IFI CLAIMS PATENT SERVICES PRIVACY POLICY
1. Introduction:
At Fairview Research LLC also doing business as IFI CLAIMS Patent Services (referred to as “IFI”, or “We”, “Us” or “Our”), We take your privacy seriously and want you to know what to expect when you access Our websites, Our web-based applications (“APIs”), Our “CLAIMS Direct” product platform or “Data Warehouse” (that includes patent data collections distributed as part of paid subscriptions); each of which is hosted by Us.
This Privacy Policy directly applies to the IFI website, other websites owned and controlled by Us, and to our APIs (collectively referred to as the “Sites").
By accessing or using any of the IFI CLAIMS Patent Services (the “Services”), you are acknowledging, accepting and agreeing to the practices described in this Privacy Policy. You may also register on this Site in order to create an account that allows you to use and access IFI CLAIMS® Patent Services database (“Our Data Collection”), in which case you may be asked to provide both personal information and billing information in order to set up your account and Services subscription.
Please note that this Privacy Policy does not apply to any third-party websites, services, products, applications and the contents used within these third-party systems, even if these third-party websites are accessible through our Sites or Services.
In this Privacy Policy, We use the terms “personal data” and “personal information” interchangeably. Under the California Consumer Privacy Act or “CCPA”, “personal information” means information that can identify, relate to, describe, be associated with, or be reasonably capable of being associated with a particular consumer or household. In the European Union’s General Data Protection Regulation (“GDPR”), “personal data” means any information relating to an identified or identifiable natural person. In our view, these two leading global privacy systems create industry standard compliance obligations that We closely monitor and observe.
The purpose of this Privacy Policy is to explain how We use any personal data about you that We collect and to assist you in making informed decisions when using Our Sites. This Privacy Policy will give you information about the following topics:
- What personal data We collect, and How We collect it
- How will We use your personal data
- How We store your personal data
- Marketing Activities
- Sharing your personal data
- Access and Retention of your personal data and your general data protection rights
- Personal data in the Data Collection
- Cookies
- Other Websites
- Protection of Your Personal Data
- Consent to worldwide transfer and processing of personal information
- California Consumer Privacy Act
- European Union, EEA, Switzerland and the United Kingdom and GDPR
- Children Under 13
- Updates to our Privacy Policy
- Conditions of use
- Language
- How to contact us
- Effective Date
2. What personal data We collect, and How We collect it.
When you visit our Sites, Our servers automatically collect information about you which might include your Internet Protocol address (IP address) and domain name. Our servers may also record information regarding which pages are accessed by you during your visit, and when, as well as the date on which you visited our Site. We may record information collected by the other websites or search engines which may have led or directed you to our Sites.We collect any personal information that you give Us during your interaction with the Site.
For example, We collect various types of personal information about you when you:
- sign up or register for one of our Services;
- create an account;
- fill out a website form on Our Site;
- give us feedback, ideas or submissions about any of our Services;
- request technical support;
- register for white papers, web seminars, and other events hosted by Us, or
- otherwise communicate with Us by way of our Site, Services, or any other means.
3. How We use your personal data.
We use the information regarding your visit to our Sites, among other things, to improve our offering, improve the user experience, fulfill the terms of any Services subscription entered into by you and for “Marketing Activities” as described below in Section 5. We will retain and evaluate information on your recent visits to our Site and how you move around different sections of our Site for analytics purposes and to understand how people use our Sites so that We can make Site navigation more intuitive.Information gathered from our APIs is used for diagnostic purposes only. However, We do not track or note any information about which pages in our Data Collection you may visit unless you explicitly allow us to do so by opting in to this feature.
4. How We store your personal data.
We collect, process and store personal data (including user email addresses provided when you access the Services or when you provide us personal data on our Site) in secure systems hosted by reputable third parties that provide cloud services to Us presently located in the United States, subject to specific written data processing obligations that are consistent with applicable regulations and law. These data processing obligations expressly prevent these third parties from using personal data We lawfully collect, process and store except to provide Us the services We have requested, or, in the case of our customers, to use our Data Collection as described in the relevant license agreement with such parties, and for no other purposes.With respect to customer accounts and user data, We store this collected personal data in both secure on-premises and cloud-based environments pursuant to Our legitimate interest in being able to identify you when We provide you access to our Services and Sites, and to enhance the security of the personal data We collect.
5. Marketing Activities.
By Us: We may occasionally send emails to you about Us or involving matters relating to Our customers and clients or Services, if you have opted in to receive these marketing messages. We do not send e-mails or allow third parties to send e-mails which We believe would be considered “spam”. Please realize however, that even if you have opted out of receiving marketing communications from Us, We may still contact you in connection with relevant transaction-based messages involving your use of the Services.By You: With respect to our customers, all applicable terms and conditions that describe use and marketing restrictions in any license agreement entered into between you and Us remain in full force and effect. Nothing in this Privacy Policy is intended to alter the terms of any such license agreement entered into between the parties.
