Data protection and privacy
The European Patent Organisation is committed to protecting your privacy and the personal data you provide when visiting our website.
Data protection
All personal data managed by the EPO is processed in accordance with the EPO Data Protection Guidelines, which aim to ensure the highest standards when handling user information. Please read these guidelines carefully.
A Data Protection Officer monitors the observance of the guidelines with respect to all processing operations performed by the EPO. The Data Protection Officer is independent in his/her function.
- Download EPO Data Protection Guidelines (PDF, 178 KB) (extract from the EPO Service Regulations)
Privacy policy
This privacy policy explains the processing and use of personal data collected by the EPO on its new.epo.org website and the services provided via this website.
Controller
The controller of personal data collected via the website is
Principal Director Communication
communication@epo.org
When you visit and browse the website, the EPO collects and stores the personal data assigned to your device in order to provide you with access to the website and the requested content as well as to optimise your user experience.
The following data sets are generated on our web servers and stored in our log files:
- IP address assigned to your access device – date and time of your request for a web resource (URI)
- IP address assigned to your access device – date and time of your request for a web resource (URI)
- IP address assigned to your access device – date and time of your request for a web resource (URI)
- Web resource (URI) requested by you
- Web resource (URI) you previously requested (if the referrer field is available)
- Browser and platform information of your device (if the user agent field is available)
- Size of server response in bytes
- Time taken to serve the request
The above data sets are stored in our log files and subject to analysis by software that helps us to better understand the usage of information provided on our websites. The purpose of such analyses is to enhance the quality of our services for the broad public. It is not done for the purpose of attributing information in the log files to individual users.
The storage and maintenance of the above data sets is a basic requirement for the provision of our website and the security of our IT systems and as such not negotiable.
Usage of your personal data
The EPO collects and processes your personal data through your use of this website to help us improve our products and services.
Cookies used on our website
Cookies are small text files sent by a website server and stored on your device (e.g. computer, tablet or phone).
The following cookies are used on our website
Category |
Cookie name |
Source |
Expiry |
Purpose |
Essential |
SESS[Unique ID] |
First party |
23 days |
This cookie allows logging in and remembering which contact forms you have submitted. This cookie is essential for site functionality and the user experience. |
Essential |
cookie_agreed_version cookie_agreed |
First party |
100 days |
Acceptance of cookies |
Analytics |
_pk_id
|
Third party |
393 days |
Used to store a few details about the user such as the unique visitor ID |
Analytics |
_pk_ref
|
Third party |
6 months |
Used to store the referrer initially used to visit the website |
Analytics |
_pk_cvar
|
Third party |
30 minutes |
Used to temporarily store data for the visit |
Analytics |
_pk_ses |
Third party |
30 minutes |
Used to temporarily store data for the visit |
The new.epo.org website also complies with the Do Not Track (DNT) option. If you enable the DNT option in your web browser, we will respect your choice, and your browsing experience on our website will not be tracked for our anonymised statistics. Instructions on how to activate this option can be found below:
Recipients of personal data
The EPO uses service providers or other third parties to help provide the EPO products or services accessible via the website. Such service providers may have access to the user's personal data. Regardless of where these service providers or other third parties are located, the EPO requires that they also comply with the applicable laws, including the EPO Data Protection Guidelines. The EPO uses the following categories of service providers or other third parties:
- third-party IT or other service providers under contract with the EPO
Data storage and retention period
Personal data collected via the website will be deleted or anonymised as soon as it is no longer required for the purposes for which it has been collected, unless further processing or storage of the data is necessary in order to comply with a prevailing legal obligation.
Changes to this policy
The EPO strives to keep its data protection framework in line with current developments and best practices and will update this privacy policy accordingly. The EPO encourages you to visit this privacy policy regularly.
Your rights
You have the following rights:
- Right of access: You have the right to request confirmation as to whether or not your personal data is being processed, and, where that is the case, to request access to your personal data and to information such as the purpose of the processing or the categories of personal data concerned.
- Right to rectification: You have the right to request the correction of inaccurate personal data.
- Right to blocking the data: You have the right to ask the EPO to restrict the processing of your personal data under certain circumstances, e.g. if you think that the personal data the EPO processes about you is incorrect or unlawful.
- Right to erasure: You have the right to request erasure of personal data without undue delay under certain circumstances, e.g. if your personal data is no longer necessary for the purposes for which it was collected or if it has been unlawfully processed.
- Right to object: You have the right to object to the processing of your personal data under certain circumstances.
You can assert your above-mentioned rights by contacting the EPO at communication@epo.org.
You may consult the EPO's Data Protection Officer at DPO@epo.org.