Data protection information in accordance with Articles 13 and 14 of the EU General Data Protection Regulation (GDPR) relating to services by PwC

The purpose of the following data protection information is to provide you with an understandable, transparent and concise explanation of how we intend to process your personal data. However, should you require further explanations relating to data protection at PwC, please do not hesitate to contact our data protection officer at DE_Datenschutz@pwc.com or via the alternative channels specified below.

Controller

The controller within the meaning of Article 4 (7) EU General Data Protection Regulation (GDPR) which is responsible for the processing of your personal data is:

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main
Email: DE_Kontakt@pwc.com
Switchboard: +49 69 9585-0
Fax: +49 69 9585-1000

Data Protection Officer

PwC has appointed a data protection officer pursuant to Article 37 GDPR. You can contact PwC’s data protection officer, Dr Tobias Gräber, via the following channels:

E-mail: DE_Datenschutz@pwc.com
Telephone: +49 69 9585-0

Postal address:
PricewaterhouseCoopers GmbH WPG
Dr. Tobias Gräber, Datenschutzbeauftragter
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main

Betroffenenrechte/Ihre Rechte aus dem Datenschutzrecht

Sie haben gegenüber PwC folgende Rechte nach dem geltenden Datenschutzrecht hinsichtlich der Sie betreffenden personenbezogenen Daten.

PwC is required to recognise the following rights which you enjoy under the applicable data protection law with respect to your personal data.

Right of access: You may request information from PwC at any time as to whether PwC has stored your personal data and which personal data it has stored. PwC is required to provide this information to you free of charge.

The right of access does not exist or is subject to limitations if and to the extent that confidential information, such as information that is subject to professional secrecy, is disclosed.

Right to rectification: If your personal data which is stored by PwC is inaccurate or incomplete, you have the right to demand at any time that PwC rectify this.

Right to erasure: You have the right to demand that PwC erase your personal data if and to the extent that the data is no longer needed for the purposes for which it was collected or if the data is processed on the basis of your consent and you have opted to revoke your consent. In such cases, PwC must cease processing your personal data and remove that data from its IT systems and databases.

You do not have a right to erasure if

  • the data may not be deleted due to a statutory obligation or must be processed due to a statutory obligation;
  • the processing of data is necessary for the establishment, exercise or defence of legal claims.

Right to restriction of processing: You have the right to demand that PwC restrict the processing of your personal data.

Right to data portability: You have the right to receive from PwC the data provided by you in a structured, commonly used, machine-readable format as well as the right to have these data transmitted to a different controller. This right exists only if

  • you have made this data available to us on the basis of consent or an agreement entered into with you;
  • the processing is carried out by automated means.

Right to object to processing: If your data is processed by PwC on the basis of Article 6 (1) (f) GDPR, you may object at any time to processing by PwC.

You may assert any and all of the rights of data subjects described above against PwC by addressing your specific requests via the following channels:

by e-mail: DE_Datenschutz@pwc.com
by post:

PricewaterhouseCoopers GmbH WPG
Dr Tobias Gräber, Data Protection Officer
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main

Right to lodge a complaint with a data protection supervisory authority

Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data infringes data protection law.

Processing of data on the website/application and the legal basis for processing

Processing of personal data when visiting the website

a) When you visit our website, we collect the data that is technically necessary to display that website to you. This involves personal data, which is transmitted automatically by your browser to our server, including:

  • IP address
  • Date and time of your request/website (application) access
  • time zone offset from Greenwich Mean Time (GMT)
  • content of the request (information about which specific web page you visited)
  • HTTP status code
  • transferred data volume
  • website requesting access
  • browser (information about your browser)
  • operating system and interface (operating system of the computer you used to access the website or the application)
  • language and version of the browser software

Processing of such personal data is carried out on the basis of Article 6 (1) (f) GDPR. The website cannot be accessed and offered to users without using such data; there is a legitimate interest in making it technically possible to access and use the website.

The log files are stored for 14 days and then deleted.

Service provider

This website is hosted by a service provider [T-Systems International GmbH, Open Telekom Cloud, Hahnstraße 43d, D-60528 Frankfurt am Main], the data collected on our website is therefore stored on the servers of the service provider. The server locations are located in Germany and in other EU countries.

There is no data transfer to non-EU countries.

Contact form and contact by e-mail

A contact form is available on our website which you can use to submit questions to us concerning PwC, the website or other enquiries. You may also contact us by e-mail.

When you contact us via the contact form or by e-mail, the data you provide (in particular your e-mail address, your name and surname and the text of your enquiry as well as any other information you may have provided in the contact form or by e-mail) will be stored by us in order to process your enquiry and answer your questions.

We will delete the data generated by your enquiry as soon as it is no longer necessary for processing that enquiry. To the extent that the data is subject to statutory retention requirements, it will be stored for the duration of the prescribed statutory retention period.

Social Media

Our website currently contains links to the following social media providers: Facebook, Twitter, LinkedIn, YouTube, Pinterest and Instagram via the relevant social media buttons. In order to avoid unwanted transfer of your usage data (e.g., address of the currently visited page) to these services, you will only be able to access them by clicking on the link (social media button “Shariff”). The aforementioned social networks may themselves collect usage and possibly user data. We have no control over the data collected and data processing activities, nor are we aware of how much data is collected, the purposes of processing or the storage periods. Nor do we have any information on the erasure of the data collected by the plugin provider.

Therefore, the information we provide is to the best of our knowledge at the present time:

Your browser may not establish a direct connection to the servers of the aforementioned services until you click on the links. This means that the information that you have visited our website is indirectly (referrer) forwarded to these services. If you are already logged in to the service with your personal user account during your visit to our website, you can usually click on the social media buttons to “share” the content or leave a comment, etc. If you do not wish any such data transfer, we advise against clicking on the social media buttons.

The purpose and scope of data collection by social media services, as well as the further processing and use of your data there and your rights and options for setting your privacy preferences can be found in the privacy policies for these services.