All questions

Intellectual property and data protection

i Copyright protection of software

Digital data and material will usually be one of fintech companies' key assets. Therefore, it is important to outline the legal scope for protection of such assets.

There have been debates on whether computer programs (software) are protected as a copyright or patent right. In the EU, the copyright model has been the legal approach for dealing with this situation. In that sense, computer programs are protectable by copyright as literary works if they express the intellectual creation of an author.44 In that regard, the source code and object code of the software are protected by copyright.

Copyright protection extends to any element of expression of the creativity of its author, but not to the ideas behind it, procedures, methods of operation, or mathematical concepts as such. Therefore, an algorithm will not be protected by copyright. The main legal argument for this conclusion is that it is a factual concept and not an expression of the intellectual creativity of its author.

If an employee of a fintech company develops software during the performance of his work or according to the employer's instructions, the copyright will automatically be granted to the employer.45 This rule applies only to 'employees'. Consequently, consultants and software developers entering into a separate agreement with the company will attract the copyright as creators of the work. Therefore, it is important to manage the rights to such software in the contract under which it is developed.

ii Patent protection of software

The European Patent Convention and the Danish Patent Act excludes software from patentability if a patent application relates to a computer program 'as such'. It is therefore necessary to distinguish between 'software patents' that are excluded and 'computer-implemented inventions' that are accepted patentable subject matters.

In this respect, patent protection can be granted to inventions that involve the use of a computer, a computer network or other features realised by means of a computer program. Therefore, patentability is not denied on the sole basis that a computer program is involved. The decisive factor for patent protection of software is that the invention must contain or possess a technical character. This technical character must be present in all variants covered by the patent claim.

iii Database protection

Certain fintech business models have an interest in protecting the database they created. Protection can be obtained either as copyright protection or the unique sui generis protection offered by the directive on legal protection of databases.46 The latter protection type is, seemingly, easiest to access, as it only requires a substantial investment (qualitatively or quantitatively) in either obtaining, verifying or presenting the data.

The copyright protection demands that the selection or arrangement of the contents of the database be the author's own intellectual creation. Hence, protection will only apply to the selection and arrangement or structure of the material contained in the database and not the data itself.

The sui generis right on the other hand does not protect the structure or arrangement of the database but protects the contents of the database. Thus, if a company is protected by the sui generis right, it has the right to prohibit any acts of extraction or reutilisation of the whole, or a substantial part, of the contents of a database.


Providers of financial services in Denmark are subject to the EU GDPR and the Danish Data Protection Act.47 It is necessary for fintech companies to ensure that personal data is processed lawfully in the light of the data protection rules.

As an example, companies must gather information about their customers in accordance with the Danish AML Act and about their investors pursuant to the suitability test carried out by MiFID companies. When companies gather the aforementioned information, obligations under the GDPR regime are triggered and the companies must comply with these rules to avoid any sanctions.