Privacy

Privacy Notice

Last revised: June 14th, 2021

Introduction

We are committed to protecting your privacy.

This Privacy Notice explains how we will collect, handle, store and protect information about you collected from (1) the Web pages of any website or application with respect to which this Privacy Notice is posted or linked (collectively referred to as the “Website”), (2) downloadable applications accessed from mobile devices with respect to which this Privacy Notice is posted or linked (“Mobile App”), or (3) any other mode of interacting with you relating to Deloitte communications, such as online or offline newsletters and magazines, that reference this Privacy Notice (“Communication”). By using the Website, or continuing to receive Communications, you agree to the use of such information in accordance with this Privacy Notice.

As used in this Privacy Notice, "Deloitte Network" refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”, also known as “Deloitte Global”), its network of member firms and their related entities. DTTL and each of its member firms are legally separate and independent entities. Please see www.deloitte.com/about for a detailed description of the legal structure of DTTL and its member firms. When used in this Privacy Notice, “we”, “us” and “our” refers to Deloitte Global.

Deloitte.com also includes Web pages provided by other DTTL member firms or their related entities, which are designated according to the location identified in the upper right-hand corner next to “Search.” These Web pages are provided by the designated entities and are not the responsibility of DTTL. Such Web pages, as well as other websites that may be linked to the Website, are not governed by this Privacy Notice. We encourage you to review the applicable privacy notices before disclosing any Personal Information.

This Privacy Notice also contains information about when we share your Personal Information with other members of the Deloitte Network and other third parties (for example, our service providers).

In this Privacy Notice, information about you, which may be referred to as personal data in some jurisdictions, is referred to as “Personal Information”. We may also sometimes collectively refer to handling, collecting, protecting and storing your Personal Information as “processing” such Personal Information.

Information collection

Personal Information refers to information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual, or household.

We may collect Personal Information when you interact with the Website or Mobile App or because you give it to us (for example, in a form on our Website or Mobile App).  Depending on the specific Communication you are receiving, or the Web page of the Website or Mobile App you are using, such information may consist of: your name; current job title; company name; e-mail address; country of residence; telephone and fax number(s); physical address(es);  gender; date of birth; marital status; employment and education details (such as learning history, work experience and skills); geolocation; certificate or license number; account number; photograph, video or audio recording identifiable to an individual; your postings on any blogs, forums, wikis and any other social media applications that we provide; your IP address; your browser type and language; your access times; complaint details; correspondence with you; the newsletters you subscribe to; information relevant to providing services to you; and any other information that you voluntarily provide to us. We may also collect or obtain Personal Information from you because of the way you interact with us or others.

We do not usually seek to collect ‘sensitive’ or ‘special categories’ of Personal Information (e.g., data relating to race or ethnic origin, religious or philosophical beliefs, trade union membership, political opinions, medical or health conditions, or information specifying the sex life or sexual orientation of an individual) through your use of this Website. The types of ‘special categories’ of Personal Information that we collect may vary depending on how you use this Website. In some rare circumstances, we might gather special categories of Personal Information about you because you volunteer that data to us, or we are required to gather that data as a result of legal requirements imposed on us.  We will, where necessary, obtain your explicit consent to collect and use such information.

We understand the importance of protecting children's privacy. Our Website is not designed for, or intentionally targeted at, children. It is not our policy to intentionally collect or store information about children.

Log information, cookies and web beacons

When you access the Website or Mobile App, we may collect standard Internet log information including your IP address, browser type and language, access times and referring website addresses. To ensure that the Website, Mobile App and Communications are well managed and to facilitate improved navigation, we or our service provider(s) may also use cookies (small text files stored in a user's browser) or web beacons (electronic images that allow us to count users who have accessed particular content and to access certain cookies) to collect aggregate data. Additional information on how we may use cookies and other tracking technologies and how you can control these can be found in our Cookie Notice.  

