Employee Privacy Policy

Contents

Scope of this Policy
Collection of Personal Information and Sensitive Personal Information
Of the above categories of Personal Information, the following are categories of Sensitive Personal Information we may collect from or about employees:
We may collect your personal information from the following sources:
We may disclose or sell your personal information to the following categories of service providers, contractors, or third parties:
We may collect, use, and disclose your personal information for any of the following business purposes:
Notice of Right of California Residents to Opt-Out of the Selling and Sharing of Your Information
Retention of Personal Information
Third-Party Vendors
Business Transfers
Compliance With Law and Safety
Passwords
Employees and Their Family Members, Dependents, and Beneficiaries Under the Age of 16
How We Protect the Information That We Collect
Rights Under the CCPA and CPRA
Consent to Terms and Conditions
Changes to Our Privacy Policy
Questions About the Policy

Scope of this Policy

ACE Parking Management, Inc. and/or any affiliated entities (the “Company” or “we”) has developed this Privacy Policy out of respect for the privacy of our employees and their family members, dependents, and beneficiaries. This Policy describes the personal information we collect, both online and offline, about employees who are employed with us and their family members, dependents, and beneficiaries, for what purposes we use and disclose it, how long we retain it, and whether we sell it or share it for cross-context behavioral advertising purposes. We will collect some information from you for employment purposes.

This Privacy Policy applies only to information collected, used, or disclosed by the Company in the employment context from or about employees and their family members, dependents, and beneficiaries. It does not apply to other contexts, such as if you visit our public-facing website or engage in transactions with the Company in other capacities (as a client or customer); interactions outside the employment context are subject to the privacy policy on our website.

Collection of Personal and Sensitive Personal Information

In the last 12 months, we have collected the following categories of personal information from or about employees and their family members, dependents, and beneficiaries. For each category of information, we identify below the categories of third parties, service providers, and contractors to whom we have disclosed the information in the last 12 months. The examples provided for each category are not intended to be an exhaustive list or an indication of all specific pieces of information we collect from or about you in each category, but rather the examples are to provide you a meaningful understanding of the types of information that may be collected within each category.

