Our privacy notices

We have separate privacy notices in respect of different categories of data that we collect and process. Three of these notices are published here. Some other privacy notices are published internally only, such as the notice in respect of Worker Data. If you have a reason to review that policy please contact the Practice Director.

We are committed to respecting and protecting the privacy of our clients, and those individuals associated with our clients.

 

  1. This Privacy Notice addresses data subjects’ right to be informed of how we use personal data in the context of providing services to clients.
  2. A limited amount of personal data, as defined in the GDPR, is recorded and processed for the purpose of the registration of IP Rights (IPR) and the delivery of other IP services to clients. That personal data includes names, email addresses, physical addresses including business and sometimes home addresses, and telephone numbers.
  3. This data is controlled by Cleveland Scott York LLP, Cleveland Scott York Renewals LLP and Cleveland Scott York IP Ltd as appropriate, collectively referred to as CSY. The controller’s representative is your attorney or the Practice Director, who may be contacted at Cleveland Scott York, 10 Fetter Lane, London, EC4A 1BR, on +44(0)203 077 3499 or via mail@csy-ip.com.
  4. The lawful bases of processing client data are contract and legitimate interests: where we process the personal data of a client we do so in furtherance of the contract between us as well as because of legitimate interests. Where we process personal data of third parties associated with our clients (who include employees of the client and occasionally individuals in other organisations with whom our client is in dispute or negotiation) we do so to pursue legitimate interests.  The lawful basis for the storage of such data after we have completed our contract with clients is legitimate interests: we need to be able to contact clients and/or to review the work that we did in the past should some development make it appropriate for us to do so.
  5. Legitimate Interests Assessment
    1. The purpose that CSY is pursuing in processing data from clients is to protect our clients’ IPR or provide other services in relation to IPR, and in so doing achieve our clients’ legitimate interests of protecting and developing their businesses of acquiring, maintaining IPR or opposing other organisations’ IPR. We believe that data subjects expect us to use their data in this way and that doing so has a minimal privacy impact.
    2. It is sometimes necessary to process personal data in the course of providing IPR services – e.g. to record the names of the inventors on a patent. CSY only processes as much personal data as is necessary.
    3. We assess that the risks to individuals in processing data in this way is very low, and therefore the balancing test does not suggest that the legitimate interest of clients need be overridden.
  6. Some of this personal data will end up on public registers as the result of IPR filing – e.g. the names of inventors and applicants of patents. Where the inventor or inventors are not our client, e.g. where they are employees of a client organisation, we will require our client to inform the data subjects of this privacy notice.
  7. It is the policy of CSY to minimise the amount of personal data stored and processed in the course of its operations. The firm does not, for example, use home addresses for inventors when other addresses may be used, unless specifically requested by clients or if there are no other addresses.  In some cases it is necessary to provide such information in order to deliver our services, and without it, in some circumstances, the consequences of not having such personal data would be that clients would not be able to acquire or protect IPR.
  8. It is the policy of CSY not to collect, store or process special categories of personal data (previously known as sensitive personal data) unless strictly necessary, in which case the firm will draw this requirement to the attention of the client and ask for the client’s explicit consent to use that data.
  9. CSY will share client personal data with the following recipients:
    1. Officials in Intellectual Property Offices in the UK and overseas.
    2. Partners and staff in overseas firms selected by CSY to provide international IP services to you.
    3. Other service providers contracted or appointed in the course of providing IP services to you.
  10. Where a client wishes to register IPR in jurisdictions outside the EU it will often be necessary to share personal data with organisations outside the EU. We manage that risk by appointing reputable overseas service providers and by appropriate contractual terms with those providers.  We consider that the additional risks to data subjects as a result of our processing this data are low because the data is generally the same as is already, or shortly will, be published at the UKIPO, EPO and EUIPO.
  11. CSY will never sell clients’ personal data nor share it with other organisations for any purpose unconnected with their IPR. We will use personal data to keep clients informed of matters relevant to their IPR.
  12. CSY does not carry out automated decision making based on personal data.
  13. We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of any changes to our privacy policy by email.
  14. It is CSY’s policy to keep files on client work for a period of up to 26 years – being the twenty-year life of a patent plus six years under the statute of limitations. In some cases, e.g. when work on a file is ongoing, or where Supplementary Protection Certificates are granted, this period may be extended.  A limited amount of personal data is held in these files, but this is limited, is incidental to the main content of the file, and is a record of who was involved in cases at the time they were active.
  15. If you have any queries or concerns about this privacy notice or specifically about the use of your personal data please speak to your attorney, or email the Practice Director via privacy@csy-ip.com.  If you have a complaint about the way we use your data that we are unable to address you have a right to lodge a compliant with a supervisory authority; in the UK this is the Information Commissioner’s Office (ICO).

