Privacy Policy

Privacy Policy

Privacy Policy of Patentbox

The administrator of your personal data is Romuald Suszczewicz, conducting business under the name Romuald Suszczewicz “Patentbox” Patent Office in Poznań, at Piekary Street 6/17, 61-823 Poznań, with NIP number 7780104723, REGON 632116710, hereinafter referred to as the “Office”. Personal data means information about an identified or identifiable natural person (hereinafter referred to as “Personal Data”).

The Office has not appointed a Data Protection Officer.

For matters related to your personal data and privacy, you can contact the Office via email: kancelaria@patentbox.pl.

Your personal data is processed by the Office in compliance with the requirements of generally applicable law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter referred to as “GDPR”).

The Office takes special care to protect your data, and in particular ensures that the data it collects is:

  • processed lawfully, fairly, and in a transparent manner for the data subject;
  • collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
  • adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed;
  • accurate and, where necessary, kept up to date.

 

Purpose, scope, legal basis, and duration of personal data processing

Use of the contact form, email contact, and use of the Office’s services

In the case of filling out and sending the contact form available on the patentbox.pl website in the “contact” tab or choosing another way to contact the Office (e.g., via email to kancelaria@patentbox.pl or to an employee’s email address, or by phone) expressing your desire to use the services provided by the Office, personal data will be processed to the extent you provide it (e.g., name, email address, phone number). The purpose of processing is to take action before concluding a contract (Article 6(1)(b) GDPR).

When you decide to use the Office’s services, data will be processed to perform the contract, especially such as: name, company (if you are an entrepreneur or act on behalf of one), home address or registered office address, email address, phone number, NIP or REGON number (if you are an entrepreneur or act on behalf of one). The purpose of processing is to perform the contract and fulfill the legal obligations of the Office, e.g., in the field of taxes or accounting (Article 6(1)(b) and (c) GDPR).

Providing this data is voluntary, but failure to provide it will result in the inability of the Office to perform the contract.

If you decide to seek legal advice online in the form of a videoconference, the Office will process your image by displaying it (provided via camera) during the videoconference. Videoconferences are not recorded, so after the videoconference ends, we stop processing your personal data in the form of your image. The basis for processing in this case is your consent (Article 6(1)(a) GDPR). If you do not agree to the processing of your image during the videoconference, you can disable this option by turning off the camera in the videoconferencing software or by covering it. We can also provide legal advice in the form of a phone call. Lack of consent to the processing of the image does not affect the provision of services by the Office.

All data related to the case with which the Office’s performance of the contract is associated is covered by professional secrecy (e.g., attorney-client privilege).

Providing personal data is voluntary, but failure to provide it may prevent the achievement of the purposes mentioned above (except for personal data in the form of an image). Your personal data will be stored by the Office for the period necessary to achieve the given purpose, especially until the consent is withdrawn (if given), an objection to the processing of personal data is raised, or until the limitation period for claims between the parties or the limitation period related to the obligation to store data (e.g., mandatory accounting or tax records) expires, but no longer than required by generally applicable law.

 

Your rights related to the processing of personal data by the Office:
  • The right to access personal data,
  • The right to rectify personal data,
  • The right to delete personal data, with the reservation that some personal data may be retained to establish, pursue, or defend claims and to fulfill obligations imposed by applicable laws,
  • The right to restrict the processing of personal data, with the reservation that some personal data may be retained to establish, pursue, or defend claims and to fulfill obligations imposed by applicable laws,
  • The right to object to the processing of personal data,
  • The right to data portability,
  • The right to lodge a complaint with the supervisory authority, which is the President of the Personal Data Protection Office,
  • The right to withdraw consent to the processing of personal data if it has been given, with the reservation that withdrawal of consent may prevent the provision of services that the Office can only provide with consent. Withdrawal of consent does not affect the lawfulness of data processing based on consent before its withdrawal.

Employees of the Office are authorized to process personal data to perform the contract.

 

Transfer of personal data to third parties

The administrator transfers personal data to the following third parties:

a) Based in the territory of the Republic of Poland:

  • Accounting office – to the extent necessary to fulfill obligations under accounting and tax regulations,
  • Hosting provider – for website maintenance,
  • Insurer – in case of policy execution,
  • Collaborating lawyers and patent attorneys – to the extent necessary to perform the contract, based on a data processing agreement,
  • Technical support (mainly IT) – only if technical support concerns an area where personal data is located.

b) Based in the territory of the European Union:

  • Toggl (Toggl OÜ, an Estonian private limited company, registered number 11346813, established and doing business at Toggl OÜ, Tornimäe 5, 2nd floor, Tallinn 10145, Estonia) – a program for managing the working time of the Office’s employees, used for internal organization. Type of processed data: name. This entity ensures privacy standards similar to this policy, as it is also subject to GDPR regulations. Link to the privacy policy: Toggl Privacy Policy.

