toggle menu

Privacy Policy

We are committed to ensuring that your privacy is protected. Our full Privacy Notice is provided further below, but the following information relates directly to use of our website and to contacting us via the enquiry form or email.

Our website does not employ cookies. Our web site host (WordPress/Automattic) may collect standard internet log information and details of visitor behaviour patterns. This information can be used to find out the number of visitors to the various parts of the site, but it is collected in a way which does not identify anyone. Brookes IP does not currently obtain or use this data.

If you use the enquiry form on this website to contact us, any personal data which you provide may be retained by us in our secure IT systems, including cloud-hosted servers. The data will only be used to process and respond to your enquiry, and for keeping a record in case there are subsequent communications between us, or the enquiry becomes an active matter and you become our client.

If you make an enquiry by email to post@brookesip.com, we will similarly retain any personal data which you provide in our secure IT systems, including cloud-hosted servers. The data will only be used to process and respond to your enquiry, and for keeping a record in case there are subsequent communications between us, or the enquiry becomes an active matter and you become our client.

We employ the services of third-party companies for support in web hosting, IT, accounts and renewal payment processing. These third-party data processors may therefore have access to your personal data, but we as data controller and those third party data processors will only use your personal data for the purposes as set out above.

We will not communicate your personal data to any other third parties, unless we are required to by law.

You may request details of the personal data which we hold about you. If you believe that any information we are holding is incorrect, please let us know and we will take the appropriate action.

 

Brookes Batchellor LLP
trading as Brookes IP
Windsor House, 6-10 Mount Ephraim Road
TUNBRIDGE WELLS
Kent TN1 1EE
United Kingdom

Tel. +44 1892 510600
Fax. +44 1892 510666
Email: post@brookesip.com

PRIVACY NOTICE

This Privacy Notice is a major part of our overall Data Protection Policy. It is intended to meet the requirement of being concise, transparent, intelligible and easily accessible, in order that we can explain how we collect and use personal data. However, it does not provide exhaustive detail of all aspects of our data protection policies and procedures. If you require any further detail, please contact us using any of the contact details above.

Contents:

  1. Who We are
  2. Who this Privacy Notice relates to
  3. The Information and how we use it
  4. Marketing
  5. Retention of Personal Data
  6. Security
  7. Data Breach
  8. Your Rights and Exercising Your Rights
  9. External Websites
  10. Review

1.0  Who We Are

Brookes Batchellor LLP (trading as “Brookes IP”) is a firm of UK and European Patent, Trade Mark and Design Attorneys. Brookes Batchellor LLP is a limited liability partnership registered in England and Wales under No. OC304155. We are a registered data controller and our ICO registration number is ZA059523. More information can be found on the Information Commissioner’s Office web site, www.ico.gov.uk.

We try to meet the highest standards when collecting and using personal information. Under the EU General Data Protection Regulation (“GDPR”), and the Data Protection Act 2018 of England and Wales (“DPA”), Brookes Batchellor LLP is the “Controller” of your personal data.

The GDPR and DPA require us to comply with certain basic principles with regard to the way we collect, store and use personal data, which means that we must only collect, store and use personal data fairly, lawfully, transparently and for the purpose or purposes for which it was obtained. We believe that we comply with these requirements.

We have decided that we do not need to appoint a Data Protection Officer, because we do not meet the criteria under the regulations. However, we take data protection very seriously and we have allocated sufficient staff and resources to adopt and maintain our data protection obligations.

2.0  Who this Privacy Notice relates to

This Privacy Notice relates to the following:

  • Visitors to our website and potential clients who contact us
  • Clients
  • External offices, organisations and agencies we deal with
  • Our suppliers and service providers
  • Inventors
  • Job applicants

General information about the data we collect and process is provided in section 3, but specific information for each group of people is provided below.

2.1  Visitors to our website and potential clients who contact us

When someone visits our web site www.brookesip.com, our web site host (WordPress/Automattic) may collect standard internet log information and details of visitor behaviour patterns. This information can be used to find out the number of visitors to the various parts of the site, but it is collected in a way which does not identify anyone. We do not currently obtain or use this data.

Our website does not employ cookies.

If you use the enquiry form on the website to contact us, any personal data which you provide may be retained by us in our secure IT systems, including cloud-hosted servers. The data will only be used to process and respond to your enquiry, and for keeping a record in case there are subsequent communications between us, or the enquiry becomes an active matter and you become our client.

If you make an enquiry by email to post@brookesip.com, we will similarly retain any personal data which you provide in our secure IT systems, including cloud-hosted servers. The data will only be used to process and respond to your enquiry, and for keeping a record in case there are subsequent communications between us, or the enquiry becomes an active matter and you become our client.

