In order for us to carry out our contract with you to protect and maintain your (or your client’s) intellectual property, you will need to provide us with limited personal data such as the name, business address and nationality of applicants and inventors. We will store this information on our electronic and/paper files, and we will file this information as necessary at Intellectual Property Offices in the jurisdictions where you choose to protect your intellectual property. In many jurisdictions, especially those outside the EU, this will mean our sharing that information with a carefully chosen local firm of intellectual property professionals who can deal directly with the Intellectual Property Office in their region. The firms with whom we work in other jurisdictions follow similar professional standards to our own. Please ask us, if you require a copy of their policies regarding data protection. As a patent, design or trade mark application progresses towards grant, the application and the personal data contained within it will be published by the Intellectual Property Office concerned.
We will also need to hold the information necessary for maintaining and administering your account with us, such as your invoicing name and address, bank details and contact details. This is necessary for the performance of our contract with you.
We may also need you to provide evidence of your identity, or the identity of other people connected with your work, in order to comply with our legal obligations under the Money Laundering, Terrorist Financing and Transfer of Funds Regulations.
We rely on you to comply with the EU General Data Protection Regulation (“GDPR”) and any other applicable laws relating to data protection with regard to the information you provide to us, including the obtaining of any necessary consents if you supply us with personal data other than your own.
As described in “Our business terms” under the heading “Your files”, we store electronic and paper files for a little over six years (the legal “limitation period”) after the expiry of the relevant intellectual property rights. We then ensure that the files are destroyed in a way that safeguards the confidentiality of their contents. If we have no other ongoing matters with you, we will delete your accounts information from our records at the same time.
We maintain a separate database of client and other contacts who would like us to send them news relevant to their business interests. These communications may include industry and legal alerts, information relating to our firm blogs, newsletters and event invitations. We only send communications of this kind where there is a legitimate business interest to do so, or to contacts who have given their consent. Our contacts may instruct us to stop sending such communications at any time. We will never sell or pass on data from our contacts list.
Under the GDPR, individuals have the right: to ask whether we hold any of their personal data; to access (i.e. to a copy of) any that we hold; to rectification of inaccuracies or to erasure of their personal data; to restrict or to object to processing of their personal data; and (in some cases) to data portability. No-one is obliged to provide us with personal data; but without using the limited types of personal data described above, we may be unable to apply for, maintain or defend a client’s intellectual property rights.
For the purposes of the GDPR, the Data Controller is Greaves Brewster LLP.
If you have any questions concerning our handling of your personal data or any information you have provided to us, please contact our Practice Manager at PracticeManager@greavesbrewster.co.uk, or any of our partners.
If you have any concerns that we are unable to resolve together, you have a right to complain to the Information Commissioner’s Office. This can be done via the ICO’s website at https://ico.org.uk/concerns.