At Fairview Research LLC also doing business as IFI CLAIMS Patent Services (referred to as “IFI”, or “We”, “Us” or “Our”), We take your privacy seriously and want you to know what to expect when you access Our websites, Our web-based applications (“APIs”), Our “CLAIMS Direct” product platform or “Data Warehouse” (that includes patent data collections distributed as part of paid subscriptions); each of which is hosted by Us.
- What personal data We collect, and How We collect it
- How will We use your personal data
- How We store your personal data
- Marketing Activities
- Sharing your personal data
- Access and Retention of your personal data and your general data protection rights
- Personal data in the Data Collection
- Other Websites
- Protection of Your Personal Data
- Consent to worldwide transfer and processing of personal information
- California Consumer Privacy Act
- European Union, EEA, Switzerland and the United Kingdom and GDPR
- Children Under 13
- Conditions of use
- How to contact us
- Effective Date
2. What personal data We collect, and How We collect it.When you visit our Sites, Our servers automatically collect information about you which might include your Internet Protocol address (IP address) and domain name. Our servers may also record information regarding which pages are accessed by you during your visit, and when, as well as the date on which you visited our Site. We may record information collected by the other websites or search engines which may have led or directed you to our Sites.
We collect any personal information that you give Us during your interaction with the Site.
For example, We collect various types of personal information about you when you:
- sign up or register for one of our Services;
- create an account;
- fill out a website form on Our Site;
- give us feedback, ideas or submissions about any of our Services;
- request technical support;
- register for white papers, web seminars, and other events hosted by Us, or
- otherwise communicate with Us by way of our Site, Services, or any other means.
3. How We use your personal data.We use the information regarding your visit to our Sites, among other things, to improve our offering, improve the user experience, fulfill the terms of any Services subscription entered into by you and for “Marketing Activities” as described below in Section 5. We will retain and evaluate information on your recent visits to our Site and how you move around different sections of our Site for analytics purposes and to understand how people use our Sites so that We can make Site navigation more intuitive.
Information gathered from our APIs is used for diagnostic purposes only. However, We do not track or note any information about which pages in our Data Collection you may visit unless you explicitly allow us to do so by opting in to this feature.
4. How We store your personal data.We collect, process and store personal data (including user email addresses provided when you access the Services or when you provide us personal data on our Site) in secure systems hosted by reputable third parties that provide cloud services to Us presently located in the United States, subject to specific written data processing obligations that are consistent with applicable regulations and law. These data processing obligations expressly prevent these third parties from using personal data We lawfully collect, process and store except to provide Us the services We have requested, or, in the case of our customers, to use our Data Collection as described in the relevant license agreement with such parties, and for no other purposes.
With respect to customer accounts and user data, We store this collected personal data in both secure on-premises and cloud-based environments pursuant to Our legitimate interest in being able to identify you when We provide you access to our Services and Sites, and to enhance the security of the personal data We collect.
5. Marketing Activities.By Us: We may occasionally send emails to you about Us or involving matters relating to Our customers and clients or Services, if you have opted in to receive these marketing messages. We do not send e-mails or allow third parties to send e-mails which We believe would be considered “spam”. Please realize however, that even if you have opted out of receiving marketing communications from Us, We may still contact you in connection with relevant transaction-based messages involving your use of the Services.
6. Sharing your personal dataWe will only share personal data We have collected with our employees, affiliates and third parties under limited circumstances, as described below:
- We may share your information with our employees and affiliates for the purposes of providing you our Services.
- Occasionally, We may enter into contracts with trusted third parties so that they can assist us in providing our Services. The contracts We sign with these third parties will prohibit them from using any of your personal data for any purpose beyond the purpose for which it was shared. See, for example, the Payment Processor section below.
- We do not disclose your personal data to courts, law enforcement authorities and other regulatory or government agencies unless legally required to do so or pursuant to a valid court or regulatory subpoena or order. To the extent We are legally permitted to do so, We will take reasonable steps to notify you in advance of any such requests.
7. Access and Retention of your Information/Your data protection rightsWe take steps to ensure that the personal data We collect is accurate and up to date, and that you have the ability to access it and make corrections to it. If you would like to access the personal data We hold about you or have it corrected, revised, or deleted, please contact us at firstname.lastname@example.org. Subject to verification of your identity and provided that there is no prohibition against doing so, We will attempt to comply with your request. Please see Sections 13 and 14 below to learn more about your personal data rights under CCPA and GDPR.
