This Privacy Notice explains what Personal Information we, Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee with registered office at 1 New Street Square, London, United Kingdom, EC4A 3HQ (“DTTL”, also known as “Deloitte Global”), collects about you, what we use it for, who we share it with and how we protect it. It also sets out your rights and who you can contact for more information or queries.
When used in this Privacy Notice, “we”, “us” and “our” refer to Deloitte Global. In this Privacy Notice, information about you, which may be referred to as personal data in some jurisdictions, is referred to as “Personal Information”. Personal Information refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual.
We may also sometimes collectively refer to handling, collecting, protecting, and storing your Personal Information as “processing” such Personal Information.
As used in this Privacy Notice, "Deloitte Network" refers to one or more of Deloitte Global, its network of member firms and their related entities. DTTL and each of its member firms are legally separate and independent entities. Please see www.deloitte.com/about for a detailed description of the legal structure of DTTL and its member firms.
Deloitte.com includes webpages provided by other DTTL member firms or their related entities, which are designated according to the geography identified in the upper right-hand corner of the webpage. These webpages are provided by the designated entities and are not the responsibility of DTTL. Such webpages, as well as other websites that may be linked to the Website, are not governed by this Privacy Notice. We encourage you to review the applicable privacy notices on those webpages, which will inform you about who the related controller is and provide further information with respect to its processing of your Personal Information.
We may collect and process your data because:
i. you give it to us (for example, (1) through the webpages of this website or any other website or application of Deloitte Global which links to this Privacy Notice (collectively referred to as the “Website”), or (2) through any other mode of interacting with you relating to Deloitte communications, such as online or offline newsletters and magazines, that reference this Privacy Notice or link thereto (“Communication”));
ii. other people give it to us (for example, other entities of the Deloitte Network or third- party service providers that we use to help operate our business); or
iii. it is publicly available.
When other entities of the Deloitte Network or other third-parties give us Personal Information about you, we make sure they have complied with the relevant privacy laws and regulations. This may include, for example, that it has informed you of the processing, and has obtained any applicable and necessary permission for us to process that information as described in this Privacy Notice.
The Personal Information we process may include your: name; current job title; company name; (professional) e-mail address, country of residence, telephone and fax number(s), physical address(es); business & industry interests; gender; date of birth; marital status; employment and education details (such as learning history, work experience and skills); CV; geolocation; certificate or license number; account number; photograph, video or audio recording identifiable to an individual; your postings on any blogs, forums, wikis and any other social media applications that we provide; your IP address; your browser type and language; your access times; complaint details; correspondence with you; the newsletters you subscribe to; information relevant for entities of the Deloitte Network to provide services to you; details of how you use Deloitte products or services, details of how you like to interact with us, and other similar information relevant to our relationship, information we collect when you access our premises; and any other information that you voluntarily provide to us. We may also collect or obtain Personal Information from you because of the way you interact with us or others.
Where we do not usually seek to collect ‘sensitive’ or ‘special categories’ of Personal Information (e.g., data relating to race or ethnic origin, religious or philosophical beliefs, trade union membership, political opinions, medical or health conditions, or information specifying the sex life or sexual orientation of an individual), the Personal Information we collect may include so called ‘sensitive’ or ‘special categories’ of Personal Information, such as details about your:
We will only process these special categories of Personal Information when we are required to do so as a result of legal requirements imposed on us or after obtaining your explicit consent.
If you choose not to provide, or – where applicable - object to us processing the information we collect (see section “Your rights” below), we may not be able to process your instructions or provide you tailored communication, service, or assistance.
We understand the importance of protecting children's privacy. Our Website is not designed for, or intentionally targeted at, children. It is not our policy to intentionally collect or store information about children.
We may use your Personal Information for the purposes of, or in connection with:
We are required by law to set out in this Privacy Notice the legal grounds on which we rely in order to process your Personal Information. We rely on one or more of the following lawful grounds when we use your Personal Information for the purposes outlined above:
To the extent that we process any sensitive Personal Information relating to you for any of the purposes outlined above, we will do so because either: (i) you have given us your explicit consent to process that data; (ii) we are required by law to process that data, (iii) the processing is necessary for the establishment, exercise or defense of legal claims or (iv) you have made the data manifestly public.
Please note that in certain circumstances it may be still lawful for us to continue processing your information for separate purposes even where you have withdrawn your consent, if one of the other legal bases described above is applicable.
We and other members of the Deloitte Network may use your information from time to time to inform you by letter, telephone, email and/or other electronic methods about products and services (including those of third parties) that may be of interest to you. Where we are legally required to obtain your consent to provide you with certain marketing materials, we will only provide you with such marketing materials where we have obtained such consent from you.
