Privacy Notice - Inventors
- Data Controller
The partners of Dehns are the Data Controllers for data protection purposes and Dehns is registered under the Data Protection Act 1998. Dehns can be contacted concerning data protection matters at firstname.lastname@example.org.
- Who we collect information about
In order to deal with a client’s affairs, we may store and process information comprising personal data. This personal data may concern you if you are an inventor, whether actual or potential, or designer designated in connection with an intellectual property right.
- What information we collect, how we obtain it and how we store it
The personal data we collect will be your name, a contact address (business rather than personal where possible) and, where necessary, information as to your nationality, profession and country of residence, whether you are an employee of the owner of the intellectual property right concerned, and / or brief details of how rights were transferred from you to the owner.
Where it is agreed that we contact you directly, we will also collect your contact details (including email address and telephone number).
We will usually obtain this information from our client who maybe the owner of the intellectual property right concerned or someone acting on their behalf. In certain situations, we may obtain the information from an existing record in the public domain e.g. from details concerning a particular intellectual property right as published by various public intellectual property organisations around the world. In other situations, we may obtain the information from you directly.
The personal data will, where applicable, be entered into the database within our specialised case management system, in records held within our document management system and within written records held for specific cases. Data may also be held in communication systems and software.
- Why we process personal data and the legal basis for doing so
We process this data under the basis that we have a legitimate interest to do so because such data is necessary for us to properly perform the services we have agreed to supply to our client.
- Who has access to this data and the third parties we share it with
The personal data will be entered into our database and /or written records and the details will then be accessible by all of our partners, staff and consultants located in our offices within the UK and in Germany unless we specifically agree with our client that certain details are restricted to selected personnel.
Details may also be made available to:
- Public intellectual property organisations such as the Intellectual Property Office in the UK and equivalent bodies in other countries. These organisations may publish such personal data and may make the personal data available to third parties who may in turn publish the personal data.
- IP/law firms outside the UK who we engage to deal with our client’s affairs in other countries and they in turn may make the data available to public intellectual property organisations.
- Specialist organisations to whom we sub-contract certain work such as payment of renewal/annuity fees, validation of European patents in various European countries, preparation of technical drawings etc.
Where, as part of the above, we transfer personal data outside of the EEA, we do this because it is necessary for the performance of a contract, concluded in the interest of a number of parties including you, between us and our client or a third party.
Please note that it is possible to withhold inventor names and/or addresses at certain intellectual property organisations (including the IPO in the UK and the EPO) if a specific request is made by the inventor.
- How we keep the data secure
We take the security of personal data seriously. We have internal policies, controls and technical processes in place to try to ensure that such data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by authorised personnel. Where we engage third parties to process personal data on our behalf, they do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
- How long we store the data
We will store the data for a period of up to 10 years after the completion of our work or, if later, up to 2 years after the expiry of the IP right involved. This is subject to any specific alternative agreement concerning data retention that we have with our client.
- The rights of a data subject
A data subject has a number of rights. In certain circumstances, they can:
- request access to, and obtain a copy of, their data;
- request rectification of their data that is incorrect or incomplete;
- request deletion of their data;
- request restriction of the processing of their data;
- object to the processing of their data; and
- request the transfer of their data.
If a data subject believes that we have not complied with their data protection rights, they can complain to the Information Commissioner.
- Where you do not provide us with the personal data
Where we collect personal data from you directly, you are not obliged to provide the data to us. However, it is possible that we will be unable to properly perform the services we are engaged to provide without this information.
- Automated decision-making
Personal data is not processed based on automated decision-making.