Conagra Brands Privacy Notice for California Consumers/Employees

Effective Date: January 1, 2020

Conagra Brands, Inc. and its affiliates and subsidiaries (“Conagra,” “we,” “us,” or “our”) provide this Privacy Notice for California Consumers/Employees (the “CCPA Employee Privacy Notice”) to supplement the information contained in the Conagra Brands Privacy Policy. This CCPA Employee Privacy Notice sets forth our privacy practices as required by the California Consumer Privacy Act of 2018 (“CCPA”).

The CCPA Employee Privacy Notice applies only to individuals residing in the State of California who are considered “Consumers” under the CCPA and from whom we collect “Personal Information” as described in the CCPA (“Consumers”). We provide you this notice because under the CCPA, California Residents who are employees, employee applicants, or contractors qualify as Consumers. For purposes of this CCPA Employee Privacy Notice, when we refer to Consumers, we mean you to the extent you are a California employee, employee applicant, or contractor.

Information We Collect

We may collect Personal Information from you in a variety of different situations, including, but not limited to on our website, your mobile device, through email, in physical locations, through the mail, and/or over the telephone. More specifically, Conagra collects the following categories of Personal Information from California employees or potential employees, which will depend on the particular Business Purpose for which we collect it:

Category	Examples of Personal Information Collected
A. Identifiers.	A real name, alias, postal address, unique personal identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers.
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)).	A name, signature, Social Security number, or, address, telephone number, passport number, driver's license or state identification card number, education, employment, employment history, bank account number, or any other financial information, medical information, or health insurance information.
C. Protected classification characteristics under California or federal law.	Age, race, national origin, citizenship, , marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), information relating to same sex benefits, veteran or military status.
D. Commercial information.	Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.
E. Biometric information.	Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints.
F. Internet or other similar network activity.	Browsing history, search history, information on a consumer's interaction with a website, application, or advertisement.
G. Geolocation data.	Physical location.
H. Sensory data.	Audio information.
I. Professional or employment-related information.	Current or past job history or performance evaluations.
J. Education information, as defined by the Family Educational Rights and Privacy Act	None.
K. Inferences drawn from other personal information.	Profile reflecting a person's preferences, characteristics, predispositions, attitudes, abilities, and aptitudes.

Personal Information does not include deidentified or aggregated consumer information.

Conagra obtains the categories of Personal Information listed above from the following categories of sources:

Directly from you. For example, from forms you complete or services we provide you.
Indirectly from you. For example, from observing your actions on our website or from information your computer or mobile device transmits when interacting with our website or mobile applications, among other things.
Third parties. For example, staffing and recruiting agencies with whom we contract for services and consumer reporting agencies when we perform employee background screenings.

How We Use Personal Information

We may use or disclose the Personal Information we collect from you or about you to do one or more of the following:

To fulfill or meet the purpose for which you provided the information. For example, if you share your name and contact information to apply for a job or become an employee, we will use that Personal Information in connection with your employment or potential employment.
To contact you and to inform you about benefits or information relating to your employment or potential employment.
To provide, support, personalize, and develop our website and services relating to your employment or potential employment.
To create, maintain, customize, and secure your information or account with us.
To process your requests or transactions and prevent transactional fraud.
To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our responses.
To help maintain the safety, security, and integrity of our systems, App or Website, services, databases and other technology assets, and business.
For research, analysis, and business development, including to develop and improve our business processes, Website and services.
To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
As described to you when collecting your Personal Information or as otherwise set forth in the CCPA or subsequently agreed to by you.
To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of Conagra's assets, whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding, in which Personal Information held by Conagra about our Consumers is among the assets transferred.

How We Share Personal Information

Conagra may disclose your Personal Information to a third party for a business purpose, including to our service providers.

We share your Personal Information with the following categories of third parties:

Service providers.
Third parties with whom you direct us to share your Personal Information.
Other third parties such as consumer reporting agencies when we perform employee background screenings.

Disclosures of Personal Information for a Business Purpose

In the preceding twelve (12) months, Conagra has disclosed the following categories of Personal Information for a business purpose:

Category A: Identifiers.
Category B: California Customer Records Personal Information categories.
Category C: Protected classification characteristics under California or federal law.
Category D: Commercial information.
Category E: Biometric information.
Category F: Internet or other similar network activity.
Category H: Sensory data.
Category I: Professional or employment-related information.
Category K: Inferences drawn from other Personal Information.

Sales of Personal Information

In the preceding twelve (12) months, Company has not sold Personal Information.

Other California Privacy Rights

California's "Shine the Light" law (Civil Code Section § 1798.83) permits users of our website that are California residents to request certain information regarding our disclosure of Personal Information to third parties for their direct marketing purposes. We do not disclose your Personal Information to third parties for their direct marketing purposes.

Privacy Rights for California Minors in the Digital World

If you are a registered user and under eighteen (18) years old, you can request that we remove content or information that you have posted to our website or other online services. Note that fulfillment of the request may not ensure complete or comprehensive removal (e.g., if the content or information has been shared or reposted by another user). To request removal of content or information, please send an email to Privacy@conagra.com or write us at:

ATTN: Legal Department
Conagra Brands, Inc.
222 Merchandise Mart Plaza
Suite 1300
Chicago, IL 60654

Changes to Our CCPA Employee Privacy Notice

Conagra reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the App and Website and update the notice's Effective Date above. Your continued use of our App or Website or interaction with us through other methods following the posting of changes and/or our directing you to the updated CCPA Employee Privacy Notice constitutes your acknowledgment of such changes.