CategoryPersonal Identifiers
ExamplesName, alias, social security number, date of birth, driver’s license or state identification card number, passport number, employee ID number.
Disclosed in Last 12 Months To
  • Financial institutions
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • Communications providers
  • IT, cybersecurity, and privacy vendors and consultants
Retention PeriodName and employee ID number: Permanent. Otherwise, duration of employment plus 6 years.
CategoryContact Information
ExamplesHome, postal or mailing address, email address, home phone number, cell phone number.
Disclosed in Last 12 Months To
  • Financial institutions
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • Communications providers
  • IT, cybersecurity, and privacy
Retention PeriodPermanent.
CategoryAccount Information
ExamplesUsername and password for Company accounts and systems, and any required security or access code, password, or credentials allowing access to your Company accounts.
Disclosed in Last 12 Months ToIT, cybersecurity, and privacy vendors and consultants.
Retention PeriodUsername: permanent; Password or security code: while in use + last 8 passwords used or 2 years, whichever is longer.
CategoryProtected Classifications
ExamplesRace, ethnicity, national origin, citizenship or immigration status, sex, gender, sexual orientation, gender identity, religious or philosophical beliefs, age, disability, medical or mental condition, military status, familial status, language, or union membership.
Disclosed in Last 12 Months To
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryPhysical Characteristics or Description
ExamplesInformation on your Driver’s License (such as eye color, hair color, height, weight), as well as information collected to the extent relevant for workplace investigations or for enforcement of Company policies on appearance and grooming (such as tattoos, piercings).
Disclosed in Last 12 Months To
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryBiometric Data
ExamplesFingerprints.
Disclosed in Last 12 Months ToTimekeeping vendor.
Retention PeriodWhile in use for identity verification.
CategoryFinancial Information
ExamplesBank account number for direct deposit or other financial account information.
Disclosed in Last 12 Months To
  • Financial institutions
  • Government agencies
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
Retention PeriodDuration of employment plus 6 years.
CategoryInternet, Network, and Computer Activity
ExamplesInternet or other electronic network activity information related to usage of Company networks, servers, intranet, shared drives, or Company-issued computers and electronic devices, including system and file access logs, security clearance level, browsing history, search history, and usage history.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • IT, cybersecurity, and privacy vendors and consultants
Retention Period4 years.
CategoryGeolocation Data
ExamplesIP address and/or GPS location (latitude & longitude) recorded on Company-issued computers, electronic devices, and vehicles, as well as timekeeping applications on cell phones that employees use to clock in and out and that log the geographic location at which each time entry was made.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • IT, cybersecurity, and privacy vendors and consultants
Retention Period4 years.
CategoryMobile Device Data
ExamplesData identifying employee’s devices accessing Company networks and systems, including cell phone make, model, and serial number, cell phone number, and cell phone provider.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • IT, cybersecurity, and privacy vendors and consultants
Retention Period4 years.
CategoryOnline Portal and Mobile App Access and Usage Information
ExamplesUsername and password, account history, usage history, file access logs, and security clearance level.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • IT, cybersecurity, and privacy vendors and consultants
Retention PeriodUsername kept indefinitely; passwords while in use + last 8 passwords used or for 2 years, whichever is longer; rest of this category for 4 years.
CategoryVisual, Audio or Video Recordings
ExamplesYour image when recorded or captured in surveillance camera footage or pictures of employees taken in the workplace or at a Company function or event, or in pictures or video of employees posted on social media to which the Company or its managers have access or that are submitted to the Company by another employee or third party; recorded calls or meetings, such as recorded Zoom, Teams, or Skype meetings.
Disclosed in Last 12 Months To
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • Communications providers
  • Social media platforms
  • IT, cybersecurity, and privacy vendors and consultants
Retention PeriodSurveillance footage: 30 days
Otherwise, duration of employment plus 6 years
CategoryPre-Hire Information
ExamplesInformation provided in your job application or resume, information gathered as part of background screening and reference checks, pre-hire drug test results, job interview notes by persons conducting job interviews for the Company, information contained in candidate evaluation records and assessments, information in work product samples you provided, voluntary disclosures by you, and Wage Opportunity Tax Credit (WOTC) information.
Disclosed in Last 12 Months To
  • Financial institutions
  • Government agencies
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryEmployment History
ExamplesInformation regarding prior job experience, positions held, names of prior supervisors, and when permitted by applicable law your salary history or expectations.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryEducation Information
ExamplesInformation from resumes regarding educational history; information obtained from transcripts or records of degrees and vocational certifications obtained.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryDriving Records
