Given the breadth of our business, there may be circumstances where our handling of personal information differs from that described in this policy. Where this is the case, we will generally provide you with collection statements which supplement this policy, or separate privacy policies which apply in place of this policy.
If you have any further questions in relation to our privacy handling practices, please contact our Privacy Officer at firstname.lastname@example.org.
This policy relates to PwC's collection and handling of personal information that is covered by the Australian Privacy Act 1988 (Cth) (“Privacy Act”). It is not intended to cover categories of information that are not covered by the Privacy Act.
PwC collects and holds personal information from clients, customers, employees, job applicants, contractors and other individuals. We collect and hold this information for our business purposes.
The main types of personal information PwC collects and holds relate to:
the contact details and organisational roles of our actual and prospective clients, suppliers and other business contacts. Typically, this information includes names, addresses, telephone numbers, e-mail addresses and job titles;
personal information collected in the course of providing products and services to our clients (for instance financial details if we are engaged to perform financial services, or credit information);
personal information collected in relation to persons who attend seminars or other events we run, sponsor or are otherwise involved in;
personal information collected when individuals communicate with us (including via email);
personal information collected from job applicants when they apply for a job with us and individual contractors when performing a role for us (in some instances this may include sensitive information such as health information if related to the role being applied for or being performed); and
personal information collected from our employees during the course of carrying out our duties and activities as an employer (in some instances this may include sensitive information such as health information if related to the employee’s role).
We collect most personal information directly from individuals when we deal with them. The personal information we collect may be provided in forms filled out by individuals, face to face meetings, email messages, telephone conversations, when you use our websites or our social media, or by third parties. If you contact us, we may keep a record of that contact.
In some circumstances, we may take photographs or videos of individuals, such as at seminars or events we run, sponsor or are otherwise involved in.
We may also collect personal information when it is provided to us by third parties, including our clients. This may include personal information contained in materials provided to us in the course of providing products and services to our clients. When this occurs, we rely on the person providing us with that personal information having the right to do so.
Because of the nature of our business, it is generally impracticable for us to deal with individuals on an anonymous basis or through the use of a pseudonym, although sometimes this is possible (for example, when seeking staff or client feedback generally).
The main purposes for which we collect, hold and use personal information are:
to provide our products and services;
to respond to an individual's request;
to communicate, and maintain contact, with clients;
to send marketing communications (as described in the “Marketing communications” section below);
for general management and reporting purposes, such as invoicing and account management;
for recruitment purposes;
for purposes related to the employment of our personnel and providing internal products and services to our staff;
other purposes related to our business (for example, photographs or videos we take at seminars or events may be used for training and promotional purposes); and
where required or permitted by law, regulation, rule or professional standard.
If you choose not to provide us with personal information, we may be unable to do such things.
Employee records are not generally subject to the Privacy Act and therefore this policy may not apply to the handling of information about employees by PwC. For information about our practices relating to employee information, please contact us directly.
We may collect, hold and use personal information about individuals to send marketing communications to them, including keeping clients and other contacts informed of industry developments, and products and services (including seminars and other events) that we believe may be of interest to them. These communications may be sent in various ways, including by email or other electronic means.
We are currently in the process of changing the way in which we manage permissions for our marketing communications. Like many organisations, and as is permitted under relevant laws, we often rely upon the implied consent of individuals to send them marketing communications. In the future, however, we intend to generally seek express consent from individuals to do so. There may still be limited circumstances in which we rely on implied consent, however, such as where it is impractical to seek express consent but we believe the individual would still wish to receive marketing messages from us.
Individuals always have the opportunity to elect not to receive further marketing communications from us. The opt out options include, amongst others, an unsubscribe option in the marketing communication, and writing to The National Privacy Office, PwC, GPO Box 1331, Melbourne VIC 3001, or by emailing us at email@example.com. In cases of written requests please allow 28 days for your request to be processed.
