Privacy policy

Global Personal Data Protection Policy of Konica Minolta Group

As a growing global company, being engaged in various business areas, We, Konica Minolta Group recognize that the confidence of our customers, business partners, officers and employees is our most valuable asset. Konica Minolta Group also recognizes that we are, not only to provide the best products and services, but also to meet the highest standards regarding compliance and social responsibility.

Konica Minolta Group is committed to respect the privacy of our customers, business partners, officers and employees and to protect the personal data of our customers, business partners, officers and employees.

Scope and applicability of this Policy

This Policy applies to us, Konica Minolta, Inc. (“Konica Minolta”) and all of its affiliated companies (“Group Companies”) and our officers and employees. “Affiliated” in this instance means, that Konica Minolta may enforce the adoption of this Policy directly or indirectly, on the basis of voting majority, majority management representation or by agreement. Konica Minolta and Group Companies (“Konica Minolta Group”) establish and enforce internal rules such as regulations and procedures in accordance with this Policy.

This Policy sets forth the basic principles of Konica Minolta Group’s data protection and data security standards and ensures compliance with national and international data protection laws in force all over the world. Therefore it comprises the internationally accepted data protection principles, intending not to replace, but to supplement the respective national data protection and privacy laws (“National Legislation”). This means, that the content of this Policy has to be observed in the absence of a corresponding National Legislation or if a National Legislation provides lower requirements than this Policy. On the other hand, a National Legislation always takes precedence in case of a conflict with this Policy or if the National Legislation provides stricter requirements than this Policy.

This Policy extends to all processing of personal data. In countries where the data of legal entities are protected to the same extent as personal data, this Policy applies equally to data of legal entities. Anonymized data, e.g. for statistical evaluations or studies, is not subject to this Policy.

Konica Minolta Group’s principles for processing of personal data

Lawfulness, fairness and transparency

Personal data will be collected and processed in a lawful, fair and transparent manner to protect the individual rights of the data subjects.

Restriction to a specific purpose

Personal data will only be collected for specified, explicit and legitimate purposes and will not be processed in a manner incompatible with those purposes.

Data accuracy / Data actuality

Personal data will be accurate and where necessary kept up to date. Konica Minolta Group will take every reasonable step to erase or rectify inaccuracies without delay.

Data economy / Data minimization

Personal data will be adequate, relevant and limited to what is necessary. Personal data will not be stored longer than necessary.

Rights of data subjects

Konica Minolta Group respects the rights of all data subjects including rights of access to their data, the right of restriction of processing or erasure, and the right of accuracy. Konica Minolta Group will provide clear and unambiguous information about how and why subjects’ data are collected and processed.


Time limits for storage of personal data will be defined. Konica Minolta Group erases personal data that are no longer necessary in relation to the purposes for which they have been collected or in a case a given consent is withdrawn and no other legitimate purpose for processing applies.

Security of processing / Data security

Personal data will be processed securely. Appropriate to the risk, technical and organisational measures will be taken against unauthorised processing or alteration, and against loss or destruction or unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed. Konica Minolta Group will ensure ongoing integrity, availability, confidentiality and authenticity. Konica Minolta Group will ensure resilience of our systems and services processing personal data. In the event of an incident Konica Minolta Group will have the ability to restore the availability and access to data in a timely manner.

Data protection by design and by default

Konica Minolta Group will implement appropriate technical and organisational measures for ensuring that, by default, only personal data that is necessary for each specific purpose of the processing is processed. The principle of Data Protection by design and by default will be followed during the development of new products.


There shall be accountability in all processing activities. Konica Minolta Group is responsible for and able to demonstrate compliance.

Konica Minolta Group’s data protection organisation

Each Konica Minolta Group company shall appoint a qualified person, who is responsible for the implementation and observance of the aforementioned principles.

Privacy Policy (Version 24.11.2020)

The following information provides you with details about how we process your personal data and your rights under data protection law.

1. Responsibility for data processing and company data protection officer

In line with Article 4, Paragraph 7 of the EU General Data Protection Regulation (GDPR) responsibility lies with:

Konica Minolta Business Solutions Europe GmbH
Europaallee 17, 30855 Langenhagen
Telephone: +49-511-7404-0
Email: info(at)

If you have any questions about data protection, you are welcome to contact our company data protection officer at any time:

Dr. Frederike Rehker
Konica Minolta Business Solutions Deutschland GmbH
Europaallee 17, 30855 Langenhagen
Telephone: +49 (0)511 7404-0
Email: dataprotection(at)

2. Your rights

You hold the following rights with regard to your personal data processed by us:

