Skip to content Skip to footer

Loading Results

Recruiting Process

2. Recruiting Process

If you apply for a position at PwC via our "Workday" application tool or in any other way, we process the personal data you provide as part of our recruiting and application management for the following purposes:

  • Administration of your application(s) for one or more positions, assessment for open positions at PwC and administration of your applicant profile;
  • Assessing your employability (eg conducting background checks);
  • Sending e-mail notifications and other announcements, requesting additional information, or otherwise contacting you about your application;
  • Performing statistical analyses and reports, for example, on PwC recruitment activities.

To learn more about the processing, please click on the relevant purpose.

2.1 Legal basis

Your data will be processed to the extent necessary to carry out the pre-contractual measures requested by you in accordance with Art 6 para 1 lit b GDPR. If you have agreed that we may process your data for other job offers than the one you have specifically applied for, this processing will be carried out in accordance with Art 6 para 1 lit a GDPR. You can revoke this consent at any time with effect for the future. Internal statistical analyses and reports as well as the recording of log files are carried out on the basis of our legitimate interest in accordance with Art 6 para 1 lit f GDPR. You can object to this processing at any time by sending a message to

2.2 Data

Captured in Workday

Country (mandatory) Postcode (mandatory) Date of birth (voluntary)
First name (mandatory) City (mandatory) Country of birth (voluntary)
Last name (mandatory) E-mail (mandatory) Gender (voluntary)
Road (mandatory) Telephone number (mandatory) Nationality (voluntary)

Data in documents provided by you

The data included here are different in nature, but regularly (eg in the CV) include the following information:

  • "Personal data", eg date of birth, country of birth, gender and nationality, application photo;
  • Contact information, such as your name, address, telephone number and e-mail address. You may also voluntarily disclose your personal website or social media profile;
  • Description of your work experience, skills and education, cover letter, references.

Personally provided information

If you have already been interviewed by us in a job interview, we can enter a short evaluation about it into the system. Of course, this assessment will not contain any defamatory or derogatory comments but only information that is specifically related to the assessment and the recruitment process or your job profile.

Your activities in Workday

If you apply for several positions at the same time or apply again for another position, we have the possibility to save your activities. Multiple applications are welcome and by tracking your activities we can assign you to more suitable vacancies. If you do not want your activities to be saved, you can inform us by e-mail to Of course you can also delete certain partial information from the database yourself or ask us to do this for you.

Log files

When logging into the database, the server you are using can be identified by the Internet Protocol address ("IP address"). For data security reasons, we store this information in log files. Under no circumstances will the information stored in the log files be used to identify users; it is only used to ward off illegal or criminal server attacks that may be directed against your data or the functionality of the database.

If you enter into an employment relationship or service-like relationship with PwC, all personal data you submit via Workday may be used in connection with your employment in accordance with legal requirements.

Statistical data

The data in the CV database can be used to produce statistics. However, this is anonymous information that does not allow any conclusions to be drawn about the identity of a particular user.

Sensitive data

We do not oblige you to provide sensitive data such as gender, religion, sexual orientation or political views (also called special categories of data in the sense of Art 9 GDPR) in the application process. However, special categories of data may be included in the documents you upload, in particular your CV. We have no influence on this. Should you therefore provide special categories of data in your documents, you do so on your own initiative and consent to the processing of these special categories of personal data by us within the framework of this data protection declaration.

Transmission of personal data

We operate your application with the help of Workday, Inc. as a commissioned processor within the meaning of the GDPR. However, the data application is not linked to the CV database available on the Internet at No data exchange takes place. CVs that are processed by us in the data application are not automatically published on the Workday website.

2.3 Storage duration

If you have consented to us processing your personal data for other job offers, we will store your personal data for up to one year after completion of the recruiting process. Otherwise we will delete it after seven months.

2.4 Transfer to other firms in the PwC network

If you would like to be transferred to other companies in the global PwC network, you can indicate this in Workday during the application process. If you give your consent here, our recruiting team can suggest you for suitable positions in other PwC network companies, including those outside Austria. Only if such a proposal is made will we forward your application documents to the contact person of the respective country/countries. Please note that you have no right to such a transmission. However, if you are interested in specific positions in the PwC network, you can also apply directly via the respective website of the PwC member.

2.5 Transfer to third countries

Some of our service providers are located in non-EEA countries. For some countries, there is an adequacy decision of the European Commission in place. In other cases, an adequate level of data protection has been achieved by concluding standard contractual clauses and, where applicable, additional guarantees. This mainly concerns cloud service providers in the USA.