In addition, you may be given the ability to unsubscribe from all marketing communications from PwC firms globally. Doing so will also unsubscribe you from marketing communications from us.
If you do not consent to receive, or unsubscribe from receiving, marketing communications from us, we may still contact you for the other purposes described in the “Use of personal information” section above.
PwC does not routinely disclose personal information to other organisations unless:
use or disclosure is permitted by this policy;
we believe it is necessary to do so in connection with a product or service we are providing (or, in the case of a partner, employee or contractor of PwC, it is necessary for maintaining or related to your role at PwC);
to protect the rights, property or personal safety of any member of the public or a customer of PwC or the interests of PwC;
some or all of the assets or operations of PwC are or may be transferred to another party as part of the sale of some or all of PwC's business;
you give your consent; or
such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.
We may also share non-personal or de-identified information for research or promotional purposes. We do not sell personal information to third parties.
PwC uses a range of third party providers to help us maximise the quality and efficiency of our services and our business operations (including internal business requirements, such as recruitment and human capital requirements). This means that individuals and organisations outside of PwC will sometimes have access to personal information held by us and may collect or use it from or on behalf of PwC. This may include, but is not limited to, independent contractors and consultants, travel service providers, mail houses, off-site security storage providers, information technology providers, event managers, credit managers and debt collecting agencies.
If you are employed by PwC and you obtain products or services offered by a third party pursuant to an agreement or arrangement between that third party and PwC, such as a credit card provider, we may provide your personal information to that third party, including information that relates to your use of such products and services.
In addition to disclosures permitted under this policy, we may disclose your personal information to other PwC firms within the PwC global network (PwC Network Firms). In part, this is because we use common systems with those PwC Network Firms. For a list of where the PwC Network Firms are located, see PwC office locations.
We may also use overseas facilities or contractors to process, store or backup our information or to provide certain products or services to us.
We take care to ensure that PwC Network Firms and other third parties outside Australia to whom we disclose personal information are subject to appropriate restrictions on their handling of that personal information. Due to differences in foreign laws and the global nature of some arrangements in place for the PwC global network, however, these restrictions may not be substantially similar to those required under the Australian Privacy Principles, and the Privacy Act (including mechanisms entitling you to seek redress) may not apply.
Any such disclosure of personal information does not change any of our commitments to safeguard your privacy, and the information remains subject to any existing confidentiality obligations.
This policy also applies to any personal information we collect via our websites, including pwc.com.au, and applications including mobile applications, in addition to personal information you provide to us directly - such as where you make a request or complete a registration form.
In order to properly manage our websites and applications, we may log certain statistics about the users of the facilities, for example the users' domains and browser types. None of this information specifically identifies an individual and it is used solely to ensure that our websites and applications provide the best possible navigational experience for users.
We may also use other technologies, such as web beacons, to monitor users of the PwC website. These help us gain an understanding of how PwC websites are being used.
If you have registered an account with us, you will be identified by a user name and password when you log into our website or applications. The information we collect about members' use of our websites may be used for measuring use and performance and in assisting to resolve any technical difficulties.
PwC will endeavour to take all reasonable steps to keep secure any information which we hold about you, whether electronically or in hard-copy, and to keep this information accurate and up to date. We also require our employees and data processors to respect the confidentiality of any personal information held by PwC.
PwC aims to achieve industry best practice in the security of personal information which it holds.
We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information (for instance, where granting access would infringe another person's privacy).
When you make a request to access personal information, we will require you to provide some form of identification (such as a driver's licence or passport) so we can verify that you are the person to whom the information relates. In some cases we may also request an administrative fee to cover the cost of access.
If at any time you want to know what personal information we hold about you, you may contact us by writing to: The National Privacy Office, PwC, GPO Box 1331, Melbourne VIC 3001, or emailing us at firstname.lastname@example.org.
If you believe that information we hold about you is incorrect or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve those concerns.
General enquiries, PwC Australia
Tel: +61 2 8266 0000