ExamplesInformation contained in your Department of Motor Vehicles record, including traffic violations, convictions, accident history, and departmental actions.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryProfessional or Employment-Related Information
ExamplesInformation contained in your personnel file and in other employment documents and records, including information contained in the following types of records: new hire or onboarding records, I-9 forms, tax forms, time and attendance records, non-medical leave of absence records, workplace injury records, safety records, performance evaluations and records, disciplinary records, investigatory records, training records, licensing and certification records, compensation and health benefits records, COBRA notifications, business expense records, and payroll records.
Disclosed in Last 12 Months To
  • Financial institutions
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • Communications providers
Retention PeriodDuration of employment plus 6 years, unless related to hazardous exposure records required by OSHA to be retained for at least 30 years. We retain permanently a record of your name, last position held, and dates of employment.
CategoryFacility & Systems Access Records
ExamplesInformation identifying which employees accessed secure Company facilities, systems, networks, computers, and equipment and at what times using their keys, badges, fobs, login credentials, or other security access method.
Disclosed in Last 12 Months To
  • Government agencies
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • IT, cybersecurity, and privacy vendors and consultants
Retention Period4 years.
CategoryMedical and Health Information
ExamplesMedical information contained in such documents as doctor’s notes for absences or work restrictions, medical leave of absence records, requests for accommodation, interactive process records, ergonomic assessment and accommodation records, and correspondence with you and your medical or mental health provider(s) regarding any request for accommodation or medical leave of absence, as well as information in post-hire drug test results, and information related to symptoms, exposure, contact tracing, diagnosis, testing, or vaccination for infectious diseases (e.g., COVID-19), pandemics, or other public health emergency.
This includes medical information and health benefits information for dependents and beneficiaries.
Disclosed in Last 12 Months To
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years, unless related to hazardous exposure records required by OSHA to be retained for at least 30 years.
CategoryInferences
ExamplesBased on analysis of the personal information collected, we may develop inferences regarding employees’ preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes for purposes of employment and management decisions related to staffing, assignments, responsibilities, team composition, hiring, promotion, demotion, and termination, among other things.
Disclosed in Last 12 Months To
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryTravel Information
ExamplesInformation regarding business travel, vacation and personal travel plans, and for infectious disease contact tracing purposes the locations travelled to within the applicable infectious period prior to coming to the workplace and the dates spent in those locations.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryFamily Information
ExamplesContact information for family members listed as emergency contacts, contact information for dependents and other dependent information, medical and health information for family members related to symptoms, exposure, contact tracing, diagnosis, testing, or vaccination for infectious diseases (e.g., COVID-19), pandemics, or other public health emergency, as well as information related to their travel and whom they have been in close contact with during the applicable infectious period.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryInformation of Friends, Co-workers, and Other Associates with Whom You Have Been in Close Contact per applicable infectious disease guidelines
ExamplesMedical and health information provided to the Company for an employee’s friends, co-workers, and other associates related to symptoms, exposure, contact tracing, diagnosis, testing, or vaccination for infectious diseases (e.g., COVID-19), pandemics, or other public health emergency, as well as information related to their travel and whom they have been in close contact with during the applicable infectious period.
Disclosed in Last 12 Months To
  • Government agencies
  • Employee tracking and talent management systems
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
Retention PeriodDuration of employment plus 6 years.
CategoryContents of Personal Communications where the Company is not the intended recipient
ExamplesIf you use Company email, phones, computers, online chat applications (Slack, Teams, Zoom, etc.) or other Company systems for personal communications where the Company is not the intended recipient of the communication, the Company retains these communications in the ordinary course of managing its communication and computer systems and pursuant to the Company’s data retention policy. Employees have no expectation of privacy with respect to any communications or data they send, receive, access or store on any company computer or system, including any personal communications. The Company may monitor, access, review and use all such communications and data for lawful business purposes detailed below, including to manage and evaluate employee performance and make employment decisions.
Disclosed in Last 12 Months ToNot Disclosed
Retention PeriodEmail accounts are retained for at least 4 years, unless related to a category of data identified above that requires a longer retention period. Certain executives and managers may be granted an exception, allowing the retention period for their emails to be duration of employment plus 6 years, unless related to a category of data that requires a longer retention period.

