Privacy Statement: PwC

This privacy statement was last updated on September 20, 2023

PwC is committed to protecting your privacy. This privacy statement describes why and how we collect, use and disclose personal information collected from individuals themselves or from other third parties, and provides information about individuals’ rights with respect to their personal information. We may use personal information provided to us for any of the purposes described in the relevant section of this privacy statement or as otherwise stated at the point of collection.

Our goal is to process personal information as necessary for our legitimate business purposes in a transparent manner. If you have any questions regarding our privacy practices, please contact us as set forth in the Contact Us section below.

“PwC” (and “we,” “us,” “our”) refers to such PwC member firm in the US that: (1) is involved in providing or receiving services or products; (2) sends you communications; (3) posted a position for which you are applying; or (4) you have a role or relationship with, including through the use of and access to our websites and applications. Each member firm in the PwC network is a separate legal entity — be aware that if you are in a jurisdiction outside of the US, you may or may not have a direct relationship with us, but rather with one of our member firms. For further details, please see www.pwc.com/structure.

Our processing activities

Use the buttons below to find out more about the sections of this privacy statement that are relevant to you.

Business contacts

Information collection

We collect and use business contact details for individuals associated with existing and potential PwC clients to manage and maintain our relationship with those individuals. Like most businesses, we use a customer relationship management system (the “PwC CRM”) to store personal information about our business contacts.

The collection of personal information about contacts and the addition of that personal information to the PwC CRM is initiated by PwC staff and may include name, employer name, title, phone, email and other business contact details. In addition, the PwC CRM may collect data from PwC email and calendar systems concerning interactions between PwC staff and business contacts.

When we send you emails, we may use technologies to determine whether the email has been opened and whether the links contained within the message have been clicked on. We may combine information collected through these means with other information we maintain about you to measure interest in our specific offerings and email campaigns, improve our offerings to specific target audiences, and tailor our interactions with you.

Information use

We use this information for the following business purposes:

Administering, managing and developing our business and services. We may process personal information to run our business, including:
- managing our relationship with clients;
- providing services and customer support to our clients;
- developing our business and services, such as identifying client needs and improvements in service delivery and learning more about a client relationship opportunity we or other PwC member firms have an interest in;
- analyzing and evaluating the strength of interactions between PwC and a contact (e.g., the PwC CRM uses an algorithm to help with this analysis, and the evaluation is primarily based on interaction frequency, duration, recency and response time);
- performing analytics, including with regard to trends, relationship maps, sales intelligence, and progress against account business goals;
- maintaining and using IT systems;
- hosting or facilitating the hosting of events;
- conducting surveys (e.g. benchmarking) or quizzes; and
- administering and managing our website, systems, and applications.

Providing information about us and our range of services. Unless we are asked not to, we use client business contact details to provide information that we think will be of interest about PwC and our services. For example, we may send you industry updates and insights, information about other services that may be relevant to you, and invites to events.

Please review the Individual rights section below for information about how you may unsubscribe from our mailing lists and exercise other rights.

Information retention

Personal information will be retained in the PwC CRM for as long as we have, or need to keep a record of, a relationship with a business contact. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and to establish, exercise or defend our legal rights.

Information disclosure

We may disclose personal information as described in the Information disclosure section below.

In addition, business contacts stored in the PwC CRM may be accessed by other PwC member firms for the purposes described above.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Corporate clients (and individuals associated with our corporate clients)

Our policy is to collect only the personal information necessary for agreed purposes, and we ask our clients only to share personal information with us when it is needed for those purposes. When we need to process personal information to provide our services, we ask our clients to provide the necessary information to the data subjects concerned regarding how PwC will process that personal information, as our clients are typically in the appropriate position to communicate this information to the data subjects (e.g., our clients’ employees or our clients’ customers).

Information collection

Given the diversity of services we provide to clients (click here for information on our services), we process many categories of personal information, which may include:

Personal details (e.g., name, age/date of birth, gender, marital status, country of residence);
Contact details (e.g., email address, phone number, postal address);
Login credentials (e.g., email address or username, password);
Financial details (e.g., salary, payroll details and other financial-related details such as income, investments and other financial interests, benefits, tax status);
Survey or quiz responses;
Job details (e.g., role, grade, experience, performance information and other information about management and employees); and
For certain client engagements, we may process sensitive or special categories of personal information (such as in performing know your client checks, which may involve us processing government identification documents that may contain biometric data).

