This privacy statement was last updated on 5 December 2023
This privacy statement describes our reasons for collecting personal data through Viewpoint and provides information about individuals’ legal rights in relation to personal data. We may use the personal data provided through Viewpoint for any of the reasons set out in this privacy statement.
This privacy statement relates only to the Viewpoint website, our global accounting technical content and business insights platform with the URL viewpoint.pwc.com. It does not relate to other technologies, products, services or sites of PwC or any other party.
Data controller information
The data controller is the entity with primary responsibility for the protection of personal data and for ensuring compliance with applicable data protection laws.
The data controller of the personal information collected in connection with this application is the PwC firm responsible for delivering professional services to you or your organisation, and with which you registered your details.
If you are not receiving professional services from any PwC firm and you are a PwC professional or act in a professional capacity for PwC then the data controller of your personal information is the PwC firm in the location from which you normally access this application.
To understand the structure of the PwC network, see: https://www.pwc.com/gx/en/about/corporate-governance/network-structure.html
Each firm in the PwC network is a separate legal entity. For a list of PwC firms, see https://www.pwc.com/gx/en/about/corporate-governance/legal-entities.html.
For countries and regions in which PwC firms operate, see http://www.pwc.com/gx/en/about/office-locations.html.
In this privacy statement, “PwC”, “us”, and “we” means the PwC firm that is the data controller of your personal information.
In this privacy statement, we refer to information about you or information that identifies you as “personal data” or “personal information”. We also sometimes collectively refer to handling, collecting, protecting or storing your personal information as “processing” such personal information.
By using this application and providing personal information to us, you acknowledge that you have read and understood this privacy statement, and, to the extent your consent is necessary and valid under applicable law, you consent to the collection, use and disclosure of such personal information by PwC and any third party recipients in accordance with this privacy statement.
The purpose of Viewpoint
Viewpoint is PwC’s global platform providing accounting technical content and business insights, enabling users to keep up to date with critical business issues.
We do not collect sensitive personal data through this application (and please do not provide any when using it)
We do not need or collect, and we ask you not to provide, sensitive personal data through this application. Sensitive personal data, also known as special category personal data, covers information relating to, among other things, race, ethnicity, political opinions, religious or philosophical beliefs, biometric or genetic data when used to uniquely identify you, information about health or sexual life and criminal acts. If you provide sensitive personal data the act of providing it constitutes your explicit consent for us to collect and use that information for the purposes described in this privacy statement.
We do not pass personal information to third parties for direct marketing purposes
We will not pass your information to third parties outside the PwC network for direct marketing purposes.
Personal Information We Collect
Providing personal data is not a statutory or contractual requirement but failure to provide certain personal data may affect our ability to provide the services you have requested.
We collect the following personal information.
• Personal data provided directly by you
• We ask you to provide us with personal data (e.g. as part of registering to use the services) so we can provide the services. The personal data we ask for includes your name, professional title, business email address and phone number.
• Personal data captured, created, inferred or derived from your use of the application
• IP address
• Device, browser information and operating system
• Usage data connected to your activity on the platform,
• Mobile information (such as operating system, if a mobile device is used to access Viewpoint)
• Personal data obtained from third party sources
• We do not collect personal data from third party sources.
Use of Personal Data
We use personal data for the following purposes.
• To provide the services requested by you or your organisation.
• To maintain the security of the services
• Authenticating the identity of users, authorising access to the application (including preventing unauthorised access) and for other security-related purposes, including system monitoring.
• To operate, administer, manage and improve the application
• Administering the application, troubleshooting issues and identifying areas of improvement.
• Allowing elected client administrators the ability to create, read, update and delete users who can access the application, as well as view the activity logs showing user access.
• Providing personalisation of our services to you and maintaining an 'e-profile' about you or a third party about whom you have supplied us with data (for example, your employer).
• To maintain our administrative or client relationship management systems
• Where you are a business contact of ours, we will include your business contact details on our administrative or client relationship management systems, contact you in relation to the services and we may send you other material relevant to your interests (provided we have appropriate permission from you to do this, as required by law).
• To analyse how the application and associated services perform
• We may analyse how the application and associated services perform by reviewing the user data we capture.
• We may analyse which content users find useful/useless by reviewing the user data we capture, such as page hits.
• To send you newsletters and other relevant information via email (if you have consented to this)
• As part of the Viewpoint service, we send regular email newsletters. You can unsubscribe from the newsletters at any time by clicking on the unsubscribe link in the newsletter, emailing firstname.lastname@example.org or updating your profile.
Third Party Links
Our legal grounds for processing personal data
Applicable laws may require us to set out in this privacy statement the legal grounds on which we rely in order to process your personal information.
In such cases, we rely on one or more of the following processing conditions:
• our legitimate interests in the effective delivery of information and services to you and in the effective and lawful operation of our businesses and the legitimate interests of our clients in receiving professional services from us as part of running their organization (provided these do not interfere with your rights);
• our legitimate interests in developing and improving our businesses, services and offerings and in developing new PwC technologies and offerings (provided these do not interfere with your rights);
• to satisfy any requirement of law, regulation or professional body of which we are a member (for example, for some of our services, we have a legal obligation to provide the service in a certain way);
• to perform our obligations under a contractual arrangement with you; or
• where no other processing condition is available, if you have agreed to us processing your personal information for the relevant purpose (please note we do not generally process personal data based on consent as we can usually rely on another legal basis).
Transfers of personal data
If we process your personal information, your personal information may be transmitted and stored outside the country where you are located. This includes countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information.
