General Data Protection Policy for PwC eValuation

General data protection information in accordance with Articles 13 and 14 of the EU General Data Protection Regulation (GDPR)


1. Data protection information in accordance with Art. 13, 14 EU Basic Data Protection Regulation GDPR

The purpose of the following data protection information is to provide you with an understandable, transparent and concise explanation of how we intend to process your personal data. However, should you require further explanations relating to data protection at PwC, please do not hesitate to contact our data protection officer at DE_Datenschutz@pwc.com or via the alternative channels specified below.

 

2. Controller

The controller within the meaning of Article 4 (7) EU General Data Protection Regulation (GDPR) which is responsible for the processing of your personal data is:

PricewaterhouseCoopers Corporate Finance Beratung GmbH
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main
E-Mail: webkontakt_anfragen@de.pwc.com
Telefonzentrale: +49 69 9585-0
Fax: +49 69 9585-1000

 

3. Data Protection Officer

PwC has appointed a data protection officer pursuant to Article 37 GDPR. You can contact PwC's data protection officer, Dr Tobias Gräber, via the following channels:

e-mail: DE_Datenschutz@pwc.com

Phone: +49 69 9585-0

Address for postal contact:

PricewaterhouseCoopers Corporate Finance Beratung GmbH
Dr. Tobias Gräber, Data Protection Officer
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main

 

4. Rights of data subjects/your rights under data protection law

PwC is required to recognise the following rights which you enjoy under the applicable data protection law with respect to your personal data.

Right of access: You may request information from PwC at any time as to whether PwC has stored your personal data and which personal data it has stored. PwC is required to provide this information to you free of charge.

The right of access does not exist or is subject to limitations if and to the extent that confidential information, such as information that is subject to professional secrecy, is disclosed.

Right to rectification: If your personal data which is stored by PwC is inaccurate or incomplete, you have the right to demand at any time that PwC rectify this.

Right to erasure: You have the right to demand that PwC erase your personal data if and to the extent that the data is no longer needed for the purposes for which it was collected or if the data is processed on the basis of your consent and you have opted to revoke your consent. In such cases, PwC must cease processing your personal data and remove that data from its IT systems and databases.

You do not have a right to erasure if

  • the data may not be deleted due to a statutory obligation or must be processed due to a statutory obligation
  • the processing of data is necessary for the establishment, exercise or defence of legal claims.

Right to restriction of processing: You have the right to demand that PwC restrict the processing of your personal data.

Right to data portability: You have the right to receive from PwC the data provided by you in a structured, commonly used, machine-readable format as well as the right to have these data transmitted to a different controller. This right exists only if

  • you have made this data available to us on the basis of consent or an agreement entered into with you;
  • the processing is carried out by automated means.

Right to object to processing: If your data is processed by PwC on the basis of Article 6 (1) (f) GDPR, you may object at any time to processing by PwC.

You may assert any and all the rights of data subjects described above against PwC by addressing your specific requests via email:

DE_Datenschutz@pwc.com

 

5. Complaint to a data protection authority

Pursuant to Article 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data infringes data protection law.

Information on specific data processing on websites and apps pursuant to Art. 13, 14 GDPR.

 

6. Description of the data processing on the website/application and legal basis for processing 

When you visit our website, we collect the data that is technically necessary to display that website to you. This involves personal data, which is transmitted automatically by your browser to our server, including:

  • IP address
  • Website requesting access
  • Browser (information about the browser you use)
  • Operating system and its interface (operating system of the computer you used to access the website or the application)
  • Language and version of the browser software
  • Date and time of your request/website (application) access

Processing of such personal data is carried out on the basis of Article 6 (1) (f) GDPR. The website cannot be accessed and offered to users without using such data; there is a legitimate interest in making it technically possible to access and use the website. The log file information is stored for 90 days and is then deleted.

 

7. Contact forms and contact details via e-mail

We provide a contact form on our website so that you can get in touch with us with any queries you may have about PwC, our website/application or other matters. You can also contact us by e-mail.

When you contact us using the contact form or by e-mail, the information you provide (in particular your e-mail address, your first and last name and the text of your enquiry, as well as any other information you may have provided in the contact form or by e-mail) will be stored by us in order to process your enquiry and answer your questions.

We will delete the data generated by your enquiry as soon as it is no longer necessary for processing that enquiry. To the extent that the data is subject to statutory retention requirements, it will be stored for the duration of the prescribed statutory retention period.