Information use

Use of Personal Information collected via our Website or Mobile App

  • We may use your Personal Information collected:
    • to verify your identity each time you log in to the Website;
    • to manage your account and improve our Website or Mobile App;
    • to manage and promote collaboration and communication;
    • to provide and document training and qualifications;
    • to tailor the content of our Website or Mobile App to provide you with a more personalized experience; and
    • to manage our relationship with you and respond to any request you submit through our Website or Mobile App.

Use of Personal Information for other activities that form part of the operation of our business

  • In addition to the purposes connected to the operation of our Website and Mobile App above, we may use your Personal Information for the purposes of, or in connection with:
    • applicable legal or regulatory requirements;
    • requests and communications from competent authorities;
    • sending you thought leadership or details of products and services provided by entities within the Deloitte Network that may be of interest to you; contacting you to receive feedback on these services; and contacting you for other market or research purposes; and
    • protecting our rights.

Access to the Website or Mobile App may be subject to review, monitoring and recording at any time to help us confirm compliance with applicable Terms of Use and that only authorized parties are accessing the Website.

Legal basis for processing information

We are required by law to set out in this Privacy Notice the legal grounds on which we rely in order to process your Personal Information. 

We use your Personal Information for the purposes outlined above because of: (a) our legitimate interests in the effective delivery of our Website and Mobile App and related services offered to you; (b) our legitimate interests in the effective and lawful operation of our Website and Mobile App so long as such interests are not outweighed by your interests; (c) the legal and regulatory obligations that we are subject to, such as keeping records for tax purposes or providing information to a public body or law enforcement agency.

To the extent that we process any sensitive Personal Information relating to you for any of the purposes outlined above, we will do so because either: (i) you have given us your explicit consent to process that data; (ii) the processing is necessary for the establishment, exercise or defense of legal claims or (iii) you have made the data manifestly public.

Where we are legally required to obtain your explicit consent to provide you with certain marketing materials, we will only provide you with such marketing materials where we have obtained such consent from you. If you do not want to continue receiving any marketing materials from us, you can unsubscribe from the Communication.   

Disclosure of information to third parties

In connection with one or more of the purposes outlined in the “Information use” section above, we may disclose details about you to: other members of the Deloitte Network for legitimate business-related purposes; third parties that provide services to us and/or the Deloitte Network; as part of a corporate transaction (such as a sale, divestiture, reorganization, merger or acquisition); competent authorities (including courts and authorities regulating us or another member of the Deloitte Network) and other third parties that reasonably require access to Personal Information relating to you for one or more of the purposes outlined in the “Information use” section above.

In relation to Mobile Apps, we may also share your usage and Personal Information with mobile carriers and platform providers, as well as any other entities described in any particular Mobile App in connection with the operation of the Mobile App.

In relation to Communications, we may also share your Personal Information with service providers in connection with the delivery of such Communications.

We may also need to disclose your Personal Information if required to do so by law, by a regulator or during legal proceedings.

Please note that some of the recipients of your Personal Information referenced above may be based in countries without data protection laws similar to those in effect in your area of residence. In such cases, we will ensure that there are adequate safeguards in place to protect your Personal Information that comply with our legal obligations. For example, the adequate safeguard might be a data transfer agreement with the recipient based on standard contractual clauses approved by the European Commission for transfers of Personal Information to third countries.

Further details of the transfers described above, and the adequate safeguards used by us in respect of such transfers, are also available from us. For such information, please contact us by using the “Contact information” section below.

Under applicable law, you may be entitled to request information concerning whether your Personal Information has been disclosed to nonaffiliated third parties for their direct marketing purposes. We do not share your personal information with nonaffiliated third parties for such purposes.

We may share non-personal, de-identified and aggregated information with third parties for several purposes, including data analytics, research, submissions, thought leadership and promotional purposes.

Selling of information

We do not sell your personal information.

Blogs, forums, wikis and other social media

The Website or Mobile App may host various blogs, forums, wikis and other social media applications or services that allow you to share content with other users (collectively referred to as “Social Media Applications”). Any personal information or other information that you contribute to any Social Media Application can be read, collected and used by other users of that Social Media Application over whom we have little or no control. Therefore, we are not responsible for any other user's use, misuse or misappropriation of any personal information or other information that you contribute to any Social Media Application.

