Biometric Retention and Destruction Policy

Definitions

"Biometric information" means any information, regardless of how it is captured, converted, stored, or shared, based on an individual's biometric identifier used to identify an individual.

"Biometric identifier" means a fingerprint.  No other types of biometric identifiers are collected.

Retention Schedule

Digital Trusted Identity Services, LLC (DTIS) will retain and store an individual's biometric information and identifiers and permanently destroy them when the initial purpose for collecting the information or identifiers has been satisfied or after three (3) years from the individual's last interaction with DTIS, whichever occurs first.

Guidelines For Destroying Biometric Information and Biometric Identifiers

DTIS utilizes best practices when purging electronic biometric information, biometric identifiers, and hard-copy fingerprint cards. The sanitization method used will depend on the type of media and the intended disposition of the media. The process renders data on the media infeasible for recovery. We apply techniques such as those created by industry standards organizations. Electronic media may be purged of biometric information and biometric identifiers using steps such as: clearing/wiping, data purging, and physical media destruction. Hard or paper copies of fingerprints, which include biometric data, are destroyed via a National Association for Information Destruction (NAID) AAA-certified shredding company for the destruction of media by DTIS employees. We ensure that the destruction of all physical and electronic media is witnessed or carried out by authorized personnel, when not handled by directly by a DTIS employee.

Absent a valid warrant or subpoena issued by a court of competent jurisdiction, DTIS will comply with the guidelines as stated in this policy.