Privacy Policy

NDC Workforce Management System

Last Updated: December 8, 2025 | Effective Immediately

MANDATORY COMPLIANCE NOTICE

By accessing or using the NDC Workforce system, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. Unauthorized access, misuse, or disclosure of any information is strictly prohibited and may result in disciplinary action, termination, and/or legal prosecution.

1.Scope and Application

This Privacy Policy applies to all employees, supervisors, managers, administrators, and authorized personnel who access the NDC Workforce Management System. This policy governs the collection, use, storage, and protection of personal and employment-related information processed through this system.

2.Information Collected

The system collects and processes the following categories of information:

  • Personal Identifiers: Full name, Employee ID, phone number, email address
  • Employment Data: Department, shift assignment, supervisor information, seniority date, job classification
  • Attendance Records: Absence dates, types, reasons, duration, approval status
  • System Activity: Login timestamps, access logs, IP addresses, device information
  • Location Data: General geographic location when submitting absence reports (city/region level)
  • Communications: SMS messages, system notifications, broadcast responses

3.Purpose of Data Processing

Information is collected and processed exclusively for:

  • Managing workforce attendance and absence reporting
  • Processing overtime and voluntary time-off requests
  • Notifying supervisors and managers of attendance matters
  • Generating operational reports and analytics
  • Ensuring compliance with employment laws and company policies
  • System security monitoring and audit trail maintenance

4.Data Security Measures

The following security controls are implemented:

  • Encrypted data transmission (HTTPS/TLS)
  • Encrypted data storage
  • Role-based access controls (RBAC)
  • Secure authentication
  • Comprehensive audit logging
  • Session timeout enforcement
  • Cloud infrastructure security
  • Ongoing security monitoring

5.Data Access and Disclosure

Access to personal information is strictly limited to:

  • Your direct supervisor (for employees under their management)
  • Department managers and shift managers (operational necessity)
  • HR administrators (for employment management purposes)
  • System administrators (for technical support only)

We do NOT sell, trade, or share personal information with third parties for marketing or commercial purposes. Disclosure to law enforcement or legal authorities will only occur when legally required.

6.Data Retention

Personal and employment data is retained in accordance with applicable employment laws and company policy. Attendance records are retained for a minimum of 7 years. System access logs are retained for 2 years. Upon termination of employment, data may be archived but will not be deleted until the retention period expires.

7.SMS Communications

By using this system, you consent to receive SMS messages for absence reporting, shift notifications, overtime broadcasts, and system alerts. Message and data rates may apply based on your carrier plan. Opting out of SMS communications may limit your ability to use certain system features.

8.Location Information

When you submit an absence report, the system may collect your general geographic location (city or region level). This information is collected to:

  • Verify the authenticity of absence submissions
  • Support operational record-keeping
  • Assist with scheduling and staffing decisions

Your Rights: In accordance with Alberta's Personal Information Protection Act (PIPA), you have the right to request access to your location data and understand how it is used. Location data is collected only when you actively submit a report and is not continuously tracked.

9.Prohibited Activities

The following actions are strictly prohibited:

  • Accessing information of employees outside your authorized scope
  • Sharing login credentials or access tokens with others
  • Disclosing personal information to unauthorized parties
  • Using system data for personal or unauthorized purposes
  • Attempting to bypass security controls or access restrictions
  • Falsifying absence reports or system records

Violations will result in immediate disciplinary action up to and including termination and legal prosecution.

10.Policy Updates

This Privacy Policy may be updated at any time without prior notice. Continued use of the system after policy updates constitutes acceptance of the revised terms. It is your responsibility to review this policy periodically.

11.Contact

For questions or concerns regarding this Privacy Policy:

Contact the CI Team

By using NDC Workforce, you acknowledge that you have read and understood this Privacy Policy.