We may, from time to time, request personal information from individuals via email, telephone or postal correspondence. Your personal information will not be provided to any third party other than to meet legal requirements.
Why We Need Your Personal Information
The information that we request from individuals is essential to enable us to carry out our legitimate duties as required under current legislation. This information is necessary for, but not limited to, the following purposes:-
Money Laundering Regulations – We may request that you provide us with personal information to verify you as an individual. As a responsible organisation we are obliged to verify any individual with whom we conduct business and may request a copy of any form of photo ID together with evidence of your place of residence, for example a utility bill. Information that we obtain will be kept in a securely locked area within our offices and may be kept as proof that we have carried out our legal obligations. As soon as this information is no longer required it will be securely destroyed.
IP Filing – To satisfy legal requirements when filing your Intellectual Property at the relevant office we need to provide some of your personal information, for example your name and address, to enable us to register you as either the applicant or the inventor.
Overseas associates – If you wish to protect your Intellectual Property in jurisdictions outside of the UK and Europe, we may be asked to provide personal information about you, for example your name and address, to an overseas associate, so that they may satisfy the legal requirements of the designated country where you wish to protect your Intellectual Property.
Accounting – Where we need to make payments to you directly into your bank account, we will require your name and bank details, these will always be requested from you in writing and stored within our password protected computer system. Your bank account details will be kept until they are no longer required when they will be deleted from our systems.
Contact details – To enable us to correspond with you efficiently we will ask you for your name, address, email address and telephone number. If we are unable to obtain this directly from you, we may revert to using a standard internet search engine to try to identify your contact details and store these on our case management system.
How We Protect Your Personal Information
At Schlich Limited we implement suitable and appropriate data storage and processing measures. All data held within our computerised systems is protected by usernames and complex passwords. Our Information Technology security is regularly monitored and updated to ensure the maximum protection is available at all times and to prevent unauthorised access.
Sensitive and private data that is exchanged via email is only sent to the intended recipients and is protected, as much as possible, by Transport Layer Security (TLS).
Sharing Personal Information
Schlich Limited will never sell, rent or trade any personal information to any other party. Information is only provided for legitimate purposes, when required by law or to enable us to carry out our obligations in the process of protecting your Intellectual Property. The types of information that we will share consists of names, postal addresses, address details of your employment and nationality.
Keeping Personal Information
Your Personal Information will remain securely within our computerised technology or safely locked away for the maximum time required to meet any legal requirements or until such time as we deem it no longer relevant. Subject to legal requirements we will ensure that all data pertaining to your personal information will be removed or destroyed within 14 working days of receipt of your written request.
In the event that any case that we have been working on becomes abandoned, either by request or through failure to meet the legal requirements of a relevant Intellectual Property Office, your file will be stored in a protected area for a period of twelve calendar months after which time it will be securely destroyed.
GDPR provides every individual with the “right to be forgotten”, this means that individuals may request that all personal data pertaining to them is removed permanently from our systems. At Schlich Limited we will ensure that your request is carried out provided that your information is no longer required to satisfy any legal obligations we may be required to adhere to. In the event that we are unable to delete your personal details, we will provide, in writing, a full explanation of our reasons for not fulfilling your request.
What to do in the event of a data breach
In the unlikely event of a breach of your personal data, Schlich Limited will consider the effects that this will have on individuals and whether the data is noted as ‘high risk’. If the breach is considered to be of ‘high risk’ to individuals, we will notify you in writing as soon as we reasonably can. To ensure that Schlich Limited complies with the requirements of GDPR we will notify the Information Commissioners Office within 72 hours of becoming aware that a breach has occurred.