PwC Privacy Policy

PwC Privacy Policy

Scope

This privacy policy applies to PricewaterhouseCoopers Ltd in Mauritius and any entity under similar control, each or together referred as PwC or We. This policy explains how PwC handles personal information and complies with the requirements of the Mauritian Data Protection Act ("DP Act").

If you have any further questions in relation to this policy, please contact our Data Protection Officer.

Introduction

PwC is strongly committed to protecting personal data. This privacy policy describes why and how we collect and use personal data and provides information about individuals’ rights in relation to personal data. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy policy or as otherwise stated at the point of collection.

Collecting information relating to individuals

PwC collects personal information for a range of business purposes from sources such as its clients, customers, employees, contractors and other individuals. Our policy is to be transparent about why and how to process personal data.

We collect information relating to the contact details and organisational roles of our clients, suppliers and other business contacts. The information will relate to basic information of the person such as names, addresses (whether residential or business), mobile or telephone numbers, e-mail addresses (whether personal or work) and job designations.

The information we collect during the provision of our services to our clients would generally be of a more detailed nature such as financial information.

In most cases, the information we collect would be from the individuals with whom we deal and the medium are either through forms or other types of interaction whether by email, conversations or through thirds parties when there is no direct interaction.

How we deal with and use the personal information

Our main purposes for collecting personal information about individuals are:

  • Providing services;
  • Responding to requests;
  • Maintaining client relationship;
  • Notifying clients of our product offerings and developments;
  • Reporting and management;
  • Recruiting;
  • Relating to our staff; and
  • Any purpose that would relate to our business

We may use personal information about individuals to market our services, including by email. However, individuals have the right to object to the processing of personal data concerning him/her for such marketing by writing to the Data Protection Officer, PwC Centre, Avenue de Telfair, Telfair 80829, Moka or by emailing us.

If we collect or use personal information in ways other than as stated in this policy, we will ensure we do so pursuant to the requirements of the Data Protection Act.

Disclosure of personal information

PwC does not routinely disclose personal information to other organisations unless:

  • required by law;
  • use or disclosure is permitted by this policy;
  • we believe it necessary to provide you with a product or service which you have requested or are contracted to;
  • to protect the rights, property or personal safety of any member of the public or a customer of PwC or the interests of PwC;
  • some or all of the assets or operations of PwC are or may be transferred to another party as part of the sale of some or all of PwC’s business; or
  • you give your consent.

We may also share non-personal, de-identified and aggregated information for research or promotional purposes. Except as set out in this policy, we do not sell or trade personal information to third parties, or allow such third parties to use that personal information.

Third party providers

We may transfer or disclose the personal data we collect to third party contractors, subcontractors, and/or their subsidiaries and affiliates. Third parties support us in providing its services and help provide, run and manage IT systems. Examples of third party contractors we use are providers of identity management, website hosting and management, data analysis, data backup, security and cloud storage services. The servers powering and facilitating our IT infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.

The third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by PwC, and to follow those same obligations down to their sub-processors.

Other PwC Member Firms

We may share personal data with other PwC member firms where necessary in connection with the purposes described in this privacy statement. For example, when providing professional services to a client we may share personal information with PwC Member Firms in different territories that are involved in providing advice to that client.

For details of PwC Member Firm locations, please see http://www.pwc.com/gx/en/about/office-locations.html.

Transfer of information outside Mauritius

We may transfer personal information outside Mauritius to countries whose privacy laws do not provide the same level of protection as Mauritius. PwC may also use overseas facilities or contractors to process or back-up its information or to provide certain services to PwC. As a result, we may transfer your personal information to our overseas facilities or contractors for these purposes.

However, any such transfer of information does not change any of our commitments to safeguard your privacy and the information remains subject to existing confidentiality obligations.

Privacy on our web sites

This policy also applies to any personal information we collect via our websites, including pwc.com/mu. In addition to personal information you provide to us directly (such as where you make a request or complete a registration form), PwC may also collect personal information from you via its websites.

Cookies may be used on some areas of our websites. A cookie is a small software application which allows a website to recognise a previous user and to observe how a user navigates within a website. Cookies are now used as a standard by many websites. PwC uses cookies to improve the navigational experience of visitors to our websites and to make them easier to use.