6. Sharing your personal data
We will only share personal data We have collected with our employees, affiliates and third parties under limited circumstances, as described below:- We may share your information with our employees and affiliates for the purposes of providing you our Services.
- Occasionally, We may enter into contracts with trusted third parties so that they can assist us in providing our Services. The contracts We sign with these third parties will prohibit them from using any of your personal data for any purpose beyond the purpose for which it was shared. See, for example, the Payment Processor section below.
- We do not disclose your personal data to courts, law enforcement authorities and other regulatory or government agencies unless legally required to do so or pursuant to a valid court or regulatory subpoena or order. To the extent We are legally permitted to do so, We will take reasonable steps to notify you in advance of any such requests.
Payment Processors: If you agree to subscribe to Our Services, We may use certain third party payment processors (“Payment Processors”) to collect and process personal financial information from you such as your name, phone number, address, zip postal code, and credit card or bank account information for the purposes of allowing You to purchase a subscription to the Services, on our Site. If you make any payment through our Site, your credit card and other billing details may be gathered and stored with our trusted Payment Processors for the purpose of completing your purchases. We do not store your credit card or billing details, and such details cannot be accessed by Us. For any purchases through a Payment Processor, you should review the Payment Processor’s own privacy policy to ensure you are comfortable with their privacy practices before providing the Payment Processor with any credit card information. We contractually require that Our Payment Processors, stay compliant with the Payment Card Industry Data Security Standards, as well as all applicable local, state, national and international laws and regulations related to the services provided to Us by such Payment Processors.
7. Access and Retention of your Information/Your data protection rights
We take steps to ensure that the personal data We collect is accurate and up to date, and that you have the ability to access it and make corrections to it. If you would like to access the personal data We hold about you or have it corrected, revised, or deleted, please contact us at privacy@ificlaims.com. Subject to verification of your identity and provided that there is no prohibition against doing so, We will attempt to comply with your request. Please see Sections 13 and 14 below to learn more about your personal data rights under CCPA and GDPR.We will retain and use your personal data for as long as needed to provide you with the Services, as necessary to comply with Our obligations under this Privacy Policy and at law, resolve disputes, enforce our agreements and for backup purposes. When access to your personal data is no longer required, We will delete your personal data.
8. Personal Data in the Data Collection:
Please note that We aggregate publicly available information published by national and international patent authorities. All of the patent assignee, applicant and inventor information that are included in Our Data Collection records are published directly by these various patent authorities. We do not have any control over these national or international agencies or the accuracy, content and timeliness of any information these entities publish. If you feel that your personal data has been published improperly, without authorization or consent, or incorrectly, then We encourage you to take that issue up with the appropriate patent authority to ensure that any future update of the Data Collection will not include improper, inaccurate or expunged personal data related to such data subject. We will also separately review any data subject request directly, and We may be able to remove your personal data from Our Data Collection. We may be subject to contractual or legal requirements which prevent Us from removing of your personal data even after you submit a request. These requirements are imposed on Us by the national or international patent agencies. Certain public agencies may permit us to mask your personal data. You may wish to contact the agency where you filed your patent to determine whether this type of option is available to you. We make no guarantees that any such requests you make of Us or to the patent agencies will be honored since We have no control over these agencies including their data collection policies and practices. Please see the additional efforts We may make to assist you exercise your rights under CCPA and GDPR below in Sections 13 and 14.9. Cookies.
We and our service providers may collect information using browser cookies or similar technologies for any of the legitimate data collection purposes described in this Privacy Policy. Cookies are pieces of information that are stored by your browser on the hard drive or memory of your computer or other Internet access devices. Cookies allow the Site to recognize you if you return and keep track of your preferences. We use cookies to help improve the user experience in the following manner:- Store temporary cookies that are removed when you close the browser window, such as a user session identifier;
- Use Google Analytics and other similar tools and services for analyzing visitor trends and tracking the effectiveness of our advertisements;
- Store cookies (yes/no) for remembering what things have been turned off/closed;
- Store cookies for remembering font size;
- Store cookies for improving the usability of engaging aspects of our Site;
- Store other kinds of cookie that are mentioned before they are set;
- Log basic information pertaining to your computer including your IP address, web browser name, and operating system; and
- Store other information that you explicitly enter, such as your account information.
We ask you when you use and access the Site to accept our Cookie policy. You may be asked to accept our Cookie policy on both Our Site and in the Services. Most often once We identify your use of either the Site or the Services, your acceptance of the Cookie policy will apply to your use of both of the Site and the Services. When you accept our Cookie policy, you are also consenting to Our collection of relevant information and data about your computer or device which may be considered “personal data”.