Of the above categories of Personal Information, the following are categories of Sensitive Personal Information we may collect from or about employees:

  1. Personal Identifiers (social security number, driver’s license or state identification card number, passport number)
  2. Account Information (your Company account log-in, in combination with any required security or access code, password, or credentials allowing access to the account)
  3. Protected Classifications (racial or ethnic origin, citizenship or immigration status, religious or philosophical beliefs, union membership, or sexual orientation)
  4. Biometric Information (used for the purpose of uniquely identifying you)
  5. Medical and Health Information
  6. Geolocation Data (IP address and/or GPS location, latitude & longitude)
  7. Contents of Personal Communications (contents of mail, email, and text messages where the Company is not the intended recipient)

Personal information does not include:

  • Publicly available information from government records.
  • Information that a business has a reasonable basis to believe is lawfully made available to the general public by the employee or from widely distributed media.
  • Information made available by a person to whom the employee has disclosed the information if the employee has not restricted the information to a specific audience.
  • De-identified or aggregated information.

We may collect your personal information from the following sources:

  • You, the employee, when you voluntarily submit information for employment purposes
  • Company-issued computers, electronic devices, and vehicles
  • Company systems, networks, software applications, and databases you log into or use in the course of performing your job, including from vendors the Company engages to manage or host such systems, networks, applications or databases
  • Surveillance cameras at our physical locations
  • Credit and consumer reporting agencies
  • Drug testing and physical testing providers and vendors
  • HR support vendors, including administrators of benefits, workers’ compensation, unemployment claims, payroll, timekeeping, expense management
  • Social media platforms
  • Recruiters
  • Staffing agencies
  • Personal references and former employers
  • Our other employees, contractors, vendors, suppliers, guests, visitors, and customers based on your interactions with them

We may disclose or sell your personal information to the following categories of service providers, contractors, or third parties:

  • Financial institutions
  • Government agencies
  • Benefits administrators and vendors, including third party administrators, 401K administrators, workers’ compensation and unemployment administrators, and wellness vendors
  • Insurance carriers, administrators, and brokers
  • Employee tracking and talent management systems
  • Data Analytics Vendors
  • Professional employer organizations, recruiting firms, and/or staffing agencies
  • Payroll processors, timekeeping vendors, and vendors providing services for purposes of our human resources information system (HRIS)
  • Consulting and investigation firms, including human resources consultants, safety consultants, and workplace investigators
  • Communications providers/vendors (such as those who manage SMS text messaging or mailers)
  • IT, cybersecurity, and privacy vendors and consultants
  • Parking equipment vendors and providers

We may collect, use, and disclose your personal information for any of the following business purposes:

1. To fulfill or meet the purpose for which you provided the information. For example, if you share your name and contact information to become an employee, we will use that Personal Information in connection with your employment.

2. To comply with local, state, and federal law and regulations requiring employers to maintain certain records (such as immigration compliance records, travel records, personnel files, wage and hour records, payroll records, accident or safety records, and tax records).

3. To manage and process payroll and/or Company travel and expenses.

4. To validate an employee’s identity for payroll and timekeeping purposes.

5. To maintain commercial insurance policies and coverages, including for workers’ compensation and other liability insurance.

6. To manage workers’ compensation claims.

7. To administer, manage, and maintain group health insurance benefits, 401K and/or retirement plans, and other Company benefits and perks.

8. To manage employee performance of their job duties and/or employee conduct, including by engaging in lawful monitoring of employee activities and communications when they are on duty, on Company premises, or utilizing Company internet and WiFi connections, computers, networks, devices, software applications or systems.

9. To conduct workplace investigations (such as investigations of workplace accidents or injuries, harassment, or other misconduct).

10. To evaluate job applicants and candidates for employment or promotions.

11. To obtain and verify background checks on job applicants and employees and to verify employment references.

12. To evaluate, make, and communicate decisions regarding an employee’s employment, including decisions to hire, terminate, promote, demote, transfer, suspend or discipline.

13. To communicate with employees regarding employment-related matters such as upcoming benefits enrollment deadlines, action items, availability of W2s, and other alerts and notifications.

14. To grant employees access to secure Company facilities and maintain information on who accessed the facility.

15. To track employee movement and activity throughout Company facilities and keep the facilities secure.

16. To engage in marketing efforts on behalf of the Company.

17. To track and record sales and other transactions with our customers.

18. To implement, monitor, and manage electronic security measures on Company internet and WiFi connections, computers, networks, devices, software applications or systems, as well as on employee devices that are used to access Company internet and WiFi connections, computers, networks, devices, software applications or systems.

19. To engage in corporate transactions requiring review or disclosure of employee records subject to non-disclosure agreements, such as for evaluating potential mergers and acquisitions of the Company.

20. To communicate with an employee’s family or other contacts in case of emergency or other necessary circumstance.

21. To manage employee recognition programs.

22. To promote and foster diversity, equity, and inclusion in the workplace.

23. To remain competitive in offering a variety of special discounts and benefits to employees.

24. To comply with our contractual obligations.

25. To provide services to corporate customers who may request certain pieces of information about a Company employee (such as name, phone number, and headshot) to permit the employee access or security clearance to their facility in advance of the Company employee being dispatched to provide services at the customer’s facility.

