GDPR Compliance

Your data protection rights under the General Data Protection Regulation

Your GDPR Rights

If you are a resident of the European Union (EU) or European Economic Area (EEA), you have specific data protection rights under the General Data Protection Regulation (GDPR). PatentCobot is committed to respecting these rights.

The GDPR gives you the following rights over your personal data:

1. Right to Information

You have the right to be informed about how we collect, use, and process your personal data. This information is provided in our Privacy Policy.

What we provide: Clear information about data processing purposes, legal basis, retention periods, and your rights.

2. Right of Access

You can request access to the personal data we hold about you, including:

  • Confirmation that we process your data
  • Access to your personal data
  • Information about how we use your data
  • Who we share your data with
  • How long we keep your data
3. Right to Rectification

You can ask us to correct inaccurate or incomplete personal data. This includes:

  • Correcting factual errors in your account information
  • Updating outdated contact details
  • Adding missing information to complete your profile
4. Right to Erasure ("Right to be Forgotten")

You can request that we delete your personal data in certain circumstances:

  • The data is no longer necessary for the original purpose
  • You withdraw consent and there's no other legal basis
  • The data has been unlawfully processed
  • You object to processing and there are no overriding legitimate grounds

Note: We may not be able to delete data if we have legal obligations to retain it (e.g., financial records for tax purposes).

5. Right to Restrict Processing

You can ask us to restrict (but not delete) your personal data when:

  • You contest the accuracy of the data
  • Processing is unlawful but you don't want erasure
  • We no longer need the data but you need it for legal claims
  • You've objected to processing pending verification
6. Right to Data Portability

You can request a copy of your personal data in a structured, commonly used, and machine-readable format. This includes:

  • Account information and settings
  • API usage history and logs
  • Any data you've provided to us

Data will be provided in JSON format, which can be easily imported into other systems.

7. Right to Object

You can object to processing of your personal data in certain circumstances:

Direct Marketing

You can object to marketing communications at any time. We'll stop immediately.

Legitimate Interests

You can object to processing based on legitimate interests unless we can demonstrate compelling legitimate grounds.

8. Rights Related to Automated Decision Making

You have rights regarding automated decision-making and profiling:

  • Right to know when automated decisions are made about you
  • Right to request human intervention
  • Right to challenge automated decisions

Our Practice: We use automated systems for fraud detection and API abuse prevention. You can request manual review of any automated decisions.

Legal Basis for Processing

We process your personal data based on the following legal grounds:

Contract

Processing necessary to provide our API services and fulfill our contract with you.

Consent

Where you've given specific consent (e.g., marketing communications, cookies).

Legal Obligation

Where required by law (e.g., financial record keeping, anti-fraud measures).

Legitimate Interests

For business operations, security, and service improvement, balanced against your rights.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us:

Email

gdpr@patentcobot.com

Subject Line

GDPR Request - [Type of Request]

Required Information

  • • Your full name and email address
  • • Account information (if applicable)
  • • Specific request and reasoning
  • • Proof of identity (if required)

Response Time: We respond to all GDPR requests within 30 days. Complex requests may take up to 60 days with notification.

Right to Lodge a Complaint

If you believe we haven't handled your personal data properly, you have the right to lodge a complaint with a supervisory authority:

  • Your local data protection authority in the EU/EEA
  • The authority in the country where you believe the breach occurred
  • The authority where PatentCobot has its main establishment

We encourage you to contact us first so we can address your concerns directly.

Data Transfers

Your personal data may be transferred outside the EU/EEA. We ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for certain countries
  • Binding corporate rules where applicable

Our primary data processing occurs in AWS data centers with appropriate data protection agreements in place.

Contact Our Data Protection Officer

For questions about data protection and GDPR compliance:

Email: dpo@patentcobot.com

Subject: Data Protection Inquiry

Language: English, German, French

Response Time: Within 72 hours for urgent matters