We generally collect such personal information from our clients or from third parties acting on the instructions of the client, but in limited cases may collect information directly from the data subjects or from publicly available sources, in each case on behalf of our clients.

Information use

We use the above personal information for the following business purposes:

Providing professional services and products
We provide a diverse range of professional services (click here for information on our services) and products. Some of our services require us to process personal information to provide advice and deliverables. We may also seek feedback and opinions in surveys (e.g. benchmarking) or quizzes.

Security, quality and risk management activities
- Personal information, such as client users’ login credentials, may be processed to administer and manage our websites, applications, and other online services that we make available to clients, including to confirm and authenticate identity and prevent unauthorized access. Please see the Users of our websites and applications section of this privacy statement for additional information about how such information may be used.
- Personal information may be processed as part of the security monitoring that we undertake to detect, investigate and resolve security threats — for example, automated scans to identify harmful emails (e.g., phishing attempts).
- We monitor the services provided to clients for quality purposes and risk management purposes, which may involve processing personal information stored on the relevant client file.
- We collect personal information as part of our client engagement and acceptance procedures, including carrying out searches using publicly available and/or third party sources to help identify heightened risk individuals and organizations and check that there are no issues that would prevent us from working with a particular client, such as sanctions, criminal convictions, conduct or other reputational issues, including with respect to company directors.
Complying with any requirement of law, regulation or a professional body of which we are a member
- As with any provider of professional services, we are subject to legal, regulatory and professional obligations. Subject to these obligations, and as described in the Information retention section below, we need to keep certain records to demonstrate that our services are provided in compliance with those obligations, and those records may contain personal information.

We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients, we may use information that we receive in the course of providing professional services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, provide insights to our clients, improve our business, service delivery and offerings and develop new PwC technologies and offerings. To the extent that the information we receive in the course of providing professional services contains personal information, we will de-identify the information prior to using it for these purposes.

Information retention

We retain the personal information processed by us in accordance with the terms of our client agreements

Information disclosure

We may disclose personal information as described in the Information disclosure section below. In addition, we may disclose personal information to:

Third party organizations that assist us in providing services
On certain client engagements, pursuant to our agreements with such clients, we may engage or otherwise work with other providers to help us provide professional services to our clients.
Our clients
Where we need to process personal information to provide professional services to our clients, we may include personal information in our deliverables, such as the reports we create.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Individual clients of PwC services

We may provide a separate privacy statement in connection with certain services provided to individuals, and where we do so, such privacy statement will apply to our processing of personal information in the performance of those services.

Generally, our policy is to collect only the personal information necessary for agreed purposes, and we ask our clients only to share personal information when it is needed for those purposes. When we need to process personal information relating to individuals other than our clients to provide our services, we ask our clients to provide the necessary information to other data subjects concerned, such as family members, regarding its use.

Information collection

Given the diversity of the services we provide to individual clients (click here for information on our services), we process many categories of personal information, including, as appropriate for the services we are providing:

contact details (e.g., email address, phone number, postal address);
business activities (e.g., job details, role, experience);
family information (e.g., dependents and other household information);
financial details (e.g., salary, payroll details and other financial-related details such as income, investments and other financial interests, benefits, tax status); and
survey responses.

For certain services, and when permitted by law, we may also collect sensitive or special categories of personal information. Examples of sensitive or special categories include social security, driver’s license, state identification card, or passport numbers; certain financial account details; information revealing racial or ethnic origin, religious or philosophical beliefs, sexual life/orientation, union membership, or political opinions; health information; genetic data; biometric data; precise geolocation data; and criminal records.

Generally, we collect personal information directly from our clients or from a third party acting on the instructions of the client.