  • access to information on the categories of the processed data, purposes of processing, recipients or categories of recipients of your data, and the planned retention period (Article 15 of the GDPR)
  • correction of inaccurate or incomplete data and/or their amendment (Article 16 of the GDPR)
  • deletion of data in line with Article 17 of the GDPR, in particular if the personal data are no longer necessary for the intended purpose or are processed illegally, or if you withdraw your consent or have lodged an objection to processing
  • restriction of data processing in line with Article 18 of the GDPR in certain circumstances insofar as, for instance, deletion is no longer possible or the deletion obligation is at issue
    in line with Article 20 of the GDPR on data portability, to have us provide you or a third party with the personal data you supplied to us in a structured common machine-readable format
  • for reasons arising from your particular situation the right to object to data processing on account of a legitimate interest (Article 21, Paragraph 1 of the GDPR)
  • withdrawal of your consent at any time to be effective in the future (Article 7, Paragraph 3 of the GDPR); this also of course also applies to the withdrawal of consents you granted us prior to the GDPR coming into effect
  • in line with Article 77 of the GDPR to lodge a complaint about data processing with the responsible supervisory authority

3. Collection of personal data when you visit our website

If you only our website for informational purposes, i.e. if you do not register or otherwise provide us with information, we shall only collect the personal data that your personal browser sends to our server. These data are necessary from a technical point of view to let you view our website. They are also required in order to ensure the stability and security of our website. (Legal basis is Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR).

  • IP address
  • Date and time of request
  • Country of origin of request
  • Content requested (specific web page)
  • Access status/http status code
  • Website from which the request is launched
  • Browser
  • Operating system and interface
  • Browser software language and version
  • Data volume sent in each case
  • Time zone difference to Greenwich Mean Time (GMT)

Some of the services offered on our website can only be performed if we are able to contact you. This means that availing yourself of these services is dependent on you providing us with specific personal (contact) data. We only collect, use and process these data insofar as this is necessary for the performance of the respective services. If you contact us via email or a contact form, the data you enter (your email address and other data you impart to us of your own free will, such as your name/telephone number) are stored by us so we can process your request and answer any questions you may have. We delete the data we have stored about you when it is no longer required. We restrict processing in the case of statutory retention obligations. We process your data in line with Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR.

4. Purpose of processing, legal basis and retention period

If we request consent to process your personal data, we do so in line with Article 6, Paragraph 1, Sentence 1, Letter a of the GDPR. If processing your personal data is required to fulfil a contact or pre-contractual measures prompted by your request, our processing is legally based on Article 6, Paragraph 1, Sentence 1, Letter b of the GDPR. In cases in which processing of personal data is required to fulfil our legal obligations, processing is in line with Article 6, Paragraph 1, Sentence 1, Letter c of the GDPR. If processing of personal data is necessary to protect a legitimate interest of our company or a third party, and if at the same time the interests, basic rights and freedoms of the data subjects, which require the protection of personal data, do not take precedence over our legitimate interest, Article 6, Paragraph 1, Letter f of the GDPR shall serve as legal basis for said processing.

Unless otherwise specified, we delete personal data in accordance with Article 17 and 18 of the GDPR or restrict their processing. We only process and store your personal data for as long as they are required to fulfil our contractual and legal obligations. Data no longer required for the intended purpose are deleted regularly unless temporary further processing is necessary, which may arise on account of other legally permissible purposes. In compliance with documentation and legal retention obligations in Germany, the necessary documents are stored for six years in line with Article 257, Paragraph 1 of the German Commercial Code (HGB) and ten years in line with Article 147, Paragraph 1 of the German Fiscal Code (AO).

In order to avoid payment defaults, we may conduct credit checks in individual cases prior to contract closure and as part of relevant contract amendments, if we are to render services that are only billed at a later date. We protect ourselves from payment defaults by said conducting of credit checks. Based on scoring (profiling) we assess the extent to which customers will fulfil their contractual payment obligations; the score ratings help us with our decision-making. Scoring is based on a recognised mathematical-statistical method. We store the results of credit data for 365 days.

We use cookies on our website. Cookies are small text files stored on your hard disk that are created when you use your browser to visit a website and are used by it to send specific information. Most of the cookies we use are deleted at the end of the browser session (so-called session cookies). Other cookies remain on your end device and let us recognise your browser again on your next visit (persistent cookies). Click this link for information on the cookies we use and their respective lifetimes. You can set your cookie preferences in the browser you use, and can refuse the use of cookies or restrict your refusal to the cookies of other parties, so-called third-party cookies. However your cookie preferences may result in you not being able to use all the functions offered on our Internet website.

5. Recipients of your data

RSA Cosmos S.A.S may process your Personal Information:
1- to provide you with the information or services you have requested (for example: Newsletter, commercial offer, …); and / or
2- to collect information enabling us to improve our Website, our products and services (in particular by means of cookies); and / or
3- to be able to contact you by email or phone, including the update of the products and the customer support, information relating to a product or service provided.