10. Other Websites.
Our Site may contain links to other websites, including those of our commercial and research partners. This Privacy Policy applies only to the Sites, and We are not responsible for the contents or data collection policies of any other entity or website, whether or not referenced by or accessible from our Sites. You should refer to those third-party website privacy policies.11. Protection of your Personal Data.
We employ reasonable and appropriate security measures to help protect your personal information from accidental loss and from unauthorized access, use, or disclosure. We use industry standard intrusion detection and virus protection software.We also inform our employees about relevant security procedures and their respective roles, including an annual mandatory security awareness training that addresses such employees’ rights to access personal data (if any), and informing such employees of their obligations and the consequences of violating such obligations.
However, due to the inherent nature of the Internet as an open, non-secure global communications vehicle, We cannot guarantee that information, either during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers or third parties intent on harm.
12. Consent to worldwide transfer and processing of personal information.
Our Services and primary business operations are located in the United States (“USA”). If you are not located in the United States, by accessing this Site and providing personal data through it, you agree, acknowledge and consent to the collection, maintenance, processing and transfer of such information in and to the USA and other countries and territories. These other jurisdictions may have different privacy laws from your home jurisdiction and provide different levels of protection of personal data. We do have processes and procedures in place to provide adequate levels of protection to protect the transfer of data from the European Union (and the countries of the EEA). See Section 14 below. You agree that the terms of this Privacy Policy will apply, and you expressly consent to the transmission and processing of your personal data in any jurisdiction in which We have customers, service providers or business operations.13. California Consumer Privacy Act.
-
California. These additional disclosures for California residents apply only to individuals who reside in California. The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires business collecting or disclosing “Personal Information” to provide notice of rights California residents have and can exercise. The CCPA went into effect January 1, 2020.
The California Privacy Rights Act (“CPRA”), also known as Proposition 24, is a ballot measure that was approved by California voters on Nov. 3, 2020. It significantly amends and expands the CCPA, and it is sometimes referred to as “CCPA 2.0.” The CPRA took effect on December 16, 2020, but most of the provisions revising the CCPA will not become “operative” until January 1, 2023. -
California Notice of Collection. We may have collected information corresponding to the following categories of information enumerated in the CCPA.
- Identifiers, including name, address, email address, account name, IP address - and an ID number assigned to Your account.
- Customer records, phone number, billing address, credit or debit card information, and employment.
- Commercial information, including purchases of our Services, downloads of Our downloadable products, and engagement with the Services and Our downloadable products.
- Internet activity, including history of visiting and interacting with Our Service, the Sites, browser type, browser language and other information collected automatically.
- Geolocation data, including location enabled services such as WiFi and GPS.
- Inferences, including information about interests and preferences.
We do not sell personal information as the term “sell” is traditionally understood. However, to the extent “sale” under the CCPA is interpreted to include advertising technology activities such as those disclosed in the Section 6, “Sharing your personal data”, We will comply with applicable law as to such activities.
We use and partner with different types of service providers and processors to assist with Our daily operations and manage the Services. Please review the “Sharing your personal data” for more detail about the parties with whom We share information. -
Right to Know and Delete. If You are a California resident, You have the right to know certain information about Our data practices in the preceding 12 months under CCPA. In particular, you have the right to request the following from Us:
- The categories of personal information We have collected about you;
- The categories of sources from which the personal information was collected;
- The categories of personal information about you that We disclosed for a business purpose or sold;
- The categories of third parties to whom the personal information was disclosed for a business person or sold;
- The business or commercial purpose for collecting or selling the personal information; and
- The specific pieces of personal information We have collected about you.
- Authorized Agent. You can designate an authorized agent to submit requests on your behalf. However, We will require written proof of the agent’s permission to do so and verify your identity directly.
- Right to Non-Discrimination. You have the right to non-discriminatory treatment by Us, should you exercise any of your rights under CCPA.
-
Other Rights under CCPA and CPRA. You have the following additional rights under CCPA and CPRA:
- the right to opt-out of the sale of personal information (if applicable);
- the right to opt-in to the sale of personal information of consumers under the age of 16 (if applicable);
- the right to initiate a private cause of action for data breaches.
- the right to correct inaccurate personal information; and
- the right to limit use and disclosure of sensitive personal information.
- Exercising Data Rights under CCPA. To exercise any of these data rights, please submit a request to privacy@ificlaims.com. In the request, please specify which right You are seeking to exercise and the scope of the request. We will confirm receipt of Your request within ten (10) days. We may require specific information from you to help us verify your identity and process your request. If We are unable to verify your identity, We may deny your requests to exercise any of the foregoing data rights.