Information use

We use personal information for the following business purposes:

Providing professional services
We provide a diverse range of professional services (click here for information on our services). Some of our services require us to process personal information to provide advice and deliverables. For example, we may use personal information to provide individual tax advice, immigration services or pension advice.
Administering, managing and developing our businesses and services
We may process personal information to run our business, including:
‒ managing our relationship with clients;
‒ developing our businesses and services (such as identifying client needs and improvements in service delivery);
‒ maintaining and using IT systems;
‒ conducting surveys (e.g. benchmarking) or quizzes;
‒ hosting or facilitating the hosting of events; and
‒ administering and managing our website and systems and applications.
Security, quality and risk management activities
‒ Personal information may be processed as part of the security monitoring that we undertake. For example, automated scans to identify harmful emails (e.g., phishing emails).
‒ We monitor the services provided to clients for quality purposes, which may involve processing personal information stored in the relevant client file. We have policies and procedures in place to monitor the quality of our services and manage risks in relation to client engagements.
‒ We collect and hold personal information as part of our client engagement and acceptance procedures, including carrying out searches using publicly available sources and third party sources — such as internet searches and sanctions lists — to help identify politically exposed persons and heightened risk individuals and organizations and checking whether there are issues that should be considered in determining whether to work with a particular client — such as sanctions, criminal convictions, conduct or other reputational issues, including with respect to company directors.
Providing our clients and prospective clients with information about us and our range of services
With consent or otherwise in accordance with applicable law, we use client contact details to provide information that we think will be of interest about us and our services — for example, industry updates and insights, other services that may be relevant and invitations to events.
Complying with any requirement of law, regulation or a professional body of which we are a member
As with any provider of professional services, we are subject to legal, regulatory and professional obligations. Subject to these obligations, as described in the Information retention section below, we need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal information.

We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients, we may use the information that we receive in the course of providing professional services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, provide insights back to our clients, to improve our business, service delivery and offerings and to develop new PwC technologies and offerings. To the extent that the information that we receive in the course of providing professional services contains personal information, we will de-identify the information prior to using it for these purposes.

Information retention

We retain the personal information processed by us for as long as is considered necessary for the purpose(s) for which it was collected. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and to establish, exercise or defend our legal rights.

Information disclosure

We may disclose personal information as described in the Information disclosure section below. In addition, we may disclose personal information to:

Third party organizations that assist us in providing services
On certain client engagements, pursuant to our agreements with such clients, we may engage or otherwise work with other providers to help us provide professional services to our clients.
Our clients
Where we need to process personal information to provide professional services to our clients, we may include personal information in our deliverables (such as the reports we create).

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Users of our websites and applications

This section describes our privacy practices with respect to https://www.pwc.com and other PwC websites, applications and online services that link to this privacy statement (together referred to as the “Site”).

We may provide a separate privacy statement in connection with certain websites and applications that we offer, and where we do so, such privacy statement will apply to our collection and use of personal information collected through such websites and applications.

For information about our collection and use of information, such as login credentials, that we process in order to provide client users with access to the websites, applications, and other online services that we make available to clients in connection with our professional services, please see the Corporate clients section of this privacy statement.

For information about our collection and use of information received as part of an application for employment submitted through our Site or if you join our Talent Network or Talent Community through our Site, please see the Sourcing and recruitment of candidates section of this privacy statement.

Information collection

When you access or otherwise use our Site, we will collect information about you and how you interact with our Site. We may collect information about you through: (1) information you provide; (2) automatic tracking technologies; and (3) third parties.

Information you provide

When you visit our Site, you may choose to provide information about yourself such as your name, address, email address, telephone number, fax number, job title, and company name. By way of example, you may choose to provide your information in the following circumstances:

Subscription or ordering newsletters and/or publications;
Participation in "join our mailing list" initiatives;
Participation in bulletin boards, discussion, or message forums;
Entering surveys (e.g., benchmarking) or quizzes;
Registration for events and conferences;
Registration for premium online services;
Contacting us for further information; and
Visiting our Site while logged into a social media platform.

Automatically collected information

We use online identification technologies, such as cookies, web beacons, SDKs, pixels or similar technologies (“Tracking Technologies”) on our Site. The information we collect using these technologies includes IP address and other identifiers as well as information about your internet activity and browsing behavior on our Site. We also use website analytics providers which may set Tracking Technologies on your device. Our use of Tracking Technologies allows us to customize your interactions with our Site and with PwC and to measure the efficacy of our marketing campaigns. For more information about our use of Tracking Technologies, please review our Cookie Information page.

