This privacy statement was last updated on 25 September 2020
PwC is strongly committed to protecting personal data. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights in relation to personal data. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
As used in this privacy statement, “PwC”, “us”, and “we” refer to the PwC network and/or one or more of its Member Firms that may process your personal information. Each Member Firm in the PwC network is a separate legal entity. The data controllers of your personal information are one or more of the Member Firms listed here at https://www.pwc.com/gx/en/about/corporate-governance/legal-entities.html. For further details, please see www.pwc.com/structure. See http://www.pwc.com/gx/en/about/office-locations.html for a list of countries and regions in which PwC Member Firms operate.
This privacy statement also applies to personal data that may be provided to Strategy&, PwC's global strategy consulting firm, whether by individuals themselves or by others. Strategy& may use personal information for any of the reasons described in this statement or as otherwise stated at the point of data collection. Strategy& is part of the PwC Network.
PwC processes personal data for numerous purposes. Our policy is to be transparent about why and how we process personal data.
Click on the links in our index to take you to the more detailed sections of this privacy statement.
To find out more about our specific processing activities, go to our processing activities.
Your local law may require us to set out in this privacy statement the legal grounds on which we rely in order to process your personal information. In such cases, we rely on one or more of the following processing conditions:
1. You verify the personal data and consent to us the collection and use of your personal data provided by you, and/or by others for the purposes of (i) effective delivery of information and services to you and in the effective and lawful operation of our businesses and the legitimate interests of our clients in receiving professional services from us as part of running their organisation (provided these do not interfere with your rights); and (ii) developing and improving our businesses, services and offerings and in developing new PwC technologies and offerings (provided these do not interfere with your rights); (iii) to satisfy any requirement of law, regulation or professional body of which we are a member (for example, for some of our services, we have a legal obligation to provide the service in a certain way); or (iv) to perform our obligations under a contractual arrangement with you.
2. The implementation of above purposes may include but not limited to:
3. To the extent permissible by the law, we may also apply legitimate interest concepts for all the above purposes (provided these do not interfere with your rights).
If we process your personal information, your personal information may be transferred to and stored outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information.
Where we collect your personal information within the EEA, transfer outside the EEA will be only:
The US member firm of PwC, PricewaterhouseCoopers LLP and its affiliated US subsidiaries (together, “PwC US”), adheres to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information that is transferred from the European Union and its Member States, and the EEA and Switzerland to the United States. PwC US has certified that it adheres to the Privacy Shield Principles within the scope of PwC US’s Privacy Shield certification. To learn more, see the PwC US Privacy Shield Policy.
For details of PwC Member Firm locations, please see http://www.pwc.com/gx/en/about/office-locations.html.
We may share personal data with other PwC member firms where necessary in connection with the purposes described in this privacy statement. For example, when providing professional services to a client we may share personal information with PwC Member Firms in different territories that are involved in providing advice to that client.
We may transfer or disclose the personal data we collect to third party contractors, subcontractors, and/or their subsidiaries and affiliates. Third parties support the PwC Network in providing its services and help provide, run and manage IT systems. Examples of third party contractors we use are providers of identity management, website hosting and management, data analysis, data backup, security and cloud storage services. The servers powering and facilitating our IT infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.
The third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by PwC, and to flow those same obligations down to their sub-processors.
We may also disclose personal information under the following circumstances:
We have implemented generally accepted standards of technology and operational security in order to protect personal information from loss, misuse, alteration or destruction. Only authorised persons are provided access to personal information; such individuals have agreed to maintain the confidentiality of this information.
Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavor to protect personal data, but we cannot guarantee the security of data transmitted to or by us.
You may have certain rights under your local law in relation to the personal information we hold about you. In particular, you may have a legal right to:
The Personal Data you submit to PwC will only be retained for as long as is required for the purposes in accordance with PwC’s retention policy which is in line with the applicable law.
This privacy statement was last updated on 25 September 2020.
We may update this privacy statement at any time by publishing an updated version here. So you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to review this privacy statement periodically to be informed about how we are protecting your information.
You may also contact us at the following postal address:
WTC 3, 33-43 Floor
Jl. Jendral Sudirman Kav. 29-31
Phone: +62 21 509 92901