We will only collect and use your personal information as outlined in this policy and in line with our obligations and your rights under the law. Please read our policy carefully and bring it to the attention of any relevant persons, such as colleagues within your business or organisation, who have given consent for their details to be passed to us.
Our core principles under this policy are to take care of any personal information that we hold, to only collect and process data that is necessary (for providing our services to you) and to never sell, rent or make public your personal data. Your data will not be disclosed to any third parties unless required for the provision of our professional and legal services or required by law.
By using our website you are accepting and consenting to the practices described in this policy.
Please note that where we need to collect personal data by law and/or under the terms of a contract we have with you/your organisation, and you refuse or fail to provide your personal data, we may not be able to provide you with our services or the specific information you require.
Trademark Tonic Limited is the data controller and responsible for your personal data. Our registered office address is: 86-90 Paul Street, London EC2A 4NE.
This policy is effective from 1st April 2020. If we update the policy we will let you know either via our website or by e-mail notification.
2. Relevant legislation/regulation
Our practices outlined in this policy and websites comply with the UK Data Protection Act 2018 (DPA) and the EU General Data Protection Regulation 2018 (GDPR), in relation to data protection and user privacy. We are committed to ensuring that any personal data collected from any persons is appropriately protected in accordance with the DPA and GDPR.
3. Your Obligations
It is important that we hold up-to-date and accurate personal data. If your personal information changes at any time during your relationship with us, please let us know.
4. Why we collect, process and use your data
We collect, process and use your personal data to be able to provide you with our professional and legal services in the field of Intellectual Property - for example, to send you information and services that you request from us, or to send you legal updates, news, publications, social media posts, invitations to events which may be of interest to you.
We may also use your data to help us improve our website and the services we provide via our website, and where we are required legally or by duty to disclose your information, in for example a legal dispute or in a public authority investigation.
5. Information we may collect from you
When you send or transmit your personal information to us via our website, or by e-mail, phone, mail or video call, this personal data may include the following (personal data meaning information relating to an identified or identifiable natural person):
Your contact details: title, name, job title, company name, e-mail address, postal/registered addresses, website address, telephone/mobile number
We only collect this personal information when you have contacted us directly using the methods described above, and we will only use this information as we are allowed to by law. We may also collect financial data such as bank account or card payment details, so that we can process payments when we are carrying out work on your behalf (under your instructions).
We may ask you for the following information where appropriate, for example, to comply with money laundering regulations:
Your gender, nationality, photographic identification and date of birth
You are not obliged to send us this information, but note that if we do not receive this requested information, we may not be able to provide you with certain services.
We collect non-personal identifiable information (which does not identify you personally) when you visit and use our website - through for example, cookies and technologies such as Google Analytics. This non-personal data could include which webpages you have visited, a date and time stamp, IP address / the domain name of your Internet service provider, the type of browser, the type of device and operating system you are using, language and general location information. We use this information to help us understand user behaviour and to improve our website where possible.
7. How do we collect personal data
We collect personal data either directly via our website, or from e-mail, phone, video calls, in connection with the provision of Intellectual Property (IP) legal services, answering IP legal queries and providing information to you about Trademark Tonic.
Usually, data collected is provided by the person to whom the personal information relates, but there may be occasions where your contact data is supplied to us via your colleagues or business contacts, so that we can get in touch with you directly.
8. Using and processing personal data
The legal bases we rely on for processing your data under the GDPR are - where you consent to the processing; where it is necessary to provide our service to you (e.g. under a contract we have entered into with you); and/or where it is necessary for the purposes of our legitimate interests (or those of a third party).
We may use and process your data (including personal data) that we collect as follows:
Responding to your enquiries and requests
Providing support and services to you via our website
Collecting payments and issuing invoices for our professional and IP legal services
Providing you with information and updates you have specifically requested
Helping to improve our products and services
Helping to improve the content and design of our website
Internal record keeping, administration of our general business (accounting and IP legal functions)
Managing your Trade Mark and/or Design portfolios
Sending you our newsletter, client alerts and other marketing materials relating to Trademark Tonic which may be of interest to you, by e-mail or through similar technologies - you can opt out of marketing communications by contacting us at firstname.lastname@example.org (we will give the option for an opt-in of consent in those jurisdictions requiring us to do so)
Inviting you to events and training sessions
To comply with regulatory requirements, the law or legal proceedings (e.g. fulfilling legal obligations in relation to anti-money laundering or anti-fraud)
To protect our website and business operations and prevent misuse (e.g. unauthorised activities and access)
To compile anonymous and non-identifiable information for research and analytics purposes e.g. website usage statistics (helping to improve our services to you)
9. Where do we store personal data
Any personal data we collect from you via our website, is sent to a password protected computer server located in London, in the UK and personal data in e-mail correspondence is stored on Google Gmail servers. Your data may be transferred to, processed and stored by our service providers and other reputable third party businesses and organisations that work with us.
If we have any paper records of your data, this will be kept in locked cabinets at our office.
