In order to allow you to manage your printers and offer our Printix Cloud Print Management Service, we register necessary information. This is typically the information you can see either directly or in a processed format in Printix Administrator. Kofax has ISO/IEC 27001 certification, the internationally recognized standard for information security management systems (ISMS).

What data is registered in the Printix Cloud?

  • Printers: Address, Vendor, Model name, Name, MAC address, Serial number, Properties, Page counters, Consumables data, and statistics.
  • Computers: Address, Hostname, Type (Laptop, Desktop, Server), System (Windows, macOS).
  • Networks: Gateway IP and MAC addresses.
  • Documents: Name, Number of pages, Color, 2-sided, and where and when it was submitted, printed, and deleted.
  • Users:
    • Name (As for passwords, please see Authentication below)
    • Email
    • Role (User / System manager)
    • Department (Azure AD only, and can be used to post process data for subsequent departmental billing)
    • Groups (Only the group membership relevant to Printix functionality is recorded)

Personally Identifiable Information

  • Personally Identifiable Information (PII) in the form of a users’ name, email and document names are stored in the Printix Cloud. Here document names are kept as part of job history for 90 days to allow troubleshooting by Printix. In Printix App and Printix Administrator users (and system managers) can only see the document names of their own documents, and only while the document is pending (typically 1 day and maximum 7 days).
  • Enabling Cloud storage will for the duration of the pending documents, store the document name and the name of the user as part of the document’s metadata.
  • Set up of Analytics with an own Azure SQL database will also populate users’ name and email into this. Document names are only populated if Include document name in data extract is checked.
Default setup Custom setup
Printix Cloud + User name and email
+ Document name (90 days)
+ Document files, transit only, no storage (see Note 1)
+ User name and email
+ Document name (90 days)
Document files, no transit, no storage
Cloud storage N/A + User name (max 7 days)
+ Document name (max 7 days)
+ Document files (max 7 days)
Own SQL database
N/A + User name and email
+ Document name (Optional)

Note 1: Mobile printed and Chrome printed documents to be released (anywhere and later) are stored in the Printix Cloud.

Data centers

Printix is hosted in the EU.

  • Secure Microsoft Azure Data Center in the Netherlands [West Europe].
    • Configuration data and micro services:
      • wss://
  • Secure Amazon Web Services Data Center in Ireland [AWS EU-West-1]. Content Delivery Network (CDN) is enabled.
    • Captions and graphics
    • Driver store
    • Software packages
    • Web servers for Printix Administrator and Printix App.
      Example: Alias for:
    • Web servers for sign in


  • Documents are encrypted and stored until they expire and/or get deleted.
  • Documents do not leave your network, unless you enable additional functionality or printing via the cloud. See also: Which documents go via the cloud?
  • Documents that go via an own Cloud storage are protected by time- and session-restricted credentials issued by the Printix Cloud. Printix Client does not store cloud storage credentials/keys.
  • Advanced Encryption Standard (AES) with a key length of 256 bits is used to encrypt documents.


  • All Printix communication inside and outside the network is secured with encryption and the use of HTTPS.
  • SNMP is used to collect information from printers. Both SNMPv1 and SNMPv3 are supported.
  • Print data is sent unencrypted to the printer, but with secure IPPS it can be sent encrypted to printers that support secure IPPS.
  • Printix Client will always use the highest available TLS version (1.2). However, to allow a seamless setup Printix Client does accept older and less secure versions of TLS, like 1.0. You may want to enable TLS 1.2 on all computers.


  • Printing directly to the printer is just as secure as compared to traditional network printing.
  • With Secure print (Print later and Print anywhere), you have the option to wait until you have arrived at the printer, and only then release the documents via your phone. No more stressful “print and sprint” to prevent others from collecting your documents from the output bin of the printer.
  • With Printix Go, you can sign in at the printer with your card or ID code and release documents. Increase security with PIN code (4-digit) for two-factor authentication.
    • PIN code disabled is shown after three consecutive failed sign in attempts. User must open Printix App and Reset PIN code and choose a new and different value, otherwise Printix App will show PIN code must be different from the current.

Capture and workflow

  • The Printix Capture application encrypts any temporary files stored on the workstation hard drive.

Printix Client

  • The user interface of Printix Client (PrintixClient.exe) runs under the signed in user’s account.
  • Printix Service (PrintixService.exe) runs under the local system account and handles the printing and printer installation.
  • Both applications write log files.
  • Printix Client will silently update itself to the latest approved version.
  • Documents scanned with Printix Capture are encrypted while they are transferred to and from the Printix Client over HTTPS and also while they are stored.


  • Printix uses Roles to control what functions a user can perform.
  • Users are notified by email when their role is changed.


  • Users are required to register and sign in to use Printix.
  • With Azure authentication enabled, users’ passwords are handled entirely by Azure AD.
    • Printix will read the users’ basic profile (display name and email address).
  • With Google authentication enabled, users’ passwords are handled entirely by Google.
    • Printix will read the users’ basic profile (display name and email address).
  • With Okta authentication enabled, users’ passwords are handled entirely by Okta.
    • Printix will read the users’ basic profile (display name and email address).
  • With OneLogin authentication enabled, users’ passwords are handled entirely by OneLogin.
    • Printix will read the users’ basic profile (display name and email address).
  • With Active Directory authentication enabled, users’ passwords are not stored by Printix, but can be transferred securely via LDAPS to the local Active Directory server for authentication.
  • For users who authenticate directly with Printix, passwords are protected through salted password hashing. Users can reset a password themselves. Their email address is required for this to work. Passwords must be minimum 6 characters in length and contain uppercase letters, lowercase letters, and digits.
  • For sign in at the printer scenarios, the registered card numbers and PIN codes are protected through salted hashing. ID codes are written as plain text.

Authentication flows

Microsoft Azure AD

Authentication flow Microsoft Azure Active Directory (HTTPS:443)

Google Workspace

Authentication flow Google (HTTPS:443)


Authentication flow Chromebook (HTTPS:443)


Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Please do not use this for support questions.
Printix Support

Post Comment