Site Search Site Search

Menu

Qui sommes-nous ?

Menu

Où nous trouver ?

Featured

#LetsgoFrance

Vivatech

Loading Results

Privacy statement

Introduction

Each French entity of the PwC worldwide Network of firms (“PwC”, “we”, “us”, or “our”, or each one of these entities acting independently and distinctly from the other ones) is strongly committed to protecting personal data.

Personal data refers to any information relating to an identified or identifiable individual. As this definition is quite extensive, any data that can be used to identify an individual (such as a person's first and last name) is considered personal, as is any information that can be used, even indirectly, to identify that individual (such as an IP address).

This privacy statement describes the reasons (why?) and the means (how?) we collect and use personal data and provides information to persons whose personal data is processed ("Data Subjects"), as well as their rights, whoever they may be (clients, prospective clients, suppliers, partners, members of staff, candidates, etc.).  It applies to personal data provided to us either directly by Data Subjects or indirectly by third parties. We shall use personal data provided to us only for any of the purposes described in this privacy statement or as otherwise stated at the point of collection.

PwC processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ. 

When collecting and using personal data, our policy is to be transparent about why and how we process personal data.  To find out more about our specific processing activities, please go to the relevant sections of this statement.  

Our processing activities

Business contacts Corporate clients (and individuals associated with our corporate clients) Personal clients Individuals who use our applications Individuals whose personal data we obtain in connection with providing professional services to our clients Others who get in touch with us Partners and staff Recruitment applicants Suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) Cloud services providers Visitors to our offices Visitors to our websites

To find out more please go to the sections of this statement - as set out below.

Security

We take very seriously the security of all the data we hold. We have a framework of policies, procedures and training in place covering data protection, confidentiality and security and we regularly review the appropriateness of the measures we have in place to keep the data we hold secure. The nature of PwC's activities and the membership of PwC worldwide Network of firms (“the PwC Network”) require compliance with several security norms and standards, in particular the rules defined in the PwC Information Security Policy (ISP), aligned with the Requirements defined in the ISO 27001 standard and on the security measures detailed in the ISO 27002 standard.

When and how we share personal data and locations of processing

We only share personal data in accordance with the applicable regulations, and in particular the European Regulation No. 2016/679 known as the General Data Protection Regulation (“GDPR”) (the “Regulation”). When we share data with a third party, we make sure to put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards.

We are part of a global network of separate legal entities and in common with other professional service providers, we regularly use third parties located in other countries to help us run our business.  As a result, personal data may be transferred outside the countries where we and our clients are located.  This includes countries outside the European Economic Area (“EEA”) including countries inside the European Union (“EU”), Iceland, Liechtenstein, and Norway and/or to countries that do not have laws that provide specific protection for personal data. We have taken steps to ensure all personal data is provided with adequate protection and that all transfers of personal data outside the EU are done lawfully.

Where we transfer personal data outside of the EEA, to a country not determined by the European Commission as providing an adequate level of protection for personal data, the transfers will be operated under an agreement which covers the EU requirements for the transfer of personal data outside the EU, such as the European Commission approved standard contractual clauses.  The European Commission approved standard contractual clauses are available [here*].

Personal data held by us may be transferred to:

