Privacy and Data Protection Policy
The Intellectual Property Regulation Board (“IPReg/we/us/our”) is committed to protecting and respecting your privacy.
This policy (together with our terms and conditions of use and any other documents referred to) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. It applies particularly to any personal data we collect from, or is provided by patent and trade mark attorneys. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the Data Protection Act 1998 (the Act), the data controller is the Intellectual Property Regulation Board of Fifth Floor, Outer Temple, 222-225 Strand, London WC2R 1BA.
This Privacy and Data Protection Policy sets out the data processing practices carried out by us, including through the use of the internet, all websites operated by us, and any other electronic communications networks (together “our site”). If you have any requests concerning your personal data or any queries with regard to our personal data processing practices please contact our Data Protection Officer at firstname.lastname@example.org.
Meeting your needs
If you would like this information in a different format, please contact us on 020 7353 4373 or email email@example.com and we will try to accommodate your request.
We collect personal data from visitors to our site through the use of online forms, including, but not limited to, data about you, which you provide to us through the input areas within our site such as attorneys’ IPReg Pro accounts.
We also collect data about you every time you email us with your details, and we collect additional data automatically about your visits to our site.
The data we collect may include: name, postal and email address, telephone numbers (work, home and mobile), and diversity monitoring data which we collect for the purposes of discharging our statutory obligations.
We may collect data about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
We may also use and disclose other data in aggregate for research and strategic development purposes.
We may also ask you to complete surveys used for research purposes, which you are not obliged to complete but which will be completely confidential and analysed anonymously.
If you contact us in any other way (for example by email, post or telephone) we may keep a record of that contact.
We may have cause to contact you by letter, telephone, email or otherwise in relation to the purposes specified in this Privacy and Data Protection Policy. It is, therefore, of fundamental importance that you ensure that your records on your IPReg Pro account are kept up to date by updating your details appropriately. By submitting your personal data you consent to us processing your personal data in accordance with this Privacy and Data Protection Policy.
Use of personal data
We will use personal data, as provided by you or appropriately obtained from third parties (including persons duly authorised by you to provide such data on your behalf), for the purposes listed below:
- to inform you about developments within, or relating to, the patent attorney and trade mark attorney professions in discharging our regulatory functions
- to provide information, guidance and advice in relation to regulatory matters for the management and support of the IPReg Board and committees (including enabling our Board and committee members to access papers)
- for the investigation of complaints
- to create and keep updated the IPReg patent attorney, trade mark attorney and registered entity registers (the “registers”)
- to complete forms and procedures relating to the registers (including calculation and payment of practice fees)
- to enable persons with delegated responsibility from you and your employer to submit personal data on your behalf
- for applications, such as an application to be entered onto a register
- for the administration and provision of both education and training services and events
- to update personal data, including diversity monitoring data for the purposes of satisfying our statutory duties and meeting our regulatory objectives, and
- in any other respect that we may reasonably require in order to carry out our regulatory functions or to provide a specific service requested.
Sensitive personal data
We are committed to ensuring that access to the patent attorney and trade mark attorney professions should be equally open to all, irrespective of age, disability, gender reassignment, marriage and civil partnership, pregnancy and maternity, race, religion or belief, sex, sexual orientation and/or socio-economic background. To achieve this, as well as to fulfil our statutory equality obligations, we need to monitor the data trends of those entering the professions so that we can gain a better understanding of how people from a range of backgrounds progress in their careers. We therefore strongly encourage you to submit this data.
Use of sensitive personal data
Your sensitive personal data will:
- only be used for the purposes of equal opportunities monitoring and other legal requirements
- be kept confidential within IPReg and its contractors
- be destroyed if you are not entered on any of the registers within five years, or if you are removed from any of the registers or if you subsequently request it, and
- not be released in a form that may result in identification of individuals. Anonymised analyses may be published on the IPReg website.
If we alter these stipulated purposes we will notify you and will destroy your sensitive personal data if you request us to do so subsequently.
Storage and security of personal data
We will take all necessary reasonable steps to ensure that your data is treated securely and in accordance with this Privacy and Data Protection Policy. All our employees are personally responsible for maintaining personal data confidentiality. We provide education and training to all our staff to remind them about their obligations. Our policies and procedures are audited and reviewed. All data that you provide to us is stored on our secure servers. Any payment transactions will be encrypted. Unfortunately, the transmission of data via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your data, we will use strict procedures and security features to try to prevent unauthorised access.
Data Protection accountability
IPReg has appointed a Data Protection Officer responsible for the processing of personal data:
Data Protection Officer, Fifth Floor, Outer Temple, 222-225 Strand, London WC2R 1BA firstname.lastname@example.org.
You should be aware that most browsers allow you to turn off cookies or to receive a warning before a cookie is stored on your hard drive. Please refer to your browser instructions or help screen to learn more about how to do this. However, please note that should you decide to disable any cookies we place on your computer you may not be able to use certain services or facilities on our site.
Disclosures and sharing data
We will follow the appropriate legal requirements to ensure that no third parties see your personal data except as set out in this Privacy and Data Protection Policy.
Certain Acts of Parliament oblige us to disclose data about our members to certain bodies with statutory powers. For example, we may be required to provide data to the Legal Services Ombudsman, the Office of the Immigration Services Commissioner and the Legal Services Board.
Sometimes we also need to provide data to external agencies and contractors so that they can provide a particular service for us, such as the production of the registers. In these circumstances we always ensure that the data is safe and secure, and that the contracted parties abide by the provisions of applicable data protection laws.
We may contact you by letter, telephone, email or otherwise in relation to your personal data.
Access to your data
The Act affords you the right of access to the personal data we hold about you and further permits us to charge you a fee of £10 for providing this service. If you wish to exercise this right you should submit a subject access request, together with the fee, to IPReg’s Data Protection Officer at the address provided above. If it transpires that any data we hold is inaccurate or incorrect you should inform us immediately so that it can be amended.
Given that the internet is a global environment, using the internet to collect and process personal data necessarily involves the transmission of data on an international basis. Therefore, by browsing our site and communicating electronically with us, you acknowledge and consent to our processing of personal data in this way. We will endeavour at all times to protect all personal data collected through our site in accordance with applicable data protection laws.
We may record telephone conversations to offer you additional security, resolve complaints and improve our service standards. Conversations may also be monitored for IPReg staff training purposes.
Our site may contain links to other websites which are outside our control and are not covered by this Privacy and Data Protection Policy. If you access other websites using the links provided, the operators of these websites may collect data from you which will be used by them in accordance with their own privacy policies, which may differ from ours. Therefore, if you use these links to leave our site and visit websites operated by third parties, we cannot be responsible for the protection and privacy of any data that you provide whilst visiting those websites. Please check these policies before you submit any personal data to these websites.
Changes to this Privacy and Data Protection Policy
We aim to update our site regularly, and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. Any of the material on our site may be out of date at any given time, and we are under no obligation to update such material.
This policy will be kept under review and if amended notification will be made on our site.