Privacy practices of third parties

This Privacy Notice addresses only the use and disclosure of information we collect through your interaction with the Website or Mobile App. Other websites or applications that may be accessible through links from the Website or Mobile App have their own privacy notices and personal information collection, use and disclosure practices. We encourage you to familiarize yourself with the privacy notices provided by these other parties prior to providing them with information.

Do not track

"Do Not Track" is a preference you can set in your web browser to let websites and applications you visit know that you do not want them collecting information about you. The Website does not currently respond to a "Do Not Track" or similar signal.

Information security

We use a range of physical, electronic and managerial measures to keep your Personal Information secure, accurate and up to date. These measures include:

  • education and training to relevant staff so they are aware of our privacy obligations when handling Personal Information;
  • administrative and technical controls to restrict access to Personal Information on a ‘need to know’ basis;
  • technological security measures, including fire walls, encryption and anti-virus software; and
  • physical security measures, such as staff security passes to access our premises.  

Although we use appropriate security measures once we have received your Personal Information, the transmission of data over the internet (including by e-mail) is never completely secure.  We endeavor to protect Personal Information, but we cannot guarantee the security of data transmitted to us or by us over the internet.

Information retention

We will hold your Personal Information on our systems for the longest of the following periods: (i) as long as is necessary for the relevant activity or services; (ii) any retention period that is required by law; (iii) the end of the period in which litigation or investigations might arise in respect of the services. 

Your rights

Under applicable law, you may have various rights in relation to your Personal Information. In particular, you may have a right to:

  • obtain confirmation that we are processing your Personal Information and request a copy of the Personal Information we hold about you;
  • ask that we update the Personal Information we hold about you, or ask that we correct such Personal Information that you think is incorrect or incomplete;
  • ask that we delete Personal Information that we hold about you, or restrict the way in which we use such Personal Information; and
  • object to our processing of your Personal Information.

Where applicable, if you decide that you no longer wish to have your third party social network site account (e.g., LinkedIn, Facebook, or Twitter) linked to your profile on the Website, please change the settings in your third-party social network site account.

If you are unsatisfied with the way in which we have handled your Personal Information or any privacy query or request that you have raised to us, you have a right to complain to the data protection authority in your jurisdiction. For such information, please contact us by using the “Contact information” section below.  

Verification of Personal Information requests

For certain personal information requests, we must first verify your identity before processing your request. To do so, we may ask you to provide us with your full name, contact information, and relationship to Deloitte. Depending on your request, we may ask you to provide additional information. Once we receive this information, we will then review it and determine whether we are able to match it to the information Deloitte maintains about you to verify your identity.

Third party requests

If you are submitting a personal information request on behalf of someone other than yourself, please contact us by using the “Contact information” section below and include proof that you are authorized to make the request. This may be in the form of a written authorization signed by the person whom you are acting on behalf of or a valid power of attorney.

California Privacy Rights Reporting

Deloitte Touche Tohmatsu Limited (“DTTL”, also known as “Deloitte Global”) has compiled the following data regarding individuals who made personal information requests under the California Consumer Privacy Act (CCPA) or otherwise from January 1 – December 31, 2020. In accordance with CCPA Regulation § 999.317, this information is being made available via the DTTL Privacy Notice on Deloitte.com.



Contact information

To exercise your rights or if you have any questions concerning your privacy while using the Website, please contact DTTLPrivacy@deloitte.com or 1-844-919-0713 and your request will be routed to the appropriate member firm or related entity. DGSL Privacy Services Limited is appointed as our representative in the European Union to act on our behalf if, and when, we undertake data processing activities to which the EU General Data Protection Regulation (GDPR) applies.

Changes to this Privacy Notice

We may modify or amend this Privacy Notice from time to time.

To let you know when we make changes to this Privacy Notice, we will amend the revision date at the top of this page. The new modified or amended Privacy Notice will apply from that revision date. Therefore, we encourage you to periodically review this Privacy Notice to be informed about how we are protecting your information.

This Privacy Notice was written in English (U.S.). To the extent any translated version of this Privacy Notice conflicts with the English version, the English version controls.