2.2  Clients

We provide professional services to clients in the field of Intellectual Property. We hold client data, including personal data of the person or people instructing us, in order to provide those services and carry out our client’s instructions.

2.3  External offices, organisations and agencies we deal with

In the course of providing our professional services to clients, we may need to provide personal data to, or obtain personal data from, external offices, organisations and agencies in order to provide our services and carry out our client’s instructions. These include:

  • Intellectual Property Offices in the UK, Europe or elsewhere, including the UKIPO, EPO, EUIPO and WIPO
  • Other professional advisers including law firms and intellectual property attorneys in the UK, Europe or elsewhere. These advisers may, in turn, need to pass personal data on to the local Intellectual Property Office or to other agents in the relevant country. We have taken appropriate measures to ensure personal data is kept secure and not used for any purpose other than to carry out our client’s instructions.

2.4  Our suppliers and service providers

In the course of providing our professional services to clients, we may need to provide personal data to, or obtain personal data from, suppliers and service providers, in order to provide our services, function as a business and carry out our client’s instructions. These include:

  • Professional support service providers such as renewals/annuity service providers, searchers and draftsman;
  • IT service providers including computer and network management, software providers, cloud-based servers and data storage, web hosting;
  • Financial and accounting service providers including banks, tax authorities, accountancy software providers, accountants, credit reference agencies and debt collection agencies;
  • Personnel service providers including recruitment agencies and HR advisers;
  • File archiving service providers (including file scanning and destruction) and document shredding service providers.

These third parties may be provided with limited access to personal data in order to fulfil their function, but they will not be permitted to use such information for any other purpose.

2.5  Inventors

In most countries, it is a legal requirement to identify the inventor or inventors in a patent application. This will therefore require us to obtain inventor information from our client and to provide this information to the relevant intellectual property office or to another professional adviser. Typically, the personal information we are required to provide includes the name, nationality and contact address for each inventor. The contact address can usually be “c/o” the applicant’s address, if the applicant is a company, to avoid the inventor’s home address being provided. Inventor data is usually published when the patent application and/or granted patent is published.

2.6  Job applicants

If you send us your personal details and/or your CV/resume, you are consenting to us using your personal data for the purposes of recruitment. We may keep your information for future reference, but you can request immediate deletion of your personal data at any time. If you are successful in the recruitment process, we may want to disclose personal information to a third party, for example to take up a reference. We will not do this without your express consent in advance, however.

3.0  The information and how we use it

3.1  When we collect information

We may collect personal information in these circumstances:

  • When an enquiry is submitted via the website form or in an email;
  • When we are instructed to act for a client or to carry our a professional service;
  • When we procure a product or service from a supplier or service provider;
  • When we are contacted by phone, email, post or otherwise.

3.2  What information we collect

We may collect the following personal information:

  • Name;
  • Contact data including telephone number, email address and postal address;
  • Identity and proof-of-address data, such as passport, driving licence and utility bill information;
  • Nationality and residence information;
  • Financial information such as bank account details or payment card details;
  • Publicly-available information such as information on official registers or public records;
  • Other information relevant to the provision of the services we are providing or the services we are requesting.

3.3  How we use your information

We may use your information in a number of ways, including:

  • Providing initial advice by telephone, emails or preliminary meetings;
  • Providing legal services to our clients under engagement;
  • Communicating regarding professional matters;
  • Notifying changes to our services and applicable legal terms, including this Privacy Notice;
  • Managing our business, including for accounting and auditing purposes;
  • Maintaining our website and IT systems;
  • Dealing with any complaints or legal disputes;
  • >Preventing fraud.

3.4  Lawful basis on which we use your information

We will only ever use your personal information as permitted under applicable Data Protection Law, which means one or more of the following will always apply:

  • To perform our contractual obligations;
  • To comply with our legal and regulatory obligations (see 3.6 below);
  • In pursuing our legitimate interests or those of a third party (for example, conducting our business in an efficient and compliant manner) and where your interests and fundamental rights do not override these interests;
  • Where you have given clear and valid consent to such use.

3.5  International Transfers

Some of our external third parties are based outside the European Economic Area (EEA) so their processing of personal data will involve a transfer of data outside the EEA.

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries.
  • Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
  • Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

3.6  Regulatory and Compliance Requirements

We may be required to share your information with government or regulatory bodies (such as the Courts, HMRC, IPReg, etc.). This may be necessary for anti money laundering regulation compliance, tax investigations, or civil/criminal investigations. If we believe the request to be justified request, then we will disclose your personal information to the requesting authority.

