Privacy

Privacy Statement

Last revised: November 3rd, 2019

Privacy Policies of Deloitte Israel

Introduction

Brightman Almagor Zohar & Co. and Deloitte Israel, at their registered office 132 Menahem Begin st., Tel-Aviv Israel, (also referred to below, together, as “our firm”, “Deloitte IL”, “our”, “we” and "us"),  are privacy conscious organizations.

This Privacy Statement explains how we protect your information gathered via (1) the Web pages of Deloitte IL websites with respect to which this Privacy Statement is posted or linked (such Web pages are collectively referred to as "Website/s"), (2) downloadable applications accessed from mobile devices with respect to which this Privacy Statement is posted or linked ("Mobile Apps") or (3) any other mode of interacting with you relating to Deloitte IL communications, such as online or offline newsletters and magazines, that reference this Privacy Statement (“Communication”). By using Websites or Mobile Apps, or continuing to receive Communications, you agree to the use of such information in accordance with this Privacy Statement.

Personal information (as defined below) is collected and processed by our firm in various frameworks in order to provide our services.

We may collect personal information when you interact with the Website or Mobile Apps, such as if you choose to register or create a user profile on the Website or a Mobile App (e.g., to gain access to specific content, attend a hosted event, respond to a survey or request communications about specific areas of interest), or otherwise provide it to us. Depending on the specific Communication you are receiving, or the Web page of the Website or Mobile App you are using, such information may consist of your name, current job title, company address, email address, telephone, mobile and fax numbers, correspondence with you, which newsletters you subscribe to, and other information you provide to us.

When using a Mobile App, in addition to contact information, we may also collect information relating to your device, including your device model, operating system, browser type, unique device identifier, IP address, mobile phone number, mobile network carrier, location, and the way you are using the Mobile App. The information collected will depend on the functionality of the specific Mobile App you are using. If any other information is collected relating to your use of a Mobile App, such information will be specified in the Mobile App.

We may also collect personal information if you register for the Website using a third party social network account (e.g., LinkedIn, Facebook, and Twitter). For example, the Website or a Mobile App may allow you to login using your social network account credentials. We may collect the user name associated with that social media account and any information or content you have permitted the social media network to share with us, such as your profile picture, email address, and birthday. The information we collect may depend on the privacy settings you have with the social network site, so please review the privacy statement or policy of the applicable social network site. When you access the Website through your social network account, you are authorizing us to collect and use your information in accordance with this Privacy Statement.

The Website may also collect content that you provide, including postings on blogs, forums, wikis and other social media applications and services that we may provide.

What is “personal information’: Personal information enables us to identify our clients individually (and/or their employees, customers, suppliers, etc.), the users of our sites and/or applications and/or the different participants in our services. This information generally has a personal or sensitive character, and it is protected by the Protection of Privacy Law-1981, including its regulations (hereafter; “the Law”).

 

Information use

Deloitte IL is committed to protect your personal information and to act with maximum transparency in all aspects that are connected with the collection of the information.

We collect and use your personal information with your consent to provide you with access to the Website, Mobile Apps and Communications, or where we have a legitimate business interest in or other legal basis for, such collection and use. The personal information you submit to us may be used to manage our relationship with you, including any of your requests, or to customize or improve the Website or a Mobile App and related services offered to you.

We may also use your personal information for marketing purposes, or to send you promotional materials or communications regarding services provided by us or other members of the Deloitte Network that we feel may be of interest to you. We may also contact you to seek feedback on services provided by members of the Deloitte Network or for market or other research purposes. Your personal information may also be used to protect our rights or property and that of our users.

You may at any time request that we discontinue sending you Communications, emails or other correspondence.

Your consent to our use of personal information: By ordering services from Deloitte IL, by participating in the activities of our firm (including competitions and conferences) and by using our Websites and applications, you express your consent to the conditions as appear in these privacy policy, including your approval to collecting your personal information, to process it, and to maintain it in the databases of Deloitte IL. Your personal information will serve us solely for purposes in accordance to this Privacy Policy.

