Personal User Information in YSoft SafeQ 6

Personal User Information in YSoft SafeQ 6

Abstract

This document deals with how personal information about users is processed in YSoft SafeQ 6 with respect to different data sources, the lifecycle of data processing and potential legal implications, such as Act No. 101/2000 Coll., on the protection of personal data in the Czech Republic.

Definition of Personal User Information

For the purpose of this document, the data which might be containing personal user information are referred to as entities. We make an intentional distinction between Corporate Entities where all information contained therein is coming from, related to and possibly owned by the legal body operating the YSoft SafeQ system and Mixed Entities which may contain personal user information.

In this document, we also refer to data structure and make important distinction between unstructured data, where the YSoft SafeQ system does not work with the data in a structured way (i.e. identifying elements of information in the data and relationships between such elements) and structured data where the data structure is taken into account.

Examples of Structured and Unstructured Data

  1. Structured Data

    1. Data exchanged between YSoft SafeQ 6 and Identity Management Systems (e.g., Active Directory, OpenLDAP)

    2. Device information describing connected Printers and/or Multifunction Devices managed by YSoft SafeQ

    3. Cost Centers or Billing Codes managed by YSoft SafeQ system depicting corporate or management cost structure of the organization using the YSoft SafeQ system

  2. Unstructured Data

    1. Print Jobs received and managed by the YSoft SafeQ system.

    2. Scanned Documents received and managed by the YSoft SafeQ system.

Personal User Information in Unstructured Data

YSoft SafeQ system processes the following kinds of unstructured data which may contain Personal User Information:

  1. Print Jobs

  2. Scanned Documents (also referred to as Scans)

Personal User Information in Print Jobs

YSoft SafeQ system extracts information from Print Jobs constituting a Print Job Entity. This entity is stored in YSoft SafeQ system for archiving and reporting purposes.

The relevant extracted information is:

  1. (Optional) Job Title which may be specified as part of the print job data stream by means of appropriate PCL commands. Such job title contain and refer to the contents of the print job or the original document which was printed by a user resulting in the print job. Job Title may also be linking the document to a particular person(s).

  2. (Optional) Job Owner which is specified either as part of the print job data stream or as part of the communication protocol used for receiving the print job by the system. The Job Owner links the print job to a particular user account, which may or may not correspond to a real person(s).

    This information is tracked for the purpose of reporting printed volumes on a per-user basis.

Who has access to such information?

This information is accessible to particular users, who can view only Print Jobs which have this particular user identified as Job owner.

The YSoft SafeQ system usually defines one or more administrator user accounts (by default, the user account is called “admin”). Such user accounts have permissions to view the Job Title and Job Owner information of all print jobs.

Personal User Information in Scanned Documents

YSoft SafeQ system associates Job Owner information with each Scanned Document by various technical means, which depend on the type of connected multifunction device, system configuration, etc.

Who has access to such information?

This information is accessible to particular users, who can view only Scanned Documents which have this particular user identified as Job owner.

The YSoft SafeQ system usually defines one or more administrator user accounts (by default, the user account is called “admin”). Such user accounts have permissions to view the Job Owner information of all Scanned Documents.

Personal User Information in Structured Data

User Account Information and Credentials

The YSoft SafeQ system stores information about user accounts and related credentials. The following information is stored with the User Mixed Entity:

  • Login Name

  • First (Given) Name

  • Surname

  • Password

  • Card IDs and PIN Numbers

  • E-Mail

  • Home Directory (*)

  • Cost Center associated with the User Account (*)

  • Default Billing Code for the User (*)

Elements marked with (*) are system-related settings and are not relevant for storing Personal Information. All other elements may, but not necessarily must potentially contain personal information, however it is crucial to define, how these elements are maintained.

User Accounts are created and managed in one of the following ways:

  1. The User Account(s) are created and managed using the YSoft SafeQ management interface. By default, users can access information related to their User Accounts only if and only if they can authenticate with the system using their password. Administrator user accounts can manage any User account in the system.

  2. The User Account(s) are “imported” or “replicated” to YSoft SafeQ system using technical means from another systems. Corporations usually employ systems for managing user identities and credentials, usually referred to as Identity Management systems. YSoft SafeQ 6, if properly configured, can retrieve user information from such systems.

    Whether User Entity in YSoft SafeQ 6 contains Personal Information depend on the policy governing what data are entered to the system (above mentioned 1) or policy governing corporate identity management (above mentioned 2).

    YSoft SafeQ 6 is using User entities for authentication and reporting, where the traceability of particular print jobs/scanned documents to particular User Account(s) can be disabled by configuration (defined above).

For more information refer to Management Interface - Users in YSoft SafeQ 6 documentation.

Personal Information in other system entities

Besides the User mixed entity, the YSoft SafeQ system operates with the following entities:

  1. Device (sometimes referred to as MFD)

  2. Cost Center

  3. Role

  4. Billing Code

    All these entities are Corporate Entities. They are created by the corporation using the YSoft SafeQ system to manage the printing environment.

    These entities usually model corporation organization structure, structure of departments and cost allocation policies. Cost Centers, Roles and Billing Codes are associated with particular User entities, but on M:N basis, i.e. many User entities may be associated with a particular Cost Center/Role or Billing Code, but many Cost Centers/Roles or Billing Codes are also associated with a particular User account.

For more information refer to Management Interface - Devices.