Security & Privacy

Security & Privacy

Lexmark respects the privacy of our customers and takes safeguarding their personal data very seriously. As of the publication date, we have received no customer complaints regarding any loss or misuse of personal information for the calendar year 2023.

Security of customer information
Lexmark maintains security measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, in particular where the processing involves the transmission of data over a network, and against all other unlawful forms of processing. These measures ensure a level of security appropriate to the risks presented by the method of processing and the categories of data to be protected, taking into account the state of the art and the cost of implementation.

ISO 27001 is an information security management system (ISMS) international standard that provides a comprehensive set of requirements for maintaining confidentiality, integrity and availability of data. Lexmark has ISO 27001 certification for its worldwide Managed Print Services and Lexmark Cloud Services.

Lexmark's ISMS is managed by a chief information security officer who is supported by a team of information security professionals.

Lexmark designs devices to meet ISO/IEC 15408 Common Criteria Certification, an international standard on security capabilities. Lexmark is committed to validating this design through both the IEEE 2600 family of standards and the U.S.-based National Information Assurance Partnership's (NIAP's) Hard Copy Device Protection Profile (HCDPP). For more information, see Lexmark's Secure by Design

Lexmark also follows the Federal Information Processing Standards (FIPS) 140 Publication Series issued by the National Institute of Standards and Technology (NIST), which outlines requirements and standards for cryptographic modules, including both hardware and software components. Adherence to this standard for hard disk encryption and IPsec networking helps Lexmark provide the necessary conditions to secure information.

In addition, Lexmark has been certified to the Open Trusted Technology Provider Standard (O-TTPS) for Laser Printer controller cards and firmware stored on the card. This standard has been adopted as ISO 20243-1 and addresses threats related to maliciously tainted and counterfeit products. The O-TTPS is a set of guidelines, requirements, and recommendations that address specific threats to the integrity of hardware and software for Commercial Off-the-Shelf Information and Communication Technology products. The standard has a wide scope as it covers the entire product life cycle. In addition, Lexmark received a 2021 CSO50 Award from IDC's Chief Security Officer for supply chain security.

Privacy Program

Lexmark's privacy program, Privacy at Lexmark (P@L), is a multi-disciplinary global team of dedicated professionals at both the corporate and business unit level. Led by a chief privacy officer located at Lexmark's headquarters, the program's mission is to protect the privacy of company, employee, customer and other confidential information. P@L ensures the proper use and disclosure of such sensitive information and is committed to fostering a culture of ethics and integrity that respects privacy through awareness and accountability.  Within the changing landscape of global regulations, P@L also provides advice and guidance on best privacy practices for the Lexmark community.

Lexmark invites individuals to make inquiries related to their personal data.
The designated email and postal addresses are:

Lexmark International, Inc.
Data Protection Officer
740 West New Circle Road
Lexington, Kentucky 40550

Click here to sign up for security news and updates in our Global Preference Center.