SWISHER CALIFORNIA EMPLOYEE PRIVACY NOTICE

LAST UPDATED: January 4, 2023.

Swisher International, Inc. and its affiliates (“Swisher,” “we,” or “us”) values the trust of our employees and endeavors to protect the privacy of their personal information. The purpose of this California Employee Privacy Notice (the “Notice”) is to notify California residents who are Swisher employees, independent contractors, job applicants, owners, directors or officers, and their emergency contacts and recipients of employment benefits of our processing of their personal information that we collect, use, and disclose in the context of their future, current or former employment with us (“Personal Information”).

This Notice applies to the beneficiaries of employment benefits, such as the individuals who are on our employees' health plan and the beneficiaries of their retirement accounts, as well as their emergency contacts. It is your responsibility to inform any such individuals about this Notice and ensure that you have the right to provide their Personal Information to us. Please provide this notice to your emergency contacts and recipients of your employment benefits by, as applicable, forwarding them an email with this notice attached or providing them with a copy of this notice.

Collection and Disclosure of Personal Information

The following chart details which categories of Personal Information we collect and process, as well as which categories of Personal Information we disclose to third parties for our operational business and employment purposes, including within the 12 months preceding the date this Notice was last updated.

Categories of Personal Information	Disclosed to Which Categories of Third Parties for Operational Business Purposes
Identifiers, such as name, alias, postal address, unique personal identifiers, email address, account name, online identifiers, photo badges, beneficiary designations and government-issued identifiers (e.g., Social Security number, driver's license)	Our affiliates; service providers that provide services such as payroll, benefits, consulting, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners
Personal information as defined in the California customer records law, such as name, contact information, signature, passport number; medical, insurance, financial, education and employment information, physical characteristics or description	Our affiliates; service providers that provide services such as payroll, benefits, consulting, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners
Protected Class Information, such as characteristics of protected classifications under California or federal law, such as sex, age, gender, race, disability, citizenship, military/veteran status, gender identity and expression, primary language, immigration status, marital status, and requests for leave	Our affiliates; service providers that provide services such as payroll, benefits, consulting, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers, and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement
Commercial Information, such as transaction information and purchase history, such as travel expenses, including information about corporate credit card purchases, frequent flyer rewards, and other travel-related programs and expenses	Our affiliates; service providers that provide services such as payroll, benefits, training, consulting, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners
Biometric Information, such as finger scan data, fingerprints, voiceprints, face prints and iris or retina scans	Our affiliates; service providers that provide services such as payroll, benefits, training, consulting, expense management, timekeeping, medical/health, IT, and other services
Internet or network activity information, such as access and usage information regarding websites, applications and systems, information about online communications, including browsing and search history, timestamp information, and access and activity logs	Our affiliates; service providers that provide services such as payroll, benefits, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; ad networks; social networks; business partners; marketing partners
Geolocation Data, such as device location, Swisher-owned vehicle location, and approximate location derived from IP address, or GPS, Wi-Fi or BLE tracking	Our affiliates; service providers that provide services such as payroll, benefits, training, consulting, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners
Audio/Video Data. Audio, electronic, visual and similar information, such as call and video recordings, including voicemail and security camera footage, information about the use of electronic devices and systems, key card usage; photos on websites or in employee directories	Our affiliates; service providers that provide services such as payroll, benefits, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; ad networks; social networks; business partners; marketing partners
Education Information subject to the federal Family Educational Rights and Privacy Act such as student transcripts, grade point average, grades, academic standing and disciplinary records, confirmation of graduation	Our affiliates; service providers that provide services such as payroll, benefits, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners
Employment Information. Professional or employment-related information, such as work history and prior employer, information from reference checks, background screening information, employment application, membership in professional organizations, personnel files, personal qualifications and training, eligibility for promotions and other career-related information, work preferences, business expenses, wage and payroll information, benefit information, information on leaves of absence or PTO, performance reviews, information on internal investigations or disciplinary actions	Our affiliates; service providers that provide services such as payroll, benefits, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; business partners
Inferences drawn from any of the Personal Information listed above to create a profile about, for example, an individual's preferences, characteristics, predispositions, and abilities	Our affiliates; service providers that provide services such as payroll, benefits, training, expense management, medical/health, IT, and other services; professional advisors, such as accountants, auditors, bankers and lawyers; public and governmental authorities, such as regulatory authorities and law enforcement; ad networks; social networks; business partners; marketing partners
Sensitive Personal Information. Personal Information that reveals an individual's Social Security, driver's license, state identification card, or passport number; account log-in, financial account, debit card, or credit card number in combination with any required security or access code, password, or credentials allowing access to an account; precise geolocation; racial or ethnic origin, religious or philosophical beliefs, citizenship, immigration status, or union membership; the contents of mail, email, and text messages unless Swisher is the intended recipient of the communication; genetic data; Personal Information collected and analyzed concerning an individual's health; Personal Information collected from a known child.	Our affiliates; service providers that provide services such as payroll, benefits, training, consulting, expense management, medical/health, IT, and other services; public and governmental authorities, such as regulatory authorities and law enforcement

We may also disclose the above categories of Personal Information to a third party in the context of any reorganization, financing transaction, merger, sale, joint venture, partnership, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings).

