Privacy Notice
Reddie & Grose LLP (“the firm”, “we”, “us”, “our”) is a limited liability partnership registered in England and Wales with registered number OC360746, VAT number GB 243 9087 49 and registered office address The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS.
This Privacy Notice sets out the ways in which we collect and use your personal data (also referred to below as “personal information”). It also explains what rights you have to access or change your personal data. Reddie & Grose LLP is an internationally renowned firm of European and United Kingdom patent, trade mark and design attorneys. We collect and hold information in connection with our business and services as explained in more detail in this Privacy Notice.
How you can contact us
Our contact details for the purposes of this privacy notice and any queries you may have about your personal information are set out below:
- FAO: Data Compliance Manager
- Address: Reddie & Grose LLP, The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS
- Email: data-privacy@reddie.co.uk
What personal information do we collect and process about you?
The information we collect and process about you will include (depending on the circumstances):
- Identity and contact data: personal data that you or others supply to us including name, job title, company details, contact details, including your email address, postal address and telephone number, and security information about entry to our premises where applicable;
- Information contained in correspondence, our advice files and for purposes of meetings or produced at meetings, or otherwise arising in the course of the professional work that we carry out and billing and administration relating to our services: this includes correspondence between us by post or email and any meetings and telephone conversations, as well as notes and data entries;
- Employment and background data: if you are submitting a job application, you may also provide additional information about your academic and work history, qualifications, skills, references, proof of your entitlement to work in the UK, your national security number, your passport or other identity document details, and any other such similar information that you may provide to us;
- Website usage and other technical data: information about your interactions with the website and the device that you use to access our website, including information such as IP addresses, geographical location, browser type, referral source, length of visit and number of page views, the search queries you make on the website and similar information searches, your device information (such as your hardware model, mobile network information, unique device identifiers). This information may be collected by a third-party website analytics service provider on our behalf and/or may be collected using cookies or similar technologies. For more information on cookies please read the section on Cookies below; and
- Marketing information: information relevant to events you may wish to attend and your subscriptions to marketing communications.
Do we collect any Sensitive Personal Information?
If you are submitting a job application, you may provide information about your race or ethnicity, religious beliefs, sexual orientation, health and whether or not you have any disability. Sensitive information or “special categories” of particularly sensitive personal information require higher levels of protection. We need to have further justification for collecting, storing and using this type of personal information. We process sensitive information collected as part of the job application process where it is needed in the public interest for equal opportunities monitoring or where you ask us to process the information in order to provide you with appropriate facilities or arrangements.
How do we collect your information?
We collect the personal information that you provide to us when you:
- make an enquiry, provide feedback, or make a complaint over the phone, by email, or via our website, or are introduced to us;
- instruct us on professional work and when we perform such work;
- visit us or otherwise meet us;
- submit correspondence to us by post, email, or via our website;
- subscribe to our newsletters, articles, and bulletins, and other mailing lists;
- register to and/or attend our events;
- network with us (e.g. at client events and/or other meetings or events either hosted or attended by us);
- provide or offer to provide us with goods or services;
- submit a CV and/or an application to job vacancy; and
- attend an interview or assessment.
In certain circumstances we will receive information about you from third parties. For example:
- Employers, recruitment agencies and referees: if you are a job applicant we will contact your recruiter, current and former employers and/or referees, who may be based inside or outside the EU, to provide information about you and your application;
- Professional contacts: we may collect personal information from professional contacts who introduce you to us;
- Service providers: we may collect personal information from our third party service providers. We use the services of third party digital marketing providers, such as Campaign Monitor to distribute our firm’s electronic newsletters and news updates, and Google Analytics United States to monitor visits to our firm’s website; Campaign Monitor is an email service provider based in Australia. Google Analytics is a web service provided by Google based in the United States. We also use MessageLabs, an on-line security service provided by Symantec, to filter incoming email in order to protect us from nuisance or malicious emails. Symantec are based in the United States;
- Website security: we will collect information from our website security service partner, WPEngine, about any misuse of the website, for instance the introduction of viruses, Trojans, worms, logic bombs, website attacks or any other material or action that is malicious or harmful. WPEngine hold our data on servers in the UK only;
- Other third parties: we may receive personal information about you where you are the subject of advice that a third party asks us to provide; and
- Publicly available sources: we use publicly available sources such as Companies House, for instance to carry out identity and compliance checks, as well as databases relating to intellectual property ownership and related matters.
We also receive information about you from third parties if you have indicated to such third party that you would like to hear from us.
Why do we collect and hold information and how we use information about you?
We will use your information for the purposes listed below either on the basis of:
- your consent (where we request it);
- performance of your contract with us and the provision of our services to you;
- where we need to comply with a legal or regulatory obligation; or
- our legitimate interests or those of a third party.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation). If you would like to see our legitimate interest assessment, please contact us. If you have any concerns about our processing please refer to details of “Your rights” below.