To properly manage our Site we also log anonymous information on our operational systems and identify categories of visitors by items such as domains and browser types. These statistics are reported in the aggregate to our website administrators. This is to improve the web experience of our Site’s visitors and to provide us with an effective information resource.

When we send you emails, we may use technologies to determine whether the email has been opened and whether the links contained within the message have been clicked on. We may combine information collected through these means with other information we maintain about you in order to measure interest in our specific offerings and email campaigns, improve our offerings to specific target audiences, and tailor our interactions with you.

Information use

We use the information we collect as described above for various purposes depending on the context in which we collected the information. For example, it may be necessary for us to process your information in order to process a transaction or provide a service you have requested or otherwise in accordance with a contract between us, or we may process your information in accordance with your prior consent (where you have provided such consent).

We also use the information we collect for the following business purposes:

Operating and improving the Site;
Fulfilling your orders and requests;
Managing your registration preferences;
Customizing the Site and your interactions with PwC;
Understanding how the Site is being used;
Exploring ways to develop and grow our business;
Maintaining and improving the safety and security of the Site;
Preventing and enhancing protection against fraud, spam, harassment, intellectual property infringement, crime and security risks;
Sending you renewal notifications and/or service notifications;
Conducting customer satisfaction surveys;
Improving our products and services;
Running our operations;
Complying with law and legal obligations;
Responding to your inquiries; and
Sending marketing communications about PwC products, services, and events.

Information retention

We will retain the personal information collected by us through the Site for as long as is necessary for the purpose(s) for which it was collected as set out above, provided that personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards, and in order to establish, exercise or defend our legal rights.

Information disclosure

We may disclose personal information as described in the Information disclosure section below.

In addition, business contacts stored in the PwC CRM may be accessed by other PwC member firms for the purposes described above.

Third party sites

Our Site may link to other websites which do not operate under PwC’s privacy practices. When you visit other websites, PwC’s privacy practices no longer apply. We encourage you to review each site’s privacy policy before disclosing any personal information.

Children

PwC understands the importance of protecting children’s privacy, especially in an online environment. The Site is not intentionally designed for or directed at children under the age of 13 years. It is PwC’s policy never to knowingly collect or maintain personal information about children under the age of 13 in connection with the Site.

Your choices

Unsubscribe

Should you wish to unsubscribe from our mailing list or any registrations, we will provide instructions in the appropriate area of the Site or in communications to you.

Managing cookies

If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, you may refuse or delete one or more cookies and still access our Site, but Site functionality may be impaired. After you finish browsing our websites, you may delete Site cookies from your system if you wish. For more information on managing cookies, please see our Cookie Information page.

Do not track

Do Not Track (“DNT”) is a privacy preference that you can set in your web browser to send a message to the website operator requesting not to be tracked. Currently, we do not respond to these DNT signals. For more information about DNT, visit https://allaboutdnt.com.

Other rights

For information about other rights you may have under applicable law, please see the Individual rights section of this privacy statement.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Personnel

We collect personal information concerning our own personnel (partners, principals and staff) as well as individual contractors to administer the employment relationship and manage our business.

Please refer to the privacy statements available on PwC’s intranet for information on the collection and processing of your personal information in relation to your role with PwC.

Back to the list of our processing activities

Sourcing and recruitment of candidates

We collect and use personal information in connection with our sourcing activities, sometimes referred to as our “Talent Network” or “Talent Community,” and recruitment. When joining our Talent Network or Talent Community, you can do so independently or through the US firm’s formal application process for an open position.

If you are formally applying for one of the firm’s open positions, you will be presented separate privacy statements at the point of data collection during these processes. Should your formal application result in being extended and accepting an opportunity to join the firm, you will also be presented with privacy statements during the onboarding process. Please review those privacy statements for information about how PwC processes personal information in connection with recruitment and onboarding.

When providing information through the PwC US Careers webpage on our Site, please see the Users of our Websites and Applications section of this privacy statement for additional information about the collection and use of your information, including our use of Tracking Technologies. For more information about our use of Tracking Technologies, please review our Cookie Information page.

