At PwC, we are committed to protecting your privacy and safeguarding your personal, business and financial information. This Privacy Statement applies to the network of PwC firms operating in the Caribbean (PwC Bahamas, PwC Bermuda, PwC British Virgin Islands, PwC Cayman Islands, PwC East Caribbean, PwC Guyana, PwC Jamaica, PwC Trinidad & Tobago and PwC Turks & Caicos Islands) and their respective affiliates ("PwC", "we", “us” or "our").
The purpose of this Privacy Statement is to inform you about the types of Personal Information, as defined below, that PwC collects, uses and discloses. It explains how we use and disclose that information, the choices you have regarding such use and disclosure, and how you may correct that information.
This Privacy Statement is designed to meet the standards prescribed by territory specific legislation and best practice. In addition to any territory specific laws, we continue to be subject to the confidentiality rules of territory specific professional accountancy bodies.
From time to time, we may make changes to this Privacy Statement. The Privacy Statement is current as of the “last revised" date which appears at the top of this page.
"Personal Information" is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. This information may include, but is not limited to, your mailing address, telephone number, email address, Internet Protocol (“IP”) address, age, gender, marital status, health information, financial status, credit card information and credit history. Personal Information, however, does not include your business title, business address or business telephone number in your capacity as an employee of an organisation.
We will always collect your Personal Information by fair and lawful means (for example, when you engage us to provide services, use the PwC website or speak to a PwC representative). We collect Personal Information directly from you, or indirectly from third party sources as otherwise permitted by applicable law.
From time to time, you may voluntarily provide PwC with unsolicited Personal information (e.g. by providing information through the PwC websites). If you provide such information for any reason, you consent to PwC using that information in the ways described in this Privacy Statement or as described at the point where you choose to disclose this information. When providing PwC with unsolicited information, we ask that you do not provide any sensitive information (e.g. Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic or biometric data, health information) unless you provide us with explicit consent to collect this information from you.
Log files: In order to properly manage our websites, we may anonymously log information on our operational systems, and identify categories of visitors by items such as domains and browser types. These statistics are reported in the aggregate to our webmasters and are generally non-identifiable.
Web beacons: To gather visitor statistics and manage cookies, we use electronic images called a "single-pixel GIF" or "web beacon." Web beacons allow our third-party tracking tools, Adobe Analytics, Google Analytics and Oracle Marketing Cloud to gather information such as the IP address of your computer, the time the material was viewed and the type of Internet browser used to access the page. This information is tracked on the third party tracking tools' servers and reported in aggregate to our webmasters. If you are concerned about the use of Web beacons you can turn off your browsers' cookies. This action will prevent Web beacons from tracking your specific activity; however, the Web beacon may still record a visit from your IP address.
Marketing Automation: In order to provide you with the most personalised experience and give you access to products and services that are most relevant to you, PwC may use marketing automation tools to deliver targeted marketing campaigns across multiple PwC platforms (e.g. via web, email, mobile, etc.) and create customer profiles by tracking your behavior and preferences while using PwC platforms. All of PwC’s electronic marketing activities are done in accordance with applicable legislation.
Finally, PwC understands the importance of protecting children's privacy online. The PwC websites covered by this Privacy Statement are not intentionally designed for or directed at children 13 years of age or younger. It is PwC's policy never to knowingly collect or maintain information about anyone under the age of 13.
Personal Information provided to us by our clients is primarily stored on servers maintained by PwC network firms. However, except where restricted by contractual arrangements or legal requirements applicable to specific clients, PwC may also leverage the services of select third party service providers. Personal Information that is "in the cloud" may be stored on multiple servers in a number of locations around the world. PwC has taken appropriate steps for the protection of Personal Information handled by our service providers. However, information transmitted to other countries may be subject to the laws and lawful disclosure requirements of the jurisdiction(s) where the information is stored.
We generally use your Personal Information for the following purposes (the "Purposes"):
We identify the purposes for which we use your Personal Information at the time we collect such information from you, and obtain your informed, freely given and unambiguous consent prior to each specific use. When you provide us with consent to use your Personal Information, your consent covers all processing activities carried out for the same purpose or purposes. When the use of your Personal Information has multiple purposes, PwC will seek your consent for each separate purpose for which the Personal Information will be used.
