludedunder the definition of biometric identifiers.

“Biometric data” refers to personal information stored by Workwell Technologies and/or its vendor(s) about an individual’s physical characteristics that can be used to identify that person. Biometric data can include fingerprints, voiceprints, a retina scan, scans of hand or face geometry, body temperature or other data.

B. Biometric Data Disclosure and Authorization

Workwell Technologies’ customers are responsible for compliance with all applicable laws and for adopting their own biometric data privacy policies with their employees. To the extent required by law, you, your vendors, and/or the licensor of your time and attendance software that collect, capture, or otherwise obtain biometric data relating to an employee, must first:

1. Inform your employee in writing that you, your vendors, including Workwell Technologies and its cloud service vendors, and/or the licensor of your time and attendance software are collecting, capturing, or otherwise obtaining the employee’s biometric data, and that you are providing such biometric data to your vendors and the licensor of your time and attendance software;
2. Inform the employee in writing of the specific purpose and length of time for which the employee’s biometric data is being collected, stored, and used; and
3. Receive a written release signed by the employee (or his or her legally authorized representative) authorizing you, your vendors, including Workwell Technologies, and/or the licensor of your time and attendance software to collect, store, and use the employee’s biometric data for the specific purposes disclosed by you, and for you to provide such biometric data to your vendors, including Workwell Technologies and the licensor of your time and attendance software.

If you are located outside of the USA, paragraphs 1 to 3 above may not apply to you, but you will need to comply with the Biometric Data Disclosure and Authorization laws applicable to your legal jurisdiction.

You, your vendors, including Workwell Technologies, and/or the licensor of your time and attendance software will not sell, lease, trade, or otherwise profit from employees’ biometric data; provided, however, that your vendors, including Workwell Technologies, and the licensor of your time and attendance software may be paid for products or services used by you that utilize such biometric data.

Disclosure

You will not disclose or disseminate any biometric data to anyone other than vendors, such as cloud service providers, and the licensor of your time and attendance software providing products and services using biometric data without/unless:

1. First obtaining written employee consent to such disclosure or dissemination;
2. The disclosed data completes a financial transaction requested or authorized by the
   employee;
3. Disclosure is required by state or federal law or municipal ordinance; or
4. Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.

If you are located outside of the USA, paragraphs 1 to 3 above may not apply to you, but you will need to comply with the Biometric Data Disclosure and Authorization laws applicable to your legal jurisdiction.

C. Retention Schedule

Workwell will permanently destroy an employee’s biometric data from Workwell’s systems, or the systems of Workwell vendor(s) within one (1) year, when, the first of the following occurs:

• The initial purpose for collecting or obtaining such biometric data has been satisfied, such as the termination of the employee’s employment with the Company, or the employee moves to a role within the Company for which the biometric data is not used; or
• You request to discontinue your uAttend services.

You may delete biometric data IDs and templates for employees upon your discretion directly through the cloud portal and on devices.

Workwell will permanently destroy all your other data from Workwell’s systems, or the systems of Workwell vendor(s), within one (1) year of your request to discontinue your uAttend services.

D. Data Storage

Workwell shall use a reasonable standard of care to store, transmit and protect from disclosure any paper or electronic biometric data collected. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which Workwell stores, transmit and protect from disclosure other confidential and sensitive information, including personal information that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers and social security numbers.

E. Voice Recognition Technology

Voice recognition is dormant when the time clock is not in use, meaning the time clock only listens for verbal commands once authentication is initiated. uAttend products that support voice recognition listen for commands when triggered by a specific screen and do not store any audio recordings.

F. Temperature Liability Information for Devices with Temperature Readers

Workwell is not advertising its products for use in the medical industry or for medical purposes. Our products are not intended to diagnose or exclude contagions such as COVID-19, SARS, or any other medical condition and should not be used as such. Our products are intended to serve as a first-line filter by assisting an organization and its employees in identifying those employees who may have an elevated body temperature. While our products may archive readings for reporting and audit purposes, it is solely the responsibility of the organization to communicate the use of the information to its employees, to obtain any necessary consent from its employees and to determine how the information is used. The organization should notrely solely on our products for making such a determination. Various environmental and methodological factors can impact thermal imaging; therefore, the reading from our products should not be relied upon as the sole determinant of a person’s body temperature. Competent medical advice and further checks should be sought if there are concerns regarding an employee’s health or possible illness. Workwell hereby disclaims all liability with respect to the conditions and limitations described in this paragraph.