What is Fraud?
Defined by the Serious Fraud Office, fraud is “an act of deception intended for personal gain or to cause a loss to another party”. Examples include unauthorised personnel signing approval documents, diverting funds for personal use, tax avoidance and stealing assets.
What is the Data Protection Act?
The Data Protection Act is legislation outlining how personal information is to be used by organisations. There are 8 data protection principles, which are used by organisations to set up their own data protection policies. The principles of the act are as follows and require personal information to be:
1) Processed fair and lawfully
2)Specific for its lawful purpose
3)Adequate, relevant and only for what is needed
4)Accurate and up to date
5)Not kept longer than needed
6)Processed taking into account people’s rights
7)Safe, secure and protected against unauthorised or unlawful processing
8)Not transferred outside the EEA
What is a subject access request?
This request is submitted by a customer or client who wants to see what information your business has about them. The person is also allowed to request a) confirmation about whether any of their personal data is being processed your business b) Description of data that is being processed and the lawful reason c) Source of data and the time period it will be stored by your business.
One of my customers has made a subject access request, what do I do?
This is an example of the kind of steps you should undertake:
⦁ Forward the request to Data Protection Officer (DPO) or the respective authority
⦁ DPO must verify the identity of the sender and then send the confirmation of request receipt
⦁ Clarify what the request is and ensure it is valid
⦁ Respond without delay to the request within one month of request receipt. If it is taking longer, request an extension with the reason
⦁ Respond to the request with the most appropriate format; If an individual makes a request electronically, provide the information in a commonly used electronic format, unless the individual requests otherwise.
⦁ Keep record of requests for data and of its receipt, including the date they made the request, the date you responded, details of who provided the information and what information you provided.
⦁ You can also refuse to comply with the request if it is manifestly unfounded or excessive. You should then let the customer know the reason of denial, their right to make a complaint to the ICO or another supervisory authority and their ability to seek to enforce this right through the courts.
Do I need to register my copyright?
No, in the UK, copyright subsists automatically once an original copyright work is recorded in a permanent form.
I believe that someone has copied my product – what can I do?
If your product is protected by a patent or registered design, the manufacture or sale of an infringing product may be challenged by infringement proceedings. Any person can be sued for patent infringement including the directors of a company and if an employee carries out the act of infringement during the course of employment, it will be their employer’s liability.
I have created some new industrial designs – how best I can protect them?
If the designs are new and differ from existing designs on the market, it may be possible to register the designs thereby granting you the exclusive right. UK registered design rights are obtained through UK Intellectual Property Office and the design must be new and have individual character to be registered.
Do I need to register my trade mark?
It is highly advisable to do so in order to ensure that you are in the best position to prevent others from using the mark, and to take action against others using the mark or similar marks. Registering the trade mark will also allow you to put the ® symbol next to your brand to show that it’s yours and warn others against using it.
Can I obtain a patent for an invention that I have disclosed?
No, in general once an invention is disclosed to the public, the invention is no longer novel and patentable.