close icon-linkedin icon-twitter icon-facebook icon-mail icon-google-plus icon-search icon-phone icon-instagram
What are you looking for?
Privacy Disclaimer

Privacy Statement

This Privacy Statement relates to all use of personal data obtained by us from anyone who has had contact with us and/or has visited and/or used our website(s) / ('Website').  

We are committed to protecting the privacy of our Website visitors and we ensure that any personal information provided to us is treated with the strictest confidentiality. We process our visitor’s personal data in a manner that is compliant with the requirements of the General Data Protection Regulation (GDPR) and the Dutch Telecommunications Act.

Who is responsible?

N.V. Nederlandsch Octrooibureau, NLO Shieldmark B.V. and NLO bv act jointly under the name NLO and jointly qualify as the controller for the processing of personal data in the following situations:

  • processing personal data within the scope of the client relationship with NLO or with potential clients that NLO has  contacted or wishes to contact;
  • processing personal data of NLO website visitors;
  • processing personal data of recipients of NLO newsletters, campaign materials and commercial e-mails;
  • processing all other personal data pertaining to people who contact NLO or whose personal data NLO processes.

What type of personal data is processed by NLO?

NLO processes personal data provided by you, personal data generated during a website visit or when reading electronical newsletters and personal data obtained from other sources, such as business-oriented social media platforms. This involves the following types of personal data:

  • Personal data provided by you, including contact details such as first and/or last name, phone number, e-mail address, birth date;
  • Personal data obtained through or generated by our website, electronic newsletters, commercial emails or related technologies, including data about your IP address, internet browser, language settings, data about your use of our services and products, such as our podcasts;
  • Personal data obtained from other public sources, such as social media platforms and public registers.

We receive your personal data via the Website, telephone, e-mail, during a visit to one of our offices, at business fairs and (network) meetings, via LinkedIn, Spotler, Spotify, Google Podcast, Soundcloud or Apple Podcasts. We receive your personal data via our Website when you accept the use of cookies. We would like to refer you to our Cookie Statement for more information about this.


NLO uses your personal data for various purposes:

  • the fulfilment of an agreement by means of which you placed an order with NLO for the performance of our services including but not limited to the provision of personal data to official bodies for the purpose of registering, obtaining, protecting or commercialising intellectual property rights, such as to the European Patent Office (EPO), or to (foreign) offices involved by NLO;
  • to comply with legal obligations;
  • to stay in contact with you;
  • to update your contact details in our client system so we can send you newsletters, updates, invitations to events and seminars, and any other requested information;
  • to improve our product and service information, and launch targeted marketing campaigns;
  • to conduct and analyse customer satisfaction surveys;
  • to generate user statistics for the NLO Website; and
  • To ensure access control and office security when you visit one of our offices.

Legal basis for the processing of personal data

NLO processes the personal data solely on the basis of one of the following principles:

  • Consent. If you consented to having your personal data processed by us, you can withdraw this consent at any time you wish.
  • Performance of an agreement. If you order us to provide our services, we will only process personal data if and to the extent necessary for the execution of the assignment.
  • A legal obligation
  • A legitimate interest. This includes our interest in maintaining a (commercial) relationship with you and our commercial interest in gaining more insight into the use of our Website.


NLO outsources personal data processing to third-party processors. The processing agreements NLO enters into with these processors satisfy the GDPR requirements. Some of the third parties we collaborate with are IT service providers that supply software (software as a service) or hosting services, or that ensure our systems are secure and run smoothly. We also use third-party services to send newsletters and commercial emails.

Sharing personal data with third parties

On occasion, we may be required to share your personal data with third parties. Depending on the circumstances, this may be necessary when dealing with the specifics of your case. Certain legal obligations also require us to disclose personal data is to third parties. Personal data will be disclosed to third parties in the following circumstances:

  • If a court ruling legally requires us to disclose personal data to third parties, we will have to comply with this.
  • Your personal data will not be disclosed to third parties for commercial purposes, unless we organize a joint activity, such as an event or seminar, in collaboration with another organization. In such cases, we will only exchange the required contact details.
  • Personal data may also be disclosed to third parties, in the event of a restructuring or merger of our company or the sale of (part of) our company.

Official bodies or external experts to whom NLO passes on personal data for the purpose of registering, protecting, obtaining or preserving intellectual property rights, determine themselves the manner in which these personal data are further processed, including publication thereof. As an international organisation, the EPO has its own data protection guidelines and does not consider itself bound by the GDPR. NLO has no control over the manner in which your personal data are processed by the aforementioned authorities or experts.