Contact Information

If you have any questions or comments about this notice, the ways in which Conagra collects and uses your information described above (and in the Conagra Brands Privacy Policy), your choices and rights regarding such use, or how to exercise your rights under California law, please do not hesitate to contact us at:

Phone: 877-266-2472

Email: Privacy@conagra.com

Postal Address:
ATTN: Privacy Team
Conagra Brands, Inc.
222 Merchandise Mart Plaza Suite 1300
Chicago, IL 60654

Illinois Biometric Information Privacy Policy

Updated Effective Date: May 1, 2023

Policy Statement

Conagra Brands, Inc., including its subsidiaries and related entities, (collectively, the “Company”) collects certain biometric data from employees. This policy explains what information the Company collects, how this information is used, how it is stored, safeguarded, retained, and disposed of.

The Company utilizes a timeclock with biometric technology to ensure accuracy in recording time entries. Pursuant to the use of the biometric technology, the Company has instituted the following biometric information privacy policy:

Biometric Data Defined

“Biometric data” means personal information stored by the Company regarding an individual’s physical characteristics that can be used to identify a person, such as fingerprints, voiceprints, facial shape, or scan of hand or face geometry. Biometric data includes “biometric identifiers” and “biometric information.”

“Biometric identifier” means a retina or iris scan, fingerprint, voiceprint, or scan of hand or face geometry. Biometric identifiers do not include writing samples, written signatures, photographs, human biological samples used for valid scientific testing or screening, demographic data, tattoo descriptions, or physical descriptions such as height, weight, hair color, or eye color. Biometric identifiers do not include information captured from a patient in a health care setting or information collected, used, or stored for health care treatment, payment, or operations under the federal Health Insurance Portability and Accountability Act of 1996.

“Biometric information” means any information, regardless of how it is captured, converted, stored, or shared based on an individual’s biometric identifier used to identify an individual. Biometric information does not include information derived from items or procedures excluded under the definition of biometric identifiers.

Purpose for Collection of Biometric Data

The Company, its vendors, and/or the licensor of the Company’s time and attendance software collect, store, and use fingerprint data to give employees access to its time and attendance system (via scanners), for employee identification, fraud prevention, and pre-employment hiring purposes. An employee’s biometric data is collected, stored, and used while the individual is employed by the Company, pursuant to the retention schedule provided below.

The Company, its vendors, and/or the licensor of the Company’s time and attendance software will not sell, lease, trade, or otherwise profit from employees’ biometric data; provided, however, the Company’s vendors and the licensor of the Company’s time and attendance software may be paid for products or services used by the Company that utilize such biometric data.

Authorization

To the extent that the Company, its vendors, and/or the licensor of the Company’s time and attendance software collect, capture, or otherwise obtain biometric data relating to an employee, the Company must first:

Inform the employee in writing that the Company, its vendors, and/or the licensor of the Company’s time and attendance software are collecting, capturing, or otherwise obtaining the employee’s biometric data, and that the Company is providing such biometric data to its vendors and the licensor of the Company’s time and attendance software;
Inform the employee in writing of the specific purpose and length of time for which the employee’s biometric data is being collected, stored, and used; and
Receive a written release signed by the employee (or their legally authorized representative) authorizing the Company, its vendors, and/or the licensor of the Company’s time and attendance software to collect, store, and use the employee’s biometric data for the specific purposes disclosed by the Company, and for the Company to provide such biometric data to its vendors and the licensor of the Company’s time and attendance software.

Disclosure

The Company stores all biometric data in accordance with applicable standards and laws. The Company will not sell, lease, trade, or otherwise profit from an employee’s biometric data.

The Company will not disclose or disseminate any biometric data to anyone other than its vendors and the licensor of the Company’s time and attendance software providing products and services using biometric data without/unless:

First obtaining written employee consent to such disclosure or dissemination (see Attached Acknowledgment Form);
The disclosed data completes a financial transaction requested or authorized by the employee;
Disclosure is required by state or federal law or municipal ordinance; or
Disclosure is required pursuant to a valid warrant or subpoena issued by a court of competent jurisdiction.

Retention Schedule

The Company shall retain employee biometric data only until, and shall request that its vendors and the licensor of the Company’s time and attendance software permanently destroy such data when, the first of the following occurs:

The initial purpose for collecting or obtaining such biometric data has been satisfied; or
Within 3 years of the employee’s last interaction with the Company.

Data Storage

Biometric data will be stored, transmitted, and protected using a reasonable standard of care for the Company’s industry, in a manner that is the same as or that exceeds the standards of care used to protect other confidential information held by the Company. This includes, among other things, restricting access to biometric data to authorized Company employees or vendors who have a business need to access the information, and using reasonable technological means to prevent unauthorized access to the information. Such storage, transmission, and protection from disclosure shall be performed in a manner that is the same as or more protective than the manner in which the Company stores, transmits and protects from disclosure other confidential and sensitive information, including personal information that can be used to uniquely identify an individual or an individual’s account or property, such as genetic markers, genetic testing information, account numbers, PINs, driver’s license numbers, and social security numbers.

Policy Distribution and Updates

A copy of this policy will be made publicly available on the Company’s intranet and in each Illinois production facility. This policy may be accessed at State Specific Privacy Notice.

Conagra will update this policy if it begins collecting biometric data for any other purposes. Conagra reserves the right to amend this policy at any time.