Unless otherwise prohibited by state law, and solely for employee identification and fraud prevention purposes in connection with employee time and attendance records, Sonesta International Hotels Corporation (together with its subsidiaries and affiliates and its and their successors and assigns, “Sonesta,” “we” or “us”), collects, stores, and uses employee biometric data and discloses such data to our payroll provider and the licensor of our time and attendance software.
Biometric Data Defined
As used in this policy, biometric data includes personal information, regardless of how it is captured, converted, stored, or shared, that is based on an employee’s fingerprint or a scan of an employee’s hand and is used to identify that employee.
We will protect and store biometric data in accordance with applicable standards and laws and will use such data solely for the purposes outlined herein. We will not collect an employee’s biometric data without the written consent of the employee.
We will not sell, lease, trade, or otherwise profit from our employees’ biometric data, but our payroll provider and the licensor of our time and attendance software may be paid for products or services, which are used by Sonesta, that utilize such biometric data. In addition, we will not disclose or disseminate any biometric data to anyone other than our payroll provider and the licensor of our time and attendance software without/unless:
a. First obtaining written employee consent to such disclosure or dissemination; or
b. The disclosed data completes a financial transaction requested or authorized by the employee; or
c. Disclosure is required by federal, state or local municipal laws; or
d. Disclosure is required pursuant to a valid order, warrant or subpoena issued by a court of competent jurisdiction.
We will permanently destroy employee biometric data and will request that our payroll provider and the licensor of our time and attendance software permanently destroy such data within one (1) year of an employee’s separation from Sonesta or assumption of a role within Sonesta for which biometric data is not used.
Finally, we will use a reasonable standard of care to store, transmit and protect from disclosure any collected paper or electronic biometric data. Such storage, transmission, and protection from disclosure will be performed in a manner that is consistent with the manner in which we store, transmit and protect from disclosure other confidential and sensitive information, including personal information that can be used to uniquely identify an individual or an individual’s account or property.
A copy of this policy is publicly available at www.sonesta.com or upon request.