PwC Strategy& is the brand under which the legally separate member firms of PricewaterhouseCoopers International Limited operate and provide professional services. Together, these firms form the PwC network. Please see www.pwc.com/structure for further details.
In this privacy statement, «PwC Strategy&», «we» or «us» refers to PwC Strategyand (Switzerland) GmbH, which is a separate legal entity. The PwC network and each of the individual PwC firms are strongly committed to protecting personal data. As part of this commitment to privacy, PwC Strategy& regularly reviews its data protection practices to comply with applicable laws, industry standards and best practices. This privacy statement describes why and how we collect and use personal data and provides information about individuals’ rights. It applies to personal data provided to us, both by individuals themselves or by others. We may use personal data provided to us for any of the purposes described in this privacy statement or as otherwise stated at the point of collection. Please note that this pivacy statement serves as a general overview and data subjects are informed specifically about their rights and the use of their data at the point of collection.
Personal data are any information relating to an identified or identifiable living person. PwC Strategy& processes personal data for numerous purposes, and the means of collection, lawful basis of processing, use, disclosure and retention periods may differ for each of these purposes.
The data controller is PwC Strategyand (Switzerland) GmbH and such other PwC member firms that are contracting parties for the purposes of providing or receiving services.
The data controller collecting the data provided by a visitor to this website is the PwC firm in the visitor’s country or another PwC firm to which the visitor has submitted his/her data. Personal data collected by a PwC firm may be transferred to other PwC firms in connection with the purpose for which the visitor has submitted the information.
We have appointed a data protection officer. If you have any questions about this privacy statement or about how and why we process personal data, please contact our data protection officer at:
Data protection officer
PwC Strategyand (Switzerland) GmbH
Birchstrasse 160
8050 Zurich
Email: ch_swiss_data_privacy@pwc.ch
Phone: +41-58-792 3100
Information Security is a high priority for the PricewaterhouseCoopers network. PwC member firms are accountable to their people, clients, suppliers and other stakeholders to protect information that is entrusted to them. The PwC Information Security Policy (ISP) outlines the minimum security requirements with which every member firm must comply.
The PwC ISP has been developed to safeguard the confidentiality, integrity and availability of the information and technology assets used by the PwC member firms. The PwC ISP is aligned with the industry standard ISO/IEC 27002:2013 Information technology – Security techniques – Code of practice for information security controls.
We shall only share personal data with third parties when and as far as we are legally permitted to do so. When we share data with third parties, we protect the data and comply with our data protection, confidentiality and security standards by means of e.g. security mechanisms, contractual and organizational arrangements.
The transfer of personal data may be possible to:
In the following sections, we take a detailed look at the stakeholder groups from which we process personal data, including but not limited to as part of their use of this website or other internet-based channels. Please note that other stakeholders whose personal data are processed (e.g. partners and staff, suppliers) are informed of the use of their data and all other legally required information at the point of collection. To find out more, please go to the section(s) of this privacy statement applicable to you.
We collect only personally identifiable information provided specifically and voluntarily by visitors to this website. PwC Strategy& receives limited identifiable information (such as name, job title, job level, company name, and email address) from website visitors. Typically, identifying information is collected in order to:
Visitors are also able to send emails via the site. Their messages will contain the user’s screen name and email address, as well as any additional information the user may wish to include in the message.
Unless we are asked not to, we may also use your data to contact you with information about PwC Strategy&’s business, services and events, and other information that may be of interest to you. Should visitors subsequently choose to unsubscribe from mailing lists or revoke their registration, we provide instructions on the related webpage or in our communication to the individual, or the individual may contact us by email.
When a visitor provides personal information to us, we use it in connection with the purposes for which it was provided to us, as stated at the point of collection or as obvious from the context of its collection. A user may choose to provide personal information in the context of the following, among othe:
The data are not shared within the PwC network for secondary or unrelated purposes, or shared with a third party other than as described in this privacy statement or otherwise disclosed at the point of collection. If there is an instance where such information may be shared, the visitor shall be asked for permission beforehand.
PwC Strategy& makes every practical effort to avoid excessive or irrelevant collection of data. If a visitor believes the site has collected excessive information, we encourage the visitor to contact us to raise any concerns. Except for the mailing list initiative described above, where visitors explicitly choose to receive specific PwC Strategy& marketing or other materials, PwC Strategy& shall not use personal data collected from our websites to facilitate unsolicited marketing activities.
Cookies may be used on some pages of our site. Cookies are small text files placed on your hard drive that assist us in providing a more customised website experience. For example, a cookie can be used to registration information in an area of the site so that a user does not need to re-enter it on subsequent visits to that area. It is PwC Strategy&’s policy to use cookies to make navigation of our websites easier for visitors and to facilitate efficient registration procedures. Site statistics are compiled by third parties and therefore your IP address will be passed to third parties for statistical reporting only.
If you are concerned about cookies, most browsers permit individuals to decline them. In most cases, a visitor may refuse a cookie and still be able to navigate our websites; however, other functionality on the site may be impaired. After ending a visit to our site, users can delete the cookie from their systems if they so wish.