26. INFECTIOUS DISEASE PURPOSES (pandemic, outbreak, public health emergency, etc.)

  • To reduce the risk of spreading the disease in or through the workplace.
  • To protect employees and other consumers from exposure to infectious diseases (e.g., COVID-19).
  • To comply with local, state, and federal law, regulations, ordinances, guidelines, and orders relating to infectious diseases, pandemics, outbreaks, and public health emergencies, including applicable reporting requirements.
  • To facilitate and coordinate pandemic-related initiatives and activities (whether Company-sponsored or through the U.S. Center for Disease Control and Prevention, other federal, state and local governmental authorities, and/or public and private entities or establishments, including vaccination initiatives).
  • To identify potential symptoms linked to infectious diseases, pandemics, and outbreaks (including through temperature checks, antibody testing, or symptom questionnaire).
  • To permit contact tracing relating to any potential exposure to infectious diseases.
  • To communicate with employees and other consumers regarding potential exposure to infectious diseases (e.g., COVID-19) and properly warn others who have had close contact with an infected or symptomatic individual so that they may take precautionary measures, help prevent further spread of the virus, and obtain treatment, if necessary.

27. To evaluate, assess, and manage the Company’s business relationship with vendors, service providers, and contractors that provide services to the Company.

28. To improve user experience on Company computers, networks, devices, software applications or systems, and to debug, identify, and repair errors that impair existing intended functionality of our systems.

29. To detect security incidents involving potentially unauthorized access to and/or disclosure of Personal Information or other confidential information, including proprietary or trade secret information and third-party information that the Company receives under conditions of confidentiality or subject to privacy rights.

30. To protect against malicious or illegal activity and prosecute those responsible.

31. To prevent identity theft.

32. To verify and respond to consumer requests under applicable consumer privacy laws.

We do NOT and will not sell or share your personal information in exchange for monetary consideration. However, we may sell or share some of your information to third parties for other valuable consideration, as noted in the table above.

We may sell your personal information for the following business or commercial purposes:

  1. Data Analytics Purposes

Other than these exceptions, we do not and will not disclose your personal information to any third party in exchange for monetary or other valuable consideration or share your personal information for cross-context behavioral advertising.

Notice of Right of California Residents to Opt-Out of the Selling and Sharing of Your Information

While we do not sell or share your personal information in exchange for money, we may sell or share your personal information for other valuable consideration. You have the right to tell us NOT to sell or share your personal information. You have the full and free right to opt-out of our disclosure of your personal information to any third parties where the disclosure constitutes “selling” or “sharing” as defined by the California Privacy Rights Act. You may exercise your right to opt-out without fear of discrimination for doing so. To opt-out of our selling or sharing of your information, meaning, we will not disclose your information to third parties for any monetary or other valuable consideration, you can do any of the following:

  • Click HERE to be taken to an online opt-out submission form.
  • Visit ACE Parking Management, Inc.’s website at: https://aceparking.com/. Click on “Do Not Sell or Share My Personal Information” to be taken to an online submission form.
  • Visit any ACE Parking Management, Inc. location in California to request a paper opt-out submission form.
  • If you are unable to submit an opt-out through any of the above methods, please call our toll-free privacy line at 888-682-5274 for assistance and a representative will assist in meeting your needs.

You can have an authorized agent submit a request on your behalf. To submit an opt-out through use of an authorized agent, you must provide that agent with written permission signed by you to submit an opt-out on your behalf, except when using an opt-out preference signal. The authorized agent may call our toll-free privacy line at 888-682-5274 to make the opt-out request and for directions for submitting the proof of authorization and the authorized agent’s proof of identification to the Company. We maintain the right to deny any request from an authorized agent that does not submit sufficient proof that they have been authorized by you to act on your behalf.

A request to opt-out need not be a verifiable consumer request. However, we may deny a request to opt-out if we have a good faith, reasonable, and documented belief that a request to opt-out is fraudulent. If we deny your request to opt-out, we shall inform you of our decision not to comply and provide an explanation as to why we believe the request is fraudulent.

