To fulfill its statutory role, the ISIPO handles personal information. All such processing and treatment take place in accordance with Act no. 90/2018 on personal protection and processing of personal information. The ISIPO is a party subject to delivery according to clause 3, Paragraph 1, Article 14 Act no. 77/2014 on public archives (LOS). All commissions and documents received by the institution are preserved in accordance with LOS, cf. rules set based on those laws, cf. rules no. 85/2018 and no. 571, 572, and 573/2015. The ISIPO also operates based on Act no. 70/1996 on the rights and obligations of government employees.
What is personal information?
Personal information is information about an identified or identifiable person. An individual is considered personally identifiable if he or she can be identified, directly or indirectly, for example by reference to a name, ID number, location data, online identification, or one or more factors that characterize him or her in some way. The information must be sufficiently accurate to be able to identify the person to whom it belongs. For example names, ID numbers, addresses, or other characteristics of a particular person.
Personal information the ISIPO collects and processes
The ISIPO handles and protects all personal information in accordance with applicable laws and regulations at any given time. The ISIPO staff ensures that the processing and handling of personal information are correct and that the security of the information is ensured. The ISIPO collects and stores necessary personal information received by the institution for applications and registration of patents, trademarks, designs, and municipality emblems, cf. Regulation no. 188/1991. The purpose of collecting and storing the information is to:
- Protect the interests of owners of intellectual property.
- Be able to communicate with applicants regarding applications.
- Meet the requirements of law and international agreements.
To protect the interests of owners of intellectual property and fulfill the conditions of international agreements, information on applicants for trademarks, patents, and designs registrations are stored in various databases and are therefore accessible to the public as soon as applications are registered with the ISIPO.
Information on trademarks, collective marks, and design applications does also appear in the databases of the World Intellectual Property Organization (WIPO) and the European Union Intellectual Property Office (EUIPO), and information on patent applications in the European Patent Office (EPO) database. Information about the parties involved in individual opposition and nullification procedures is also provided on the ISIPO website.
The ISIPO sends documents and information to the Appeals Committee for Intellectual Property Rights in the field of the industry if decisions of the office are appealed. The same applies to the delivery of documents to the attorney general in the event of litigation concerning the agency's decisions.
Feedback and inquiries received by the ISIPO via feedback on the website are handled in accordance with the working rules for handling e-mails. The intermediary for receiving the messages is the web system of our service provider, where no further collection or processing takes place. The data is automatically deleted from the web system within 12 months.
Furthermore, the ISIPO can work with information received when parties book and receive services. In such cases, special approval is obtained for such collection and processing. Information obtained in this way will not be stored for more than 12 months. Such consent may be withdrawn at any time.
The ISIPO processes personal information regarding employees' connection with matters concerning wages and personal management. Employee information is stored with limited access in the documentation system.
The ISIPO records personal information about applicants who apply for a job or internship at the office as well as information about their referees. The information is stored, with limited access, in the documentation system.
Who has access to the personal information ISIPO collects?
ISIPO employees have access to personal information to the extent necessary. However, the information that employees work with is limited to name, address, and ID number as well as account information. All actions of employees in the documentation system are recorded in the operational log. ISIPO employees are bound by a duty of confidentiality according to Chapter X of the Administrative Procedure Act, no. 37/1993. Third parties, such as software companies, may gain access to the ISIPO personal information, but only for the purpose of developing software, computer systems, or correcting errors in such systems.
Your rights under the Data Protection Act
According to the Data Protection Act, individuals have the right to receive information about whether the government or any other entity is processing their personal information. The rights of the data subject are specifically discussed in Chapter III of the Act on Data Protection and Processing of Personal Data, no. 90/2018. It is specifically stated that individuals should be able to obtain information on whether personal information about them is processed, what information is processed, and how it is done. However, The ISIPO is bound by the Act on Public Archives, no. 77/2014, (LOS) and is obliged to store and return to the National Archives of Iceland the information and data received by it. Such a request for correction or deletion of data must therefore be assessed based on whether the data in question is subject to the law on the Act of Public Archives.
Information security and data processors of Hugverkastofan
The ISIPO places great emphasis on the security of information that the office collects and stores. Based on legal authority, the office may in certain cases enter into agreements with other institutions on the processing of certain cases, such as the examination of patent applications. In such cases, information is sent to the relevant party via Secure File Exchange.
Information regarding responsible parties
The ISIPO privacy representative works within the institution and receives inquiries via the e-mail address email@example.com. If anyone considers that the ISIPO handling of information and data conflicts with laws and regulations, the person in question may be based on Article 77. Act on Personal Data Protection and Processing of Personal Data, no. 90/2018, submit a complaint to the Data Protection Authority.
The ISIPO uses browser cookies to analyse traffic on their website and to collect statistical information about the use of the website. The information is only used to develop and improve website services. With insight into the use of the website, ISIPO can provide better services and fulfill its educational and guidance role. The information collected does not contain sensitive personal information that enables the user to be identified.