Employees with a Technology Asset issued by Pinnacol Assurance (including, for purposes of this policy, Cake Insure, EverPeak Insurance, Attune Insurance, and any other related employers), such as a laptop computer, cellular phone, or other mobile device, may have the option to use biometrics to log in to a Pinnacol Technology Asset. Currently, where elected by the employee, the available biometric functionality leverages fingerprints or facial recognition ("biometric identifiers"). If an employee chooses to use biometrics on a Pinnacol Technology Asset, an algorithm creates a template using images of the biometric identifiers ("template").
The employee’s images used to create the template are not stored by Pinnacol. The templates derived from the images are only stored locally on the Pinnacol Technology Asset and are only used for the purpose of unlocking the device. The templates are collected, stored, and used for the duration of your employment and a reasonable time thereafter to facilitate the destruction of that data, and only for the purpose of accessing Pinnacol Technology Assets or complying with state or federal law, regulations, or municipal ordinances.
The biometric identifiers, or the templates derived from the images, may be interpreted as constituting biometric data regulated under state Biometric Information Privacy laws. Pinnacol is committed to employee privacy and reiterates that commitment with this Biometric Information Privacy Policy. A copy of this Policy is available upon request and is publicly available at pinnacol.com.
Employees should read the following policy guidelines:
1. Template Retention and Destruction Schedule: Pinnacol respects and protects the confidential and sensitive information of its employees. Templates used to access a Pinnacol Technology Asset are stored solely on the device and encrypted in such a way as to prevent third-party access to the data. Pinnacol permanently destroys the encrypted data containing templates within one week of receiving the device unless there is a business or security reason to retain this information, in which case Pinnacol will permanently destroy the encrypted data within one week of receiving confirmation the data containing templates can be deleted in accordance with Pinnacol's policies and procedures. Pinnacol also destroys these templates when the devices are returned to Pinnacol as part of a device upgrade or replacement. In the event an employee is permitted to keep a mobile device after employment, Pinnacol destroys any templates under its control, and releases control of the device to the employee. The biometric identifiers are not retained by Pinnacol.
2. Template Disclosure Guidelines: Pinnacol does not sell, lease, trade or otherwise profit from its employees' templates. Likewise, Pinnacol does not disclose, redisclose, or otherwise disseminate these templates unless: (1) an employee, or their legally authorized representative, consents to the disclosure or redisclosure; (2) the disclosure or redisclosure completes a financial transaction requested or authorized by the employee; (3) the disclosure or redisclosure is required by State or Federal law or regulation or municipal ordinance; or (4) the disclosure is required pursuant to a valid warrant, subpoena, or order issued by a court of competent jurisdiction.
3. Template Storage Guidelines: Pinnacol stores, transmits, and protects from disclosure all templates using a reasonable standard of care. Pinnacol stores, transmits, and protects from disclosure all templates in a manner that is at least as great as the manner in which Pinnacol stores, transmits, and protects other confidential and sensitive information.
For more information, or if you have questions regarding this Policy, you may contact Pinnacol using the information below:
Chief Information Security Officer
Pinnacol Assurance
7501 E. Lowry Blvd.
Denver, CO 80230
303.361.4000