3.7  Other situations

In addition, we may disclose your personal information to third parties in the following situations:

  • In the context of a possible sale or restructuring of our business;
  • If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets on the same terms and conditions as herein;
  • If we are under a duty to disclose or share your personal data to comply with any legal obligation, or in order to enforce or apply our terms and conditions or other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Unless otherwise provided by law, all third parties are required to respect the confidentiality of your personal information. They are required to take appropriate security measures to protect your personal information. We do not allow them to use it for their own purposes, but only as we specify and in accordance with our instructions.

4.0  Marketing

We do not sell or share personal information with third parties for their own marketing purposes.

We may from time to time use personal information held by us to inform clients or potential clients about services, events or developments in the field of intellectual property which we think will be of professional interest. We will only provide information which is closely related to the services we have provided for the client or in relation to which the client or potential client has previously enquired, and therefore we consider this to be in pursuit of our legitimate interests as a business providing intellectual property services. We will always provide the means to opt out of such communications in future.

5.0  Retention of personal data

We retain client personal information for as long as we are required by statute and to comply with our professional, tax/financial and regulatory obligations. Typically, this will be for at least 6 years after the conclusion of a matter.

We may also retain information that will make providing our services more convenient and safer, such as your previous case files, but you have the right to ask us to delete any information or take custody of original documents that we hold for you – see the Your Rights section below.

When your personal information is no longer required, it will be destroyed by deletion, shredding or any other approved destruction method to prevent unauthorised parties from gaining access to the information during and after the process.

Please contact us for further details on our Data Retention policy

6.0  Security

We will safeguard your information in our custody. We have developed and will maintain adequate security procedures to safeguard personal information against loss, theft, copying, and unauthorised disclosure, use or modification. Access to personal information is restricted to authorised individuals and companies who need it to perform their work. We also regularly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorised access to systems.

7.0  Data Breach

In the event of a data breach, we may suspend access to our servers, emails and online systems and take other urgent steps to prevent further unauthorised access to information. If we believe that our data has been compromised, we will report the issue to the Information Commissioner’s Office (ICO) at www.ico.org.uk. We will notify you without delay if we believe a data breach is likely to result in a significant risk to your rights and freedoms. Any notification will describe in clear and plain language the nature of the personal data breach and contain all required information.

8.0  Your Rights and Exercising Your Rights

8.1  Your Rights

You have several rights as a data subject as summarised below:

  • Access: You have the right to obtain confirmation as to whether your personal information is being processed by us and, if it is, to access your information and details of how we process it, as long as this does not adversely affect the rights and freedoms of others.
  • Rectification: We will rectify any errors in the personal information we hold on request.
  • Erasure: You may ask us to erase your personal information from our systems in the following situations:
    • The information is no longer necessary in relation to the purpose for which it was collected;
    • You withdraw your consent on which the processing is based and where there is no other legal ground for the processing;
    • You object to the processing and there are no overriding legitimate grounds for the processing;
    • The information has been unlawfully processed;
    • The information has to be erased for compliance with a legal obligation to which we are subject.
  • Right to restrict processing: You have the right to restrict our processing on specified grounds.
  • Notification: Where you have asked us to rectify, erase or restrict processing of your information, we shall communicate the same to each recipient to whom your information has been disclosed, unless this proves impossible or involves disproportionate effort, in which case we shall let you know.
  • Data portability: You have the right in specific circumstances where processing is based on consent to receive your information in a structured, commonly used and machine-readable format and have the right to transmit the information to another controller without hindrance, provided that our processing is carried out by automated means.
  • Right to object: In certain circumstances you have the right to object to our processing of your information, including in relation to profiling, direct marketing or scientific or historical research purposes.
  • Right to complain to a supervisory authority: You are entitled to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk in relation to our use of your personal data.

You also have the right to object to automated decision-making, including profiling, but we do not use your information for these purposes.

8.2  How to exercise your rights

To exercise any of your other data subject rights, please contact us.

You may request a copy of information undergoing processing, subject to evidence of your identity (normally a certified copy of your passport plus an original copy of a utility bill showing your current address). The first copy will normally be provided without charge, but reasonable administration fees shall be charged for substantial, additional or subsequent copies.

We will respond to your requests without undue delay and in any event within one month, unless we need to the period by up to two further months in specific circumstances.

9.0  External Websites

During the course of our business, we may provide links to or information about other websites. This information may be provided in professional correspondence, or it may be provided on our own website or in this Privacy Notice. We do not accept any responsibility for the way those web sites or organisations collect or use your personal data.

10.0  Review

We keep our Privacy Notice under regular review. This privacy notice was last updated on 7 June 2018.