We identify to whom, and for what purposes, we disclose your Personal Information, at the time we collect such information from you and obtain your consent to such disclosure.
For example, we may transfer your Personal Information to third party service providers with whom we have a contractual agreement that includes appropriate privacy standards, where such third parties are assisting us with the Purposes — such as service providers that provide data storage or processing.
Generally, we will only make disclosures of Personal Information to such persons for which you provide your consent. Notwithstanding the foregoing, we may also make disclosures of Personal Information to a potential acquirer in connection with a transaction involving the sale of some or all of the business of PwC or as otherwise permitted or required by law, in which case the use of your Personal Information by the new entity would continue to be limited by applicable law.
In addition, we may send Personal Information outside of the country for the purposes set out above, including for process and storage by service providers in connection with such purposes. These other jurisdictions may include the United States, India, United Kingdom or the jurisdiction of any other PwC network firm (as per our engagement letters which allow us to draw on the resources of other firms), which latter jurisdiction(s) may be identified upon request.
To the extent that any Personal Information is out of the jurisdiction of the PwC firm that you are dealing with, it is subject to the laws of the country in which it is held, and may be subject to disclosure to the governments, courts or law enforcement or regulatory agencies of such other country, pursuant to the laws of such country.
We generally obtain your consent prior to collecting, and in any case, prior to using or disclosing your Personal Information for any purpose. You may provide your express consent to us either orally, electronically or in writing. You may also consent to PwC’s collection, use and disclosure of Personal Information by voluntarily providing us with Personal Information through a clear, affirmative action (e.g. by submitting an information request, participating in a survey, etc.). PwC may also rely on your implied consent to the collection, use and disclosure of your Personal Information where implied consent is permitted under applicable law.
We will not, as a condition of the supply of our professional services or products, require you to consent to the collection, use, disclosure or protection of information beyond that which is required to fulfill the specified and legitimate purposes for which the information is being collected.
With respect to our websites, should visitors subsequently choose to unsubscribe from mailing lists or any registrations, visitors may send us an email using the Contact us page.
We ensure that all affiliates and other third parties, including PwC member firms, which are retained to perform services on our behalf and are therefore provided with Personal Information are contractually required to observe the intent of this Privacy Statement and PwC’s privacy and data security policies and practices. When providing information to affiliates and/or third parties, PwC complies with the requirements of Article 28 of the EU General Data Protection Regulation 2016/679 (“the GDPR”) and practices.
We may keep a record of your Personal Information, correspondence or comments in a file specific to you. We will use, disclose or retain your Personal Information for as long as necessary to fulfill the purposes for which that Personal Information was collected, or as permitted or required by law.
If you make a written request to review any Personal Information about you that we have collected, utilised or disclosed, we will provide you with any such Personal Information as permitted or required by law. We will make such Personal Information available to you in a form that is generally understandable, and will explain any abbreviations or codes. To submit a written access request, or to obtain further information with respect to your access rights, you may contact our Data Protection Leader, as indicated below.
We will ensure that your Personal Information is kept as accurate, complete and up-to-date as possible. We will not routinely update your Personal Information, unless such a process is necessary. We may request, from time to time, that you supply us with written updates to your Personal Information, as required.
At any time, you can challenge the accuracy or completeness of your Personal Information in our records. If you successfully demonstrate that your Personal Information in our records is inaccurate or incomplete, we will amend the Personal Information as required. Where appropriate, we will transmit the amended information to third parties having access to your Personal Information.
Unless we advise you to the contrary, we will respond to each of your written requests not later than one month after receipt of such requests. We will advise you in writing if we cannot meet your requests within this time limit. As prescribed in any relevant territory specific regulations, you have the right to make a complaint to the appropriate authority in respect of this time limit.
We may request that you provide sufficient identification to permit access to the existence, use or disclosure of your Personal Information. Any such identifying information shall be used only for this purpose.
We have implemented physical, organisational, contractual and technological security measures to protect your Personal Information from loss or theft, unauthorised access, disclosure, copying, use or modification. The only employees who are granted access to your Personal Information are those with a business 'need-to-know' or whose duties reasonably require such information. On the PwC websites, we use secure socket layer technology.
Trishia Ogilvie, Data Protection Leader
Telephone: +1 345 914 8684