In the event that there are additional conditions which apply to specific services which we anticipate to provide you, you will be informed about these conditions. These privacy policies represent an additional layer to the conditions of the service relevant to you.

Consent to the sending of newsletters and mail notifications: You hereby consent that in the context of the services, various newsletters and/or mail notifications (connected both to the services and to additional services offered by us), will be sent to you. By giving your consent as mentioned in this paragraph and by the use of our services, you agree to receive notices by e-mail and/or notices to your mobile instrument (to the extent that the details have been submitted to us by you). .

 

The legal grounds we use for processing personal information:

We can make use of personal information about you for the purpose of the following objectives:

1.          Compliance with requirements of relevant laws and regulations in order to meet professional demands (such as a “know your client” process in the framework of the Money Laundering Act);

2.          In connection with an investigation or enforcement of the privacy policy and/or in the context of demands, complaints, claims and legal proceedings;

3.          Following a contractual agreement between us, to provide you with services, and collection or processing of the information is necessary in order to fulfill our commitments in accordance with the contractual agreement;

4.          In order to provide various services to users of our websites or applications;

5.          Updates regarding products or services which are relevant to you as well as to provide you with information (in various newsletters and e-mail notifications), except if you have stated that you are not interested that we do this, as was specified above;

6.          To estimate, to adjust, to open and to improve our services and products;

7.          To reply to various questions, communications, complaints, requests;

8.          To grant technical support services for our online services.

9.          Storage and management of the information in our firm’s databases for purposes of providing services;

10.      In order to evaluate your candidacy for a position in our company to the extent that you have presented such a request (see details below);

11.      Use for statistical, analytical, research and marketing purposes.                                      

 

Privacy practices of third parties

This Privacy Statement only addresses the use and disclosure of information collected by Deloitte through your interaction with the Website and the Mobile Apps and through other interactions with Deloitte relating to a Communication. Other websites or mobile apps that may be accessible through links from the Communication, Website, or Mobile Apps have their own privacy statements and personal information collection, use and disclosure practices. We encourage you to familiarize yourself with the privacy statements provided by these other parties prior to providing them with information.

What type of information is collected?

In addition to the above mentioned, In the context of the services which we offer to our clients, as well as in the context of the services available to the general public (such as use of our websites and/or the use of our applications), we will occasionally request or collect personal information such as:

·         Full name;

·         Contact details;

·         Date of birth;

·         Identity card number;

·         Information regarding employment/professional experience/education/curriculum vitae;

·         Financial data and/or tax information;

·         Other personal information included in a complaint which you submitted;

·         Other personal information submitted by you for purposes of receiving the services or in their course (such as the condition of the client’s health or relative which is necessary for purposes of providing tax services, etc.).

This data will be transferred and kept in our firm’s database in accordance with the Law provisions. Submission of this personal data is not required by law, but without access to this data, we may not be able to provide the various services, including those which are offered in our websites and/or applications (such as enrolling as a client, making a connection, submitting candidacy to fill a position, questions by means of the application, registration for conferences, competitions, participation in surveys etc.)

 

How do we collect information?

The personal information detailed above which is collected by our firm was submitted in most cases by you (the client of the firm) or by your employer or by someone else on your behalf (who are our clients). This personal information may have been collected by any means, including discussions, telephone conversations and online forms and by any electronic or written means of communication. Refer also to the Introduction of this policy.

To the extent that you communicate with our firm and/or anyone on our behalf by means of sending electronic mail notices, completion of a form in our websites or applications, social networks or in any other way, the information collected with regard to you will be that submitted in the context of any communication. Furthermore, you might possibly give us the details of how to communicate with you for purposes of the receipt of professional/marketing mail, invitations to events and/or newsletters.

In some cases, we might receive information about you from third parties, such as cases in which we supply service to a client regarding his customers, suppliers and/or employees, for example when we perform surveys for our clients, from information that we obtain from operators of conferences, etc.

We may obtain information about you from other Deloitte entities in the world or from government authorities, to the extent that this is necessary for purposes of providing services.

