Privacy statement

Last updated: 3 November 2016

PwC is committed to protecting your personal information. This statement explains how we treat information about you as an individual we collect on PwC's Tax Management Maturity Model Assessment Tool (T3M). This privacy statement may be amended from time to time. The current version will be available on T3M.

In this statement:

client refers to a client which has engaged a PwC firm to provide T3M

PwC, we and us refer to the PwC network and/or one or more of its members, each of which is a separate firm or entity (PwC firm). For further details, please see www.pwc.com/structure.

Collecting your information

When you use T3M, we collect a range of information about you, including information about how you use T3M. We also collect information about your device, browser, IP address and location.

As part of the user registration process, we collect basic information about you, either directly or from the client you represent or your firm. This includes your name, email address, and organisation. You can choose to add information to your T3M profile (which can be seen by a limited number of PwC personnel responsible for administering T3M).

If you're accessing T3M on behalf of a client, the data controller for your personal information on T3M is the PwC firm providing T3M to that client. If you're accessing T3M in connection with your role at a PwC firm, your firm is the data controller for your personal information on T3M. The term 'personal information' also refers to 'personal data'.

We don't collect sensitive personal information

We don't need or intend to collect sensitive personal information through T3M. Sensitive personal information includes information about race or ethnic origin, political opinions, religious beliefs, trade union membership, criminal records, physical or mental health, or sexual life. You should not provide any sensitive information in connection with T3M

How we use your personal information

PwC may use your personal information for a range of purposes, including:

* to authenticate your identity, to authorise access to PwC websites and systems (including preventing unauthorised access) and for other security-related purposes, including system monitoring
* to provide, operate, administer, manage and improve T3M
* to conduct quality and risk management reviews.

We won't pass your personal information to third parties to use for direct marketing.

Where we transfer and store your personal information

PwC is a global network with member firms around the world. We may transfer and disclose your personal information to other PwC member firms for any of the purposes set out in this statement. For a list of countries where PwC member firms are located, please see http://www.pwc.com/gx/en/about/office-locations.html.

As a result, your personal information may be transferred outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information. Where we collect your personal information within the EEA, transfer outside the EEA will be only to a recipient in a country which provides an adequate level of protection for personal data or under an agreement which covers the EU requirements for the transfer of personal data to data processors or data controllers outside the EEA.

PwC uses resources and servers located in various countries around the world to process your personal information. Your personal information may also be transferred to third party service providers who process information on PwC's behalf, including providers of IT and IT services such as identity management, website hosting and management, data analysis, data back-up, security and storage services. Our third party service providers may also use their own third parties (sub-processors). PwC's third party service providers and their sub-processors are bound to maintain appropriate levels of security and confidentiality and to process personal information as instructed by PwC.

PwC may disclose your personal information to law enforcement, regulatory, or other government agencies or to other third parties as required by, and in accordance with, applicable law or regulation. PwC may also review and use your personal information to determine whether this disclosure is required or permitted. PwC may also disclose log files for security-related purposes.

Exercising your rights

If you would like to exercise your rights under applicable law to obtain details of personal information PwC holds about you, or to correct that information or have it deleted, please contact the Privacy Administrator at privacy@pwc.com. PwC may charge for a request to access your personal information, if permitted under applicable law. You can also contact the Privacy Administrator at privacy@pwc.com if you have a complaint about PwC's handling of your personal information.

How long will we retain your personal information?

PwC will retain your personal information for as long as it's required for any of the purposes described above. PwC may retain your personal information longer to the extent that's required or permitted by applicable law or regulation.

Does T3M use cookies?

Yes, - see for further information.

How we protect your personal information

PwC has put in place appropriate technical and organisational security measures to protect your personal information from loss, misuse or destruction, including unauthorised or unlawful disclosure or processing of your personal information.