Privacy Policy
Last updated: 18 April 2026
IP Renewal Desk ("we", "our", or "the Service") is a platform that helps patent and trade mark professionals manage intellectual property renewals in-house. This Privacy Policy explains how we collect, use, and protect your information when you use our website and services.
1. Information we collect
Account and organisation data. When you register and create an organisation ("firm"), we collect your name, email address, and organisation details (firm name, timezone, currency, date format, logo, email signature, and similar settings).
Matter and contact data. You provide matter information (e.g. application numbers, renewal dates, fees, custom fields) and contact details for clients, applicants, agents, inventors, and payees — including names, email addresses, and phone numbers where you use SMS reminders.
Payment data. Client-facing payments are processed directly by your chosen processor (Stripe or PayPal) using credentials you provide; funds go to your firm's account, not ours. Platform billing (our commission) uses a separate Stripe customer tokenised against our own account. We do not store full card numbers. We retain payment-related metadata (amounts, status, transaction references, processor IDs) to support invoicing, reconciliation, and dispute handling.
Usage data. We collect limited information about how you use the Service (e.g. pages visited, features used, error reports) to improve the platform and troubleshoot issues.
2. How we use your information
We use your information to:
- provide and operate the IP Renewal Desk service;
- send renewal reminders and related communications on your behalf;
- process client-facing payments through Stripe or PayPal;
- generate invoices (via Xero where connected, or as PDF fallback);
- send SMS messages via Twilio where you have configured SMS reminders;
- calculate and collect our platform commission (5% of the professional-fee component of each processed renewal);
- respond to support requests and comply with legal obligations.
3. Third-party services
We use the following third-party services in connection with the platform:
- Stripe — Client-facing card payments (on your firm's own Stripe account) and platform billing (on our account). Stripe's privacy policy applies to payment data: stripe.com/privacy
- PayPal — Client-facing PayPal payments where you elect to use PayPal (on your firm's own PayPal account). PayPal's privacy notice applies: paypal.com/privacy
- SMTP providers — You may configure your firm's own SMTP server for sending reminders and confirmations; otherwise the platform's default SMTP is used.
- Twilio — SMS delivery where you enable SMS reminders using your firm's own Twilio credentials. Twilio's privacy policy applies: twilio.com/legal/privacy
- Xero — Invoice integration where you connect your firm's Xero tenant. Xero's privacy policy applies: xero.com/legal/privacy
- Frankfurter (European Central Bank FX) — We fetch foreign exchange rates to convert fees where your firm operates multiple currencies.
- Laravel Cloud & Laravel Nightwatch — Application hosting and monitoring. Technical diagnostics (error traces, performance metrics) are collected to operate and improve the platform.
When you use these integrations, the relevant provider's terms and privacy policies also govern how they handle data.
4. Data retention
We retain your data for as long as your account is active and as needed to provide the Service, comply with legal obligations, and resolve disputes. You may request deletion of your account and associated data at any time; we will process such requests in accordance with applicable law. Audit trails and financial records may be retained for statutory periods even after account closure.
5. Security
We implement appropriate technical and organisational measures to protect your data, including encryption in transit (HTTPS), encryption at rest for sensitive columns (payment credentials, API tokens, SMTP passwords), per-org isolation via a database scope, access controls, and secure cloud hosting. Payment card data is handled exclusively by Stripe and PayPal and is not stored on our systems.
6. Your rights
Depending on your location, you may have rights to access, correct, or delete your personal data, to restrict or object to processing, and to data portability. To exercise these rights, please contact us using the details below. You may also lodge a complaint with a supervisory authority in your jurisdiction.
7. Data controller
You (the firm) are the data controller for the contact and matter data you enter into IP Renewal Desk, including client contact details. We act as a data processor in respect of that data when processing it on your behalf in accordance with your instructions and these terms. We are the data controller for your firm's account data, billing data, and usage data.
8. Changes
We may update this policy from time to time. We will post the revised policy on this page and update the "Last updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.
9. Contact
For privacy-related questions or requests, please get in touch via our contact form.