Data Protection Information for Clients

We have pleasure to inform you of the methods, extent and purpose of processing personal data by LBP Lemcke, Brommer & Partner Patentanwälte mbB. This data protection information refers to the processing of personal data in connection with working on client matters.

1. Controller

Controller of data processing according to the EU GDPR as well as other data protection regulations in the EU is LBP Lemcke, Brommer & Partner Patentanwälte mbB, Siegfried-Kühn-Strasse 4, 76135 Karlsruhe, Germany (hereinafter referred to as “LBP”). Further information on our office can be found under our imprint.

2. Data Protection Officer

Our Data Protection Officer is Robert Dorsch, Rottstr. 13, 67373 Dudenhofen, Germany. He may be contacted via datenschutz@LBP-Patent.de for all LBP-related data protection issues, as well as in the event of reports concerning potential data breaches. If you wish to make a contact by telephone, please use our central phone number +49 721 91280-0.

3. Which data are subject to processing?

When accepting a new mandate, we collect the usual contact data, such as last name, first name, contact person, position within the enterprise, postal address, e-mail addresses, phone and fax numbers of the client and the respective inventor/author. Apart from that, further data concerning the matter in question may be collected, which may also include personal data. Such data are recorded and stored in a paper file pertaining to the respective client matter, and saved and processed electronically in an IP management software. While working on a client matter, further personal data may be collected and saved from time to time as necessary and added to the client matter file.

The legal basis for this data processing is Art. 6 (1) lit b) GDPR, namely the performance of a mandate contract as well as any steps at the request of the data subject prior to entering into a contract.

4. Voluntary Information

To the extent that you have, for example, voluntarily provided us with data on forms, and that this information is not required for the performance of any contractual obligations, we shall process this data for the clarification of your respective request, assuming that the processing and use of this data is in your interest.

The legal basis for this processing is Art. 6 (1) a GDPR. We will not transfer such data to any third parties without your authorization.

Erasure of such data will take place two months after your request has been dealt with and settled.

5. Transfer to third parties

As a matter of principle, personal data that you provide us with will not be transferred to any third party, unless you have given your consent or such transfer is essential for the performance of our contractual obligations arising from our client relationship. Hence, it may become necessary in order to manage a case, to transfer the personal data you have made available to us to other parties to the proceedings and their representatives, to administrative offices, courts or service providers. In any case, your data will be used in accordance with the principle of purpose limitation.

In order to support you as comprehensively as possible, it is unavoidable for certain services to transfer data to our foreign colleagues or to use the expertise of our external service providers. In such cases it may occur that these obtain knowledge of personal data. This applies particularly to the measures listed below:

5.1 Payment of Maintenance and/or Renewal Fees

We are working with external service providers and/or foreign colleagues for initiating the payment of maintenance/renewal fees. For this purpose, we have to pass on the application or registration number of the concerned property right as well as the name of the IP right holder.

5.2 Application for corresponding foreign IP rights

In case you wish us to file foreign applications claiming priority of an IP right, please note that we need to pass on required data, which may inter alia include personal data, in particular data pertaining to inventors, to the respective Office or international organization (EPO, EUIPO, WIPO) or to foreign colleagues.

5.3 Validation

For the purpose of performing the validation of a European patent in foreign Contracting States, we have to pass on to our validation service provider the data of the relevant patent as published in the register, including the name of the patent holder.

5.4 Official or extra-official proceedings against conflicting trademarks

If you wish us to represent you in proceedings against a conflicting trademark, please be advised that it is necessary to transfer the relevant data of your concerned IP right, which may inter alia include personal data, to the respective Office or to foreign colleagues.

In the cases according to para 5.1, 5.2, 5.3 and 5.4 please note that in non-EU countries, other legal provisions concerning privacy may apply which may differ from the standards in the EU.

We carefully select our partner law firms abroad and our service providers – in particular with regard to data protection and data security.

6. Data processing outside of the EU

In connection with the management of intellectual property rights matters in non-EU countries, it may become necessary for us to transfer your data to other parties to the proceedings and their representatives, to administrative offices, courts our service providers resident in such third countries. We would like to point out that in countries outside the EU other legal provisions concerning privacy may apply, which may differ from the level of data protection within the EU.

In such cases we have either concluded with our service providers or partner law firms abroad a contract on data processing according to Art. 28 GDPR, a joint controller agreement according to Art. 26 GDPR, as well as – as far as necessary – binding standard contractual clauses as specified by the GDPR, or any other suitable guarantees.

If data are transferred to countries, for which a EU Commission decision concerning an adequate level of protection according to Art. 46 GDPR does not exist and/or for which no appropriate safeguards according to Art. 46 GDPR are provided for, the transmission will take place in accordance with Art. 49 (1) GDPR only on condition that

  • you have explicitely consented to the proposed transfer, after having been informed of the possible risks of such transfers for you due to the absence of an adequacy decision and appropriate safeguards (Art. 49 (1) (a) GDPR;
  • the transfer is necessary for the performance of our contractual obligations arising from our mandate relationship or the implementation of pre-contractual measures taken at your request (Art. 49 (1) (b) GDPR;
  • the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person (Art. 49 (1) (c) GDPR;
  • the transfer is necessary for the establishment, exercise or defense of legal claims (Art. 49 (1) (e) GDPR;
  • the transfer is made from a register which according to Union or Member State law is intended to provide information to the public and which is open to consultation either by the public in general or by any person who can demonstrate a legitimate interest, but only to the extent that the conditions laid down by Union or Member State law for consultation are fulfilled in the particular case (Art. 49 (1) (g) GDPR.

To the extent that we are processing your personal data on the basis of your consent as mentioned above, you have a right to withdraw such consent totally or partially, without giving any reasons for it, at any time, with effect for the future.

7. Duration of storage

As a rule, erasure of your data takes place as soon as the purpose of data collection has ceased to exist. However, due to commercial and tax law requirements we are obliged to store at least your address, payment and contract data for the duration of ten years. You are free to give us your consent to a longer-term storage, which you can withdraw at any time, free of formalities and without giving any reasons (please also refer to section 8 here below).

8. Your rights as a data subject

You have the right to disclosure of information concerning your personal data. For any information you may contact our data protection officer or us directly at any time.

Should your request for information not be made in writing, we kindly ask for your understanding that we may request proof of identification from you that verifies who you are.

You also have the right to rectification or erasure or restriction of processing of your data, provided that there are no other laws or regulations to the contrary.

Furthermore, you have the right to object to processing of personal data within the scope of the legal provisions. The same applies to your right to data portability. Please feel free to contact us by email via datenschutz@LBP-Patent.de!

You have the right to lodge a complaint regarding the processing of personal data by us with the relevant data protection supervisory authority. You may lodge your complaint, for example, with the regulatory authority responsible for LBP:

The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Lautenschlagerstr. 20
70173 Stuttgart
Phone: +49 (0) 711 61 55 41-0
Fax: +49 (0) 711 61 55 41-15
E-Mail: poststelle@lfdi.bwl.de

Website with further contact data: https://www.baden-wuerttemberg.datenschutz.de/

9. Changes to this data protection information

We will revise this data protection information on occasions that require changes to it. The current version is always available at: https://lbp-patent.de/en/data-protection-information-for-clients

Status: October 12, 2021