We use your information for the following purposes:
- To provide our professional services to you or others and maintain our professional relationship with you: to propose or provide our professional services (on the basis of performing our contract with you, or otherwise on the basis of our legitimate interest to conduct our business);
- To respond to enquiries: to enable the firm to answer any queries or correspondence requiring action by us (on the basis of your consent, on the basis of our legitimate interest to respond to enquiries from prospective clients and to operate a lawful business, or otherwise to comply with our legal obligations);
- To provide access to our website: to provide you with access to our website in a manner convenient and optimal and with personalised content relevant to you including sharing your information with our website hosts and developers (on the basis of our legitimate interest to ensure our website is presented in an effective and optimal manner);
- Relationship Management: to manage our relationship with clients, suppliers, prospects and job applicants, including by maintaining our database of contacts, notifying you about changes to our terms of use and/or privacy notice (on the basis of performing our contract with you, to comply with our legal obligations and on the basis of our legitimate interests to keep our records updated and study how our website and services are used);
- User and customer support: to provide client service and support in relation to your use of our website and services (on the basis of our contract with you or on the basis of our legitimate interests to provide you with customer service), and to deal with enquiries or complaints about the website and services (on the basis of our legitimate interest in providing the correct services to our website users and to comply with our legal obligations);
- Recruitment: to process any job applications you submit to us, whether directly or via an agent or recruiter (on the basis of our legitimate interest to recruit new employees or contractors). Any data collected via job applications will not be used for marketing or promotional activities;
- Marketing: to keep in contact with you by sending you our monthly newsletter with details of law changes and developments in Intellectual Property, as well as periodic updates regarding changes to our firm about our news, events and services that we believe may interest you, provided that we have the requisite permission to do so (either (i) on the basis of your consent where we have requested it, or (ii) our legitimate interests to provide you with marketing communications where we may lawfully do so and to keep our clients better informed). You may opt out of receiving these newsletters at any time by clicking on the unsubscribe link at the bottom of our email, or by emailing us at the marketing@reddie.co.uk address;
- Compliance with policies, procedures and laws: to enable us to comply with our policies and procedures and enforce our legal rights, or to protect the rights, property or safety of our employees and share your information with our technical and legal advisors (on the basis of our legitimate interests to operate a safe and lawful business or where we have a legal obligation to do so).
Who we share your information with
In connection with the purposes and on the lawful grounds described above we will share your personal information when relevant with third parties such as:
- Patent & trade mark offices: In order to secure intellectual property rights for you or your employer, such as patent and trade mark applications, we may have to provide details of your application and/or your contact details and necessary other personal details to patent and trade mark offices and local or overseas attorneys. We usually send this information electronically, such as electronic filing software, by email, or by facsimile. Where the information is sensitive or confidential, we may use encryption.
- Patent Annuities services: In order to handle renewal fee payments on your behalf, we may transfer details of your patent and trade mark applications, and your contact details, to a Patent Annuities service, such as a CPA Global, headquartered in Jersey.
- Docketing System providers: In order to track and monitor deadlines and action dates associated with your intellectual property rights, we use a Inprotech, a Practice Management System provided by CPA Global having a development and support team based in Australia (part of the CPA Global group) headquartered in Jersey. In order to ensure that updates to the system or database are rolled-out successfully, we may share the contents of our database with CPA Global;
- Website security services: Our website security service partner, WPEngine, provides us with secure data centers for the storage of data. WPEngine hold our data on servers in the UK only;
- Marketing and advertising services: We use the services of third party digital marketing providers, such as Campaign Monitor to distribute our firm’s electronic newsletters and news updates, and Google Analytics United States to monitor visits to our firm’s website. Campaign Monitor is an email service provider based in Australia. Google Analytics is a web service provided by Google based in the United States. These providers may process your personal data on our behalf and in accordance with the requirements of the GDPR, and gather statistics around email opening and website visits in order to help us improve the content and relevance of our communications;
- Prospective buyers of our business: any prospective buyer of our business or assets, only in the event that we decide to sell our business or assets; and
- Other professional advisers and regulators: other professional advisers and regulators that we engage on your behalf or in relation to you or your information, in carrying out our work; as well as our advisers, insurers and professional regulators which include the Chartered Institute of Patent Attorneys or any other regulatory body relevant to compliance with our professional rules and obligations or any complaint.
We will not provide any personal data to any other third parties without your consent to do so unless required by law.
Cookies
We use cookies to ensure that you get the most out of our website. Cookies are small amounts of information in the form of text files which we store on the device you use to access our website. Cookies allow us to monitor your use of the software and simplify your use of the website. For example, a temporary cookie is also used to keep track of your “session”. Without that temporary cookie you would not be able to log in via our website.
If you do not wish for cookies to be installed on your device, you can change the settings on your browser or device to reject cookies. For more information about how to reject cookies using your internet browser settings please consult the “Help” section of your internet browser (or alternatively visit http://www.aboutcookies.org). Please note that, if you do set your Internet browser to reject cookies, you may not be able to access all of the functions of the website.