As stated above, it is possible that we will provide services to our clients which necessitate use of personal information of third parties. Therefore, you may be requested by us to provide personal information about other possessors of information (hereafter: “personal data regarding third parties”). To the extent that you transfer personal data regarding other data subject (for example, regarding your employees, your customers, your relatives, etc.), by the very act of transferring this personal information, you declare and consent that (a) you are authorized to transfer personal information with regard to another data subject; (b) the other data subject consented and gave his explicit approval to that Deloitte IL and/or anyone on its behalf can use his personal information for all purposes according to this privacy policy. If you wish, you may transfer this policy to the data subject.

 

Information from social networks and Internet sites: subject to the personal definitions which will be defined in your accounts with the various social networks, our firm might receive data from operators of the social networks in which you have an account. For example, in a case where you will be identified in websites or applications of our firm by means of your Facebook account, we might receive the data in your account, including information about your contacts and your areas of interest. In order to obtain details about the information which we are likely to receive from the operators of the different social networks as well as how to alter the personal definitions in your accounts with the social networks, it is important that you review the privacy policies of those networks.

Disclosure of information to third parties

Your personal information may be used by all of our departments, units or practices. We may also provide your personal information to other members of the Deloitte Network in order to provide you with information that could be of interest to you and conduct market or other research. Your personal information may also be disclosed to members of the Deloitte Network and other third parties at your request or in order to respond to your requests or inquiries, or to enable us to provide you with requested services; as part of a corporate transaction (such as a sale, divestiture, reorganization, merger or acquisition); or where those parties (including but not limited to, Suppliers, contractors, service providers and other third parties) handle information on our behalf.

When personal information is used by third parties on our behalf, these service providers will be subject to the conditions of confidentiality and privacy based upon the principles of these privacy policies;


Personal information may also be disclosed to courts, law enforcement, regulatory or other government ministries, agencies and authorities, or to other third parties, in each case to comply with legal, regulatory, professional regulations or national security obligations or requests.

In a case of a change of control vis-à-vis another organization, including by way of merger, acquisition or purchase of all or most of its assets, it is possible that we will disclose the information to that organization.

In relation to Mobile Apps, we may share your usage and personal information with mobile carriers and platform providers, as well as any other entities described in any particular Mobile App in connection with the operation of the Mobile App.

In relation to Communications, we may share your personal information with service providers in connection with the delivery of such Communications.

Except for the uses described above, we do not trade in or sell your private information to others. For the avoidance of doubt, we are permitted to collect, disclose and transfer non-personal data (i.e. anonymous and aggregated information which does not allow identification of an individual) to third parties in our exclusive discretion.

Please note that it is possible that some of the above third parties are located in countries or areas without laws for protection of privacy matching those in our area of residency. In this case, appropriate means of security should be provided which will be defined in the agreement with them, based on the principles of this privacy policy, so as to protect your personal information.

By providing information with respect to a Communication or through the Websites or a Mobile App, you are consenting to the disclosures described above.

Information collected via your application for a position with our firm

To the extent that you wish to submit an application for a position via our website, you will be required to complete your personal details, such as name, identity card number, telephone number, e-mail address, date of birth, gender, year of immigration, citizenship, your HMO medical insurance , residence, curriculum vitae documents and recommendations, information regarding your education and experience, languages skills, military service, referrer, and relatives who are or might be employed by us. This information will be available to our Human Resources department and/or to our Quality & Risk department, and/or to our firm’s management. This information may also be transferred to other Deloitte entities in the world for the purpose of execution of assessment and classification of the applicants and to permit contacting them in connection with the process of the classification and the recruitment.

 

Installation of cookies files

When you visit our website, a cookie file is installed in your device through which you have access to the website, and an identification number is issued for this device in our systems. Our firm or third parties may use the cookies files in order to monitor your patterns of activities in the website, to improve and to intensify the experience of your visit to the website, to conform and to offer you services and products which might interest you (pursuant to the information collected by these files) and to provide support services to you to the extent that you may need them. The cookies files may be deactivated, For example, most of the Internet browsers allow users to expunge cookies files from the device of the user, to block their acceptance or to receive warnings prior to their storage. Nevertheless, one should be aware that if the user will expunge or will not permit storage of cookies files and/or will change the characteristics of the Flash, the online experience of the user will be limited. For further details please see the cookies policies in the network website.

