This privacy statement was effective in Jun 2018.
1. Introduction
1.1 PricewaterhouseCoopers ("PwC", "we", "us", or "our") is strongly committed to protecting personal data. For meaning of terms used in this privacy statement, please refer to the Definitions Section. This privacy statement describes why and how we collect and use personal data in this Site, and also provides information about individual's rights in relation to the use of this Site.
1.2 The Data Controllers of this Site are one or more of the Member Firms, either alone or jointly or in common determines the purposes and means of processing of personal data. With respect to this Site, the Data Controller for personal data is PricewaterhouseCoopers Limited, the PwC Member Firm operating this Site.
1.3 As noted above, each Member Firm in the PwC network is a separate legal entity. For further details, please see www.pwc.com/structure.
1.4 This privacy statement applies to personal data provided to us, either by you or by others (such as your employer). When collecting and using personal data our policy is to only collect what we need and to be transparent about why and how we process personal data. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.
1.5 By using this Site and providing personal information to us, you acknowledge you have read this privacy statement, and, to the extent your consent is necessary and valid under applicable law, you consent to the collection, use and disclosure of such personal information by PwC and any third party recipients in accordance with this privacy statement.
2. Definitions
2.1 In this privacy statement, we use the following terms:
2.1.1 This Site refers to Digital Maker Website. Digital Maker is a suite of solution run on DevOps and agile development for users to develop apps with minimal input of codes so that IT resources and development time can be reduced. Its core functions can be extended to data conversion with high data fidelity and enterprise search.
2.1.2 Personal data or personal information refers to any information or data (in a form in which access to or processing is practicable) relating directly or indirectly to a living or natural individual from which independently or in combination with other information it is practicable for the identity of the individual to be directly or indirectly ascertained or for the activity of the natural person to be directly or indirectly ascertained.
2.1.3 Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, transferring, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. We process personal data in this Application for numerous purposes, as set out below.
2.1.4 PwC, we, us and our refer to the PwC network and/or one or more of its member firms. Each member firm in the PwC network is a separate legal entity (PwC firm). For further details, please see www.pwc.com/structure. For a list of countries and regions where PwC firms are located, please see http://www.pwc.com/gx/en/about/office-locations.html.
3. Collection of personal data
3.1 PwC may collect information about you in various ways, but generally only where you specifically and voluntarily provide it to PwC. For example, you may provide information to PwC in:
3.1.1 registering for access to this Site; and/or
3.1.2 contacting PwC with queries.
3.2 To use this Site, we will collect personal data as described below:
3.2.1 Name
3.2.2 Email address
3.2.3 Contact number
3.3 PwC may also collect information about you when you use this Site, for example, logs of your activities on the site (for example, when you signed in and signed out, when upload or view a document, or when you post comments); logs and text you post in a comment, or logs showing what information you shared information, etc.).
3.4 You may choose to provide additional information when you use this Site, including any content you contribute.
3.5 We do not need or intend to collect sensitive personal information about you through this Site and no sensitive personal information is required for this Application to operate. Sensitive personal information include race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and criminal records. We ask that you not provide sensitive information of this nature about yourself or anyone else.
3.6 If you choose to provide sensitive information about yourself to us for any reason, the act of doing so constitutes your explicit consent, where such consent is necessary and valid under applicable law, for us to collect and use that information in the ways described in this privacy statement or as described at the point where you choose to disclose this information.
4. Use of personal data
4.1 When you provide personal information to us, we may use it for any of the purposes described in this Privacy Statement, as stated at the point of collection, or as obvious from the context of collection, including:
4.1.1 Providing service to you (upon your request);
4.1.2 To analyse performance and use of this Site for improvement purpose;
4.1.3 Administering, managing and developing our business and services;
4.1.4 Security, quality and risk management activities; and/or
4.1.5 Complying with any requirements of law, regulation or a professional body of which we are a member
5. Security
5.1 We take the security of all of the data we hold seriously. We have a framework of policies, procedures, and training in place covering data protection, confidentiality and security. We also have appropriate technical and organisational security measures in place to protect confidential information, including personal information about you, from loss, misuse or destruction, including unauthorised, accidental or unlawful disclosure or processing of your personal information. Our security procedures are monitored regularly and updated in line with technical progress.
5.2 Note that the transmission of data over the internet (including by e-mail) is never completely secure. Although we endeavor to protect personal data by using appropriate security measures once we have received it, but we cannot guarantee the security of data when it is transmitted to us by you or to you by us.
