Privacy Notice

Privacy Statement

We, Ricoh (Philippines), Inc., recognize the importance of privacy and personal data protection. This notice informs you of our privacy practices governing how we collect, use, store, dispose, and share personal data.

Rest assured that we handle your personal data responsibly, following the Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA), the general data privacy principles of transparency, legitimate purpose, and proportionality, and relevant National Privacy Commission (NPC) issuances.

Scope

This privacy notice is for Ricoh’s website (www.ricoh.com.ph)

Personal Data We Collect

We collect the following personal data when you electronically submit your applications, inquiries, requests, contact forms of feedback, to us:

Full Name
Email Address
Company Address
Contact Number
Company/Organization (if applicable)
Job Title/Position/Designation (if applicable)
Any other information you voluntarily provide through our online forms

We may also collect data from other sources, such as social media platforms including Facebook and LinkedIn, if you interact with us through these channels or where applicable.

Why We Collect and Use Your Personal Data

Personal data collected through Ricoh (Philippines), Inc.’s website, including but not limited to the Contact Us form, Feedback Form, Live Chat, and other online inquiry channels, are processed for the following purposes:

To respond to inquiries, requests, feedback, complaints, and commendations submitted through our website
To provide customer support, assistance, and after sales service
To evaluate and improve our products, services, and website functionality
To manage and monitor customer interactions for quality assurance and service improvement
To comply with applicable laws and regulatory requirements, and to address or resolve disputes

Processing of personal data for these purposes is based primarily on Ricoh’s legitimate interest in communicating with website users and providing efficient customer support, and where applicable, on the performance of a contract or pre contractual steps. Personal data collected through the website will not be used for marketing or promotional purposes without your consent.

Automated Access

We keep track of the IP address from which people visit, and measure visitor activity on our website using Google Analytics. We may use this data to help us provide better customer service.

To better serve you, we may collect the information regarding your session and activity by using techniques such as Cookie and WebBeacon. We do not use such information to identify a particular user by combining it with other information. You may set up your web browser so that your computer does not accept Cookie and WebBeacon, however, please note that your use of our website may be affected.

Sharing of Personal Data

We may share your personal data only with:

Ricoh related parties (as defined below), service providers and business partners within or outside Philippines who we retain to manage or support our business operations on our behalf;
government or regulatory authorities who has ordered the disclosure of Personal Data under applicable laws or regulations;
our legal advisors, auditors or other professional advisors for establishing, exercising or defending our rights; or
third parties as authorized or required by you or by applicable laws or regulations.

Where we share personal data with any third party (including Ricoh Affiliates), we take reasonable steps to ensure that the parties are aware of and comply with applicable data protection legislation to maintain personal data appropriately.

In this notice, “Ricoh related party” means any entity that, whether directly or indirectly: (i) Controls us; (ii) is Controlled by us; or (iii) is under common Control with us. “Control”, “Controls” and “Controlled” when used with respect to an entity, means the power, whether directly or indirectly (by ownership of stock, share capital, the possession of voting power, contract or otherwise) to appoint or remove the majority of the members of the governing body of such entity, or otherwise exercise control over such entity's affairs and policies.

Data Risks and Security Measures

There are risks when processing personal data, including unauthorized access, breaches, or misuse. While we cannot guarantee absolute security, we follow strict measures to protect your personal data. These include safeguards against cyberattacks, malware, and unauthorized access to physical or digital records.

To ensure data security, we implement:

Use of secured servers and firewalls, encryption on computing devices and physical security controls
Strict controls to prevent unauthorized access to both physical and digital records
Continuous monitoring and assessment of data protection measures
Strict implementation of information security consisting of policies, manuals, procedures an associated resources in both digital and physical infrastructures to protect your Personal Data.
Restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality.
Multi-factor authentication (MFA) for all privileged access or administrator accounts
Technical security measures against unauthorized external access such as identity and access management, digital forensics and penetration testing, vulnerability management
Cybersecurity monitoring and alerting, including structured incident response against any unauthorized external access
Regular Data Privacy Training and Awareness to all employees

Storage, Retention, and Disposal

Your personal data is securely stored on:

Password-protected company assets such as laptops, computers, iPad (for Customer Engineers only); accessible to a limited number of authorized and trained personnel.
RPH servers
SharePoint cloud storage

Your personal data is retained only for the period necessary to fulfill the specific purposes for which it was collected, or according to the Company’s Retention Policy. If required by law, retention periods may be extended to comply with relevant legal obligations.

After the retention period, your personal data is securely disposed of through methods such as digital file shredding, physical destruction of storage media, reformatting, and other appropriate disposal techniques to ensure complete data elimination.

Your Rights Under the DPA

You have the right to:

Be informed about how your personal data is processed
Object to processing of your personal data based on consent or legitimate interest
Access your personal data
Correct inaccurate or outdated data
Request deletion or blocking of your personal data
Data portability (transfer of data to another entity) based on consent or contract, and if processed electronically using a structured and commonly used format (e.g., XML, JSON, CSV, etc.)
File a complaint and seek damages for data privacy violations with the NPC.

Consent and Withdrawal

Where Ricoh (Philippines), Inc. relies on consent as the legal basis for processing personal data (such as for marketing or promotional communications), you may withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal. Please note that withdrawal of consent does not apply to processing carried out on other lawful bases, such as legitimate interest, contractual necessity, or compliance with legal obligations.

Changes to Privacy Notice

We may update this notice as needed. Significant changes will be communicated in the new privacy notice. Previous versions are available upon request.

Contact Us

For any questions about data privacy or to exercise your rights, please contact us using the details below:

Data Protection Officer
Ricoh (Philippines), Inc.
Lot 1215 Governors Drive., Brgy. Bancal,
Carmona, Cavite, Philippines 4116
E-mail: [email protected]
Tel: (632) 8865-9500