To manage our website properly, we may anonymously log information on our operational systems and identify categories of visitors by aspects such as domains and browser types. These statistics are reported in aggregate to our webmasters. This is to ensure that our website presents the best web experience for visitors and is an effective information resource. Full details on the cookies used on our website can be found on the cookies information page.
Some of the information we receive is not retained. For example, usually we do not keep mail addresses for white papers. Contact information about visitors (such as information generated though registration for access to areas on the site) shall be kept as long as the information is required to service the contact request or until a user requests that we delete that information. Mailing list information, discussion posts and emails are kept for only the period of time considered reasonable to facilitate the visitor’s requests.
When PwC Strategy& retains personally identifiable information, PwC Strategy& assumes responsibility for keeping an accurate record of the information once a visitor has submitted and verified the data. PwC Strategy& does not assume responsibility for verifying the ongoing accuracy of the content of personal information. When feasible in practice, if PwC Strategy& is informed that any personal data collected through a website are no longer accurate, PwC Strategy& shall make appropriate corrections based on the updated information provided by the authenticated visitor.
User updates of information should be handled by going back through the registration process. Inquiries about the accuracy of identifying information previously submitted to PwC Strategy& through its websites, or requests to have outdated information removed, should be directed via email. PwC Strategy& is committed to providing reasonable and practical access to visitors to allow them the opportunity to identify and correct any inaccuracies. When requested and legally permitted, PwC Strategy& shall delete identifying information from current operational systems.
In several places, strategyand.pwc.com/ch may link to other websites that do not operate under the privacy practices of strategyand.pwc.com/ch. If visitors follow links to other websites, PwC Strategy&’s privacy practices no longer apply. We encourage visitors to review each site’s privacy statement before disclosing any personally identifiable information.
As policy, visitors are not required to register to gain access to the areas of PwC Strategy& websites. In certain cases, as a visitor’s PwC Strategy& website experience expands, we may require in the future that a visitor register in order to obtain a user ID and password for authentication and secure access to a transaction or to certain confidential business or proprietary information services on premium websites.
Personally identifiable information provided to PwC Strategy& through its websites is provided voluntarily by visitors. Should visitors subsequently choose to unsubscribe from mailing lists or revoke their registration, we provide instructions on the related webpage or in our communication to the individual, or the individual may contact us by email.
PwC Strategy& understands the importance of protecting children’s privacy, especially in an online environment. Our website is not intentionally designed for or directed at children 16 years of age or younger. It is PwC Strategy&’s practice never knowingly to collect or maintain information about anyone under the age of 16.
Certain cookies from US providers may entail the transfer of personal data to these providers in the USA. Such a transfer means that data may be accessible by a state body under US law ad that no effective legal remedies are available under such access.
Therefore, the transfer of your data to the USA and the use of cookies which involve such a transfer is based on your consent only. This consent can be withdrawn at any time as explained in the cookie settings.
We only collect the personal data necessary for agreed purposes and we ask our clients to share personal data with us only if it is necessary for those purposes. Where we need to process personal data to provide professional services, we ask our clients to provide the data subjects with the necessary information regarding its use. Our clients may use relevant sections of this Privacy Statement or refer data subjects to this privacy statement if they consider it appropriate to do so.
Given the diversity of the services that we provide to clients, we process many categories of personal data, including:
contact details;
business activities;
information about management and employees;
payroll and other financial- and tax-related details;
internal processes and procedures;
data contained in corporate IT systems such as SAP; and
information about investments and other financial interests.
For payroll and immigration services, and with the individual’s consent, we may also process special categories of personal data. Examples of special categories include religious beliefs, physical or mental health, sexual life or sexual orientation, excerpts from the debt register and criminal records. In such cases, the person concerned is informed about the purpose of data processing and asked for his/her consent individually.
Generally, we collect personal data from our clients or from a third party acting on the instructions of the relevant client. The data are treated as highly confidential within PwC Strategy&.
Initiating and fulfilling contracts
PwC Strategy& processes personal data to carry out pre-contractual measures (such as preparing an offer, conducting internal pre-contractual risk and compliance checks or creating a contract) and to provide the contractually agreed services, including the administrative execution and billing of the order. In this context, the contact data are processed in particular, such as name, address, telephone number and email address.
No automated decision-making is undertaken
On the basis of a contract with our client, PwC Strategy& is subject to an obligation to provide the service for which it is commissioned. In order to be able to provide this service, it is necessary to process the data of the contact persons and persons with responsibility at the client. This constitutes a legitimate interest of PwC Strategy& in the processing of these data. Accordingly, the same applies when preparing a proposal for the provision of services.
Administering, managing and developing our businesses and services
PwC Strategy& is legally obliged to keep records properly and to document its mandates and orders extensively. These files and the documentation must also be kept and stored after completion of an order or mandate for retention periods specified by law. In addition, PwC Strategy& is subject to further statutory documentation and storage obligations, which are based, among other things, on tax, accounting or commercial and corporate law requirements for companies.
The documents to be recorded, the results of the work and the associated client-related correspondence also contain personal data, so that these are also part of file management and archiving.
The record keeping, documentation and archiving of client documents at PwC Strategy& is performed electronically in the IT systems and, in some cases, in the form of paper files.