Information collection

If you choose to join our Talent Network or Talent Community, which is independent of and may be done in conjunction with completing the firm’s formal employment application, we may collect the following personal information from you:

Contact details (e.g., name, email, telephone number);
Education, academic and professional qualifications;
Locations and interest in global opportunities;
Employment history;
Your responses to surveys and quizzes, if you choose to participate;
Areas of interest and specialized knowledge/subject matter; and
Other information included on your resume/CV that you choose to submit.

We may also obtain the following personal information about you from third party sources:

Social media profile information, if you choose to provide us with a link to your profile page; and
Information from social media sites of which you are a member, specific to your engagement with our recruitment campaigns.

If you join our Talent Network or Talent Community during the recruitment application process, we may also use the information provided as part of your recruitment application for the purposes described below.

Information use

We use such personal information for the following business purposes:

To attract talent and market opportunities at PwC including by arranging, hosting and participating in events, marketing and advertising opportunities, including on social media, and using recruiters to help find talent for us.
To identify and source talent including by searching our talent pool and publicly available sources (such as professional networking and job websites of which you are a member).
To evaluate you for open positions that match your interests and experience throughout the PwC network, manage your talent profile, send you email notifications, surveys, quizzes, and other announcements, request additional information or otherwise contact you regarding recruitment, events, thought leadership, or other opportunities we believe may be of interest to you.
To conduct statistical analyses and create reports, including regarding use of our careers websites, reports on PwC recruitment activities, analyses of candidate sourcing channels, and other requirements under US laws and regulations.
To administer and manage our careers websites and communicate with you about careers at PwC.
Any other purposes stated when you provide the information to PwC.

Please review the Individual rights section below for information about how you may unsubscribe from our mailing lists and exercise other rights.

Information retention

We retain the personal information processed by us for as long as is considered necessary for the purpose(s) for which it was collected. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and in order to establish, exercise or defend our legal rights.

Information disclosure

We may disclose personal information as described in the Information disclosure section below.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Suppliers (including subcontractors and individuals associated with our suppliers and subcontractors)

Information collection

We collect and process personal information about our suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) in order to manage our relationships with our suppliers, to receive services from our suppliers, and, where relevant, to provide professional services to our clients. The personal information we process about our supplier contacts is generally business card information and includes name, employer, phone number, email and other business contact details, and the communications with us.

With respect to individuals subcontracted to work for or with PwC, please refer to the relevant privacy statement available on PwC’s intranet for information on the collection and processing of your personal information in relation to your role with PwC.

Information use

We use such personal information for the following business purposes:

Receiving services. We process personal information in relation to our suppliers and their staff as necessary to receive the relevant services. For example, where a supplier is providing us with facilities management or other outsourced services, we will process personal information about those individuals that are providing services to us.
Providing professional services to clients. Where a supplier is helping us to deliver professional services to our clients, we process personal information about the individuals involved in providing the services in order to administer and manage our relationship with the supplier and the relevant individuals and to provide such services to our clients (for example, where our supplier is providing people to work with us as part of a PwC team providing professional services to our clients).
Administering, managing and developing our businesses and services. We may process personal information in order to run our business, including:

‒ managing our relationships with suppliers;
‒ developing our businesses and services (such as identifying client needs and improvements in service delivery);
‒ maintaining and using IT systems;
‒ conducting surveys;
‒ hosting or facilitating the hosting of events; and
‒ administering and managing our website and systems and applications.

Security, quality and risk management activities. We have security measures in place to protect our and our clients’ information (including personal information), which involves detecting, investigating and resolving security threats. Personal information may be processed as part of the security monitoring that we undertake; for example, automated scans to identify harmful emails. We have policies and procedures in place to monitor the quality of our services and manage risks in relation to our suppliers. We collect and hold personal information as part of our supplier contracting procedures. We monitor the services provided for quality purposes, which may involve processing personal information.
Providing information about us and our range of services. Unless we are asked not to, we use business contact details to provide information that we think will be of interest about us and our services -- for example, industry updates and insights, other services that may be relevant and invites to events.
Complying with any requirement of law, regulation or a professional body of which we are a member. As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal information.

Information retention

Personal information will be retained about our contacts at our suppliers for as long as it is necessary for the purposes set out above (e.g., for as long as we have, or need to keep a record of, a relationship with a contact, which is for the duration of our relationship with a contact or their organization). Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and in order to establish, exercise or defend our legal rights.