If you are concerned about cookies, most browsers now recognise when a cookie is offered and permit you to opt out of receiving it. If you are not sure whether your browser has this capability, you should check with the software manufacturer or your internet service provider. In most cases, you can refuse a cookie and still fully navigate the PwC websites.

In order to properly manage our websites, we may log certain statistics about the users of the sites, for example the users' domains and browser types. None of this information specifically identifies an individual and it is used solely to ensure that our websites present the best possible navigational experience for visitors.

Whenever a registered member (such as a PwC alumnus) logs in to our websites, they will be identified by their user name and password. The information we collect about members' use of our websites is used purely for measuring site performance and in assisting to resolve any technical difficulties.

Because PwC wants your website experience to be as informative and resourceful as possible, we provide a number of links to websites operated by third parties. PwC is not responsible for the privacy practices or policies of those sites. We encourage you to review each website's privacy policy, especially if you intend to disclose any personal information via that site. A link to another non-PwC website is not an express or implied endorsement, promotion or warranty of the products or services offered by or accessible through that site or advertised on that site.

Security of personal information

Depending on the purpose for which we have collected personal information (for example, registration for a PwC event or a request for particular information or material), we may store some of the information electronically in PwC's customer relationship management system. Some or all of this personal information may be available to partners and authorised staff of PwC for use in accordance with this policy.

PwC will endeavour to take all reasonable steps to keep secure any information which we hold about you, whether electronically or in hard-copy, and to keep this information accurate and up to date. Only authorised persons are provided access to personal information; such individuals have agreed to maintain the confidentiality of this information.

PwC aims to achieve industry best practice in the security of personal information which it holds. It is our policy to destroy personal information once there is no longer a legal or business need for us to retain it.

Access to information

We will provide confirmation as to whether we process personal data about you and will provide a copy of your personal data and provide certain other information about how and why we process your personal data, except in the limited circumstances in which it is permitted for us to withhold this information (for instance, where granting access would infringe another person's privacy).

When you make a request to access personal information, we will require you to provide some form of identification (such as a driver's licence or passport) so we can verify that you are the person to whom the information relates. In some cases we may also request an administrative fee to cover the cost of access.

If at any time you want to know what personal information we hold about you, you may contact us in writing or by email.

Corrections and concerns

If you believe that information we hold about you is incorrect or out of date, you may request for your personal data to be amended and rectified where it is inaccurate and to have incomplete personal data completed.

If you wish to have your personal information deleted, please let us know and we will take reasonable steps to delete it (unless we need to keep it for legal, auditing or internal risk management reasons).

You also have the right to object to the processing of your personal data unless we have compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of a legal claim.

Should you have concerns about how we are handling your personal information, you may please contact us and we will try to resolve those concerns.

Where we process your personal data based on consent, you have the right to modify or withdraw consent at any time.

If you are an EU citizens or resident, you also have the right to receive your personal data provided by you to us and the right to send the data to another organisation (or ask us to do so if technically feasible) where our lawful basis for processing the personal data is consent or necessity for the performance of our contract with you and the processing is carried out by automated means.

You may also request to restrict processing of your personal data:

  • for a period enabling us to verify the accuracy of personal data where you contested the accuracy of the personal data;
  • where your personal data have been unlawfully processed and you request restriction of processing instead of deletion;
  • where your personal data are no longer necessary in relation to the purposes for which they were collected and processed but the personal data is required by you to establish, exercise or defend legal claims; or
  • for a period enabling us to verify whether the legitimate grounds relied on by us override your interests where you have objected to processing based on it being necessary for the pursuit of a legitimate interest identified by us.

If PwC becomes aware of any ongoing concerns or problems concerning our privacy practices, we will take these issues seriously and work to address these concerns. If you have any further queries relating to our privacy policy, or you have a problem or complaint, please contact our Data Protection Officer.

Changes to this privacy policy

This privacy policy was last updated on Friday 31 July 2020.

PwC operates in a dynamic business environment. Over time, aspects of our business may be change as we respond to changing market conditions. We may update this privacy policy at any time by publishing an updated version here. So you know when we make changes to this privacy statement, we will amend the revision date at the bottom of this page. The new modified or amended privacy policy will apply from that revision date. Therefore, we encourage you to review this privacy policy periodically to be informed about how we are protecting your information.

PwC Privacy Commitment

Last Edited Friday 31 July 2020

Follow PwC Mauritius