With its file management, documentation and archiving, PwC Strategy& fulfils the legal obligations of professional law, tax law and commercial and corporate law, among others.
We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients, we may use information that we receive in the course of providing professional services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, to provide insights to our clients, to improve our business, service delivery and offerings and to develop new PwC Strategy& technologies and offerings.
Security, quality and risk management activities
We have security measures in place to protect our and our clients’ information (including personal data), which involve detecting, investigating and resolving security threats. Personal data may be processed as part of the security monitoring that we undertake; for example, automated scans to identify harmful emails. We monitor the services provided to clients for quality purposes, which may involve processing personal data stored in the relevant client file. We have policies and procedures in place to monitor the quality of our services and manage risks in relation to client engagements. We collect and hold personal data as part of our client engagement and acceptance procedures. As part of those procedures, we carry out searches using publicly available sources (e.g. the internet and sanctions lists) to identify politically exposed persons and individuals and organisations involving heightened risk. Such searches are used to check that there are no issues that would prevent us from working with a particular client (such as sanctions, criminal convictions –including in respect of company directors – or conduct or other reputational issues).
Providing our clients with information about us and our range of services
PwC Strategy& also uses contact data (in particular, name, address, email address) to obtain client feedback or to provide the client with information on other PwC Strategy& offers, services or events.
There is a legitimate economic interest in informing PwC Strategy&'s clients about offers and events of our own in order to establish and maintain a long-term relationship.
Complying with any requirement of law, regulation or a professional body of which we are a member
As with any provider of professional services, we are subject to legal, regulatory and professional obligations. We need to collect and keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.
Management of business contacts
If PwC Strategy& has received contact data within the framework of a business event held by PwC Strategy& or others, within the framework of a business appointment (e.g. by exchanging business cards) or within the framework of an order, we also use these contact data (in particular, name, address, email address) to maintain our business contacts. For this purpose, we transfer the contact data into the customer relationship management (CRM) systems.
PwC Strategy& has a legitimate economic interest in maintaining contacts established in the course of business transactions beyond the initial contact and in using them to establish a business relationship and to remain in contact with those affected for this purpose.
We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable laws or regulations).
In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is 10 years.
If a natural person is a client of PwC Strategy& (Private Client), other personal data are processed within the scope of order processing, insofar as this is required for the provision of the service agreed with the client. For this purpose, we shall process, in particular, bank data and payment data, as well as further information on personal, professional and financial circumstances, where applicable, insofar as these play a role in the fulfilment of the order by PwC Strategy& and the client provides us with this information in accordance with the order concluded with PwC Strategy&.
The processing of such personal data by PwC Strategy& is necessary for the fulfilment of the contract concluded between the client and PwC Strategy&.
Given the diversity of the services that we provide to personal clients, we process many categories of personal data, including:
For payroll and immigration services, and with the individual’s consent, we may also process special categories of personal data. Examples of special categories include religious beliefs, physical or mental health, sexual life or sexual orientation, excerpts from the debt register and criminal records. In such cases, the person concerned is informed about the purpose of data processing and asked for his/her consent individually.
Generally, we collect personal data from our clients or from a third party acting on the instructions of the relevant client. The data are treated as highly confidential within PwC Strategy&.
We only collect the personal data necessary for agreed purposes and we ask our private clients to share personal data with us only if it is necessary for those purposes. Where we need to process personal data to provide professional services, we ask our Private Clients to provide the data subjects with the necessary information regarding its use.
Providing professional services
We provide a diverse range of professional services. Some of our services require us to process personal data in order to provide advice and deliverables. For example, we need to use personal data to provide individual tax advice, immigration services or pension advice.
We are continually looking for ways to help our clients and improve our business and services. Where agreed with our clients, we may use information that we receive in the course of providing professional services for other lawful purposes, including analysis to better understand a particular issue, industry or sector, to provide insights to our clients, to improve our business, service delivery and offerings and to develop new PwC Strategy& technologies and offerings. To the extent that the information we receive in the course of providing professional services contains personal data, we shall de-identify the data prior to using the information for these purposes.
We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable laws or regulations).
In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of services is 10 years.
We provide external users access to various applications managed by us. Such applications shall include their own privacy statement explaining why and how personal data are collected and processed by those applications, or in the absence of a particular privacy statement refer to this present privacy statement. We encourage individuals using our applications to refer to the privacy statement issued on those applications.
We collect personal data (such as name, contact details and contents of the communication) when an individual gets in touch with us with a question, request for information, complaint, comment or feedback. In these cases, the individual is in control of the personal data shared with us and we shall only use the data for the purpose of responding to the communication.
When applying online for a position at PwC Strategy& via the PwC Strategy& careers website, applicants should refer to the information provided when applying for a job for details on why and how personal data are collected and processed. If you should enter in an employment relationship with us, contractual agreements will regulate our use of your personal data. For more details about our recruitment processes, please visit our careers page.
PwC Strategy& reserves the right to modify or amend this privacy statement at any time by publishing an updated version here. The current version of the statement shall be accessible on this website. This privacy statement was last updated on 14 April 2023.