You may, at any time, ask us not to send marketing information to you by following the unsubscribe instructions in Communications from us, or contacting us by using the “Contact information” section below.
In connection with one or more of the purposes outlined in the “Information use” section above, we may disclose details about you to: other members of the Deloitte Network for legitimate business-related purposes; third parties that provide services to us and/or the Deloitte Network; as part of a corporate transaction (such as a sale, divestiture, reorganization, merger or acquisition); competent authorities (including courts and authorities regulating us or another member of the Deloitte Network) and other third parties that reasonably require access to Personal Information relating to you for one or more of the purposes outlined in the “Information use” section above.
We may also need to disclose your Personal Information if required to do so by law, by a regulator or during legal proceedings.
Please note that some of the recipients of your Personal Information referenced above may be based in countries without data protection laws similar to those in the UK or in effect in your area of residence. In such cases, we will ensure that you consented to the transfer or that there are adequate safeguards in place to protect your Personal Information that comply with our legal obligations. For example, the adequate safeguard might be a data transfer agreement with the recipient based on standard contractual clauses approved by the UK Information Commissioner’s Office (ICO) for transfers of Personal Information to third countries.
Further details of the transfers described above, and the adequate safeguards used by us in respect of such transfers, are available from us. For such information, please contact us by using the “Contact information” section below.
We may share non-personal, de-identified and aggregated information with third parties for several purposes, including data analytics, research, submissions, thought leadership and promotional purposes.
We do not sell your personal information.
The Website may host various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively referred to as “Social Media Applications”). Any Personal Information or other information that you contribute to any Social Media Application can be read, collected and used by other users of that Social Media Application over whom we have little or no control. Therefore, we are not responsible for any other user's use, misuse or misappropriation of any Personal Information or other information that you contribute to any Social Media Application.
This Privacy Notice addresses only the use and disclosure of information we collect through your interaction with the Websites or Communications. Other websites or applications that may be accessible through links from the Websites and Communications have their own privacy notices and Personal Information collection, use and disclosure practices. We encourage you to familiarize yourself with the privacy notices provided by these other parties prior to providing them with information.
"Do Not Track" is a preference you can set in your web browser to let websites and applications you visit know that you do not want them collecting information about you. The Websites do not currently respond to a "Do Not Track" or similar signal.
We use a range of physical, electronic and managerial measures to keep your Personal Information secure, accurate and up to date. These measures include:
Although we use appropriate security measures once we have received your Personal Information, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavor to protect Personal Information, but we cannot guarantee the security of data transmitted to us or by us over the internet.
We will hold your Personal Information on our systems for the longest of the following periods: (i) as long as is necessary for the relevant activity or services; (ii) any retention period that is required by law; (iii) the end of the period in which litigation or investigations might arise in respect of the services.
You have various rights in relation to your Personal Information. In particular, you have a right to:
To help us maintain the accuracy of your Personal Information, please contact us by using the “Contact information” section below if any of your personal details have changed.
If you are unsatisfied with the way in which we have handled your Personal Information or any privacy query or request that you have raised to us, you have a right to complain to the data protection authority in the UK or your jurisdiction. For such information, please contact us by using the “Contact information” section below.
For certain Personal Information requests, we must first verify your identity before processing your request. To do so, we may ask you to provide us with your full name, contact information, and relationship to Deloitte. Depending on your request, we may ask you to provide additional information. Once we receive this information, we will then review it and determine whether we are able to match it to the information Deloitte maintains about you to verify your identity.
If you are submitting a Personal Information request on behalf of someone other than yourself, please contact us by using the “Contact information” section below and include proof that you are authorized to make the request. This may be in the form of a written authorization signed by the person whom you are acting on behalf of or a valid power of attorney.
To exercise your rights or if you have any questions concerning your privacy while using the Website, please contact DTTLPrivacy@deloitte.com. Should you wish to contact our Data Protection Officer, you may write to 1 New Street Square, London, EC4A 3HQ, or send an email to DeloitteGlobalDPO@deloitte.com.
DGSL Privacy Services Limited, with registered office at 29 Earlsfort Terrace, Dublin 2, Ireland, is appointed as our representative in the European Union to act on our behalf if, and when, we undertake data processing activities to which the EU General Data Protection Regulation (GDPR) applies. It can be contacted at DTTLPrivacyEU@deloitte.com.
We may modify or amend this Privacy Notice from time to time.
To let you know when we make changes to this Privacy Notice, we will amend the date at the top of this page. The new, modified, or amended Privacy Notice will apply from that revision date. Therefore, we encourage you to periodically review this Privacy Notice to be informed about how we are protecting your information.
This Privacy Notice was written in English. To the extent any translated version of this Privacy Notice conflicts with the English version, the English version controls.