  • Other PwC member firms of the PwC Network
    For more details on our member firms location, please [click here]. Please be aware that we may share personal data with other members of the PwC Network when it is necessary to provide services to our clients (in particular when we provide services to our clients that involve the use of IT advice or solutions from other members of the PwC Network located in different countries), or for administrative or business development purposes.
    During our business, we also use other entities in the PwC Network as internal IT service providers to the PwC Network who provide services for the operation, security, hosting, maintenance and servicing of IT systems and applications used by PwC Network entities. These include PwC IT Services Ltd. based in the United Kingdom (UK).
  • Third party organisations that provide applications/functionality, data processing or IT services to us
    We use third parties to support us in providing our services and to help provide, run, and manage our internal IT systems. For example, providers of information technology, cloud-based software as a service provider, identity management, website hosting and management, data analysis, data back-up, security, and storage services. The servers powering and facilitating that cloud infrastructure are in secure data centers, and personal data may be stored in any one of them - in accordance with the principles hereby stated.
  • Third party organisations that otherwise assist us in providing goods, services or consultancy services
    On certain client engagements, we may engage or otherwise work with other providers to help us provide professional services to our clients.
  • Our clients
    When we need to process personal data to provide professional services to our clients, we may share some of their personal data, particularly in our deliverables.
  • Our auditors, lawyers, insurers
    We may need to share personal data with our statutory auditors as part of their work of certifying the annual accounts, and with our insurers and law firms, in particular in connection with claims management and/or legal advice, where necessary.
  • Law enforcement or other government and regulatory agencies or other third parties as required by, and in accordance with, applicable law or regulation
    We may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights. These requests for personal data will be fulfilled in accordance with applicable law or regulation.
  • Acquirers, sellers and advisers in connection with business sales, contributions/mergers and acquisitions
    We may communicate personal data in the context of business sales, contributions/mergers and acquisitions to buyers, sellers, beneficiaries of contributions/mergers, and to any other advisers involved in the said transaction.

Changes to this privacy statement

To ensure transparency we keep this privacy statement under regular review.

This privacy statement was last updated on November 10, 2023.

Data controller and contact information

Each French member firms of PwC international Network is a data controller when it determines the purposes and means of any processing of personal data.

If you have any questions about this privacy statement or how and why we process personal data, please contact us at:

Data Protection Officer
[Name of the PwC French entity concerned by the processing(s) of personal data]
61/63 rue de Villiers
92208 Neuilly-sur-Seine Cedex
France

Form to exercise your rights

Individuals’ rights and how to exercise them

Individuals have certain rights over their personal data and data controllers are responsible for fulfilling these rights, in accordance with applicable regulations. If you wish to exercise one of these rights, please send us your request using the contact form. We will respond to all requests within the legally stipulated deadlines.

Access to personal data

You have a right of access to personal data held by us as a data controller. We may charge for a request for access in accordance with applicable law.

Rectification / Amendment of personal data

You may obtain rectification of your personal data where errors, inaccuracies, or the presence of data whose collection, use, communication, or storage is prohibited have been detected. We will rectify such data based on written information provided by you. 

As part of a recruitment process, you may also contact us, where appropriate, via the recruitment site page or modify your application directly on the recruitment platform on which you have registered.

Right to erasure You may request the deletion of your personal data under certain conditions laid down by the applicable regulations. In particular, this right must not conflict with: 

  • compliance with a legal obligation; or 
  • the establishment, exercise or defence of legal claims.

Right to restrict processing

You have the right, under certain conditions laid down by the applicable regulations, to request a temporary freeze on the use of certain of your data. For example, you may request the restriction of processing for a period to allow us to verify the accuracy of your personal data where you have challenged its accuracy.

Right to object to processing

You have the right to object to your data being used for a specific purpose. You must put forward "reasons relating to your particular situation", except in the case of commercial canvassing, to which you may object without giving any reason.

Withdrawal of consent

Where we process personal data based on consent, Data Subjects have the right to withdraw their consent at any time. If you no longer wish to receive emails from PwC, please click on the unsubscribe link in the email that we have provided to you.

Complaints

If you do want to complain about our use of your personal data, you can send us the details of your claim by filling in the following form.

If you believe that the processing of your personal data breaches data protection regulations, you have the right to lodge a complaint with the CNIL or the competent data protection supervisory authority: link.

Follow us
Vos enjeux Votre secteur Expertises Solutions digitales Qui sommes-nous ? Carrières

© 2012 - 2025 PwC. PricewaterhouseCoopers France et Maghreb. Tous droits réservés "PwC" fait référence au réseau PwC et/ou à une ou plusieurs de ses entités membres, dont chacune constitue une entité juridique distincte. Pour plus d'information, rendez-vous sur le site www.pwc.com/structure