8. Personal Data in the Data Collection:Please note that We aggregate publicly available information published by national and international patent authorities. All of the patent assignee, applicant and inventor information that are included in Our Data Collection records are published directly by these various patent authorities. We do not have any control over these national or international agencies or the accuracy, content and timeliness of any information these entities publish. If you feel that your personal data has been published improperly, without authorization or consent, or incorrectly, then We encourage you to take that issue up with the appropriate patent authority to ensure that any future update of the Data Collection will not include improper, inaccurate or expunged personal data related to such data subject. We will also separately review any data subject request directly, and We may be able to remove your personal data from Our Data Collection. We may be subject to contractual or legal requirements which prevent Us from removing of your personal data even after you submit a request. These requirements are imposed on Us by the national or international patent agencies. Certain public agencies may permit us to mask your personal data. You may wish to contact the agency where you filed your patent to determine whether this type of option is available to you. We make no guarantees that any such requests you make of Us or to the patent agencies will be honored since We have no control over these agencies including their data collection policies and practices. Please see the additional efforts We may make to assist you exercise your rights under CCPA and GDPR below in Sections 13 and 14.
- Store temporary cookies that are removed when you close the browser window, such as a user session identifier;
- Use Google Analytics and other similar tools and services for analyzing visitor trends and tracking the effectiveness of our advertisements;
- Store cookies (yes/no) for remembering what things have been turned off/closed;
- Store cookies for remembering font size;
- Store cookies for improving the usability of engaging aspects of our Site;
- Store other kinds of cookie that are mentioned before they are set;
- Log basic information pertaining to your computer including your IP address, web browser name, and operating system; and
- Store other information that you explicitly enter, such as your account information.
11. Protection of your Personal Data.We employ reasonable and appropriate security measures to help protect your personal information from accidental loss and from unauthorized access, use, or disclosure. We use industry standard intrusion detection and virus protection software.
We also inform our employees about relevant security procedures and their respective roles, including an annual mandatory security awareness training that addresses such employees’ rights to access personal data (if any), and informing such employees of their obligations and the consequences of violating such obligations.
However, due to the inherent nature of the Internet as an open, non-secure global communications vehicle, We cannot guarantee that information, either during transmission through the Internet or while stored on our systems or otherwise in our care, will be absolutely safe from intrusion by others, such as hackers or third parties intent on harm.
13. California Consumer Privacy Act.
California. These additional disclosures for California residents apply only to individuals who reside in California. The California Consumer Privacy Act of 2018 (“CCPA”) provides additional rights to know, delete and opt out, and requires business collecting or disclosing “Personal Information” to provide notice of rights California residents have and can exercise. The CCPA went into effect January 1, 2020.
The California Privacy Rights Act (“CPRA”), also known as Proposition 24, is a ballot measure that was approved by California voters on Nov. 3, 2020. It significantly amends and expands the CCPA, and it is sometimes referred to as “CCPA 2.0.” The CPRA took effect on December 16, 2020, but most of the provisions revising the CCPA will not become “operative” until January 1, 2023.
California Notice of Collection. We may have collected information corresponding to the following categories of information enumerated in the CCPA.
- Identifiers, including name, address, email address, account name, IP address - and an ID number assigned to Your account.
- Customer records, phone number, billing address, credit or debit card information, and employment.
- Commercial information, including purchases of our Services, downloads of Our downloadable products, and engagement with the Services and Our downloadable products.
- Internet activity, including history of visiting and interacting with Our Service, the Sites, browser type, browser language and other information collected automatically.
- Geolocation data, including location enabled services such as WiFi and GPS.
- Inferences, including information about interests and preferences.
We do not sell personal information as the term “sell” is traditionally understood. However, to the extent “sale” under the CCPA is interpreted to include advertising technology activities such as those disclosed in the Section 6, “Sharing your personal data”, We will comply with applicable law as to such activities.
We use and partner with different types of service providers and processors to assist with Our daily operations and manage the Services. Please review the “Sharing your personal data” for more detail about the parties with whom We share information.
Right to Know and Delete. If You are a California resident, You have the right to know certain information about Our data practices in the preceding 12 months under CCPA. In particular, you have the right to request the following from Us:
- The categories of personal information We have collected about you;
- The categories of sources from which the personal information was collected;
- The categories of personal information about you that We disclosed for a business purpose or sold;
- The categories of third parties to whom the personal information was disclosed for a business person or sold;
- The business or commercial purpose for collecting or selling the personal information; and
- The specific pieces of personal information We have collected about you.
- Authorized Agent. You can designate an authorized agent to submit requests on your behalf. However, We will require written proof of the agent’s permission to do so and verify your identity directly.
- Right to Non-Discrimination. You have the right to non-discriminatory treatment by Us, should you exercise any of your rights under CCPA.
Other Rights under CCPA and CPRA. You have the following additional rights under CCPA and CPRA:
- the right to opt-out of the sale of personal information (if applicable);
- the right to opt-in to the sale of personal information of consumers under the age of 16 (if applicable);
- the right to initiate a private cause of action for data breaches.
