Skip to main content
Skip table of contents

Managing Privacy

Customer data belongs to the customer. Your personal data is yours. 

For full information, you can read RICOH Europe’s Privacy Policy

You can also read RICOH’s Data Processing Agreement. This contains information about your personal data, for example how RICOH processes your personal data, the duration RICOH keeps your personal data, and what technical and organisational measures are implemented to maintain security of your data.

What data RICOH can access 

To provide its service, RICOH needs access to systems and servers which may contain customer personal information. RICOH operates on the principle of least privilege (PoLP). Each employee starts out with only the most basic permissions to access corporate resources and additional permissions are granted in line with their activity. If employees change departments, the permissions are reevaluated and revoked accordingly.

Permissions are directly tied to the personal user account that each employee receives. RICOH does not grant anonymous access to internal corporate resources.

If there’s personally identifiable information (PII) (usually only present in responding to a support request), access will be restricted to essential people in operations and development. 

Your personal data is not submitted, disclosed or transferred to any other party than RICOH.

The information and data RICOH can access can be dependent on the configuration of RSI. An administrator can adjust the installation and functions to suit your security requirements. For example, you can keep print jobs locally to limit sharing of PII on the cloud.

Data centre information 

RICOH stores your data in data centres based on your region. 

Customer location

Data centre location

In EMEA (Europe, Middle East, Africa)

AWS EU region

Outside EMEA

AWS US region

RICOH employees do not have physical access to AWS data centres. Only authorised IT personnel can access the data centres and server infrastructure.

The physical security of AWS data centres is ensured by AWS. For more details, visit [AWS data centre controls](https://aws.amazon.com/compliance/data-center/controls/ ). 

Data storage information

RICOH will only store the data needed to complete a task or action. No data will be stored which is not necessary. 

RICOH stores data differently, depending on the service or task. 

Service/task

Data storage information 

Print job

Default is 72 hours.

Data is deleted when a user releases or deletes a job.

Scan job

No data retained, only processed to complete the scan. 

RSI LogicFlow confirmation

  1. If sending a job immediately, data is not retained and only processed to complete the job. 

  2. If using the ‘confirm on screen’ function, data is retained in temporary storage for 72 hours. 

  3. If using the ‘send to confirmation list hold’ function, data is held in temporary storage until you can check your browser. Data automatically deleted after 30 days, or until the job is released. 

Tenant information 

Data held as long as the contract is valid. 

User information (for example, emails)

Stored in RSI system under control of RSI administrator(s). 

Handling data requests 

RICOH will handle a request for personal data for an individual in accordance with local legislation. 

RICOH will handle data in accordance with the laws where the data is stored. 

After termination of a customer cloud contract, you have time to download your data from the cloud until the effective date of the termination. After this date, you will no longer have access to the data in the cloud. You can ask for your data to be deleted.

Transfers to third countries – Transfer Impact Assessment

RICOH may transfer debugging analysis data to third countries to entities within the RICOH family group. A (data protection) “unsafe” third country is a country outside the EU that does not offer an adequate level of data protection. Transfers to third countries will only be on the basis of an adequacy decision or appropriate safeguards, such as Standard Contractual Clauses. 

RICOH will never transfer jobs, only logs limited to debugging analysis. 

RICOH uses a Transfer Impact Assessment (TIA) to conduct an independent analysis of the security level of a third country to which data is to be transferred.

Your right of access

Under Article 15 of GDPR, individuals have the right to access any data RICOH holds about them. This is also known as ‘right of access’. 

To request access to your personal data, reach out to your organisation’s data protection officer (DPO) or the person responsible for data privacy in your organisation. Alternatively, contact your RICOH representative. 

Your right to be forgotten

Under Article 17 of the GDPR, individuals have the right to have personal data erased. This is also known as the ‘right to be forgotten’. Any customer at any time can request to erase their personal data. 

To request your personal data be erased, reach out to your organisation’s data protection officer (DPO) or the person responsible for data privacy in your organisation. Alternatively, contact your RICOH representative.  

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close