We are committed to respecting and protecting the privacy of individuals whose personal data we hold for the purposes of marketing to them, and will only market to them in a proportionate and reasonable way.

 

  1. This Privacy Notice addresses data subjects right to be informed of how we use personal data in the context of communicating with prospective clients (and potential referrers of our services) for purposes of marketing, henceforth referred to as prospect data.
  2. A limited amount of personal data, as defined in the GDPR, is recorded and processed for the purpose of communicating with prospective clients. That personal data is typically limited to names, email addresses, physical business addresses and telephone numbers.
  3. This data is controlled by Cleveland Scott York LLP, Cleveland Scott York Renewals LLP and Cleveland Scott York IP Ltd as appropriate, collectively referred to as CSY. The controller’s representative is the Practice Director, who may be contacted at Cleveland Scott York, 10 Fetter Lane, London, EC4A 1BR, on +44(0)203 077 3499 or via mail@csy-ip.com.
  4. The lawful basis of processing prospect data is legitimate interests.
  5. Legitimate Interests Assessment
    1. The purposes that CSY is pursuing in processing data of prospective clients to make individuals in the business, research and other relevant communities aware of the services that the firm can offer, to attract new clients from those communities and hence to further our purpose of being a successful firm and an asset to our clients. We believe that our use of data is proportionate, that data subjects expect us to use their data in this way and that doing so has a minimal privacy impact.
    2. It is necessary to market the firm’s services if we are to be a successful and growing business employing, directly and indirectly, a significant number of people. Not to market directly to individuals would put the firm at a commercial disadvantage.
    3. We assess that the risks to individuals in processing data in this way is very low, and therefore the balancing test does not suggest that the legitimate interest of prospective clients need be overridden.
  6. CSY observes the requirements also of the Privacy and Electronic Communications Regulations 2003 (PECR); under PECR data subjects have a right to refuse future electronic communications of a marketing data. Data subjects also have a right to erasure of their personal data where that data is held for marketing purposes.
  7. Prospect data will be gathered in a variety of ways, including where details are given directly by the data subject (e.g. by handing over a business card at a networking event) or through research or purchase from appropriate sources.
  8. It is the policy of CSY to minimise the amount of personal data stored and processed in the course of its operations.
  9. It is the policy of CSY not to collect, store or process special categories of personal data (previously known as sensitive personal data) on prospects.
  10. CSY will only share prospect personal data with marketing service providers, who will be data controllers in their own right, to send communications to those prospects on our behalf. CSY will never sell clients’ personal.
  11. CSY does not carry out automated decision making based on personal data.
  12. We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of any changes to our privacy policy by email.
  13. If you have any queries or concerns about this privacy notice or specifically about the use of your personal data please email the Practice Director via privacy@csy-ip.com. If you have a complaint about the way we use your data that we are unable to address you have a right to lodge a compliant with a supervisory authority; in the UK this is the Information Commissioner’s Office (ICO).

We are committed to respecting and protecting the privacy of visitors to our website.