- the right to correct inaccurate personal information; and
- the right to limit use and disclosure of sensitive personal information.
- Exercising Data Rights under CCPA. To exercise any of these data rights, please submit a request to email@example.com. In the request, please specify which right You are seeking to exercise and the scope of the request. We will confirm receipt of Your request within ten (10) days. We may require specific information from you to help us verify your identity and process your request. If We are unable to verify your identity, We may deny your requests to exercise any of the foregoing data rights.
14. European Union, EEA, Switzerland and the United Kingdom (Collectively “Europe”) and GDPR
We securely process your Personal Data in compliance with GDPR, by:
- defining Our lawful basis for processing your personal data and limiting our processing of personal data to the scope of consent granted to Us by our customers and our data suppliers
- deploying all necessary safeguards and security protections to securely process your personal data
- using service provider/processors/sub-processors that are subject to legally compliant data processing terms and conditions;
- when We transfer personal data from Europe to a third country, We implement and enter into “standard contract clauses” and data processing agreements with our customers, partners, services providers and other entities to contractually require these entities to provide an adequate level of protection for any personal data to which each may be entrusted that belongs to an EU data subject in compliance with GDPR.
Legal basis to process your information
If you are located in Europe, We must have a lawful basis to collect, use and disclose your personal data. Our lawful basis will depend on the personal data concerned and the context in which it is processed. We may process your personal data in order to perform a contract with you (such as to create and maintain your account). In other circumstances, We may process your personal data where the processing is in our legitimate interests and those interests are not overridden by your rights and freedoms. For example We rely on our legitimate interest to communicate with you about our Services, and to personalize and improve our Services. We may also process your personal data in reliance on Our legitimate interests for direct marketing purposes, provided that you have a right to object to Our use of your personal data for this purpose at any time. Where required, We may also process your personal data where We have obtained your consent (for example, where We obtain your consent to send you promotional or marketing materials or when you set up an account for our Services). Finally, We may need to process your information to comply with Our legal obligations (such as to enforce our contracts with you, exercise, establish or defend Our legal rights, or share your information with a law enforcement body or regulatory agency where disclosure is required by law). If you have questions about the lawful basis on which We collect, use and disclose your information, please contact us at firstname.lastname@example.org.
- Data Processor. If you are Our customer, We may act as your data processors in connection with any personal data you provide us to set up and maintain your Services account. We primarily process and store Your data, including personal data, on servers located and operated within the USA. If You reside or are located outside of the USA, We may send to and store your personal data in the United States in order to provide and operate Our Services. If Your personal data that is being processed by Us is subject to GDPR, We undertake to ensure an adequate level of protection of the personal data transferred outside of Europe, either by Us, Our affiliates, and/or service providers/sub-processors, in accordance with applicable data protection laws, in particular by way of the standard contractual clauses approved by the European Commission.
Data Controller. In certain circumstances where you are using and accessing Our Data Collection, We may be processing your personal data as a data controller. You are therefore entitled to exercise certain privacy rights based the circumstances surrounding Our processing of your personal data:
- Right of access
- Right to rectification
- Right to erasure (Right to be forgotten)
- Right of restriction of processing
- Right to data portability
- Right to object
- Right to access details around any automated individual decision-making, including profiling.
- International Data Transfers. Our headquarters and servers are located in the USA. This means that your personal data may be accessed and processed by Us in the USA or in other countries where our affiliates, agents, partners, or customers operate. If you are accessing Our Site or Our Services from other regions, you should know that you are thereby transferring your personal data to the USA or to any other country in which We operate.
Effect of New Standard Contract Clauses. The recently adopted June 4, 2021 Standard Contract Clause can be found here:
Standard contractual clauses for international transfers.
By using and accessing our Services, you expressly consent to, acknowledge and adopt these terms and conditions with respect to any transfer of your personal data from Europe to a third country not presently covered by an EU adequacy decision (see: Adequacy decisions).
Contact Us to exercise Your Data Rights Request. If You wish to exercise any of these privacy rights under GDPR, or if You need further information regarding those privacy rights, please contact Us at email@example.com. When you do contact Us, please provide Us, at a minimum, the following information: (i) your complete name, address and/or email address in order for us to respond to your privacy request; (ii) attached documents establishing your identity; and (iii) a clear and concise description of the personal information with regard to which you seek to exercise any of your privacy rights. If you request rectification, please indicate the amendments to be made and attach documentation to back up your request.
We will handle all privacy requests in accordance with applicable data protection laws. Upon receipt of your privacy request, and after due review of its merit, We may then fulfill your request.
If you are located in Europe, you also have the right to lodge a complaint with your local data protection authority.