25 May 2018
Today the European Union GDPR enters into force with the aim of ensuring a high level of data protection.
The EPO has always been committed to ensuring the highest level of data protection and as far as back as 1992 put in place its own data protection rules and structure including the nomination of an independent Data Protection Officer (DPO).
As an international organisation established by its own international treaty signed by 38 member states with its organisational autonomy, the EPO fulfils its mission of providing high quality and efficient services under the European Patent Convention. The European Patent Convention is independent from the regulatory framework of the EU and hence the GDPR is not directly binding to the EPO.
The EPO is entitled to receive data for its mission and will continue to act under its own data protection rules, which enshrine the important principles of data protection likewise the EU data protection rules and other international data protection legal instruments.
The EPO has always strived to keep its data protection framework in line with the current developments and best practices and a recent audit report has confirmed a close alignment with the GDPR legal framework. Applicants and other users of the patent system can therefore safely provide their data to us. The EPO is also in regular contact with the EU Commission to ensure that we can anticipate and respond appropriately to any further evolution of these EU regulations.
With a diligent and up-to-date data protection policy and high technical standards, the EPO is among those organisations carefully safeguarding private information, to engender the trust of our users and fulfil our mission to support innovators everywhere.