General Data Protection Regulations – Client Privacy Notice
Data controller: George Schlich – Director, Schlich Ltd; firstname.lastname@example.org
As part of acting on behalf of clients, Schlich Ltd (“the organisation”) collects and processes relevant personal data. The organisation is committed to ensuring all data is used fairly, lawfully and transparently to ensure compliance with the Data Protection Act 2018, General Data Protection Regulations (GDPR).
What information does Schlich Ltd collect?
The organisation collects a range of information about you. This may include:
- your full name, title, address and contact details, including email address and telephone number;
- details of your qualifications, skills, experience and employment;
- nationality and country of residence;
- information obtained during our verification procedures to satisfy Money Laundering Regulations, which may include credit checks, or, if applicable, sight of your identification (such as passport or driver’s licence) and proof of address.
Schlich Ltd collects this information in a variety of ways. For example, data might be obtained from requested identity documents or collected from Companies House.
We may be required, on occasion, to collect personal data about you from third parties, such as credit reference agencies, for example CreditSafe. The organisation may seek information from third parties to enable us, under our legal and professional obligations, to comply with Money Laundering Regulations and to carry out credit checks. The information obtained will be treated as confidential.
Data may be stored in a range of different places, including in hard copy format within your Intellectual Property case file, our Case Management Systems and on other IT systems (including email).
Why does Schlich Ltd process personal data?
In the course of operating our business, the organisation needs to obtain and process data to take steps, at your request, prior to entering into a contract with you. It also needs to process your data to prosecute and manage your applications / patents / registrations with the Intellectual Property Offices. In some cases, the organisation needs to process data to ensure that it is complying with its legal obligations. For example, it may be required to provide your personal details to overseas associates to enable them to satisfy their legal obligations in obtaining Intellectual Property Rights on your behalf.
The organisation has a legitimate interest in processing personal data during the processes for obtaining intellectual property protection on your behalf and for keeping records of the processes.
The organisation will not use your data for any purpose other than stated above and will at no time sell your personal data to any third party.
Who has access to data?
Your information will be shared internally for the purposes of processing your Intellectual Property application. This includes employees of Schlich and consultants of Schlich who may conduct work on our behalf.
Your data will only be shared with any third party if there is a legal requirement to do so.
How does the organisation protect data?
Schlich Ltd takes the security of your data seriously. The organisation has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees, overseas associates (patent attorneys) and intellectual property offices, in the performance of their duties. All data sent via email is encrypted to ensure it is secure. Our information technology systems are monitored and regularly updated to ensure we have the up to date and high level protection in place to prevent hacking or compromise of our systems and data.
For how long does Schlich Ltd keep data?
Schlich Ltd will retain your data either in hard copy form or in electronic form, papers relating to the process of protecting your Intellectual Property rights for an appropriate period of time having regard for our legal and regulatory obligations. If you inform us in writing that you no longer require our services, we will securely keep full records for a period of six years. At the end of that period, without further reference to you, your data will be deleted from our case management system and all hard copies will be securely destroyed by an external licenced file destruction service. During this period of time your data will lie dormant within our secure system.
As a data subject, you have several rights. You may:
- access and obtain a copy of your data upon request;
- require the organisation to change incorrect or incomplete data;
- require the organisation to delete (within our regulatory obligations) or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
- object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing; and
- ask the organisation to stop processing data for a period if data is inaccurate or there is a dispute about whether your interests override the organisation’s legitimate grounds for processing data.
If you would like to exercise any of these rights, please contact George Schlich; email@example.com
If you believe that Schlich Ltd has not complied with your data protection rights, you can complain to the Information Commissioner.
What if you do not provide personal data?
You are under no statutory or contractual obligation to provide data to Schlich Ltd, however, if you do not provide the necessary information, the organisation may not be able to process your application to protect your Intellectual Property rights.
At Schlich we have an anti-harassment policy that expresses our commitment to maintain a workplace that is free of harassment, so our employees can feel safe and happy. Our policy extends to not only the way in which employees are treated but also to how we treat any persons outside of our organisation, for example, contractors, public visitors, customers and anyone else whom employees come into contact with during their course of work.
Harassment is unacceptable both in the workplace and in any work-related setting outside of the workplace and we will not tolerate any conduct, that may be directed at one or more individuals that violates an individual’s dignity or constitutes victimisation, or which creates an intimidating, bullying, abusive, hostile, degrading, humiliating, offensive or otherwise uncomfortable environment. We also prohibit wilful discrimination based on age, sexual orientation, ethnicity, racial, religion/belief, or disability.
Complaints Handling Procedure
We are committed to providing a high-quality service to our clients and our company prides itself on the service we offer.
If at any point you become unhappy with the service we provide to you, then we ask that you inform us immediately so that we can do our best to resolve the problem for you.
We ask that you initially raise your complaint with the attorney responsible for your case. Any complaint received will be acknowledged within 2 working days and a Director of the company will be notified. The attorney responsible for your case will then carry out a full and thorough investigation of the matter aiming to report back to you in writing within 7 working days from the date of acknowledgement of your complaint, setting out where applicable, the company’s proposal for rectifying the situation. During that time, it might become necessary for the attorney to contact you for further clarification of certain aspects of your complaint in order to progress the investigation. The attorney may also contact you during this period to provide interim progress updates.
If, after receiving the attorneys full report, you feel that the matter has not been adequately resolved, the matter will be passed to a Senior Associate or Director of the company who will conduct a second independent investigation of the matter and send a full report thereafter. The letter you receive at the end of this investigation will represent our final letter to you.
We will fully document all details of any complaint made to the company.
All complaints made to the company will be dealt with in full within a maximum of 8 weeks from the date of receipt of the complaint.
If you remain unhappy with our response to your complaint and your complaint relates to poor service then you can refer your complaint to the Legal Ombudsman, an independent complaints body established under the Legal Services Act, who can investigate complaints about the legal service you have received from us.
The Legal Ombudsman can investigate complaints up to six years from the date of the problem happening or within three years of when you found out about the problem. If you wish to refer your complaint to the Legal Ombudsman this must be done within six months of the date of our final letter to you. We will indicate when our letter is final.
You can contact the Legal Ombudsman by:
- Telephone: 0300 555 0333
- Email on firstname.lastname@example.org
- Post: Legal Ombudsman, PO Box 6806, Wolverhampton, WV1 9WJ
Our company is regulated by the Intellectual Property Regulation Board (IPREG), which sets out the rules governing our conduct. If you remain unhappy with our response to your complaint and your complaint relates to professional misconduct, then you can raise your complaint with the Intellectual Property Regulatory Board (IPReg). Further details with respect to the IPReg complaints procedure can be found here.