We do NOT and will not use or disclose your sensitive personal information for purposes other than the following:

  1. To perform the services reasonably expected by an average employee who requests those services.
  2. To detect security incidents that compromise the availability, authenticity, integrity, and confidentiality of stored or transmitted personal information.
  3. To resist malicious, deceptive, fraudulent, or illegal actions directed at the business and to prosecute those responsible for those actions.
  4. To ensure the physical safety of natural persons.
  5. For short-term, transient use.
  6. To perform services on behalf of the Company.
  7. To verify or maintain the quality or safety of a product, service or device that is owned, manufactured, manufactured for, or controlled by the Company, and to improve, upgrade, or enhance the service or device that is owned, manufactured by, manufactured for, or controlled by the Company.
  8. For purposes that do not involve inferring characteristics about the consumers.

Retention of Personal Information

We will retain each category of personal information in accordance with our established data retention schedule as indicated above. Some of the retention periods in the retention schedule above are measured from a particular point in time that has not occurred yet, such as the end of employment or end of a relationship (whether business, contractual, or transactional) plus a certain number of years. Where no particular event is defined in the retention schedule as the point from which the retention period is measured, we will measure the retention period from either (1) the date the record or data was collected, created, or last modified, (2) the date of the particular transaction to which the record or data pertains, or (3) another triggering event that is determined to be reasonable and appropriate based on the nature of the data and the legal/business needs for its continued use.

In deciding how long to retain each category of personal information that we collect, we consider many criteria, including, but not limited to: the business purposes for which the Personal Information was collected; relevant federal, state and local recordkeeping laws; applicable statute of limitations for claims to which the information may be relevant; and legal preservation of evidence obligations.

We apply our data retention procedures on an annual basis to determine if the business purposes for collecting the personal information, and legal reasons for retaining the personal information, have both expired. If so, we will purge the information in a secure manner.

Third-Party Vendors

Wemay use other companies and individuals to perform certain functions on our behalf. Examples include administering e-mail and payroll services. Such parties only have access to the personal information needed to perform these functions and may not use or store the information for any other purpose.

Business Transfers

In the event wesell or transfer a particular portion of our business assets, employee information may be one of the business assets transferred as part of the transaction. If substantially all of our assets are acquired, employee information may be transferred as part of the acquisition.

Compliance With Law and Safety

Wemay disclose specific personal and/or sensitive personal information based on a good faith belief that such disclosure is necessary to comply with or conform to the law or that such disclosure is necessary to protect our employees or the public.

Passwords

The personal data record created through your registration for your various Company accounts, including to access Company email, computers, networks, databases, and timekeeping and payroll applications, can only be accessed with the unique password associated with those records. To protect the integrity of the information contained in those records, you should not disclose or otherwise reveal your passwords to third parties.

Employees and Their Family Members, Dependents, and Beneficiaries Under the Age of 16

We do not knowingly sell or share the personal information of employees or any of their family members, dependents or beneficiaries under 16 years of age.

How We Protect the Information That We Collect

The protection of the information that we collect about employees is of the utmost importance to us and we take every reasonable measure to ensure that protection, including:

  • We use internal encryption on all data stores that house voluntarily captured data.
  • We use commercially reasonable tools and techniques to protect against unauthorized access to our systems.
  • We restrict access to private information to those who need such access in the course of their duties for us.

Rights Under the CCPA and CPRA

This section of the Privacy Policy applies only to California residents. If you are a California resident, you have the following rights pursuant to the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

  1. Right to Know. The right to request, up to 2 times in a 12-month period, that we identify to you (1) the categories of personal information we have collected, shared or sold about you, (2) the categories of sources from which the personal information was collected, (3) the business purpose for which we use this information, and (4) the categories of third parties with whom we disclose or have disclosed your personal information;
  2. Right to Access. The right to request, up to 2 times in a 12-month period, that we provide you access to or disclose to you the specific pieces of personal information we have collected about you;
  3. Right to Delete. The right to request, up to 2 times in a 12-month period, that we delete personal information that we have collected from you, subject to certain exceptions;
  4. Right to Correct. The right to request that we correct inaccurate personal information (to the extent such an inaccuracy exists) that we maintain about you;
  5. Right to Opt-Out. The right to opt-out of the selling or sharing of your personal information to third parties;
  6. The categories of personal information that we have sold or shared about you and the categories of third parties to whom the personal information was sold or shared, by category or categories of personal information for each category of third parties to whom the personal information was sold or shared;
  7. The categories of personal information that we have disclosed about you for a business purpose and the categories of persons to whom it was disclosed for a business purpose The right to designate an authorized agent to submit one of the above requests on your behalf. See below for how you can designate an authorized agent; and
  8. The right to not be discriminated or retaliated against for exercising any of the above rights.