14. European Union, EEA, Switzerland and the United Kingdom (Collectively “Europe”) and GDPR
-
We securely process your Personal Data in compliance with GDPR, by:
- defining Our lawful basis for processing your personal data and limiting our processing of personal data to the scope of consent granted to Us by our customers and our data suppliers
- deploying all necessary safeguards and security protections to securely process your personal data
- using service provider/processors/sub-processors that are subject to legally compliant data processing terms and conditions;
- when We transfer personal data from Europe to a third country, We implement and enter into “standard contract clauses” and data processing agreements with our customers, partners, services providers and other entities to contractually require these entities to provide an adequate level of protection for any personal data to which each may be entrusted that belongs to an EU data subject in compliance with GDPR.
-
Legal basis to process your information
If you are located in Europe, We must have a lawful basis to collect, use and disclose your personal data. Our lawful basis will depend on the personal data concerned and the context in which it is processed. We may process your personal data in order to perform a contract with you (such as to create and maintain your account). In other circumstances, We may process your personal data where the processing is in our legitimate interests and those interests are not overridden by your rights and freedoms. For example We rely on our legitimate interest to communicate with you about our Services, and to personalize and improve our Services. We may also process your personal data in reliance on Our legitimate interests for direct marketing purposes, provided that you have a right to object to Our use of your personal data for this purpose at any time. Where required, We may also process your personal data where We have obtained your consent (for example, where We obtain your consent to send you promotional or marketing materials or when you set up an account for our Services). Finally, We may need to process your information to comply with Our legal obligations (such as to enforce our contracts with you, exercise, establish or defend Our legal rights, or share your information with a law enforcement body or regulatory agency where disclosure is required by law). If you have questions about the lawful basis on which We collect, use and disclose your information, please contact us at privacy@ificlaims.com. - Data Processor. If you are Our customer, We may act as your data processors in connection with any personal data you provide us to set up and maintain your Services account. We primarily process and store Your data, including personal data, on servers located and operated within the USA. If You reside or are located outside of the USA, We may send to and store your personal data in the United States in order to provide and operate Our Services. If Your personal data that is being processed by Us is subject to GDPR, We undertake to ensure an adequate level of protection of the personal data transferred outside of Europe, either by Us, Our affiliates, and/or service providers/sub-processors, in accordance with applicable data protection laws, in particular by way of the standard contractual clauses approved by the European Commission.
-
Data Controller. In certain circumstances where you are using and accessing Our Data Collection, We may be processing your personal data as a data controller. You are therefore entitled to exercise certain privacy rights based the circumstances surrounding Our processing of your personal data:
- Right of access
- Right to rectification
- Right to erasure (Right to be forgotten)
- Right of restriction of processing
- Right to data portability
- Right to object
- Right to access details around any automated individual decision-making, including profiling.
- International Data Transfers. Our headquarters and servers are located in the USA. This means that your personal data may be accessed and processed by Us in the USA or in other countries where our affiliates, agents, partners, or customers operate. If you are accessing Our Site or Our Services from other regions, you should know that you are thereby transferring your personal data to the USA or to any other country in which We operate.
- Data Transfers outside of Europe. If you are located in Europe, We take appropriate safeguards to ensure that your personal data remains protected in accordance with this Privacy Policy and applicable data protection laws (including GDPR) when it is transferred and processed outside of Europe. These safeguards include transferring your personal data to a country that the European Commission, UK, or Swiss authorities (as applicable) have determined provides an adequate level of protection for personal data, or by implementing and entering into standard contractual clauses with Our customers, third party service providers and partners. We have also implemented certain additional safeguards to ensure your information remains protected, such as encrypting and de-identifying information (where possible) and implementing strict security and access controls.
-
Effect of New Standard Contract Clauses. The recently adopted June 4, 2021 Standard Contract Clause can be found here:
Standard contractual clauses for international transfers.
By using and accessing our Services, you expressly consent to, acknowledge and adopt these terms and conditions with respect to any transfer of your personal data from Europe to a third country not presently covered by an EU adequacy decision (see: Adequacy decisions). -
Contact Us to exercise Your Data Rights Request. If You wish to exercise any of these privacy rights under GDPR, or if You need further information regarding those privacy rights, please contact Us at privacy@ificlaims.com. When you do contact Us, please provide Us, at a minimum, the following information: (i) your complete name, address and/or email address in order for us to respond to your privacy request; (ii) attached documents establishing your identity; and (iii) a clear and concise description of the personal information with regard to which you seek to exercise any of your privacy rights. If you request rectification, please indicate the amendments to be made and attach documentation to back up your request.
We will handle all privacy requests in accordance with applicable data protection laws. Upon receipt of your privacy request, and after due review of its merit, We may then fulfill your request.
If you are located in Europe, you also have the right to lodge a complaint with your local data protection authority.