We may need to transfer, process or store your personal data outside the UK, for example, if you use our services while outside the UK your data may be transferred outside the UK to provide you with our services. We will take steps to ensure that your privacy rights are protected as outlined in this policy (we will only use third parties who have adequate data protection policies in place).
By sending us your personal details, you are consenting to the usage of your data as described above.
10. Security of personal data
We are committed to holding your personal data securely. When you provide us with personal information, we take steps to ensure it is treated securely and we have put in place security measures and procedures to prevent your data being used, accessed or disclosed in an unauthorised way. Details of our procedures may be made available on request.
We limit access of your personal data to only those persons and third parties who need to know it e.g. IP Offices, attorneys, solicitors, barristers, administrative service providers. Such persons and third parties will be subject to a duty of confidentiality and will only process your personal data on our instructions to do so.
It should be noted that while we will do our best to protect your personal data when we correspond with you via the internet, we cannot guarantee the security of your data transmitted to our website, due to the transmission of information via the internet not being completely secure. Any transmission of data is at your own risk.
If a suspected personal data breach did occur, we will notify you and any relevant regulator, of a breach where we are required to do so by law.
11. Disclosure of personal data
We may also disclose your personal data if we are required to do so by law (e.g. to government and/or regulatory authorities, insurers, tax authorities); for any ongoing or prospective legal proceedings; to establish/defend our legal rights (e.g. enforcing our agreements and terms or for fraud prevention); where we are under a duty to do so in order to comply with relevant data protection legislation; to protect the rights, security, property or safety of us and our clients.
In addition, we may disclose personal data to third parties in the event that we buy, sell or transfer any part of our business or assets (e.g. to a prospective buyer/seller), or in the event of a joint venture or collaboration with another party.
We will never sell, lease or share your personally identifiable data to third parties, except where the law requires us to, or where we are required to share your data with third parties who provide services on our behalf.
We may share non-personal identifiable information with third parties for research, analytics and other purposes, as long as such information does not identify a particular individual.
12. Retention of personal data
Personal data will be kept only for as long as necessary for the purpose for which it was collected e.g. engaging in providing legal services to you and/or for satisfying any legal, reporting or accounting requirements.
The appropriate retention period will be determined by taking into account the purposes of us collecting your data, the amount, nature and sensitivity of that data, and also the risk of harm from unauthorised use or disclosure of your data. At the end of the appropriate retention period, your data will be deleted completely.
If we have collected your personal data through our website and do not engage with you further, then we will keep your information for no longer than 6 months.
If you wish to discuss the retention period for your personal data, please contact us at email@example.com
13. Links to third party websites
Our website and blog page may contain links to third party websites which are owned and operated by other organisations/individuals, for example our website platform builder, Wix (www.wix.com). These third parties are responsible for handling personal data in accordance with their own privacy policies, and we have no control or responsibility in relation to third party websites or their privacy practices. Note that clicking on links may allow these third parties to collect or share data about you. We recommend that you carefully read the privacy policies of every website you visit.
14. Sharing personal data outside of the EEA
When you submit personal data to us, we will receive and process this data in the UK. However, we may need to share your personal data with organisations outside the European Economic Area, for example, to provide you with our services in other jurisdictions. We will only do so where we have ensured that appropriate safeguards are in place - we will only use third parties who have policies providing adequate levels of protection for personal data.
If you require details of the mechanism under which your personal data is transferred outside the EEA, you may request these details by contacting us directly or via our website.
15. Access to information and your rights
If you would like to access and review the personal information held about you and information on how and why we hold it, please contact us at firstname.lastname@example.org
We will not charge a fee to access your personal information (or for the exercise of other rights mentioned below). However, we may charge a small fee if your request is repetitive or excessive.
We may need to request specific information and details from you to confirm your identity, to ensure your right to access of your personal data (or to exercise any of your other rights listed below).
You also have the following rights under data protection laws:
To request the deletion or removal of data in certain circumstances
To request the correction of your personal data - so that any incomplete or inaccurate data is corrected
To object to processing of your personal data e.g. for direct marketing purposes
To request the restriction of processing of your personal data e.g. asking us to suspend processing while you check the data's accuracy or where you would like us to hold the data even if we no longer need it for the establishment or defence of a legal claim
To withdraw consent to processing of data - note that if you withdraw consent that we may not be able to provide you with our services or relevant information requested by you
To withdraw consent for use of your data for specific purpose such as direct marketing
To request the transfer of your personal data to another party
To make a complaint with the relevant supervisory authority about the way we process your data - in the UK this is the Information Commissioner's Office (ICO) for data protection issues (ico.org.uk). We would like to be able to deal with your concerns, if possible, before you approach the ICO so please contact us in the first instance.
If you wish to exercise any of the rights listed, please contact us at email@example.com
16. Direct Marketing
We may send you promotional/marketing e-mails from time to time, which will contain an option to unsubscribe at the bottom of those e-mails (or you can e-mail us at firstname.lastname@example.org to unsubscribe). If you decide to opt out we will not contact you again for marketing purposes unless you request to re-subscribe by contacting us directly or via our website.
Change log - 21st January 2021 (amendments for Brexit).