Information disclosure

We may disclose personal information as described in the Information disclosure section below.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Attendees of PwC events

We may collect personal information from attendees and participants of PwC-sponsored events as described below. Unless separate privacy terms are provided to the attendee or participant at or in connection with the event, any personal information collected will also be treated in accordance with the section of this privacy statement that applies based on the attendee’s or participant’s relationship with PwC (e.g., business contact, client contact, supplier contact, job applicant). In addition, with respect to virtual events, please see the Users of our websites and applications section of this privacy statement, and with respect to events hosted at one of our office locations, please see the Visitors to our offices section of this privacy statement.

Information collection and use

When we collect personal information in connection with PwC-sponsored events, such information is provided directly and voluntarily by or on behalf of the attendee or participant and includes the individual’s business card information and other personal information specific to the event and any accommodations. We use such information to manage registration, attendance and participation at the relevant PwC-sponsored event. We may also take photographs in public areas at our events and we may use these in our marketing materials.

Information retention

Personal information will be retained about our event attendees and participants for as long as we have, or need to keep a record of, a relationship with such individuals. Personal information may be held for longer periods where extended retention periods are required by law, regulation, or professional standards and in order to establish, exercise or defend our legal rights.

Information disclosure

We may disclose personal information as described in the Information disclosure section below.

In addition, where we are co-sponsoring an event, we may disclose your information to the other organization(s) sponsoring or organizing the event. For certain events we may also circulate participant lists amongst participants or event organizers.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Visitors to our offices

We have security measures in place to protect our offices and the people within them, such as secured entrance doors, visitor management procedures, security cameras, and an alarm activation system.

Security System

PwC offices are protected with security equipment at all entrance doors providing access control, auditing, and intrusion detection. The security camera system records activity at all entrance points and high security areas. The video images captured are securely stored and only accessed on a need to know basis for investigative purposes only (e.g., to look into an incident occurring at one of our locations). The recordings are stored for a minimum of 90 days. We may disclose video or still images to law enforcement bodies as permitted by law.

Visitor records

We require all visitors to first be screened through our video intercom at our reception floor before we provide access into our reception area. When at the reception desk, the visitor will record their visit and be greeted by their PwC contact person. In the event of a pandemic or other public health emergency, visitors may be asked to provide additional information, including contact information and health questionnaire responses. Visitor information is maintained for 30 days and is only used for security or emergency situations.

Guest WiFi

We monitor traffic on our guest WiFi networks using industry standard intrusion detection systems. This allows us to see limited information about a user’s network behaviors but will include being able to see at least the source and destination addresses the user is connecting from and to.

Information disclosure

We may disclose personal information as described in the Information disclosure section below.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Others who get in touch with us

We collect personal information (such as name, contact details and contents of the communication) when an individual gets in touch with us with a question, complaint, comment, survey response or other feedback. In these cases, we will only use the information for the purpose of responding to and keeping a record of the communication. We may disclose personal information as described in the Information disclosure section below.

Your California privacy rights

If you are a California resident, please click here for additional information about our processing of personal information and your California privacy rights.

Back to the list of our processing activities

Security

PwC has implemented generally accepted standards of technology and operational security designed to protect personal information from loss, misuse, alteration or destruction. Only authorized PwC personnel and the third parties described in this privacy statement are provided access to personal information and these employees and third parties have agreed to maintain the confidentiality of this information. Please note that in the unlikely event that we might need to contact you about a matter involving your personal information, we may email you about the matter.

Data Privacy Framework; Cross-border transfers

PwC adheres to the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce. To learn more see our Data Privacy Framework Policy.

We are part of a global network of firms and in common with other professional service providers, we use third parties located in other countries to help us run our business. As a result, personal information may be transferred outside the countries where we and our clients are located. This includes transfers to countries outside the European Economic Area (“EEA”) and to countries that may not have laws that provide the same degree of protection for personal information as your home country. In accordance with applicable legal requirements, we take appropriate measures to facilitate adequate protection for any information so transferred.

Where we transfer personal information outside of the EEA to a country or framework not determined by the European Commission as providing an adequate level of protection for personal information, the transfers will be under an agreement which covers European Union requirements for such transfers, such as standard contractual clauses. The European Commission approved standard contractual clauses are available here.

