Last updated: August 24, 2023
Tracy Inc. is committed to protecting and respecting the privacy of our clients and others who use our website, applications, products and services. Tracy Inc. (“us”, “we”, or “our”) provides and operates software, products and the the https://www.tracyinc.com website (collectively, the “Service”).
Information Collection And Use
Tracy Inc. collects information of those using the Service. We may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. We do not grant access to personal information except as set forth herein. We do not share or sell personal information provided or transmitted to our Service with any third parties for their own marketing purposes. Personally identifiable information (“Personal Information”) may include, but is not limited to, and may be collected by: log data, cookies, applications, forms, webinars, surveys, comments and suggestions, information requests, customer service, or support help desk.
We collect information that your browser sends whenever you visit our Service (“Log Data”). This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages and other statistics.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer’s hard drive. We use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.
We may employ third party companies and individuals to facilitate our Service, to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used. These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
The security of your Personal Information is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security.
Links To Other Sites
We retain personal information for as long as necessary to provide the Services and fulfill the transactions requested by or on behalf of Clients, or for other essential purposes such as complying with our legal obligations, maintaining business and financial records, resolving disputes, maintaining security, detecting and preventing fraud and abuse, enforcing our agreements, and for any other necessary business purpose.
Biometrics – Collection, Transmission, Retention and Destruction
Tracy uses biometric information to identify and confirm a person primarily for time and attendance and access control applications. Tracy recognizes the sensitivity of biometric information and takes its obligations seriously to maintain the confidentiality and protect the security of the data. Any biometric data collected is at all times solely the client’s data. It is the responsibility of Tracy’s clients to develop and comply with their own biometric data retention and destruction policies as may be required by applicable law.
For the purposes of this Policy, “biometrics” may include an individual’s physiological characteristics that can be used, singly or in combination with each other or with other identifying data, to establish individual identity. Examples of biometrics include, but are not limited to, imagery of the iris, retina, fingerprint, face, hand, palm, vein patterns, and voice recordings, from which an identifier template, such as a faceprint, a minutiae template, or a voiceprint, can be extracted.
In addition, the employees of Clients that use Tracy timekeeping devices may provide an iris, finger or facial scan as part of the timekeeping process, which the technology converts into a mathematical, encrypted algorithm, or template. These templates are sometimes called “biometrics.” For purposes of this Policy, Tracy broadly includes within the term “biometrics” the templates created in the timekeeping process and treats the templates as if they are considered “biometrics” under applicable laws. Tracy complies with all laws applicable to it related to the use of biometrics. Clients are solely responsible for their own compliance with all applicable laws and regulations relating to the collection, storage, and use of biometric information, including with respect to Client’s use of Tracy products and Services for which Client’s employees provide biometrics. Some details about biometrics:
Biometric Data Collection and Consent
Biometrics are collected by Clients from employees using Tracy’s timekeeping technology. Some laws require employers to provide employees with notice of the use of biometrics in timekeeping, and to obtain employee consent. Tracy does not sell, lease, trade, or otherwise profit from biometrics.
Tracy current timekeeping devices have “notice and consent” screens that Clients can use to provide notice and obtain consent during the enrollment process, or Clients can choose to obtain consent from employees through other means. A sample of the consent screen is available here https://www.tracyinc.com/bio-privacyconsent.
If a Client’s employee is using biometrics, Tracy will presume one or more of the above notices and consent processes are being followed at Client’s worksite. Note: Some applications allow the use of a smartphone device, and the device itself collects biometrics for access to the application. The consent process is part of the smartphone and is controlled by the user/employee.
Biometric Transmission and Storage
Following collection at Client’s worksite, the resulting templates are stored in the timekeeping device, and are also transmitted for storage on a database hosted by either the Client, Tracy, or a third-party web hosting service. Tracy provides secure transmission and storage for biometrics on our hosted and subscription Services, which use reasonable standards of care within Tracy’ industry, and which are the same as the manner in which other confidential and sensitive information is transmitted and stored.
When smartphone devices are used and geolocation services are enabled, Tracy collects and stores latitude and longitude (GPS) coordinates from the device as part of the timekeeping process to ensure that employees are located at their appropriate work location.
Biometric Data Destruction
Biometric templates are and shall remain the property of Client, which is responsible for biometric template destruction when the biometric template is no longer needed, or within (1) year from Client’s last contact with an employee, whichever is first.
When instructed by its Clients to destroy biometric templates, Tracy will promptly comply with that request.
For former or inactive Clients on Tracy hosted or subscription Services who fail to destroy such data, Tracy will destroy the biometric templates within a reasonable time period after Tracy’ last interaction with the Client.
Our Service is not intended for anyone under the age of 16 (“Children”). Children aged 16 and younger should not submit any personal information without the permission of their parents or legal guardian. We do not knowingly collect personally identifiable information from children under 16. If you are a parent or guardian and you are aware that your child has provided us with Personal Information, please contact us. If we discover that a child under 16 has provided us with Personal Information, we will delete such information from our servers immediately.
Compliance With Laws
We will disclose your Personal Information where required to do so by law or subpoena.