How Princh protects user data

Privacy and data protection are of utmost importance for Princh.

The Princh software has been developed based on the principles of Privacy by Design & Default as a foundation for the development. This means that we do not process any personal data unless absolutely necessary. Princh exclusively processes the document title and print job information, with no visibility into the content of the document.

All data transmissions are end-to-end encrypted using TLS 1.2 or a superior version to prevent tampering and eavesdropping during data movement between users’ devices and Princh.

While documents are at rest, they are protected using XChaCha20 encryption (256-bit). When a user submits a document, it is encrypted using a key pair which is only stored and managed by the customer’s printer server or printer. This signifies that only the designated printer or printer server can decrypt a user’s document(s). Importantly, neither Princh nor any third party possesses the ability to decrypt user documents. Document data is only retained for up to 24 hours to facilitate the 'Release Print' function, which is usable for up to 24 hours after the print order was originally submitted through Princh. After this period, documents are securely erased.

Princh is ISO 27001:2022 certified. This means that Princh has gotten a stamp of approval from an accredited auditor that Princh complies with the controls from ISO 27001:2022. Examples of compliance measures include:

  • Implementation of an access control policy to restrict information access based on the principle of granting users the minimum necessary access for their job functions.
  • Adoption of a password policy mandating passwords to be at least 16 characters, comprising letters and numbers, with systems configured to remember and prevent password reuse.
  • Documentation of managerial approval for all changes with significant effects.