Information retention

We retain personal information as necessary for the duration of the purpose and objective outlined in this Privacy Statement. Usually, your personal information will be retained according to the applicable laws of statute of limitation. Notwithstanding the duration of the purpose and objective or applicable law of statute of limitation (as relevant), we may retain your information for a longer time if necessary to comply with our legal or professional obligations, enforce our agreements, or resolve disputes.

Transfer of personal information to other countries

Personal information with regard to you could be transferred outside of the borders of the State of Israel, including to countries whose laws assure a level of protection lower than the level of protection over personal information which is set by the law in Israel. In such cases, our firm will take steps to assure an adequate level of protection for the personal information with regard to you, as specified in these privacy policy and as required by the applicable law.

 

Minors' privacy protection

We understand the importance of protecting minors' online privacy.

Our services, applications, communications, websites and Mobile Apps are not designed for or intentionally targeted at minors. It is not our policy to intentionally collect or maintain information from or about anyone who is a minor.

To the extent that the client is interested in collecting or processing personal information regarding minors under his protection (for example, in a case of a guardian and his children), the client must provide us with such personal information only after obtaining all consents required by law. In a case it will be brought to our knowledge that we have received a minor's personal information regarding his legal guardians consent and/or in another manner which is contrary to law, we will make every effort to immediately expunge all such personal information.

For further details in this matter, please contact our privacy officer at the relevant e-mail address.

 

Information security

We have in place reasonable commercial standards of technology and operational security to protect all personal information provided by users with respect to Communications, or via the Website or Mobile Apps, from unauthorized access, disclosure, alteration or destruction.

We are using technical and organizational measures and our firm is implementing Standard ISO27001 to assure protection at a high level of your personal information, and strictness as to inflexible access authorizations. Additionally, in every case in which we transfer or share information about you with third parties, we also obligate those third parties to institute technical and organizational means which are necessary in order that the level of protection of the information will not decline. Nevertheless, we clarify hereby that we may be required by force of legal or other obligations which are not under our control, to transfer personal information about you to third parties, such as public authorities. In these cases, we have limited control over the level of information security which is instituted in practice by those third parties.

Your rights with regard to your personal information

·           Receiving confirmation that we indeed process information about you and  requesting a copy of the information which we are retaining with regard to you;

·           Requesting to update details of the personal information about you or to amend information which you believe is inaccurate or lacking;

·           Requesting to expunge the personal data retained by us or to limit ways it is being used;

·           Withdrawing your consent that we process your personal information;

·           Requesting to stop or to begin  sending you marketing information;

·           Refusing to allow us to process your personal information.

Upon receipt of your request, we will make reasonable efforts in order to change, update or expunge your personal information in accordance with applicable privacy laws. In the event that you will choose to withdraw your consent to process your personal information or to limit the ways it is being used, it is possible that we will be forced to cease providing our services to you. Despite the aforesaid, we may be forced to save copies of the relevant information in accordance section "information retention"

Changes in the privacy policy

We may modify or amend this Privacy Statement from time to time at our discretion. When we make changes to this Privacy Statement, we will amend the revision date at the top of this page and such modified or amended Privacy Statement shall be effective as to you and your information as of that revision date.

We encourage you to periodically review this Privacy Statement to view any updates.

In any case that material changes will be made to these policy, we will make efforts to inform you of them by means of the accepted communication channels under the circumstances and subject to the provisions of the Law. When and if required by law, we will contact you to obtain your consent with regard to material changes to the policy. Without derogating from the above mentioned, the use of services after the date of the latest update will represent consent of the user to the changes obligating him. In case the privacy policy will be revised in order to respond to any legal demand, the revisions might become effective immediately or as is required by any law and without any advance notice.

 

Connecting with Deloitte IL

For any question and/or problem which arise from this privacy policy, you can contact our Privacy Officer by e-mail: GDPRIsrael@deloitte.co.il.