This Policy applies to all Company employees, agents, and representatives, including any third-party provider of services to the Company (“Third-Party Service Provider”) who have access to Personal Information the Company has collected or otherwise has in its possession. This Policy applies to all Personal Information of applicants and employees collected, maintained, transmitted, stored, retained, or otherwise used by the Company regardless of the media on which that information is stored.
“Personal Information” means information the Company has collected or otherwise maintains or has in its possession that identifies or can be used to identify or authenticate an applicant or employee, including, but not limited to:
- Telephone numbers.
- Email addresses.
- Employee identification numbers.
- Government-issued identification numbers.
- User passwords or PINs.
- User identification and account access credentials, passwords, PINs and security question answers.
- Financial account numbers.
- Geolocation data.
- Biometric, medical, health, or health insurance information.
For employees, Personal Information only includes information that is kept in secure files that are not generally accessible to employees on a company-wide basis,
USING AND HANDLING PERSONAL INFORMATION.
The Company limits its collection and use of Personal Information to that which is reasonably necessary to accomplish the Company’s legitimate business purposes or as necessary to comply with law.
Access, Use and Sharing of Personal Information. Company employees, agents, or representatives only access Personal Information when the information relates to and is necessary to perform their job duties. Company employees, agents, or representatives may not access Personal Information for any reason unrelated to their job duties. Company employees, agents or representatives may only share Personal Information with another Company employee, agent, or representative if the recipient has a job-related need to know the information. Personal Information may only be shared with a Third-Party Service Provider if it has a need to know the information for the purpose of providing the contracted services.
Accuracy. The Company collects, maintains, and uses Personal Information that is accurate, complete, and relevant to the purposes for which it was collected.
Security. The Company protects Personal Information. The Company has implemented an Information Security Program (“ISP”) that sets forth technical, administrative, and physical safeguards for the protection of Personal Information.
TRAINING EMPLOYEES AND SUPERVISING CONTRACTORS.
All Company employees, agents, or representatives who have access to Personal Information must be educated and trained on this Policy and the treatment of Personal Information. In addition, whenever Personal Information is entrusted to a Third-Party Service Provider, proper management and supervision over the outside party’s handling of that Personal Information must be ensured through appropriate contracts. Personnel with responsibility for supervising employees or managing Third-Party Service Provider relationships must be trained on supervision over those employees and Third-Party Service Providers.
REPORTING A SECURITY INCIDENT.
A Security Incident means any act or omission that compromises the security, confidentiality, or integrity of Personal Information or the physical, technical, administrative, or organizational safeguards the Company or a Third-Party Service Provider has put in place to protect Personal Information. The loss of or unauthorized access to, disclosure, or acquisition of Personal Information is a Security Incident. If you know or suspect that a Security Incident has occurred, do not attempt to investigate the matter yourself. Immediately contact your supervisor or the Company’s legal department. You should preserve all evidence relating to the potential Security Incident.
EMPLOYEES COVERED UNDER A COLLECTIVE BARGAINING AGREEMENT.
The employment terms set out in this Policy work in conjunction with, and do not replace, amend, or supplement any terms or conditions of employment stated in any collective bargaining agreement that a union has with Red Wing Shoe Company, Inc. or its subsidiaries. Employees should consult the terms of their collective bargaining agreement.
DISCLAIMER OF RESTRICTIONS ON EMPLOYEES’ RIGHTS UNDER THE NATIONAL LABOR RELATIONS ACT.
This Policy is not intended to preclude or dissuade employees from engaging in legally protected activities such as discussing wages, benefits, or terms and conditions of employment; forming, joining, or supporting labor unions; bargaining collectively through representatives of their choosing; raising complaints about working conditions for their and their fellow employees’ mutual aid or protection; or other legally protected activities.
AMENDMENT AND REVISION.
This Policy may be revised from time to time. This Policy was last revised on June 26, 2019.