6. Cookies
6.1 Information about cookies used on this Site is available in the Cookie Statement. If you are concerned about cookies, most browsers permit individuals to decline cookies. In most cases, a user may refuse a cookie and still use this Site; however, other functionality may be impaired. After termination of the use, you can always delete the cookie from your system if you wish.
7. When and how we share personal data and locations of processing
7.1 We will only share personal data with others when we are legally permitted to do so. When we transfer or share personal data, in order to protect the data, we put contractual arrangements and security mechanisms in place that comply with our data protection, confidentiality and security standards,
7.2 PwC is a global network with member firms around the world. Your personal information may be transferred and disclosed to PwC firms in connection with any purpose for which PwC may use it legitimately. For a list of countries and regions where PwC firms are located, please see http://www.pwc.com/gx/en/office-locations/index.jhtml.
7.3 As a result, your personal information may be transferred and stored outside the country where you are located. This includes countries and regions outside the European Economic Area (EEA) and countries or regions that do not have laws that provide specific protection for personal information.
7.4 Personal data held by us may be transferred to, processed by and stored with, the following classes of transferees/ categories of recipients:
7.4.1 Other PwC member firms
We may share personal data with other PwC member firms where necessary to provide services to our clients (e.g. when providing services involving advice from PwC member firms in different territories) and our business contacts may be visible to and used by PwC users from multiple PwC member firms. For a list of countries and regions where PwC firms are located, please see http://www.pwc.com/gx/en/about/office-locations.html.
7.4.2 Third party organisations that provide applications/functionality, data processing or IT services to us
In common with most service providers, we use third parties to support us in providing our services and to help provide, run and manage our internal IT systems. For example, providers of information technology, cloud-based software as a service providers, identity management, website hosting and management, data analysis, data back-up, security and storage services. The servers powering and facilitating that cloud infrastructure are located in secure data centres around the world, and client data may be stored in any one of them.
The third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by PwC, and to flow those same obligations down to their sub-processors.
7.4.3 Other disclosures
7.4.3.1 We may also disclose personal information to other third parties under the following circumstances:
• Where we have engaged the third party specifically to assist with our firm's activities;
• when explicitly requested by you;
• when required to deliver information (including publications or reference materials) as requested by you;
• for regulatory compliance purposes; and/or
• as otherwise set out in this Privacy Statement.
7.4.3.2 We may also disclose your personal information to law enforcement, regulatory and other government agencies, and to professional bodies and other third parties, as required by and/or in accordance with applicable law or regulation.
7.4.4 International transfers
As PwC is a global network with member Firms and third Party service providers will locate around the world, personal data collected may be transferred to and stored outside the country or region. This includes disclosures outside the country or region you are located. PwC may also review and use your personal information to determine whether disclosure is required or permitted.
8. Retention of personal data
8.1 We retain personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). We may, however, agree specific retention periods with our clients for personal data obtained in connection with providing services to those clients.
8.2 Personal data may be held for longer periods where extended retention periods are required by law or regulation and in order to establish, exercise or defend our legal rights.
9. Individuals' rights and how to exercise them
9.1 You may have certain rights under applicable law in relation to the personal information we hold about you.
9.2 Unless there are exception in applicable law, you may have certain rights in relation to the personal information we hold about you, including the following:
9.2.1 request a copy of personal information we hold about you;
9.2.2 ask that we update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete; and/or
9.2.3 withdraw your consent to our processing of your personal information (to the extent such processing is based on consent and consent is the only permissible basis for processing).
9.3 If you are physically located in the EEA (i.e. member states of the European Union plus Iceland, Liechtenstein, Norway and Switzerland), you may be entitled to additional rights.
9.3.1 ask that we delete personal information that we hold about you;
9.3.2 restrict or object to our processing of your personal information; and/or
9.3.3 request a copy or transfer of your data (data portability)
9.4 If you would like to exercise these rights or understand if these rights apply to you, please contact us as set forth below. We will process any requests in accordance with applicable law and within a reasonable period of time. Please note that in some cases, especially if you wish us to delete or cease the processing of your personal data, we may no longer be able to continue to provide our products or services to you. We may charge for a request to access your information, if permitted by applicable law.
10. Contact information
10.1 If you have any questions about this privacy statement or the way your personal information is processed, or would like to exercise one of your rights set out above under applicable law, please contact to our Digital Maker Account Manager at DigitalMakerSupport@hk.pwc.com.
11. Modifications
11.1 We may update this privacy statement at any time by publishing an updated version here. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to review this privacy statement periodically to be informed about how we are protecting your information.