Au Bon Pain | The Bakery Café

Our Polices

BIOMETRIC INFORMATION SECURITY POLICY

PURPOSE

To define the policy and procedures for collection, use, safeguarding, storage, retention, and destruction of biometric data collected by Au Bon Pain.

 

Au Bon Pain collects, stores, and uses employee biometric data, specifically fingerprints, for the purpose of giving employees secure access to Au Bon Pain’s timekeeping and point of sale (POS) systems.  Au Bon Pain uses biometric data to document employees’ clock in/out time(s) and location(s), and to access the POS system for purposes of transacting customer sales.

 

DEFINITIONS

Biometric data means 1) biometric identifiers (i.e., retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry) and 2) any personal information collected and stored by Au Bon Pain about an individual’s physical characteristics that is derived from the individual’s biometric identifiers and is used to identify the individual.  Biometric data specifically includes fingerprints that are electronically converted into numerical/digital data and used by Au Bon Pain to identify an individual employee.

 

POLICY

Au Bon Pain’s policy is to protect and store biometric data in accordance with applicable standards and laws including, but not limited to, the Illinois Biometric Information Privacy Act.

 

Au Bon Pain will inform the individual of the reason his or her biometric information is being collected and the length of time the data will be stored.

 

Biometric data will be stored and protected using a reasonable standard of care for Au Bon Pain’s industry and in a manner that is the same or exceeds the standards used to protect other confidential information held by Au Bon Pain.

 

Biometric data is encrypted and is securely stored on a local stand-alone server.  No Au Bon Pain employee will have direct access to biometric data and biometric data shall not be transmitted.

 

Biometric data will not be disclosed by Au Bon Pain unless (a) consent is obtained, (b) disclosure is necessary to complete a transaction requested or authorized by the subject, (c) disclosure is required by law, or (d) disclosure is required by subpoena.

 

Au Bon Pain will destroy biometric data when the initial purpose for obtaining or collecting such data has been fulfilled, i.e., the employee’s employment with Au Bon Pain has terminated.  Au Bon Pain will routinely delete the biometric data of terminated employees on at least an annual basis.

 

Au Bon Pain will not sell, lease, trade, or otherwise profit from an individual’s biometric data.

 

Au Bon Pain reserves the right to amend this Biometric Information Security Policy at any time to address additional purposes or procedures.

 

A copy of this policy will be made publically available at www.aubonpain.com.

Built with Kalibrate CMS .NET Framework