c) Based outside the territory of the European Union:

  • Microsoft (Microsoft Corporation, One Microsoft Way Redmond, WA 98052-6399 USA) – for internal organization and contract execution. We use Microsoft 365 (e.g., Office, Outlook) and the Microsoft Windows operating system for these purposes. Link to Microsoft’s privacy standards: Microsoft Privacy Standards.
  • Toggl (Toggl Inc, a Delaware corporation, file number 5675394, established and doing business at Suite 403-A, 1013 Centre Road, Wilmington, DE 19805, USA) – a program for managing the working time of the Office’s employees, used for internal organization. Type of processed data: name. Link to the privacy policy: Toggl Privacy Policy.
  • Google (Google LLC, address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – non-identifiable analytical data (e.g., Google Analytics for website statistics analysis). More information below in the “Third-party cookies” section.

 

Cookies

This website uses so-called cookies.

Cookies are small text files stored on your end device (e.g., computer, tablet, smartphone) that can be read by our IT system (first-party cookies) or third-party IT systems (third-party cookies).

Cookies do not collect data that could identify a specific person. However, cookies track your movement on websites and collect information about your preferences, such as the most frequently visited pages or the most frequently searched terms. Cookies also facilitate, for example, logging into the website.

Cookies can be divided into:

  • Session cookies – stored until the browser is closed.
  • Persistent cookies (also known as tracking cookies) – stored for a longer time in the browser’s memory (this time depends on the browser settings).
  • Third-party cookies – these are cookies from third parties whose services are used by the website you visit. These can be, for example, advertisers.

Cookies are used by the Office to examine the functionality of the Office’s website: www.patentbox.pl

More information about cookies here.

 

Consent

During your first visit to the Office’s website, a pop-up window will appear containing information about cookies on the Office’s website. By continuing to use the browser or clicking the “consent” button, you agree to the cookies used by the Office, unless your browser settings impose restrictions in this regard. You can independently change the cookie settings from your browser.

Limiting or disabling cookies may cause the Office’s website to not be fully functional and some of its options may be unavailable.

 

 

Third-party cookies

This website uses cookies from the following third parties:

  • Google Analytics (Google LLC, address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – the data collected prevents identifying your identity. The collected data defines the marketing characteristics of the user group visiting the Office’s website. The data is collected based on the Office’s legitimate interest: the collected data allows for the creation and analysis of statistics, which in turn enables the improvement of the functionality of the Office’s website.

You can disable cookies collected by Google Analytics by installing the plugin available at: https://tools.google.com/dlpage/gaoptout

More information about the data processed by Google Analytics can be found here: https://support.google.com/analytics/answer/6004245

  • Google Maps (Google LLC, address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – the data collected by Google LLC generally prevents identifying your identity unless you have a Google account and are logged in at the time of visiting the Office’s website (more on this below).

The Office’s actions are based on legitimate interest: the Google Maps plugin is used on the Office’s website to visually display information about the location of the Office’s headquarters.

More information about Google LLC’s privacy standards can be found here: https://policies.google.com/privacy?hl=pl&gl=pl

  • Google TagManager (Google LLC, address: 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA) – the Office uses this tool to control advertising campaigns and to determine how you use the website. The Office’s actions are based on legitimate interest in advertising its services and improving the functionality of the Office’s website.

More information about Google TagManager here: https://support.google.com/tagmanager/answer/6102821?hl=pl

When using the Office’s website, Google leaves a cookie on the device you are using to display ads tailored to your interests.

If consent has been given to Google to use information from the Google account and browsing history for ad personalization, further data processing takes place. Therefore, if you remain logged into your Google account during your visit to the Office’s website, Google will use data from your account to personalize the content proposed on the Internet.

You can deactivate cookies used for ad personalization in your Google account settings: https://adssettings.google.com

More information about Google LLC’s privacy standards can be found here: https://policies.google.com/privacy?hl=pl&gl=pl

 

Automated decision-making

The Office does not make decisions based on automated data processing, including profiling.

 

Server logs

Using the Office’s website results in sending queries to the server where the website is stored. Each query directed to the server is recorded in the server logs.

Server logs include, for example, IP address, server date and time, information about the web browser and operating system. Logs are recorded and stored on the server.

The data recorded in the server logs does not allow identifying the identity of persons using the Office’s website and is not used for identification.

Server logs help in administering the Office’s website, and their content is not disclosed to anyone except those authorized to administer the server.

 

Final provisions

This privacy policy may be modified over time. Modifications may aim to strengthen the protection of personal data and/or take into account changes in applicable legal regulations.