This privacy statement provides information about how and to what purpose personal data is processed by PwC Turkey; the laws, policies and procedures considered during data processing; and the rights of individuals regarding their personal data. This statement is valid for all information provided by individuals themselves or by others to PwC Turkey. PwC Turkey may process personal data provided to it for the purposes specified in the Privacy Statement herein or during data collection.
“PwC Turkey” means PwC member firms established in Turkey; PwC Turkey’s partners, authorised representatives and employees; subsidiaries and affiliates; and subsidiaries that (1) is a contracting party for the purposes of providing or receiving services, (2) posted a position for which you are applying, or (3) you have a role or relationship with. Each firm in the PwC network is a separate legal entity and may be the personal data controller or data processor as per the qualities of the data processing activity.
For more information on PwC firms: https://www.pwc.com/gx/en/about/office-locations.html
Personal data is any information relating to an identified or identifiable living person. PwC Turkey processes personal data for numerous purposes, and the means of collecting, lawful basis of processing, use, disclosure, and retention periods for each purpose may differ.
When collectiong and using personal data, PwC Turkey’s policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, see the relevant parts of this statement.
PwC Bağımsız Denetim ve Serbest Muhasebeseci Mali Müşavirlik A.Ş,” (PwC SMMM)
“PwC Yeminli Mali Müşavirlik A.Ş.” (PwC YMM)
“PwC Danışmanlık Hizmetleri A.Ş,” (PwC Danışmanlık)
“PwC Yönetim Danışmanlığı A.Ş,” (PwC Yönetim Danışmanlığı)
“PwC İş Danışmanlığı A.Ş,” (PwC İş Danışmanlığı)
PricewaterhouseCoopers is a worldwide network of individual partnerships and companies. The institutions that carry out businesses under the name "PricewaterhouseCoopers", and all PricewaterhouseCoopers entities including shareholders, members and employees of the relevant institutions, will be referred to as “PwC Member Firms”.
PwC Turkey pays great attention to the security of the data it keeps. PwC Turkey adhere to internationally recognised security standards and our information security management system relating to client confidential data is independently certified as complying with the requirements of ISO/IEC 27001: 2013. PwC Turkey has policies, procedures and training in place for data protection, and regularly review the appropriateness of the measures it has in place to keep the data it holds secure.
PwC Turkey only shares data with third parties when it’s legally allowed and under agreed upon conditions. When PwC Turkey shares data with third parties it makes binding contracts to protect the data and ensure compliance with data protection, privacy and security, and takes all necessary administrative and technical measures.
PwC Turkey obtains support from domestic or foreign professional service providers to improve its effectiveness and productivity while carrying out its services and businesses. So, personal data transferred outside of the country PwC Turkey and its clients are located in under the conditions defined below.
It also includes non-European Union (EU) countries and countries that do not have specific laws for personal data protection. PwC Turkey took all measures required to ensure proper protection of personal data and lawful transfer of personal data abroad.
PwC Turkey may transfer personal data, except any data relating to health and sexual life, within the scope of purposes stated below and to the persons, entities and institutions below:
1. Other PwC Member Firms
To see the countries where PwC Member Firms are located, please refer to this link.
Other PwC member companies utilise the data of PwC Turkey’s contacts to gather information about a client or opportunity they are interested in within the scope of client services that can be given (see the “Potential and existing clients or others related to them” part of this document to learn about processing this type of data).
2. Professional institutions that provide application/function, data protection or BT services to PwC Turkey
PwC Turkey obtains support from professional service providers for the provision of its services and executing and managing its intercompany IT systems. Among these services are using IT providers, cloud-based software as service providers, ID management,
website hosting and management, data analysis, data back-up, security and retention services. Servers of professional service providers that PwC Turkey receive from allow and make it possible to keep data in safe data centres around the world and to store personal data in any of these centres thanks to cloud infrastructure. See below for detailed information about these service providers:
|Google Ireland Limited||Business apps (e.g., e-mail, documents and calendar)||
Gordon House, Barrow Street, Dublin 4, Dublin, D04 E5W5
Data centres in various locations around the world (EU, Chile, Singapore, Taiwan, USA)
|Iron Mountain Arşivleme Hizmetleri A.Ş.||Document storage||Nispetiye Cad. Akmerkez B3 Blok Kat:11 Etiler Beşiktaş İstanbul Turkey|
|Microsoft Limited||Azure cloud services||Microsoft Campus, Thames Valley Park, Reading, RG6 1WG, England|
|Salesforce||Customer relations management systems||Salesforce.com Sàrl, route de la Longeraie 9, 1110 Morges Switzerland|
|Workday Limited||Human resources management system||Kings Building May Lane Dublin 7 Dublin, Ireland|
3. Service providers supporting goods, service or information provision in various ways
In some client commitments PwC Turkey work with other service providers to provide professional services to clients.
When PwC Turkey needs to process personal data to provide professional services to clients and for fulfilment of the agreement between them it process personal data of clients and also in the scope of the relevant services share it with clients in the deliverables it prepares (e.g., draft and final reports).
5. Auditors, insurance companies and other professional consultants
The independent auditor of PwC Bağımsız Denetim ve Serbest Muhasebeseci Mali Müşavirlik A.Ş. is CC Bağımsız Denetim AŞ, resident at Şerifali Mah.Çetin Cad. Kızkalesi Sok. Elite Plaza No:1A K:2 D:10 D:49 Ümraniye İstanbul. In the scope of PwC Turkey insurance policies currently in force, PwC need to share personal data should there be any third party claim to indemnification.
PwC Turkey also cooperates with other professional consultants (e.g., law firms) to establish, use or protect its legal rights and to obtain advisory regarding managing the company. Personal data will be shared with these consultants as long as the data is related to the services they commit to provide.
6. Other third parties with whom sharing personal data is compulsory as per legal offices, administrative offices, other official institutions, regulatory institutions and laws and regulations in effect
When PwC Turkey encounters parties with authority to obtain disclosure of personal data, such as to check that PwC Turkey are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights, it will only carry out requests concerning personal data where the law or regulation in effect authorises PwC Turkey to do so.
This privacy statement was last updated on July 2019 and will be updated in regular basis.