Only RSA Cosmos S.A.S is the recipient of the information collected on our Website. Your personal information will not be sold, exchanged, transferred, or given to a third party except to the subcontractors to which RSA Cosmos S.A.S uses to provide the service in question (host, technical maintenance of the site, analysis of the traffic, …).
This transfer of data will take place in compliance with the guarantees, measures and rights provided by the legislation in force on the protection of personal data and in accordance with this privacy policy and the data transfer agreement.

6. Where is my data processed?

We always process your data in France and European countries (EU/EEA). Insofar as your data are exceptionally processed in very limited special cases in countries outside the European Union (thus in so-called third countries), this will only take place provided you have given your express consent, it is legally envisaged, or it is necessary for us to perform our service for you. Insofar as we process data in third countries in these exceptional cases, this is performed subject to specific measures (i.e. on the basis of the existence of an adequacy decision by the EU Commission or appropriate guarantees, Article 44 et seq. of the GDPR).

7. Cookies, Targeting and Advertising

1. Use of cookies

RSA Cosmos S.A.S, as publisher of this website, will implement a cookie on the hard drive of your terminal (computer, tablet, mobile etc.) to ensure a smooth and optimal navigation on our site Internet. They are used exclusively for our own needs to improve the interactivity and performance of our website and to send you adapted content. None of this information is the subject of a communication with third parties except with your prior consent or when required by law, by order of a court or any authorized administrative or judicial authority.
Below you will find a table listing the different types of cookies that may be used on the RSA Cosmos S.A.S website: name, purpose and retention period.

2. Configuration of cookies

You may accept or refuse the deposit of cookies at any time on the RSA Cosmos S.A.S Website. You are notified and accept the deposit of cookies on your terminal. You are also deemed to have consented to the deposit of cookies by clicking on “I approve” at the bottom of your screen. Depending on the type of cookie, collecting your consent to deposit and read cookies on your device may be necessary.

a. Cookies exempt from consent

In accordance with the recommendations of the Commission Nationale Informatique et Libertés (CNIL), some cookies are exempt from the prior collection of your consent to the extent that they are strictly necessary for the operation of the website or have the exclusive purpose of allowing or facilitating electronic communication. These include session ID, authentication, load balancing session cookies as well as cookies for customizing your interface.

The following cookies are affected :

  • gdpr[allowed_cookies] (1 year) : Allows you to save your choices regarding consent / refusal to deposit such a cookie on your browser.
  • gdpr[consent_types] (1 year) : Allows you to save your choices regarding consent / refusal to deposit such a cookie on your browser.
  • xxlplan (15 minutes) : Allows to distribute the load on the servers of our host OVH.
  • xxlplanBAK (15 minutes) : Allows to distribute the load on the servers of our host OVH.

b. Cookies requiring the prior collection of your consent

This refers to cookies issued by third parties and referred to as “persistent” in your device until they are deleted or expired. The use and posting of third party cookies are subject to their own privacy policies. Are concerned by their own privacy policy: audience measurement cookies (Google Analytics, Piwik, …), advertising cookies as well as social network sharing cookies (Facebook, YouTube, Twitter, Instagram, LinkedIn, …). These data contribute to the improvement of the ergonomics of the RSA Cosmos S.A.S Website.

You can also refuse the collection of cookies during your browsing. To do this, you must modify the settings of your browser. The setting for cookies is usually found in the “Options” or “Preferences” menu of your Internet browser. The following links will help you better understand how to adjust these settings:

List of cookies requiring the prior collection of your consent

  • Google Analytics
  • LinkedIn
  • Vimeo
  • GDPR
  • NID (6 month) : This cookie is set by DoubleClick (owned by Google) to help you build a profile of your interests and show you relevant ads on other sites.
  • ANID (1 year) : Allows you to personalize ads on Google sites.
  • CONSENT (13 month) : Allows Google to record information about how the end user uses the website and any advertising that the end user may have seen before visiting that website.
  • 1P_JAR (1 month) : Allows Google to record information about how the end user uses the website and any advertising that the end user may have seen before visiting that website.
  • DV (1 hour) : Allows Google to save your preferences and other information.
  • OGPC (1 month and half) : This cookie activates the functionality of Google Maps.
  • _ga (2 year) : This cookie is used to distinguish unique users by assigning a randomly generated number as a customer identifier. It is included in every page request on a site and used to calculate visitor, session and campaign data for site analysis reports.
  • _gid(1 day) : This cookie is used to distinguish unique users by assigning a randomly generated number as a customer identifier. It is included in every page request on a site and used to calculate visitor, session and campaign data for site analysis reports.