We do not sell Personal Information, and we do not share or otherwise process Personal Information for purposes of cross-context behavioral advertising, as defined under applicable California law. We have not engaged in such activities in the 12 months preceding the date this Notice was last updated. Without limiting the foregoing, we do not sell or share the Personal Information of minors under 16 years of age.

Sources of Personal Information

We collect this Personal Information from you and from our affiliates, your colleagues and managers, references you provide, prior employers or schools, clients, background check providers, providers of employee benefits, social networks, publicly available databases, and cooperative databases.

Purposes for the Collection and Use of Personal Information

We may collect or use Personal Information for the purposes of operating, managing, and maintaining our business, managing our workforce and other employment purposes, and accomplishing our business purposes and objectives, including, for example, using Personal Information to:

Plan and manage workforce activities and personnel generally, including for recruitment, employee onboarding, appropriate staffing, performance management, training and career development, payments and benefit administration, employee training, leaves and promotions;
Conduct workforce assessments, including determining physical or mental fitness for work and evaluating work performance;
Process payroll, manage wages and other awards such as bonuses, reimburse expenses and provide healthcare, pensions, savings plans and other benefits;
Operate, maintain, monitor and secure our facilities, equipment, systems, networks, applications and infrastructure;

Manage attendance, time keeping , leaves of absence and vacation;
Facilitate employee communication and workforce travel;

Undertake quality and safety assurance measures, protect the health and safety of our workforce and others, and conduct risk and security control and monitoring;
Conduct research, analytics, and data analysis, such as to assist in succession planning and to ensure business continuity, as well as to design employee retention programs and diversity initiatives;
Perform identity verification, accounting, budgeting, audit, and other internal functions, such as internal investigations, disciplinary matters and handling grievances and terminations;
Operate and manage IT and communications systems and facilities, allocate Swisher assets and human resources, and undertake strategic planning and project management; and

Comply with law, legal process, requests from governmental or regulatory authorities, internal policies and other requirements such as income tax deductions, record-keeping, work permit and immigration regulations and reporting obligations, and the exercise or defense of legal claims.

Use of Sensitive Personal Information

We may use Sensitive Personal Information for purposes of performing services for our business, providing services as requested by you, and ensuring the security and integrity of our business, infrastructure and the individuals we interact with. This includes, without limitation, establishing and maintaining your employment relationship with us, ensuring the diversity of our workforce, complying with legal obligations, managing payroll and corporate credit card use, administering and providing benefits, managing timekeeping, and securing the access to, and use of, our facilities, equipment, systems, networks, applications and infrastructure.

Retention Period

We retain Personal Information including, without limitation, Sensitive Personal Information for as long as needed or permitted in light of the purpose(s) for which it was collected. The criteria used to determine our retention periods include:

The duration of your employment;

The length of time we have an ongoing relationship with you or your dependents/beneficiaries and the length of time thereafter during which we may have a legitimate need to reference your Personal Information to address issues that may arise;
Whether there is a legal obligation to which we are subject (for example, certain laws may require us to keep your employment records for a certain period of time); and
Whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).

Individual Requests

You may, subject to applicable law, make the following requests:

You may request that we disclose to you the following information covering the 12 months preceding your request:
1. The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
2. The business or commercial purpose for collecting Personal Information about you; and
3. The categories of Personal Information about you that we otherwise disclosed, and the categories of third parties to whom we disclosed such Personal Information (if applicable).
You may request to correct inaccuracies in your Personal Information.
You may request to have your Personal Information deleted.
You may request to receive a copy of your Personal Information, including specific pieces of Personal Information, including a copy of the Personal Information you provided to us in a portable format.

We will not unlawfully retaliate against you for making an Individual Request. To make a privacy request, please contact us at www.lighthouse-services.com/swisherintl or 833-360-0033. We will verify and respond to your request consistent with applicable law, taking into account the type and sensitivity of the Personal Information subject to the request. In some instances, we may decline to honor your request where the law or right you are invoking does not apply or where an exception applies. In some cases, our Privacy Policy might answer your questions in a way that is accurate for you personally. In that case we might send you a copy of our Employee Privacy Notice to answer your questions. We may need to request additional Personal Information from you, such as employee ID number, employment dates, etc., in order to verify your identity and protect against fraudulent requests. If you maintain a password-protected account with us, we may verify your identity through our existing authentication practices for your account and require you to re-authenticate yourself before disclosing or deleting your Personal Information.

If you make a request to delete, we may ask you to confirm your request before we delete your Personal Information, and we might retain a back-up of your Personal Information to the extent required or allowed by applicable law, for example as necessary to preserve the integrity or security of our systems or for other purposes that are aligned with our general consumers' expectations.

You may make a request on behalf of a child who is under 13 years old if you are the child's parent or legal guardian.

We will verify and respond to your request consistent with applicable law.

Authorized Agents

If an agent would like to make a request on your behalf as permitted by applicable law, the agent may use the submission methods noted in the section entitled “Individual Requests”. As part of our verification process, we may request that the agent provide, as applicable, proof concerning his or her status as an authorized agent. In addition, we may require that you verify your identity as described in the section entitled “Individual Requests” or confirm that you provided the agent permission to submit the request.

Changes to this CCPA Employee Privacy Notice

We may change or update this Notice from time to time. When we do, we will communicate hanges and updates to this Notice by posting the updated Notice here: privacy.swisher.com

Contact Us

Please contact corporatecommunications@swisher.com if you have any questions regarding this Notice.