Where we collect your personal information within the European Economic Area, transfer outside the European Economic Area will be only:
• to a recipient located in a country which provides an adequate level of protection for your personal information; and/or
• under an agreement which satisfies EU requirements for the transfer of personal data to data processors or data controllers outside the EEA, such as standard contractual clauses approved by the European Commission.
Recipients of personal data
Recipients of personal data: other PwC Firms
For PwC Member Firm locations, see https://www.pwc.com/gx/en/about/office-locations.html
We may share personal data with other PwC firms where necessary in connection with the purposes described in this privacy statement. For example, when providing professional services to a client we may share personal information with PwC Member Firms in different territories that are involved in providing services to that client.
Recipients of personal data: Third Party Providers
We may transfer or disclose the personal data we collect to third party contractors, subcontractors, and/or their subsidiaries and affiliates. Third parties support the PwC Network in providing its services and help provide, run and manage IT systems. Examples of third party contractors we use are providers of identity management, website hosting and management, data analysis, data backup, security and cloud storage services. The servers powering and facilitating our IT infrastructure are located in secure data centres around the world, and personal data may be stored in any one of them.
The third party providers may use their own third party subcontractors that have access to personal data (sub-processors). It is our policy to use only third party providers that are bound to maintain appropriate levels of security and confidentiality, to process personal information only as instructed by PwC, and to flow those same obligations down to their sub-processors.
Other recipients of personal data
We may also disclose personal information under the following circumstances:
with professional advisers, for example, auditors and law firms, as necessary to establish, exercise or defend our legal rights and obtain advice in connection with the running of our businesses. Personal data may be shared with these advisers as necessary in connection with the services they have been engaged to provide;
• when explicitly requested by you;
• when required to deliver publications or reference materials requested by you; and
• with law enforcement or other government and regulatory agencies or with other third parties as required by, and in accordance with, applicable law and regulation. Occasionally, we may receive requests from third parties with authority to obtain disclosure of personal data, such as to check that we are complying with applicable law and regulation, to investigate an alleged crime or to establish, exercise or defend legal rights. We will only fulfil requests for personal data where we are permitted to do so in accordance with applicable law and regulation.
We adhere to internationally recognised standards of technology and operational security in order to protect personal information from loss, misuse, alteration and destruction. Only authorised persons are provided access to personal information. These individuals have agreed to maintain the confidentiality of this information. We have a framework of policies and procedures in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
Although we use appropriate security measures once we have received your personal data, the transmission of data over the Internet (including by email) is never completely secure. We endeavor to protect personal data, but we cannot guarantee the security of data transmitted electronically over the Internet.
We will retain your personal information only for as long as we need it for the purposes described in this privacy statement unless we are required by law, regulation or our professional obligations to retain it for a longer period.
Our applications are not intentionally designed for or directed at children, and our terms and conditions of use require all users to be above the age of majority in their local country. We never knowingly collect or maintain personal information about individuals under the age of 18.
Changes to this privacy statement
We may update this privacy statement at any time by publishing an updated version here. So you know when we make changes, we will amend the last revision date at the top of this page. The new modified privacy statement will apply from that revision date. Therefore, we encourage you to review this privacy statement periodically to be informed about how we are protecting your information.
How to Delete Your Account
Registered users of this application may request deletion of their Viewpoint account, including all personal information, here.
Your legal rights in relation to your personal data
You may have certain rights under your local law in relation to the personal information we hold about you.
In particular, you may have the legal rights listed below.
• Obtain confirmation as to whether we process personal data about you, access a copy of your personal data and obtain certain other information, including why we process it and recipients of personal data.
• Request rectification of personal data if it is inaccurate (for example, if you change your address) and to have incomplete personal data completed.
• Delete/erase your personal data in the following cases:
• the personal data is no longer necessary in relation to the purposes for which it was collected and processed;
• our legal ground for processing is consent, you withdraw consent and we have no other lawful basis for the processing;
• our legal ground for processing is that the processing is necessary for legitimate interests pursued by us or a third party, you object to the processing and we do not have overriding legitimate grounds;
• you object to processing for direct marketing purposes;
• your personal data has been unlawfully processed; or
• your personal data must be erased to comply with a legal obligation to which we are subject.
• Restrict personal data processing in the following cases:
• for a period enabling us to verify the accuracy of personal data where you have contested the accuracy of the personal data;
• your personal data have been unlawfully processed and you request restriction of processing instead of deletion;
• your personal data is no longer necessary in relation to the purposes for which it was collected and processed but the personal data is required by you to establish, exercise or defend legal claims; or
• for a period enabling us to verify whether the legitimate grounds relied on by us override your interests where you have objected to processing based on it being necessary for the pursuit of a legitimate interest identified by us.
• Object to the processing of your personal data in the following cases:
• our legal ground for processing is that the processing is necessary for a legitimate interest pursued by us or a third party; or
• our processing is for direct marketing purposes.
• Data portability
• The right to receive your personal data provided by you to us and the right to transmit the data to another organisation (or ask us to do so if technically feasible) where our lawful basis for processing the personal data is consent or necessity for the performance of our contractual relationship with you and the processing is carried out by automated means.
• Withdraw your consent
• Where we process personal data based on consent, you have the right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis). Please note that withdrawing consent does not affect the lawfulness of processing done before the withdrawal. Please also note that if you withdraw consent this may affect our ability to provide the services you have requested.
• If you believe the processing of your personal data violates applicable laws, you may have the right to lodge a complaint with the data protection supervisory authority in the location where you normally reside or normally work, or the location where the alleged infringement occurred.