 

8. Registration and Login

The access and use of our website are generally possible without registration or login. However, some functionalities of the website can only be used after registration, in particular the provision of the online platform eValuation with the functionality of company valuation according to various valuation methods, as well as the calculation of selected financial ratios for a limited benchmark analysis and a PDF download function.

During the registration process, the following data is collected for the creation of a user account. 

  1. E-mail address
  2. Mobile phone number (required due to two-factor authentication)
  3. First name, last name
  4. Contact telephone number (optional)
  5. Company, commercial register number
  6. Address

We are permitted to process this information in accordance with Article 6 (1) (b) GDPR because we need this information to enable you to use the application.

If you gave your consent, PwC may contact you by telephone and/or e-mail in connection with measures to increase client satisfaction and for promotional purposes for eValuation. In this case, the relevant processing is based on Article 6 (1) (a) GDPR.

You may revoke your registration at any time by requesting a deactivation of your user account. In this case your user account will be deactivated within 7 days. To the extent that the data is subject to statutory retention requirements, it will be stored for the duration of the prescribed statutory retention period.

 

9. Use of cookies

This website uses cookies. Cookies are small text files that are sent to your browser by our web servers when you visit our website and stored on your computer for when you re-visit our website at a later time.

Cookies allow our website to access or store information from your browser about you, your settings or your device. They are mainly used to ensure the website's expected functionality. As a rule, cookies do not contain any information that could identify you directly. They do, however, make it possible to offer you a more personalized web experience.

This website uses session cookies (also referred to as temporary or transient cookies). Session cookies are only stored for the duration of your visit to our website. The session cookies used by us serve solely to identify you for as long as you are logged on to our website and are erased at the end of each session. They are not used for any other purposes.

These cookies are required for the functionality of our website and cannot be disabled on our systems. As a rule, these cookies are only set as a response to an action taken by you constituting a service request, such as setting your privacy preferences, logging in or filling out forms. You can set your browser to block cookies or notify you of them. However, this may impair the functionality of the website in some areas.

The use of cookies is permitted on the basis of Article 6 (1) (f) GDPR. If we did not use these cookies, you would not be able to technically access or use the website's content and services.

This website also uses cookies that allow us to recognise your browser the next time you visit our website so that we can offer you an optimised user experience.

These cookies are automatically deleted after a specified period, which may vary depending on the cookie. Persistent cookies remain stored on your terminal device until they expire or you delete them. You can find information on the exact validity period of each cookie in our cookie information.

We use the following types of cookies:

Performance cookies:

These cookies allow us to count visits and trace sources of access to measure and improve the performance of our website. They help us determine which pages are most popular, which are least used and how visitors navigate the website. All information collected by these cookies is aggregated and therefore anonymous.

Our use of performance cookies is based on a legitimate interest within the meaning of Article 6 (1) (f) GDPR. We have a legitimate interest in analyzing the use of our website as a whole by means of aggregated and anonymous data in order to improve our website's content and services.

 

 

Provider

Name

Purpose

Type

Lifetime

Microsoft

ARRAffinity

ARR means "Application Request Routing". These cookies are set during the operation of websites when the websites are hosted by Microsoft AZURE.

Session

Closing the browser

Microsoft

RequestVerification Token

With this, so-called Cross Site Request Forgery attacks are prevented and contribute to IT security.

Session


Closing the browser

Microsoft

ai_session

The cookie is generated when Application Insights sends telemetry data.

Performance

30 minutes

Microsoft

ai_user

The cookie is generated when Application Insights sends telemetry data.

Performance

One year

Microsoft

OpenIDConnect.nonce, x-ms-cpim-cache, x-ms-cpim-csrf, x-ms-cpim-dc, x-ms-cpim-slice, x-ms-cpim-tran, x-ms-gateway-slice, x-ms-cpim-soo

These cookies are used during login and registration to authenticate the user in the AD B2C service.

Session

Closing the browser

Microsoft

.ASPNet.Cookies

This cookie is generated when logging in and limits the duration of a session to 20 minutes if the user is inactive. Loading and saving eValuation will always renew the validity to 20 minutes.

Session

Closing the browser

PwC

language

Saves the selected language setting

Session

Closing the browser

 
Follow us on
PwC uses cookies to provide you with the best possible service. You can find further information in our privacy policy
I understand