Privacy Statement

Introduction

This clarification text provides information about how and to what purpose personal data is processed by PwC Turkey; the laws, policies and procedures considered during data processing; and the rights of individuals regarding their personal data. This statement is valid for all information provided by individuals themselves or by others to PwC Turkey.

 “PwC Turkey”[1] means PwC member firms[2] established in Turkey; PwC Turkey’s partners, authorized representatives and employees; subsidiaries and affiliates. Each firm in the PwC network is a separate legal entity. For detailed information on PwC member firms please check :https://www.pwc.com/gx/en/about/office-locations.html

Personal data is any information relating to an identified or identifiable living person. PwC Turkey processes personal data for the purposes articulated in the clarification text, and the lawful basis for means of collecting, transfer, processing and which data is processed is again ascertained by this clarification text.

When collecting and using personal data, PwC Turkey’s policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, see the relevant parts of this statement.

[1]
“PwC Bağımsız  Denetim ve Serbest Muhasebeseci Mali Müşavirlik A.Ş,”  (PwC SMMM)
“PwC Yeminli Mali Müşavirlik A.Ş.” (PwC YMM)
“PwC Danışmanlık Hizmetleri A.Ş,”  (PwC Danışmanlık)
“PwC Yönetim Danışmanlığı A.Ş,”  (PwC Yönetim Danışmanlığı)

“PwC Serbest Muhasebeci Mali  Müşavirlik Limited Şirketi (PwC SMMM Ltd.)

[2]
"PricewaterhouseCoopers is a worldwide network of individual partnerships and companies. The institutions that carry out businesses under the name "PricewaterhouseCoopers", and all PricewaterhouseCoopers entities including shareholders, members and employees of the relevant institutions, will be referred to as “PwC Member Firms”.

Security

PwC Turkey pays great attention to the security of the data it keeps. PwC Turkey adhere to internationally recognized security standards and our information security management system relating to client confidential data is independently certified as complying with the requirements of ISO/IEC 27001: 2013. PwC Turkey has policies, procedures and training in place for data protection, and regularly review the appropriateness of the measures it has in place to keep the data it holds secure.

PwC Turkey Information Security Policy aims to protect information assets from internal or external threats whether deliberate or accidental, such that:

• Data subject rights are respected

• Confidentiality of information is maintained

• Integrity of information can be relied upon

• Information is available when the business needs it

• Relevant statutory, regulatory, and contractual obligations are met

• The PwC brand is protected

• Continual improvement of Information Security Management System is ensured

PwC Turkey only shares data in compliance with the purposes specified in this clarification text with the third parties when it’s legally allowed and under agreed upon conditions. When PwC Turkey shares data with third parties it makes binding contracts to protect the data and ensure compliance with data protection, privacy and security, and takes all necessary administrative and technical measures.

PwC Turkey obtains support from domestic or foreign professional service providers to improve its effectiveness and productivity while carrying out its services and businesses. So, personal data is transferred outside of the countries which PwC Turkey and its clients are located in. It also includes non-European Union (EU) countries and countries that do not have specific laws for personal data protection. PwC Turkey provides proper protection of personal data and conducts lawful transfer of personal data abroad.

PwC Turkey may transfer personal data, except any data relating to health and sexual life to the persons, entities and institutions below in compliance with this policy:

1. Other PwC Member Firms

To see the countries where PwC Member Firms are located, please refer to this link.

• PwC share personal data with PwC Member Firms when this is necessary to carry out administrative tasks or provide professional services to clients (e.g. advisory received from PwC Member Firms in various countries during service provision).

• PwC Turkey also makes use of other PwC member companies’ resources for information technology (IT) support and service.

•  Other PwC member companies utilize the data of PwC Turkey’s contacts to gather information about a client or opportunity they are interested in within the scope of client services that can be given (see the “Potential and existing clients or others related to them” part of this document to learn about processing this type of data).

2. Professional institutions that provide application/function, data protection or BT services to PwC Turkey

PwC Turkey obtains support from professional service providers for the provision of its services and executing and managing its intercompany IT systems. Among these services are using IT providers, cloud-based software as service providers, ID management, website hosting and management, data analysis, data back-up, security and retention services. Servers of professional service providers that PwC Turkey receive from allow and make it possible to keep data in safe data centres around the world and to store personal data in any of these centres thanks to cloud infrastructure. See below for detailed information about these service providers from the there.3. Service providers supporting goods, service or information provision in various ways

In some client commitments PwC Turkey work with other service providers to provide professional services to clients.

 4. Clients

When PwC Turkey needs to process personal data to provide professional services to clients and for fulfilment of the agreement between them it process personal data of clients and also in the scope of  the relevant services  share it with clients  in the deliverables it prepares (e.g., draft and final reports).

 5. Auditors, insurance companies and other professional consultants

PwC Turkey firms are engaged in data sharing with independent auditors which includes personal data as well under the legislation they have to comply with. In the scope of PwC Turkey insurance policies currently in force, PwC need to share personal data should there be any third party claim to indemnification.

PwC Turkey also cooperates with other professional consultants (e.g., law firms) to establish, use or protect its legal rights and to obtain advisory regarding managing the company. Personal data will be shared with these consultants as long as the data is related to the services they commit to provide.

6. Other third parties with whom sharing personal data is compulsory as per legal offices, administrative offices, other official institutions, regulatory institutions and laws and regulations in effect

When PwC Turkey encounters parties with authority to obtain disclosure of personal data, such as to check that PwC Turkey are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights, it will only carry out requests concerning personal data where the law or regulation in effect authorizes PwC Turkey to do so.

Changes to this privacy statement

This privacy statement was last updated on June 2020 and will be updated in regular basis.

Follow us