Employee Biometric Privacy Notice
Effective as of March 18, 2026
Last updated March 18, 2026
SFP Holding, Inc. and its affiliates and subsidiaries, including, without limitation, its subsidiaries Summit Fire Protection Co., Summit Fire & Security LLC, Summit Fire National Consulting LLC, and Protegis, LLC (collectively, “Summit”) may collect certain data from its employees that is considered a “biometric identifier,” “biometric information,” and/or “biometric data” under applicable privacy laws. This Employee Biometric Privacy Notice (“Notice”) explains the collection, use, storage, retention, and destruction of such data.
The above terms are defined by applicable privacy laws and can vary depending on which law applies to you. However, “biometric identifier” is typically defined as a retina or iris scan, fingerprint, voiceprint, scan of hand or face geometry, or other unique biological, physical, or behavioral patterns or characteristics. “Biometric information” typically means any information (regardless of how it is captured, converted, stored, or shared) based on an individual’s biometric identifier used to identify an individual. “Biometric data” typically means one or more biometric identifiers that are used or intended to be used for identification purposes, either alone or when combined with other personal data. For purposes of this Notice, Summit will collectively refer to this information as “Biometric Information.”
Collection. Summit uses driver-facing dashboard cameras (“dashcams”) equipped with biometric authentication technology in its fleet vehicles for employee identification, vehicle safety, and security purposes.
When you operate a Summit vehicle in which a dashcam equipped with biometric authentication technology is installed, Summit, its vendor(s), and/or the licensor(s) of the biometric authentication technology collect, use, and store your Biometric Information, such as a scan of your face and/or your face geometry, to help identify you, detect any unsafe operation of vehicles, and monitor vehicle security.
Disclosure. Summit will disclose your Biometric Information to its dashcam vendor to assist with the specific purposes described above. Summit, its vendor(s), and/or the licensor(s) of the biometric authentication technology will not disclose, redisclose, or otherwise disseminate your Biometric Information unless permitted by law.
Summit, its vendor(s), and/or the licensor(s) of the biometric authentication technology will not sell, lease, trade, or otherwise profit from your Biometric Information; however, Summit’s vendor(s) and/or the licensor(s) of the biometric authentication technology may be paid for products or services used by Summit that utilize such Biometric Information.
Storage. Biometric Information will be stored, transmitted, and protected using the reasonable standard of care for Summit’s industry, in a manner that is the same as or more protective than the manner in which Summit stores, transmits, and protects other confidential and sensitive information in its possession.
Retention Schedule. Summit will retain your Biometric Information only until, and will direct its vendor(s) which utilize the biometric authentication technology and/or the licensor(s) of the biometric authentication technology to permanently destroy such information when, the first of the following occurs:
- The date upon which the initial purpose for collecting or obtaining such Biometric Information has been satisfied;
- Twenty-four (24) months after your last interaction with Summit; or
- The earliest reasonably feasible date, and no more than forty-five (45) days after Summit determines that storage of such Biometric Information is no longer necessary, adequate, or relevant to the express processing purpose identified by an annual review conducted by Summit. Summit may extend this forty-five (45) day period by up to an additional forty-five (45) days if reasonably necessary.
Data Security Incident Response Protocol. In the event of a data security incident that may compromise the security of Biometric Information, Summit will promptly investigate the incident and take appropriate measures to mitigate any potential harm. Summit will notify affected employees in accordance with applicable law.
Notice Distribution and Updates. A copy of this Notice is made publicly available online at https://summitcompanies.com/privacy-policy/employee-biometric-privacy-notice/.
Summit will update this Notice if it begins to collect or use Biometric Information for any additional purposes. Summit reserves the right to amend this Notice at any time.