 

  1. This Privacy Notice addresses data subjects right to be informed of how we use personal data that is provided through the website contact form.
  2. This data is controlled by Cleveland Scott York LLP (CSY). The controller’s representative the Practice Director, who may be contacted at Cleveland Scott York, 10 Fetter Lane, London, EC4A 1BR, on +44(0)203 077 3499 or via privacy@csy-ip.com.
  3. Data gathered through the reply forms on this website is used to reply to queries or send electronic newsletters. The lawful basis of processing personal data gathered through this website is legitimate interests: 
    1. Where a data subject uses the website enquiry form to ask a question an email is generated and will be forwarded to an appropriate person to answer. We assume that it is our mutual legitimate interest to reply.  We will not add the details of anyone who contacts us this way to our email newsletter list (unless they also subscribe for our news service as explained in sub-paragraph (b) below) and will not send other marketing materials.
    2. Where a data subject completes the form to be added to the email newsletter list we understand that to be explicit consent to send newsletters. We will not use that data for other marketing purposes unless the data subject requests it.
  4. Legitimate Interests Assessment
    1. The purposes that CSY is pursuing in processing data of individuals who provide us with their data via the website it to answer their enquiries and, where relevant, to enter into correspondence leading to the enquirer becoming a client of the firm (or having some other relationship with it). We believe that our use of data is proportionate, that data subjects expect us to use their data in this way and that doing so has a minimal privacy impact.
    2. It is necessary to engage with enquirers to market the firm’s services if we are to be a successful and growing business employing, directly and indirectly, a significant number of people, or to deal with other issues that individuals may draw to our attention via the website.
    3. We assess that the risks to individuals in processing data in this way is very low, and therefore the balancing test does not suggest that the legitimate interest of website enquirers need be overridden.
  5. If following the sending of an initial email through the website the sender becomes a client of the firm, data will subsequently be processed under the Client data privacy notice.
  6. We use cookies to collect information about visitors to this site. Such data is anonymised and is not therefore personal data.  Our cookie policy is appended to the end of this notice.
  7. Personal data is not stored in the website.
  8. It is the policy of CSY to minimise the amount of personal data stored and processed in the course of its operations. It is the policy of CSY not to collect, store or process special categories of personal data (previously known as sensitive personal data) unless strictly necessary.
  9. CSY will only share website users’ personal data with marketing service providers, who will be data controllers in their own right, in order to send email newsletters where we have been requested to do so.
  10. CSY will never sell clients’ personal data.
  11. CSY does not carry out automated decision making based on personal data.
  12. We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of any changes to our privacy policy by email.
  13. If you have any queries or concerns about this privacy notice or specifically about the use of your personal data please speak to your attorney, or email the Practice Director via privacy@csy-ip.com. If you have a complaint about the way we use your data that we are unable to address you have a right to lodge a compliant with a supervisory authority; in the UK this is the Information Commissioner’s Office (ICO).

 

 

Cleveland Scott York – Notice on Use of Cookies

 

Cookies

A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser. We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information by means of cookies, which are stored on users’ computers. The information generated is used to create reports about the use of the website. Google will store this information. Google’s privacy policy is at http://www.google.com/privacypolicy.html

Our website uses cookies, as almost all websites do, to help provide you with the best experience we can. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.

 

Our cookies help us:

  • Make our website work as you’d expect
  • Remember your settings during and between visits
  • Improve the speed/security of the site
  • Allow you to share pages with social networks like Twitter, Linkedin and Google+
  • Continuously improve our website for you
  • Make our marketing more efficient (ultimately helping us to offer the service we do at the price we do)

 

We do not use cookies to:

  • Collect any personally identifiable information (without your express permission)
  • Collect any sensitive information (without your express permission)
  • Pass data to advertising networks
  • Pass personally identifiable data to third parties
  • Pay sales commissions

If the settings on your software that you are using to view this website (your browser) are adjusted to accept cookies we take this, and your continued use of our website, to mean that you are fine with this. Should you wish to remove or not use cookies from our site you can learn how to do this below, however doing so will likely mean that our site will not work as you would expect.

 

We use cookies to make our website work including:

  • Remembering your search settings
  • Remembering if you have accepted our terms and conditions

There is no way to prevent these cookies being set other than to not use our site.

 

Social Website Cookies

So you can easily share our content on Twitter we have included sharing buttons on our site.

Cookies are set by:

The privacy implications on this will vary from social network to social network and will be dependent on the privacy settings you have chosen on these networks.

 

Anonymous Visitor Statistics Cookies

We use cookies to compile visitor statistics such as how many people have visited our website, what type of technology they are using (e.g. Mac or Windows which helps to identify when our site isn’t working as it should for particular technologies), how long they spend on the site, what page they look at, etc. This helps us to continuously improve our website. These so called “analytics” programs also tell us if, on an anonymous basis, how people reached this site (e.g. from a search engine) and whether they have been here before helping us to put more money into developing our services for you instead of marketing spend.

