Privacy Statement

Management and Unions Serving Together ("MUST" or "we/us") appreciates your interest in our services and your visit to mustbsafe.com. Our "Site" is defined as the MUST Safety Management System (SMS), is hosted by one or more third parties and was created in coordination with MUST. The protection of your privacy is an important concern to which we pay special attention during our business practices. Below is a detailed accounting of what information we collect from users of our Site, how we collect that information, how we use that information, how we insure that information is not misused, and what control users of the Site have over the information. This statement supplements the privacy information present in the Site's Terms of Use agreement.

COLLECTED INFORMATION

We collect information from registered users of the Site through a variety of mechanisms. Some of these mechanisms are apparent to our users and some are not.

• Apparent Information Collection

  During the use of the Site, MUST collects two classes of information, "Service Content" and "User Content". Service Content is any materials, files, communications, and documents posted by users in conjunction with the service. This includes things like drug test results uploaded, safety training certifications manually entered, or online safety modules completed within the Site. All other user-supplied information, excluding the Service Content, is referred to as User Content. This includes things like the information provided when setting up a customer or user account with our Site. Both Service Content and User Content are supplied explicitly by users through paper-based and online-based form submittals and are stored in an SMS database. The online-based form submittals may occur via Web browsers running on computers or through integrations with Third Party databases.
  
  Two subclasses of User Content that we collect are "Contact Information" and "Billing Information". Contact Information is collected from all registered users of its services. This information includes some or all of the following: user's full name, login name, password, phone number and/or e-mail address. We collect Billing Information for each company listed on the Site. Billing Information consists of information such as a billing contact name, a company name, mailing address, and telephone number.

• Non-Apparent Information Collection

  We also collect information about users that is implicitly supplied by users during their use of the SMS. This information is saved in Log Files and Database Tables on SMS servers, and in Cookies on a user's client computer. We track what, when, by whom, and from where Service Content is created, deleted, downloaded, uploaded, and viewed. We also track when users become registered, deregistered, and when registered users log into a service.

COOKIES

Regarding Cookies, we reserve the right to collect various information through the use of computer “cookies” or data files which recognize your computer or device when you return to our site or re-use our mobile application. You may instruct your computer or device to refuse these cookies, but this is likely to impair or impede the service we are able to provide you. MUST uses them solely to make using the Site more efficient for users. We use them solely to make using the Site more efficient for users. We do NOT presently use cookies to track user activity on its Web site, but may do so in the future.

INFORMATION SHARING

As described below and in this Site's Terms of Use, MUST uses the services of one or more third parties to create and maintain this website and provide related services, and information which you submit will necessarily be shared with and retained by them.

In general, MUST may access all Apparent and Non-Apparent information it collects in order to:

• perform system administration
• respond to court orders
• comply with legislation
• investigate complaints
• protect others from liability or damage
• perform relevant services

MUST does not share any information it collects with third parties other than those stated below and third party hosting services contracted to complete any or all of its services.

Service Content and User Content

In general, content is shared among users of our Site. The user permission structure for this Site is available upon request to customers by emailing support@copperrange.com.

Service Content or User Content is shared with a third party provider of credentials (such as a Learning Management System or a Drug Testing Company) in order to connect any results with the user when information is returned to our Site or to assist the third party in managing the creation of the credential in question. The content shared for this purpose could be any combination of the following: the name of the user or name of the worker a user is managing, MUST ID, the person’s employer and/or union local affiliation, and billing/contact information at the employer and/or union local.

Service Content and User Content is shared with third party trade labor organizations based on a person's local union affiliation. With MUST approval, certain organizations are provided with recurring reports containing some combination of the following: name, MUST ID, other identifying number, drug test result or status, safety module results or status, local affiliation, contact information.

Service Content and User Content is shared with other sites on a project-by-project basis with MUST approval. When approved, a user's name, MUST ID, project affiliation, employer, drug test status, and safety module status are shared when a matching name and MUST ID are provided by the CRScan site.

Service Content and User Content is shared with programs participating in the Copper Range hosted Worker Exchange System. With MUST approval, users of the Worker Exchange System can search for an Employee's MUST Report Card when they provide a MUST ID, name, and/or other identifying number. A Report Card includes the Employee's name, MUST ID, Drug Test Status, Online Safety Module Results, and any other credentials entered in to the Site.

In general, MUST uses Billing and Contact information only to effect billing that may take place between MUST and its registered users, and to alert its registered users of new services or changes to existing services. MUST also uses Service Content and User Content to provide customer support to users of the Site.

Non-Apparent Information

The Non-Apparent Information that we collect is used to serve as a means to resolve disputes that may arise among registered users or between registered users and MUST.

INFORMATION USE AND RETENTION

While we do not presently do so, we reserve the right to freely utilize and share for marketing, product development and other lawful purposes (possibly for a fee) with actual and potential business partners all information which we collect. It is anticipated that your information will be transmitted across national boundaries, if you desire that we not share any information, please contact us at privacy@copperrange.com so that we can record your preferences. However, it may not be possible for us to continue provision of services absent such sharing. Information shall be retained so long as needed for provision of contemplated services and otherwise as legally required from time to time as determined by MUST Management.

RISK OF SECURITY BREACHES

While we believe and intend that our information security practices reflect good practice, there is no such thing as perfect information security. Therefore, users assume the risk of security breaches and all consequences resulting from them. Additionally, users must safeguard their credentials. We assume no liability for any unauthorized access by a third party to any information or database maintained by or for us or with respect to the services which we provide.

LINKED SITES

This Site does contain links to other websites. We have no control over their operation and/or the accuracy of any statements made on them and assume no responsibility with respect to them or their legal compliance.

CHILDREN'S PRIVACY

We do not knowingly collect Personal Information from children under the age of 16 and do not allow access by such persons. If we become aware that we have inadvertently received Personal Information from a child under the age of 16, we will delete such information from our records.

AMENDMENT

We reserve the right to amend this policy at any time in our sole discretion and to the extent required for compliance with applicable law and interpretation from time to time, and any such amendments shall apply to information already collected and to be collected.

DISPUTE RESOLUTION AND CHOICE OF LAW

Except as otherwise required by law, any disputes regarding this Policy shall be resolved through arbitration in accordance with Michigan law and the rules of the American Arbitration Association in Oakland County Michigan.

BUSINESS ACQUISTION

If our business is acquired in whole or part by another company, then personal information maintained by us may be disclosed to them, but that disclosure will be subject to this policy.

Revised 05/09/2020