Data protection statement on the processing of personal data within the framework of Customer Service Management

Protecting your privacy is of the utmost importance to the European Patent Office (EPO). We are committed to respecting and protecting your personal data and ensuring your rights as a data subject. All data of a personal nature that identifies you directly or indirectly will be processed lawfully, fairly and with due care.

This processing operation is subject to the EPO Data Protection Rules (DPR).

The information in this communication is provided pursuant to Articles 16 and 17 DPR.

This data protection statement explains the way in which your personal data is handled within the framework of Customer Service Management.

At the EPO, when an enquiry is received, the sender data are compared against the contact details in our database to identify the sender and to allow a routing of their enquiry with these contact details. This makes it possible to automatically acknowledge receipt of the enquiry, update and reply to the user and monitor any pending requests, in order to provide the best possible user experience. The contact details are only needed, processed and stored in so far as they are required to handle user enquiries about EPO tools, pending applications for a European patent, international PCT applications, opposition and limitation/revocation files, patent information issues and EPO products and to handle user questions, payment-related queries and other issues which are linked to the mission and services provided by the EPO.

Your anonymised data may also be used for statistical purposes and trend monitoring, as well as to gather information about categories of user or the types of issue users address.

All enquiries received are stored in the external processor's data centres located in Düsseldorf and Frankfurt, Germany.  

1. What is the nature and purpose of the processing operation?

Your personal data are processed in order to:

  • respond to the enquiries/questions/issues received within the framework of Customer Service Management
  • gather information about categories of user or the types of issue users address (statistical purposes and trend monitoring)

The processing is not intended to be used for any automated decision-making.

The personal data processed within the framework of Customer Service Management are stored in Germany, which is considered a country where an adequate level of protection of personal data is ensured. Stored personal data are not accessed from a country that does not ensure an adequate level of data protection. Specific safeguards, including a data processing agreement with the provider, have been put in place to mitigate the risks.

2. What personal data do we process?

The categories of personal data processed are as follows:

  • full name
  • role/responsibility
  • company name/organisation
  • address
  • contact details - (mobile) phone number, email address
  • technical details (smart card number, epoline ID, preferred language)
  • statements and opinions expressed when giving feedback on our services
  • attendance at EPO events (visits, conferences, training)
  • any other categories of personal data provided by the enquirer regarding themself or in the context of information exchanged, such as description of concerns, personal case, circumstances, description of facts, opinions, assessments, etc.

The ticket itself consists of the following elements:

  • ticket number
  • date
  • description of the issue/question/problem as reported/asked by the customer
  • type
  • priority 
  • assignee (team/person)
  • activities (finding/solution/reply text)

The following types/categories of personal data may be processed regarding EPO internal employees and external EPO contractors who are involved in customer service case resolution and related activities:

  • full name
  • telephone extension
  • mobile phone number
  • user ID
  • email address
  • office number and location

3. Who is responsible for processing the data?

The processing of personal data is carried out under the responsibility of the Vice-President DG 1 acting as the EPO's delegated data controller.

Personal data are processed by the EPO staff involved in the management of the respective initiative, project or activity of Principal Directorate Quality, Business and User Services.

External contractors involved in providing and maintaining Customer Service Management software may also access the personal data, for maintenance and support purposes only.

4. Who has access to your personal data and to whom are they disclosed?

The personal data are disclosed on a need-to-know basis to the EPO staff working in:

  • DG 1: departments responsible for operations and quality management
  • DG 4: Finance
  • DG 5: Patent Law and the Legal Division

Personal data may be disclosed to third-party service providers for maintenance and support purposes.

Personal data will only be shared with authorised persons responsible for the corresponding processing operations and are not used for any other purposes or disclosed to any other persons.

5. How do we protect and safeguard your personal data?

We take appropriate technical and organisational measures to safeguard and protect your personal data from accidental or unlawful destruction, loss, alteration and unauthorised disclosure or access.

All personal data are stored in secure IT applications in accordance with the EPO's security standards. Appropriate levels of access are granted individually only to the above-mentioned recipients.