Information disclosure

We will only disclose personal information to others for a business purpose and when we are legally permitted to do so. When we disclose information to others, we put contractual arrangements and security mechanisms in place as appropriate to protect the information and to comply with our information protection, confidentiality and security standards.

In addition to any information disclosure practices described in the relevant section under Our processing activities, we disclose personal information to the following categories of recipients:

Other PwC member firms
‒ For details of our member firm locations, please click here.
‒ We may disclose personal information to other PwC member firms where necessary for administrative purposes and to provide professional services to our clients (e.g., when providing services involving advice from PwC member firms in different territories).
‒ We store personal information on our or other PwC member firm servers in the United States, EU and Singapore. IT support and services are provided by PwC India and PwC’s IT services company.
Third party organizations that provide applications/functionality, data processing or IT services to us. We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems -- for example, providers of information technology, cloud-based software-as-a-service, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in data centers around the world, and personal information may be stored in any one of them. Further details of these providers are set forth below.

Name	Role	Address
Adobe	Marketing Cloud Solutions	345 Park Avenue San Jose, 95110-2704, USA
Amazon Web Services (AWS), Amazon.com, Inc.	Cloud Services	410 Terry Avenue N, Seattle, WA 98109, USA Data centers located in a number of locations around the world (see AWS website)
Google LLC	Cloud Services	1600 Amphitheatre Parkway, Mountain View, CA 94043, USA Data centers located in a number of locations around the world (see Google website)
Infosys	IT Services	Electronic City, Bangalore, India
Iron Mountain Inc.	Media/Hardware/Document Storage and Secure Disposal Services	Boston, MA 02110, USA
Microsoft Corporation	Cloud Services	One Microsoft Way, Redmond, WA 98052, USA Data centers located in a number of locations around the world (see Microsoft website)
Micro Focus International plc	Backup Services	3000 Hanover Street, Palo Alto, CA 94304, USA
Oracle Corporation	Cloud Services	500 Oracle Parkway Redwood Shores, CA 94065, USA
Palo Alto Networks, Inc.	Cloud Network/Infrastructure Services	3000 Tannery Way, Santa Clara, CA 95054, USA
QTS Realty Trust, Inc.	Data Center Services	12851 Foster St. Overland Park, KS 66213, USA
Salesforce.com, Inc	Customer Relationship Management	415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA
Tata Consultancy Services (TCS)	IT Services	Mumbai, Maharashtra, India

Auditors, professional advisors and insurers
We engage auditors and other professional advisors, for example, law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our business. Personal information may be disclosed to these auditors and other advisors as necessary in connection with the products and services they have been engaged to provide. We also have a number of business insurance policies in place and we may need to disclose personal information to the insurer, for example, in the event of a claim.
Law enforcement or other government and regulatory agencies or other third parties as required by applicable law or regulation
Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal information, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. We will only fulfill requests for personal information where we are permitted to do so in accordance with applicable law or regulation.
Third party organizations in connection with a corporate transaction
We may disclose personal information to a third party as necessary in connection with a corporate reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or capital.

Individual rights

Unsubscribe

Should you wish to unsubscribe from our mailing list or any registrations, we will provide instructions in the appropriate area of the Site or in communications to you.

Users of our websites and applications

Please see the Users of our websites and applications section of this privacy statement for additional information about your choices in relation to personal information we collect through the Site.

Individual privacy rights

In certain circumstances under applicable law, you may have the right to access your personal information (including in a portable format if so requested), to correct your personal information, to delete your personal information, and/or to opt out of the sale of your personal information.

To submit a request relating to any of these rights, please use our request form. We will respond to your request within a reasonable timeframe in accordance with applicable law.

We hope that you won’t ever need to, but if you do want to complain about our use of personal information, please send us a message with the details of your complaint by completing our general contact form. Applicable laws may also give you the right to lodge a complaint with the data protection authority in your country.

California privacy rights

If you are a California resident, please click here for information about your California privacy rights.

Changes to this privacy statement

PwC may update this privacy statement at any time by publishing an updated version here. You can access the most current version of this privacy statement at any time on this site.

Contact us

If you have questions about this privacy statement or about our privacy practices, please contact us by completing our general contact form.