HomeKnowledge base › Printers and variable data
Printing

Printers: destroying variable data and misprints

Misprints and personalised print work at a print shop ready for confidential destruction

A print shop that does variable-data or direct-mail work does not print anonymous sheets. Payslips, bank letters, insurance statements, medical appointment letters and membership cards come off the press, each with a name, address and sometimes a health or financial detail on it. Alongside the clean run there are misprints, proof sheets and overruns, and on the server sits the client's complete mailing file. This guide shows what you keep, what must go at once and how to destroy it confidentially.

The quick answer: for variable data you are usually the processor for the client, and the arrangements are in a processor agreement. The mailing file you keep no longer than the job requires and then delete from the RIP and the server. Misprints and overruns you destroy confidentially, not in the ordinary recycling. What may go disappears with a certificate as proof.

The print shop as processor

With variable data you process personal data on behalf of your client. That client, for example a bank, insurer or association, is the controller and determines the purpose. You are the processor and only carry out what is agreed. That means you may not use the data for your own purposes and may not keep it longer than the job requires. Record this in a processor agreement, as described in the processor agreement checklist.

The processor role makes careful clearing out extra important. What you print belongs to the client, and the responsibility to have it disappear afterwards lies with you while it is on your premises. A misprint or an old mailing file left lying around is a data breach that lands on your name.

Retention periods by part

The period differs per type of data. The overview below gives the main line. Count the tax period from the end of the financial year and the other periods from the delivery of the job.

PartStarting pointPeriod
Administration and invoicingTax retention obligation7 years
Client mailing file on the RIP or serverProcessor agreementclear out after delivery
Misprints and proof sheetsClient personal datadestroy confidentially
Overruns and leftover stockClient personal datadestroy confidentially
Special data (medical, financial)Extra protectiondestroy finely
Correspondence and draftsNo retention obligationclear out at once

Use this as a guideline, not a final legal ruling. Set the exact period for the mailing file in the processor agreement with the client. The proof side is in the certificate of destruction tied to your own administration.

The mailing file on the RIP and the server

The biggest digital risk is the mailing file itself. To personalise a run you load the client's complete address or customer file onto the RIP and the server. That file is often the most complete set of personal data you hold. Delete it once the job has been delivered and checked, unless the processor agreement names a short period for a reprint or a complaint. Deleting a file here also means taking the backups and temporary copies with it, because otherwise the data stays on the disk.

If a server or disk is disposed of or replaced, that carrier should be destroyed confidentially. That way no complete client file is left behind on written-off equipment.

Misprints, proof sheets and overruns

Every personalised job produces waste that is not ordinary paper. Misprints with a wrong alignment, proof sheets for the colour check and overruns that do not go into the mailing contain the same names, addresses and amounts as the clean run. So treat that waste as confidential. Collect it in sealed containers next to the press and have it destroyed, instead of throwing it into the ordinary paper stream or the recycling container.

For documents with medical or financial data, such as payslips or letters from a healthcare provider, a fine destruction level is the starting point. That way nothing remains reconstructable, not even from a single misprint.

How to handle it in 6 steps

  1. Record the processor role in a processor agreement with the client.
  2. Delete the mailing file from the RIP and the server once the job is delivered.
  3. Collect misprints and proof sheets in sealed containers next to the press.
  4. Treat medical and financial documents separately and at a fine destruction level.
  5. Dispose of old servers and disks only after confidential destruction.
  6. Have it destroyed confidentially with a certificate and record it in your register.

Destroy confidentially with a certificate

Misprints, overruns and old data carriers you have destroyed confidentially, because they contain the client's personal data. The paper and the carriers travel sealed and stay that way until destruction, so the chain is closed. For personalised print work with special data a fine shred is the starting point.

Afterwards you receive a certificate of destruction with the date, quantity and level. That certificate is your proof towards the client and the GDPR that you had the print work destroyed demonstrably, as described in demonstrable destruction for the GDPR. We collect within 20 km of Amsterdam with no call-out charge, work nationwide through pooled collection rounds and charge a fixed price per box or roll container. Drop-off on site is not possible; it works by appointment through collection.

Misprints and print work to be destroyed?

Tell us what you have and you get a fixed price. We collect it sealed, destroy it at the right DIN level and you receive a certificate for your client and your GDPR file. No call-out charge within 20 km of Amsterdam.

Request a quote

Common mistakes

  • Keeping the mailing file after the job. As a processor you keep it no longer than necessary.
  • Throwing misprints into the ordinary recycling. They contain the same personal data as the run.
  • No processor agreement. Without arrangements it is not recorded what you do with the data.
  • Disposing of old servers unwiped. A complete client file then stays on the disk.
  • Keeping no proof. Without a certificate you cannot demonstrate the destruction.

Frequently asked questions

Is a print shop a processor or a controller?

For variable data and direct mail the print shop is usually the processor. The client is the controller and determines the purpose. You record the arrangements about keeping and destroying in a processor agreement and keep the data no longer than the job requires.

How long may a printer keep a client's mailing file?

As briefly as possible. Delete the mailing file from the RIP and the server once the job has been delivered and checked, unless the processor agreement names a short period for a reprint or complaint. Keeping just in case is not a valid ground.

What do I do with misprints and overruns?

Misprints, proof sheets and overruns of personalised documents contain the same personal data as the run. Destroy them confidentially, not in the ordinary paper recycling, with a certificate as proof.

How do I destroy print work with personal data in line with the GDPR?

Confidentially and with a certificate of destruction. Paper and data carriers travel sealed and the destruction is recorded in the record of processing.

Conclusion

A print shop that processes variable data holds the most personal documents of other people's customers, from payslips to medical letters. You are the processor there, so you use the data only for the job and clear it out afterwards. Delete the mailing file from the RIP and the server, destroy misprints and overruns confidentially instead of in the recycling, and treat medical and financial documents at a fine level. Close every destruction with a certificate. That way you protect your client's customers and keep your processor role clean.

Read also: mortgage advisers: destroying client files, recruitment agencies: destroying candidate profiles, market research agencies: destroying respondent data and the GDPR retention periods cheatsheet.


Have print work collected? Request a quote via desnipperaar.nl. Within a few minutes you have a fixed price, including a certificate as proof.