The names of the cookies used on our website and the purposes for which these cookies are used are set out in the table below:
Cookie Name | Purpose | Duration |
_ga | This cookie is used to distinguish users. | Two years |
_gat | This cookie is used to limit the collection of data on high traffic sites. | 1 minute |
_gid | This cookie is used to distinguish users. | 24 hours |
NID | Most Google users will have a preferences cookie called ‘NID’ in their browsers. A browser sends this cookie with requests to Google’s sites. The NID cookie contains a unique ID that Google uses to remember your preferences and other information, such as your preferred language (e.g. English), how many search results you wish to have shown per page (e.g. 10 or 20), and whether or not you wish to have Google’s SafeSearch filter turned on. | This will vary |
CONSENT | This is used for Google maps. | 20 years |
Our website may contain content and links to other sites that are operated by third parties that may also operate cookies. We don’t control these third party sites or cookies and this Privacy Notice does not apply to them. Please consult the terms and conditions and Privacy Notice of the relevant third party site to find out how that site collects and uses your information and to establish whether and for what purpose they use cookies.
How we look after your information and how long do we hold your information for?
We follow strict security procedures as to how your personal information is stored and used, and who sees it, to help stop any unauthorised person getting hold of it. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We use appropriate technological and operational security measures to protect your information against any unauthorised access or unlawful use, such as:
- ensuring the physical security of our offices, or other sites;
- ensuring the physical and digital security of our equipment and devices by using appropriate password protection and encryption;
- maintaining a data protection policy for, and delivering data protection training to, our employees; and
- limiting access to your personal information to those in the firm who need to use it in the course of their work.
We hold your data only for as long as necessary to provide you with the services that you have requested from us or for as long as we reasonably require to retain the information for our lawful business purposes, and in accordance with the firms’ data retention policy.
- For personal data that we hold in order to perform our contract of service with you, we may hold the data for up to 6 years after (i) the last work we carried out for you, or (ii) IP rights are no longer live on our records, for you or the organisation for whom you instruct us.
- For marketing purposes, we may hold data for up to 6 years from our last contact with you or the organisation for whom you instruct us.
- For personal information that you have supplied to us for recruitment purposes, we hold this information for up to 6 months, or for up to 6 years after the termination of any subsequent employment
If you would like more information about our data retention policy, please contact us using the data-privacy@reddie.co.uk email address above.
International transfers of your information
Our firm is located in the UK.
We do not transfer your personal data outside the European Economic Area (EEA) unless:
- you instruct us to transfer your personal data to third parties located outside the EEA;
- such transfer is necessary to provide the services you have requested from us; or
- it is otherwise required or permitted by law.
If you require the professional advice or services from a representative in another country in order to file an application or seek local advice, we will only transfer personal information about you on the basis that you have instructed us and it is necessary for the purpose of providing the services you have requested.
If a supplier who is acting as our data processor is based outside of the EEA, we ensure that appropriate safeguards are in place for the transfer of your information out of the EEA in in accordance with the following transfer solutions:
- We may transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries;
- Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries; and
- Where we use providers based in the US, we may transfer data to them if they adhere to the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.
Please contact us using the data-privacy@reddie.co.uk email address, if you want further information on the specific mechanism used.
Your rights to your personal information
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information please email the data-privacy@reddie.co.uk address, or write to us at Reddie & Grose LLP, The White Chapel Building, 10 Whitechapel High Street, London, E1 8QS.
You also have the following rights in respect of the personal information that we hold about you:
- the right to be informed of the ways in which we use your information, as we seek to do in this Privacy Notice;
- the right to ask us not to process your personal data for marketing purposes;
- the right to request that we correct or rectify any information that we hold about you which is out of date or incorrect;
- the right to withdraw your consent for our use of your information in reliance on your consent, which you can do by contacting us using any of the details at the top of this Privacy Notice;
- the right to object to our using your information on the basis of our legitimate interests (or those of a third party)) and there is something about your particular situation which makes you want to object to processing on this ground;
- the right to receive a copy of any information we hold about you (or request that we transfer this to another service provider) in a structured, commonly-used, machine readable format, in certain circumstances;
- in certain circumstances, the right to ask us to limit or cease processing or erase information we hold about you; and
- the right to lodge a complaint about us to the UK Information Commissioner’s Office (https://ico.org.uk/) as well as a right to lodge a complaint with the relevant authority in your country of work or residence.
You may exercise your rights above by contacting us using the details in this Privacy Notice, or in the case of preventing processing for marketing activities also by clicking unsubscribe at the bottom of a newsletter or alternatively emailing the marketing@reddie.co.uk address.
Please note that we may need to retain certain information for our own record-keeping and research purposes. We may also need to send you service-related communications even when you have requested not to receive marketing communications.
We may need to request specific information from you to help us confirm your identity and to enable you to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We will try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Complaints procedure
If you wish to raise a complaint regarding any aspect of our any aspect of our processing of your information, please email data-privacy@reddie.co.uk marking your email for the attention of the Data Compliance Manager. If you have any other questions, please contact your usual Reddie & Grose LLP attorney.
You may if you wish file a complaint with Information Commissioner’s Office as explained under the “Your Rights” section above.
Changes to this privacy notice and your duty to inform us of changes
We may make changes to this Privacy Notice from time to time. We will post any changes to our website, or notify you of any material changes by e-mail.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us by contacting us via the contact details in this Privacy Notice.
This Privacy Notice was updated on 24 May 2018.