All personal data processed in the systems hosted on the EPO premises are stored in secure IT applications in accordance with the security standards of the EPO. These include:

  • user authentication: all workstations and servers require login, mobile devices require login to the EPO enclave, privileged accounts require additional and stronger authentication
  • access control (e.g. role-based access control to the systems and network, principles of need-to-know and least privilege): separation into administrator and user roles, users have minimum privileges, reduction of overall administrator roles to a minimum
  • logical security hardening of systems, equipment and network: 802.1x for network access, encryption of endpoint devices, AV on all devices
  • physical protection: EPO access controls, additional access controls to datacentre, policies on locking offices
  • transmission and input controls (e.g. audit logging, system and network monitoring): security monitoring with Splunk
  • security incident response: 24/7 monitoring for incidents, on-call security expert

For personal data processed and stored in Customer Service Management software, the EPO has carried out a privacy and security risk assessment. The provider processing the personal data has committed in a binding agreement to comply with its data protection obligations stemming from the applicable data protection legal framework.

The provider's security framework is based on ISO/IEC 27002:2013. It has been an ISO 27001-certified organisation since 2012 and is also ISO/IEC 27017:2015- and 27018:2019-certified. The provider also applies industry-recognised information security frameworks. These include ISO/IEC 27001:2013 and ISO/IEC 27017:2015 and 27018:2014, as well as accreditation with regional standards and regulations.

The software is required to have implemented appropriate technical and organisational measures such as:

  • physical security measures
  • access control measures: role-based, principles of need-to-know and least privilege
  • storage control measures: access control, e.g. role-based, principles of need-to-know and least privilege, securing data at rest, e.g. by encryption, secure disposal of data carriers
  • user control measures: network security measures, e.g. network firewalls, network intrusion detection system (IDS), network intrusion protection system (IPS), host security measures, e.g. antivirus, antimalware, anti-spyware, whitelisting, host firewall, host IDS, host IPS, system hardening, vulnerability and patch management
  • transmission control measures: audit logging, system and network monitoring
  • input control measures: audit logging, system monitoring

6. How can you access, rectify and receive your data, request that your data be erased, or restrict/object to processing? Can your rights be restricted?

You have the right to access, rectify and receive your personal data, to have your data erased and to restrict and object to the processing of your data, as outlined in Articles 18 to 24 DPR. The right to rectification can only apply to inaccurate or incomplete objective and factual data processed within the framework of Customer Service Management and does not apply to subjective statements.

If you would like to exercise any of these rights, please write with details of your request to the delegated data controller at In order to enable us to respond more promptly and precisely, you always need to provide certain preliminary information with your request. We therefore encourage you to fill in this form and submit it with your request.

Your data can also be erased upon request.

We will reply to your request without undue delay, and in any event within one month of receipt of the request. However, according to Article 15 (2) DPR, that period may be extended by two further months if necessary, taking into account the complexity and number of requests received. We will inform you of any such delay.

7. What is the legal basis for processing your data?

Personal data is processed in accordance with Article 5 a. DPR: processing is necessary for the performance of a task carried out on the basis of legal provisions of the European Patent Organisation or in the legitimate exercise of the official authority vested in the EPO.

The processing is necessary for the management and functioning of the EPO.

8. How long do we keep your data?

Personal data will be kept only for the time needed to achieve the purposes for which it is processed. Personal data will be stored as long as the processing is operational.

Contact details will be stored for five years after they have been used or updated the last time, i.e. after the last interaction with the data subject within the framework of Customer Service Management.

Personal data received with an enquiry will be anonymised five years after the closure of a particular ticket, allowing the anonymised data to be used for statistical purposes.

In the event of a formal appeal/litigation, all data held at the time the formal appeal/litigation was initiated will be retained until the proceedings have been closed.

9. Contact information

If you have any questions about the processing of your personal data, please write to the delegated data controller at

You can also contact the Data Protection Officer at

Review and legal redress

If you consider that the processing infringes your rights as a data subject, you have the right to request review by the controller under Article 49 DPR and, if you disagree with the outcome of the review, the right to seek legal redress under Article 50 DPR.

Quick Navigation