Menu

Featured

Artificial Intelligence

Reinvention

Technology

Loading Results

Clients (including individuals who work for our corporate clients)

Corporate clients/individuals who work for our corporate clients (including prospective clients)  

What personal data do we collect? 

During our relationship with you (or your employer) we will collect personal data to enable us to carry out our services.  The personal data we process depends on the services provided but typically includes: 

  • personal details (e.g. name, age/date of birth, gender, marital status, country of residence); 
  • contact details (e.g. email address, contact number, postal address); 
  • financial details (e.g. salary and other income and investments, benefits, tax status); and 
  • job details (e.g. role, grade, experience and performance information).  

For certain services or activities, we may also collect special categories of personal data (such as to perform client checks or to provide immigration and tax services). If applicable, we will collect information about political affiliations or trade union membership details, information about your health, or data revealing racial or ethnic origin.  

Personal data will be collected either from you directly, your employer, a third party acting on your employer’s instructions, or from information that has been made publicly available. We will only ask for personal data that is necessary for the agreed services and request that you (or your employer) do not provide anything in addition to what is necessary.  

How do we use your personal data? 

We use personal data for the following purposes: 

  • to conduct due diligence checks for clients and prospective clients

    Before entering into a contract with you/your employer (and on an ongoing basis once we are in contract) we carry out due diligence checks in relation to client engagements. As part of these checks we will carry out searches using publicly available sources (such as internet searches and sanctions lists) and other third party data sets to identify politically exposed persons and heightened risk individuals and organisations and check that there are no issues that would prevent us from working with a particular client (such as sanctions, criminal convictions (including in respect of company directors), conduct or other reputational issues). With our corporate clients we will carry out these checks on the corporate entity and those individuals who have an influential role in that corporate entity.  
  • for administration purposes (e.g. client account opening and ongoing management and development of our business and services)

    During the course of our relationship with you we will use your personal data to manage our business and services, set up client accounts, manage our IT systems and applications, identify client needs and manage billing and payment.   
  • to provide our professional services

    The personal data we process when providing our professional services will depend on the agreed services with you. For example, we will review payroll data as part of an audit process, or we will use location, family circumstances and income data as part of our global mobility, tax and pensions services.     

    This processing is necessary for the purposes of our legitimate interests in providing professional services to our clients, and to meet our clients’ legitimate interests in receiving those professional services.   

    In certain circumstances, we have a legal obligation to provide services in a specific way (for example when providing statutory audit services to our clients). When we are required to process special categories of personal data we do so on the grounds of a relevant public interest condition or consent.  
  • for security monitoring purposes

    To protect both our own and our clients’ data, we carry out security monitoring to detect, investigate, and resolve security threats. This involves scans of our systems and software, where client files and personal data are stored. 

    This processing is necessary for the purpose of our legitimate interests to ensure that our systems remain secure and to prevent and detect crime. 
  • to comply with a requirement of law, regulation or a request from a professional body to which we are subject 

    As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data. 
  • to improve and develop our services

    We analyse client data to gain a deeper understanding of specific issues, industries, or sectors, offer insights to our clients, enhance our business and service delivery, and develop or improve PwC technologies, tools and professional service offerings. To the extent the information used for these purposes contains personal data, we will assess and implement appropriate safeguards (such as pseudonymisation or other de-identification measures) prior to using the information for these purposes.  Where required under applicable law, we will obtain your consent for such processing.   

How long will we keep your personal data? 

We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected it and to comply with any applicable legal, regulatory, accounting or reporting requirements.   

When permissible, we may anonymise your personal data instead of deleting it. In such cases, all identifying information is removed, making it impossible to associate the data with you or your identity.  

Personal clients (including prospective clients) 

During our relationship with you we will collect personal data to enable us to provide professional services. The personal data we will process depends on the provided services but typically includes: 

  • business-related details; 
  • personal details (e.g. name, age/date of birth, gender, marital status, country of residence); 
  • contact details (e.g. email address, contact number, postal address); 
  • income, taxation and other financial-related details (e.g. salary and other income and investments, benefits, tax status); and 
  • details about your family.  

Depending on the services, we may also collect special categories of personal data (e.g. to perform client checks and to provide immigration and tax services). If applicable, we will collect information about political affiliations or trade union membership details, information about your health, or data revealing racial or ethnic origin. 

Personal data will be collected either from you directly, a third party acting on your instructions, or from information that has been made publicly available. We will only ask for personal data that is necessary for the agreed services and request that you do not provide anything in addition to what is necessary. 

Where we require personal data of other data subjects, such as family members, we request that you inform them and provide them with details of how we use their personal data (as set out in this privacy statement).  

How do we use your personal data? 

We use personal data for the following purposes: 

  • to conduct due diligence checks for clients and prospective clients

    Before entering into a contract with you (and on an ongoing basis once we are in contract) we carry out due diligence checks to manage risk in relation to client engagements. As part of these checks we will carry out searches using publicly available sources (such as internet searches and sanctions lists) and other third party data sets to identify politically exposed persons and heightened risk individuals and organisations and check that there are no issues that would prevent us from working with a particular client (such as sanctions, criminal convictions (including in respect of company directors), conduct or other reputational issues). These checks are performed on our clients and those connected with our clients.  
  • for administration purposes (e.g. client account opening and ongoing management and development of our business and services)

    During the course of our relationship with you we will use your personal data to manage our business and services, set up client accounts, manage our IT systems and applications, identify client needs and manage billing and payment.   
  • to provide our professional services

    The personal data we process when providing our professional services will depend on the agreed services with you. For example, we will review payroll data as part of an audit process, or we will use location, family circumstances and income data as part of our global mobility, tax and pensions services.     

    This processing is necessary for the purposes of our legitimate interests in providing professional services to our clients, and to meet our clients’ legitimate interests in receiving those professional services.   

    In certain circumstances, we have a legal obligation to provide services in a specific way (for example when providing statutory audit services to our clients). When we are required to process special categories of personal data we do so on the grounds of a relevant public interest condition or consent.  
  • for security monitoring purposes

    To protect both our own and our clients’ data, we carry out security monitoring to detect, investigate, and resolve security threats. This involves scans of our systems and software, where client files and personal data are stored. 

    This processing is necessary for the purpose of our legitimate interests to ensure that our systems remain secure and to prevent and detect crime. 
  • to comply with a requirement of law, regulation or a request from a professional body to which we are subject 

    As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data. 
  • to improve and develop our services

    We analyse client data to gain a deeper understanding of specific issues, industries, or sectors, offer insights to our clients, enhance our business and service delivery, or develop and refine PwC technologies and offerings.  To the extent the information used for these purposes contains personal data, we will assess and implement appropriate safeguards (such as pseudonymisation or other de-identification measures) prior to using the information for these purposes.  Where required under applicable law, we will obtain your consent for such processing.   

How long will we keep your personal data? 

We will only keep your personal data for as long as necessary to fulfil the purposes for which we collected it. Personal data may be held for longer periods where extended retention periods are required by law or regulation and in order to establish, exercise or defend our legal rights. When permissible, we may anonymise your personal data instead of deleting it. In such cases, all identifying information is removed, making it impossible to associate the data with you.   

Follow us

© 2017 - 2026 PwC. All rights reserved. PwC refers to the PwC network and/or one or more of its member firms, each of which is a separate legal entity. Please see www.pwc.com/structure for further details. This content is for general information purposes only, and should not be used as a substitute for consultation with professional advisors. This website contains content generated by or created with the assistance of AI.