You Can Submit Any of the Above Types of Requests by Any of the Options Below:

  1. Submit an online request on our website at https://aceparking.com/.
  2. Call our privacy toll-free line at 888-682-5274.

How We Will Verify That it is Really You Submitting the Request:

If you are a California resident, when you submit a Right to Know, Right to Access, Right to Delete, or Right to Correct request through one of the methods provided above, we will ask you to provide some information in order to verify your identity and respond to your request. Specifically, we will ask you to verify information that can be used to link your identity to particular information in our possession, which depends on the nature of your relationship and interaction with us.

Responding to your Right to Know, Right to Access, Right to Delete, and Right to Correct Requests

Upon receiving a verifiable request from a California resident, we will confirm receipt of the request no later than 10 business days after receiving it. We endeavor to respond to a verifiable request within forty-five (45) calendar days of its receipt. If we require more time (up to an additional 45 calendar days, or 90 calendar days total from the date we receive your request), we will inform you of the reason and extension period in writing. We will deliver our written response by mail or electronically, at your option. The response we provide will also explain the reasons we cannot comply with a request, if applicable.

We do not charge a fee to process or respond to your verifiable request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

For a request to correct inaccurate personal information, we will accept, review, and consider any documentation that you provide, and we may require that you provide documentation to rebut our own documentation that the personal information is accurate. You should make a good-faith effort to provide us with all necessarily information at the time that you make the request to correct. We may deny a request to correct if we have a good-faith, reasonable, and documented belief that a request to correct is fraudulent or abusive. If we deny your request to correct, we shall inform you of our decision not to comply and provide an explanation as to why we cannot comply with a request, if applicable.

Responding to Your Request to Opt-Out of the Selling or Sharing of Your Personal Information

We will act upon a request to opt-out within fifteen (15) business days of its receipt. We will notify all third parties to whom we have sold or shared personal information of your request and instruct them to comply with the request within the same time frame. We will notify you when this has been completed by mail or electronically, at your option.

A request to opt-out need not be a verifiable request. However, we may deny a request to opt-out if we have a good faith, reasonable, and documented belief that a request to opt-out is fraudulent. If we deny your request to opt-out, we shall inform you of our decision not to comply and provide an explanation as to why we believe the request is fraudulent.

If You Have an Authorized Agent:

If you are a California resident, you can authorize someone else as an authorized agent who can submit a request on your behalf. To do so, you must either: (a) execute a valid, verifiable, and notarized power of attorney; or (b) provide other written, signed authorization that we can then verify. When we receive a request submitted on your behalf by an authorized agent who does not have a power of attorney, that person will be asked to provide written proof that they have your permission to act on your behalf. We will also contact you and ask you for information to verify your own identity directly and not through your authorized agent. We may deny a request from an authorized agent if the agent does not provide your signed permission demonstrating that they have been authorized by you to act on your behalf.

By entering into an employment relationship with ACE Parking Management, Inc., you consent to all terms and conditions expressed in this Privacy Policy.

Changes to Our Privacy Policy

As our services evolve and we perceive the need or desirability of using personal information collected in other ways, we may from time to time amend this Privacy Policy. We encourage you to check the Deep Blue frequently to see the current Privacy Policy in effect and any changes that may have been made to them. If we make material changes to this Policy, we will post the revised Policy and the revised effective date on the Deep Blue. Please check back here periodically or contact us at the address listed at the end of this Policy.

Questions About the Policy

If you have any questions about this Privacy Policy, please contact us at privacy@aceparking.com or call 888-682-5274.

**This Policy was last updated September 6, 2024.

800-925-7275