Limited functionality available
Deloitte LLP and its United States affiliates (the “Deloitte U.S. Firms”) comply with the requirements of the EU-U.S. and Swiss-U.S. Data Privacy Frameworks as set forth by the U.S. Department of Commerce with respect to personal information of the types described below that is transferred from the European Economic Area and Switzerland to the United States. We have certified our participation in the Data Privacy Frameworks to the Department of Commerce. The Deloitte U.S. Firms registration can be viewed here. This Notice only applies to personal information within the scope of the Deloitte U.S. Firms' Data Privacy Framework certifications.
Our Data Privacy Framework certifications cover personal information regarding:
Our certifications do not cover any disclosure of an individual’s personal information to a third party who processes personal information for its own purposes when the disclosure is made at the request of the individual.We disclose personal information to third party service providers in connection with the operation of our business, including our provision of services to clients and our Personnel and business relationships. We ascertain that these third party service providers provide at least the same level of privacy protection as is required by the Data Privacy Framework Principles. We may be liable if both third parties fail to meet these obligations and we are responsible for the event giving rise to the damage.
The Deloitte U.S. Firms are subject to the investigatory and enforcement powers of the United States Federal Trade Commission. The Deloitte U.S. Firms may be required to disclose personal information to law enforcement, regulatory or other government agencies, or to other third parties, in each case to comply with legal, regulatory, or national security obligations or requests.
Any questions or complaints concerning our Data Privacy Framework compliance, or requests to access, correct, amend, delete, or limit the use or disclosure of personal information (opt out) may be directed to USDataPrivacyFramework@deloitte.com. If we have not been able to satisfactorily resolve the issue, then you may raise it with (1) your data protection authority, if it relates to Personnel data, and (2) the International Centre for Dispute Resolution/American Arbitration Association ("ICDR/AAA"), which can be contacted here, if it relates to any other personal information covered by our certification. Under certain conditions, individuals may have the possibility to engage in binding arbitration through the Data Privacy Framework Panel.
The Deloitte U.S. Firms commit to cooperate with EU data protection authorities (DPAs) and the Swiss Federal Data Protection and Information Commissioner (FDPIC), and to comply with the advice given by such authorities where needed to comply with the Data Privacy Framework Principles with regard to human resources data transferred from the EU and Switzerland in the context of the employment relationship.