The below PwC companies in Austria ("PwC", hereinafter also referred to as "us", "we") are controller of your data in accordance with Art 4 para 7 of the General Data Protection Regulation ("GDPR"). Unless otherwise stated, they act as joint controllers in the sense of Art 26 GDPR for the purposes stated here. Further information on the individual firms and their cooperation in the PwC network as well as physical addresses can be found in our Imprint.
PwC Österreich GmbH Wirtschaftsprüfungsgesellschaft
PwC Advisory Services GmbH
PwC PricewaterhouseCoopers Wirtschaftsprüfung und Steuerberatung GmbH (firstname.lastname@example.org)
PwC Transaction Services Wirtschaftsprüfung GmbH
PwC Wirtschaftsprüfung GmbH
PwC Kärnten Wirtschaftsprüfung und Steuerberatung GmbH
PwC Oberösterreich Wirtschaftsprüfung und Steuerberatung GmbH (email@example.com)
PwC Salzburg Wirtschaftsprüfung und Steuerberatung GmbH
PwC Steiermark Wirtschaftsprüfung und Steuerberatung GmbH (firstname.lastname@example.org)
oehner & partner rechtsanwaelte gmbh (PwC Legal)
We voluntarily appointed an external Data Protection Officer (“DPO”), who will assist you in any enquiries.
oehner & partner rechtsanwaelte gmbh („PwC Legal“)
Donau-City-Straße 7, 1220 Wien
+43 1 501 88 0550
Naturally, all enquiries that you make to other firms in the PwC Austria network will be forwarded to the DPO.
You have the following rights vis-à-vis PwC in respect of personal data concerning you. In order to exercise these rights against us, please send us a letter containing a specific request.
Right to information: You can request information from us at any time about whether and which personal data we store about you. The provision of information by us is free of charge for you.
The right to information does not exist or exists only to a limited extent if and to the extent that the information would reveal information requiring secrecy, eg information subject to professional secrecy.
Right to rectification: If your personal data processed by PwC is incorrect or incomplete, you have the right to demand that we correct it at any time. Until they are corrected, you may also request that processing be restricted.
Right to deletion: You have the right to demand that we delete your personal data if and to the extent that the data are no longer needed for the purposes for which they were collected or, if processing is based on your consent, you have revoked your consent. In this case we must stop processing your personal data and remove it from our IT systems and databases.
A right to deletion does not exist, as far as the data may not be deleted due to a legal obligation or must be processed due to a legal obligation or the data processing is necessary for the assertion, exercise or defence of legal claims.
Right to limit processing: You have the right to request that we limit the processing of your personal data.
Right to data transferability: You have the right to obtain from us your personal data in a common and machine-readable format and the right to have such data transferred directly to another controller.
This right exists only if
Right to object to processing: If the processing of your data by PwC is based on Art. 6 Para. 1 lit f GDPR (our legitimate interest), you can object to the processing at any time.
Right to withdraw consent: You have the right to withdraw your consent for the processing of your personal data at any time. However, this does not affect the lawfulness of processing based on consent before its withdrawal.
Right to lodge a complaint with a supervisory authority
According to Art 77 GDPR, you have the right to lodge a complaint with the Austrian data protection authority if you believe that the processing of your personal data violates data protection law.
Austrian Data Protection Authority (Datenschutzbehörde)
Even if trade- and business secrets are not directly covered by the term personal data, we nevertheless give such information the same protection and we expect the same from our service providers.
As a legally obliged professional secrecy holder, the security of your data is of particular concern to us. It goes without saying that all data traffic within the PwC network is encrypted. We also have encryption options for external data traffic, provided that you, as the recipient of our communications, have the technical requirements for decryption.
Please note that electronic communication using standard mail programs (such as MS Exchange) does not offer absolute protection against unauthorized access by third parties and that non-European servers may also be switched on for this form of communication.
It is also a matter of course for us to ensure that our PwC network's own data centres meet all ISO/IEC 27001 security standards. Our understanding of security also extends to the service providers we use, whom we have obliged to comply with similar or equivalent security measures.
If data is stored on servers outside Europe within the framework of the cloud services we use, we ensure that this data is stored exclusively in fragmented and encrypted form using the highest encryption technologies. The storage of client files and client documents always remains in PwC's internal data centres.
If you have any questions about our data security measures specifically relating to your business case, please contact email@example.com.