Data protection policy in relation to the European Patent Office's (EPO) User Surveys
1. What is the purpose of collecting the data for the European Patent Office?
The purpose of the EPO's surveys is to gather feedback from the users in order to asses the quality of its services and decide the measures and actions to be taken to improve the services provided by the EPO.
BERENT acts as external service provider to help EPO in conducting the surveys and carrying out data analyses.
Neither EPO nor BERENT will use the respondents’ personal data for any other purpose than carrying out the survey and collecting, aggregating and further analysing the results thereof.
2. What personal data do we process?
The data collected and further processed is related to:
• Existing demographic data on users of the EPO (applicants and representatives) gathered from patent applications.
• Identification data (name and further contact details).
• Responses to the questions.
• Other data: position / function, number of employees, level of experience, etc.
3. Who has access to the data and to whom is it disclosed?
The raw data collected will be available to BERENT authorised staff in charge of analysing the results of the surveys only. From received responses, BERENT will produce a statistical analyses and reports. This statistical analyses and reports will contain the results from the survey in an anonymous and aggregated form and it will be provided to the EPO. No personal data is transmitted to parties which are fall outside the recipients and the legal framework mentioned herein.
When you participate in BERENT web surveys, the following information regarding your visit may be logged: your IP address, your top level domain name (e.g., .com, .de, etc.), the date and time of your visit, the pages you access during your visit, and the type of browser you are using. All information collected is secured to assure it is only used as prescribed above.
4. How do we protect and safeguard your information?
Data is kept anonymous in the document management system according to the security measures of BERENT. The statistical analyses and reports is anonymous and reported only in a manner that does not allow individual responses to be identified.
For the information stored in the BERENT document management system, the following measures are put in place:
• lnformation is stored in security hardened servers with access control measures and protected by Username and Password. No anonymous access allowed.
• Access to the system is restricted by username and password.
• Authentication and authorization based on roles.
• Servers are physically protected at BERENT premises or the ISP.
• Network security configured to prevent external threats from accessing the servers.
Standard IT access controls are implemented to document management system and the survey system itself.
BERENT commit to comply with the guidelines described in ISO 20252:2012, and the ESOMAR, MRS and BVM codes. The service provider’s managers are members of these aforementioned research associations and, as such, are obliged to conduct all business in accordance with the rules and regulations of these Codes.
Unfortunately, the transmission of information via the Internet is not completely secure. Although BERENT applies normal procedures and comply with legal requirements to protect your information, it cannot be guaranteed that the security of your information transmitted to BERENT’s website; any transmission is at your own risk. Once BERENT have received your information, we will use strict procedures and security features to try to prevent unauthorised access. By providing your information to BEREENT you agree and consent to BERENT transferring to, and storing your information in any of our offices.
5. How can you access, verify, modify or delete your data?
You have the right to access, rectify, block, erase and object your personal data in the cases foreseen by law by submitting a written request to the Data Controller, BERENT, by explicitly specifying your request through the mailbox firstname.lastname@example.org.
Participation in the survey is voluntary. If you do not want to participate in this survey, you can opt-out at any time by clicking the specific link provided to you or by specifying your request through the mailbox email@example.com or other mailboxes mentioned in the survey invitations.
6. What are the legal basis for processing this data?
The personal data are collected and processed in accordance with EU General Data Protection Regulation (GDPR) as well as any law of the jurisdiction of BERENT.
You have the right to complain to the data protection authorities at BERENT’s main country of business - German Federal Republic.
7. How long do we keep your data?
Your personal data will be kept for the time necessary to achieve the purpose for which they will be processed.
8. Contact Information
BERENT Deutschland GmbH
This policy has been drafted in the English language. In the event of any inconsistency between the English version of this policy and any translation thereof, the English version shall prevail.