Transfer outside the European Economic Area

In certain circumstances, we may be required to pass on the personal data to a third party based outside the European Economic Area (EEA). This may be necessary, for instance, if an expert who lives outside the EEA needs to deal with your case. NLO has taken appropriate security measures to share the personal data in the case of  our  e-mail marketing party (newsletter, forms on website). In addition, we take into account the additional requirements of the GDPR for transfer outside the EEA.

Podcasts, social media and third party links

On the website you will find a number of links to other websites and social media platforms on which our podcasts and other content are available, such as Spotify, Google Podcast, Soundcloud, Apple Podcasts, Facebook, Instagram and LinkedIn. These links are made by code provided by the relevant website and/or social media platform, which places a cookie on your device. By clicking on these links, your personal data may be processed by these parties outside the EEA. Although we have carefully selected these websites and social media platforms, we cannot be held responsible for the use of your (personal) data by the organisations behind those websites and social media platforms. We advise you to consult the privacy and/or cookie statement, if any, of the relevant website or social media platform you visit.

Your rights as a data subject

As a data subject, you have a number of rights under the GDPR. You have the right to access your personal data (Art. 15 GDPR), the right to rectification of your personal data (Art. 16 GDPR), the right to erasure (Art. 17 GDPR) and the right to restriction of processing (Art. 18 GDPR). Under certain circumstances, you also have the right to request the transfer of your data (Art. 20 GDPR). Finally, you can object to the use of your data (Art. 21 GDPR). If the processing of your data is based on consent, you can withdraw that consent at any time.

The following briefly describes your rights:

  • right of access: you may always request an overview of the personal data we have collected and request a copy of it. If we have received your personal data not directly from you but from a third party who processes your personal data, we will inform you about the source from which this information was received;
  • right to rectification: you may always ask to correct or supplement your data if it has been processed incorrectly and/or incompletely in our records;
  • right to erasure: you may always request that your data be deleted if you do not want us to retain certain data about you. This is also known as 'the right to be forgotten';
  • right to restriction: you can always ask for the processing of your personal data to be stopped temporarily or to be limited;
  • right to transfer: you can always request your personal data and/or request to transfer your personal data to a third party. This is also called the right to data portability. Your personal data will then be sent to you or to the third party designated by you in a legible file; and
  • right to object: you can (under certain circumstances) object to the (further) processing of personal data.

Retention period

NLO will not retain personal data for any longer than is required for the purpose of the processing or based on a legal obligation. The retention period may vary depending on the type of personal data. As a starting point, we keep files for a period of five or twenty years after the file has been closed depending on the statutory limitation period of that file. A legal retention period may also apply. This period can be twenty years, thirty years or even infinite.

Data that we obtain through our website is stored for a maximum of two weeks, after which it is deleted from our system. We may use cookies that can place and read data on your device. These cookies are stored for the duration of the session, or up to until the cookie is deleted by you. For the use of cookies, please refer to our Cookie Statement.

We may anonymize personal data for statistical purposes and store it at an aggregated level. There is no maximum retention period for this.


NLO takes appropriate measures to ensure that the personal data it processes is secure and follows the relevant requirements and guidelines. The measures we have taken include:

  • that all data is transmitted encrypted and via a secure connection by means of SSL/TLS connections via the Website;
  • that only the necessary people have access to personal data, that access to the data is protected and that our security measures are checked regularly;
  • that people who have access to data are aware of the importance we attach to the protection of personal data;
  • that people who have access to data are bound by a non-disclosure agreement.

If you are under the impression that your data is not properly secured or if there are indications of a data breach, please contact us immediately.

Questions or complaints?

If you have any questions or complaints about the use of your personal data or about our Privacy Statement,  please contact us via telephone number +31 (0)70 331 25 00 or 


NLO sends subscribers a newsletter, which covers topics such as intellectual property, our services and related matters. We use email marketing software by Spotler to process data provided by our subscribers in their registration forms. Your email address will only be added to the list of subscribers with your explicit consent. To unsubscribe, click on the link provided in each newsletter. The list of subscribers will not be disclosed to third parties.

Changes to the Privacy Statement

NLO reserves the right to amend this Privacy Statement at any time and for any reason. Please consult this Privacy Statement regularly for an update of our privacy policy. The current version of this Privacy Statement was last modified on 1 March 2021.