 

Using your personal data

Personal data submitted on this website will be used for the purposes specified in this privacy policy or in relevant parts of the website. We may use your personal information to:

  • administer the website;
  • send you general (non-marketing) communications;
  • send you email notifications which you have specifically requested;
  • send to you briefing notes and other marketing communications which relate to our business, which we think may be of interest to you. You can inform us at any time if you no longer wish to receive marketing communications;
  • deal with enquiries or complaints made by you relating to this site.

 

We will not provide your personal information to any third parties for direct marketing purposes.

 

Disclosures

We may disclose information about you to any of our employees, officers or agents insofar as reasonably necessary for the purposes as set out in this privacy policy. In addition, we may disclose information about you:to the extent that we are required to do so by law;

  1. in connection with any legal proceedings or prospective legal proceedings;
  2. in order to establish, exercise or defend our legal rights;

 

International data transfers

Information that we collect may be stored and processed and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this privacy policy. Information which you provide may be transferred to countries, including the United States, which do not have data protection laws equivalent to those in force in the European Economic Area (EEA). You expressly agree to such transfers of personal information.

 

Security of your personal data

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information. Nevertheless, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.

 

Policy amendments

We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of any changes to our privacy policy by email.

 

 

We are committed to respecting and protecting the privacy of our suppliers, and those individuals associated with our suppliers.

 

  1. This Privacy Notice addresses data subjects right to be informed of how we use personal data in the context of suppliers, and prospective suppliers of services, to the firm.
  2. A limited amount of personal data, as defined in the GDPR, is recorded and processed for the purpose of purchasing supplies for the firm. That personal data will usually be limited to the names, personal business email addresses and telephone numbers of suppliers.  Where suppliers are sole traders it may also include other personal data such as home addresses and personal bank accounts, if these are used for business purposes.
  3. This data is controlled by Cleveland Scott York LLP, Cleveland Scott York Renewals LLP and Cleveland Scott York IP Ltd as appropriate, collectively referred to as CSY. The controller’s representative is the Practice Director, who may be contacted at Cleveland Scott York, 10 Fetter Lane, London, EC4A 1BR, on +44(0)203 077 3499 or via privacy@csy-ip.com.
  4. The lawful bases of processing client data are contract and legitimate interests: we need to enter into contracts with actual suppliers, process orders and make payments for them, and it is in our mutual legitimate interests to maintaining details of prospective new suppliers of services, to process the data to fulfil our purpose, which is to conduct business as a firm of patent and trade mark attorneys.
  5. Legitimate Interests Assessment
    1. The purpose that CSY is pursuing in processing personal data from suppliers is to function as an effective business and in so doing to provide business for our suppliers.
    2. It is necessary to process personal data about suppliers of we are to develop high quality personal relationships with them. We believe that supplier representatives wish us to do this as they wish to be treated as individuals and to develop relationship with our representatives.
    3. We assess that the risks to individuals in processing data in this way is very low, and therefore the balancing test does not suggest that the legitimate interest of CSY and our suppliers need be overridden.
  6. It is the policy of CSY to minimise the amount of personal data stored and processed in the course of its operations.
  7. It is the policy of CSY not to collect, store or process special categories of personal data (previously known as sensitive personal data) in respect of suppliers.
  8. CSY may share supplier personal data with the following recipients:
    1. Our banks.
  9. CSY will never sell suppliers’ personal data. It might occasionally share personal data with third parties, e.g. if we were to recommend a supplier to another prospective customer.
  10. CSY does not carry out automated decision making based on personal data.
  11. We may update this privacy policy from time-to-time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes. We may also notify you of any changes to our privacy policy by email.
  12. If you have any queries or concerns about this privacy notice or specifically about the use of your personal data please speak to the Practice Director via privacy@csy-ip.com. If you have a complaint about the way we use your data that we are unable to address you have a right to lodge a compliant with a supervisory authority; in the UK this is the Information Commissioner’s Office (ICO).