Sunshine Disposal & Recycling (SDR) is dedicated to privacy practices for safeguarding confidential information.  We use privacy principles to guide the actions taken when collecting and using confidential information. 

SDR privacy principles are built on the following principles in alignment with Washington State Laws regarding data security, purpose driven access and lawful, fair and responsible use of data.

SDR HR staff manage the central HR and payroll application that contain employee data. The data in these systems are used for operational HR and payroll daily transactions and for monitoring and reporting functions. We are committed to the security and the privacy of the data contained in these applications. We recognize the importance of safeguarding employee personally identifying information (PII) and follow certain protocols to protect this sensitive information. 

Here are some common practices consistent with our SDR Privacy Principles:

  • Collection and storage: During the recruitment and hiring  process, SDR HR collects necessary PII such as names, addresses, social      security numbers, and other relevant details. This information is entered  into the appropriate HR & Payroll system that securely stores the data in databases or information systems designed to protect against unauthorized access.
  • Data security: Various security measures are in place to ensure the confidentiality and integrity of employee PII. This      includes the use of firewalls, encryption, access controls, and regular system updates to prevent data breaches and unauthorized access.
  • Privacy policies: There are privacy policies,  principles and practices in place that govern the collection, use, retention, and disposal of employee PII. These policies comply with applicable laws and regulations, such as the Washington State Privacy Act.
  • Access controls and training: SDR HR ensures access to employee PII is limited to authorized personnel who have a legitimate need  to access such information for official purposes. Employees handling PII receive appropriate training on data privacy and security to maintain the confidentiality of the information.
  • Incident response and notification: In the event of a data breach or unauthorized access that may compromise employee PII, incident response protocols are followed. This typically involves  investigating the breach, mitigating any potential harm, and notifying  affected individuals as required by law.

It's important to note this is not an all-inclusive list and that additional policies and practices will be implemented to remain in compliance with changes in laws.

While privacy laws protect some personal information, it is important for you to know when we will release or redact data in our possession.  


 

Release of applicant/employee data


 

SDR HR will share employee data under specific conditions:

  • In response to a court order, appropriately executed, requiring the release of employee data to the court.
  • In response to a written request, appropriately executed, from the employee authorizing the release of employee data to themselves or a designated representative.
  • In response to a written request, appropriately executed by the employee, for employment verification purposes.