To modify your configuration concerning the administration of cookies you can click on the link below:

You may decide not to provide data via Google Analytics cookies

Go to Google Analytics

You can retrieve your data at any time by clicking on the following link:

For more information on the tools of control of cookies, you can consult the Internet site of the CNIL:

3. Computer Rights and Freedoms

In accordance with the rights conferred by the current regulations on data protection, you can exercise your rights of access, rectification, limitation of treatment, deletion, portability and opposition to the processing of your personal data by sending your request at the mailing address ADRESSE or via the contact form. You can contact the competent supervisory authority (CNIL) to submit the claim that you deem appropriate with the following link:

4. Consent

By using our site, you consent to our privacy policy.

This privacy policy was last updated on May 24, 2018. From time to time, RSA Cosmos S.A.S may make changes to its privacy policy and update it on its website. We reserve the right to update our privacy policy at any time and we recommend that you review it frequently.

We draw your attention to the fact that the refusal of the deposit of cookies on your terminal may alter your user experience and your access to certain services or features of this Website. RSA Cosmos S.A.S declines any responsibility concerning the consequences related to the degradation of your browsing conditions that occur because of your choice to refuse, delete or block cookies necessary for the operation of the site. These consequences can not constitute damage and you can not claim any compensation for this fact.

8. Online presence in social media

Within social networks, as the site operator, we use the services of online platforms to inform the users active on these platforms about information offers and services provided by Konica Minolta in order to communicate directly via the platforms if users are interested in this. The social media channels thus add to our own online presence and offer interested parties who like this type of information an alternative communication channel.

We currently have our own online profiles in the following networks:

When the relevant Konica Minolta social media profile is called up in your network, the terms and conditions of business and the data processing policies of the relevant operator apply.

We do not have any influence on the collection of data and the further use thereof by social networks. We only know that your data will be used for market research and advertising purposes and that usage profiles will be created from your user behaviour and the interests resulting from this. In addition, further advertising based on presumed interests can be turned on. This is normally achieved by saving cookies on your computer.

We would therefore like to explicitly make you aware that users’ data (e.g. personal information, IP address) will be saved by the network operators in accordance with their policies on data usage and used for business purposes. We would also like to point out that your data may be processed outside the European Union as part of these activities. US providers, who are certified under the Privacy Shield, undertake to comply with EU data protection standards.

We only process the data of users of Konica Minolta’s social media platforms to the extent that these users contact and communicate with us via comments or direct messages. You can assert data subject rights against us (see also Item II of your rights) and against the provider of the social network.

The processing of users’ personal data is based on our legitimate interest, which is to effectively inform and communicate with users in accordance with Art. 6(1f) GDPR. If you are asked for your consent to data processing by the relevant providers (i.e. to give your consent, e.g. by ticking a checkbox or confirming via a button), the legal basis is processing in accordance with Art. 6(1a) GDPR.


YouTube videos are included on our websites. They are stored on, but can be played back directly on our website. On including videos on our website we activated advanced data protection mode. This means that if you do not play back videos, no data about you is transmitted to YouTube. However, if you play back videos, the data are sent to YouTube. Initially, YouTube receives the information that you have accessed the corresponding page on our website. Other data can also be transmitted to YouTube, of which we have no knowledge. In this case also, we have no influence on data transmission. If you log into YouTube the transmitted data are directly linked to your account. If you do not wish this to happen, you have to log out of YouTube before you play back videos on our websites. YouTube stores your data as a user profile and uses them for advertising and market research purposes and/or to tailor its website to user needs. Evaluation of this nature may in particular be used for targeted advertising (even in the case of users who have not logged in). YouTube offers you a right of objection to the creation to user profiles, which you must lodge directly with YouTube.

The YouTube privacy statement provides more information on the purpose and scope of data acquisition and processing, and also additional information on your rights and settings options to protect your privacy: Google also processes your personal data in the USA and has subjected itself to the EU-US Privacy Shield

The legal basis for the inclusion of YouTube videos is Article 6, Paragraph 1, Sentence 1, Letter f of the GDPR.

9. Opt-out options in social networks

If you are a member of a social network and you do not wish the platform to collect data relating to you via our website on the social network and to link it to your saved data on the relevant network, you must log out of the relevant network before visiting our website, delete any cookies saved on the device and then close and reopen your browser. When you log in again, you will be recognised as a specific user by the network.

Please see the information under the provider links below for a detailed description of the relevant processing activities and opt-out options.

Should you wish to request information or assert any user rights, we would also point out that the most effective way to do this is with the providers themselves. Only the providers have access to the users’ data and can take the relevant measures directly and provide information. Should you still need assistance, please do not hesitate to contact us.

In addition, European marketing operators are providing a new way to opt out under the following link: This is an initiative designed to clarify the topic of online advertising. In the “Your Online Choices” area you will find an overview of providers whose online advertising you can turn off or on. Such providers also include Facebook and Google.

10. Konica Minolta has set out the following policy as the global benchmark for its own conduct:

Z.I. de la Vaure
CS 80945
42290 Sorbiers, France
+33 (0)4 77 53 97 30