Privacy Notice

Privacy Statement

We, Ricoh (Philippines), Inc., recognize the importance of privacy and personal data protection. This notice informs you of our privacy practices governing how we collect, use, store, dispose, and share personal data.

Rest assured that we handle your personal data responsibly, following the Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012 (DPA), the general data privacy principles of transparency, legitimate purpose, and proportionality, and relevant National Privacy Commission (NPC) issuances.

Scope

This privacy notice is for Ricoh’s website (www.ricoh.com.ph)

Personal Data We Collect

We collect the following personal data when you electronically submit your applications, inquiries, requests, contact forms of feedback, to us:

• Full Name
• Email Address
• Company Address
• Contact Number
• Company/Organization (if applicable)
• Job Title/Position/Designation (if applicable)
• Any other information you voluntarily provide through our online forms

We may also collect data from other sources, such as social media platforms including Facebook and LinkedIn, if you interact with us through these channels or where applicable.

Why We Collect and Use Your Data

Your personal data is used for the following purposes:

• To conduct business purposes such as processing your transactions and maintaining your account including sending Statement of Account, billings, and other such documents necessary for the continued use of our products and services.
• To provide products ordered or services to you.
• To respond, process and handle your queries, requests, feedback, suggestions and complaints.
• To improve the performance and operation of our products and services.
• To provide our promotional offers and announcements.
• To conduct market research or customer surveys.
• To process administrative operations of our events.
• processing an application for a job; and
• To comply with applicable laws and regulations, and settlement of any dispute.

Automated Access

We keep track of the IP address from which people visit, and measure visitor activity on our website using Google Analytics. We may use this data to help us provide better customer service.

To better serve you, we may collect the information regarding your session and activity by using techniques such as Cookie and WebBeacon. We do not use such information to identify a particular user by combining it with other information. You may set up your web browser so that your computer does not accept Cookie and WebBeacon, however, please note that your use of our website may be affected. 

Sharing of Personal Data

We may share your personal data only with:

1. Ricoh related parties (as defined below), service providers and business partners within or outside Philippines who we retain to manage or support our business operations on our behalf;
2. government or regulatory authorities who has ordered the disclosure of Personal Data under applicable laws or regulations;
3. our legal advisors, auditors or other professional advisors for establishing, exercising or defending our rights; or
4. third parties as authorized or required by you or by applicable laws or regulations.

Where we share personal data with any third party (including Ricoh Affiliates), we take reasonable steps to ensure that the parties are aware of and comply with applicable data protection legislation to maintain personal data appropriately.

In this notice, “Ricoh related party” means any entity that, whether directly or indirectly: (i) Controls us; (ii) is Controlled by us; or (iii) is under common Control with us. “Control”, “Controls” and “Controlled” when used with respect to an entity, means the power, whether directly or indirectly (by ownership of stock, share capital, the possession of voting power, contract or otherwise) to appoint or remove the majority of the members of the governing body of such entity, or otherwise exercise control over such entity's affairs and policies.

Data Risks and Security Measures

There are risks when processing personal data, including unauthorized access, breaches, or misuse. While we cannot guarantee absolute security, we follow strict measures to protect your personal data. These include safeguards against cyberattacks, malware, and unauthorized access to physical or digital records. 

To ensure data security, we implement: 

• Use of secured servers and firewalls, encryption on computing devices and physical security controls
• Strict controls to prevent unauthorized access to both physical and digital records
• Continuous monitoring and assessment of data protection measures
• Strict implementation of information security consisting of policies, manuals, procedures an associated resources in both digital and physical infrastructures to protect your Personal Data.
• Restrict access to your personal data only to qualified and authorized personnel who hold your personal data with strict confidentiality.
• Multi-factor authentication (MFA) for all privileged access or administrator accounts
• Technical security measures against unauthorized external access such as identity and access management, digital forensics and penetration testing, vulnerability management
• Cybersecurity monitoring and alerting, including structured incident response against any unauthorized external access
• Regular Data Privacy Training and Awareness to all employees

Storage, Retention, and Disposal

Your personal data is securely stored on:

• Password-protected company assets such as laptops, computers, iPad (for Customer Engineers only); accessible to a limited number of authorized and trained personnel.
• RPH servers
• SharePoint cloud storage

Your personal data is retained only for the period necessary to fulfill the specific purposes for which it was collected, or according to the Company’s Retention Policy. If required by law, retention periods may be extended to comply with relevant legal obligations.

After the retention period, your personal data is securely disposed of through methods such as digital file shredding, physical destruction of storage media, reformatting, and other appropriate disposal techniques to ensure complete data elimination.

Your Rights Under the DPA

You have the right to: 

• Be informed about how your personal data is processed 
• Object to processing of your personal data based on consent or legitimate interest 
• Access your personal data 
• Correct inaccurate or outdated data 
• Request deletion or blocking of your personal data 
• Data portability (transfer of data to another entity) based on consent or contract, and if processed electronically using a structured and commonly used format (e.g., XML, JSON, CSV, etc.) 
• File a complaint and seek damages for data privacy violations with the NPC.

Consent Withdrawal 

You may withdraw your consent at any time. However, this may affect services that require your personal data. Also, we may still process your personal data without your consent if required by law or permitted under the DPA such as to comply with our legal obligations and mandate.

Changes to Privacy Notice 

We may update this notice as needed. Significant changes will be communicated in the new privacy notice. Previous versions are available upon request. 

Contact Us 

For any questions about data privacy or to exercise your rights, please contact us using the details below: 

Data Protection Officer 
Ricoh (Philippines), Inc.
Lot 1215 Governors Drive., Brgy. Bancal,
Carmona, Cavite, Philippines 4116
E-mail: [email protected]
Tel: (632) 8865-9500 | (632) 8865-9510 ext. 631253

Version: