Privacy Policy

Data protection information in accordance with Articles 13, 14 EU General Data Protection Regulation (GDPR)

The following data protection information is intended to explain to you in an understandable, transparent and clear manner how we, PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft (hereinafter: "PwC WPG"), process your personal data in connection with your use of our websites, applications ("apps") and online services. However, if you have any questions of understanding or other queries about data protection at PwC, you are welcome to contact our Data Protection Officer at or the other contact details provided below.

1. Controller

The controller within the meaning of Art 4 no 7 GDPR for the processing of your personal data is:

PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main
Telefonzentrale: +49 69 9585-0
Fax: +49 69 9585-1000

2. Data Protection Officer

PwC WPG has appointed a data protection officer in accordance with Art 37 GDPR. You can reach the Data Protection Officer of PwC WPG, Dr Tobias Gräber, at the following contact details:

Email contact:
Telefon: +49 69 9585-0

Address for postal contact:
PricewaterhouseCoopers GmbH WPG
Dr. Tobias Gräber, Datenschutzbeauftragter
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main

3. Rights of the data subject/your rights under data protection law

You have the following rights under applicable data protection law with respect to personal data concerning you.

Right of access: You can request information from us at any time about whether and which personal data we store about you. The provision of information is free of charge for you.

The right to information does not exist or is subject to limitations if and to the extent that confidential information, such as information that is subject to professional secrecy, would be disclosed.

Right to rectification: If your personal data stored by us is inaccurate or incomplete, you have the right to obtain rectification of this data from us at any time.

Right to erasure: You have the right to request that we erase your personal data if and to the extent that the data is no longer needed for the purposes for which it was collected or, if the processing is based on your consent, you have withdrawn your consent. In this case, we must stop processing your personal data and remove it from our IT systems and databases.

A right to erasure does not exist insofar as

• the data may not be deleted due to a legal obligation or must be processed due to a legal obligation;
• the data processing is necessary for the assertion, exercise or defence of legal claims.

Right to restrict processing: You have the right to request that we restrict the processing of your personal data.

Right to data portability: You have the right to receive from us the data you have provided in a structured, common and machine-readable format, as well as the right to have this data transferred to another controller. This right only exists if

• you have provided us with the data on the basis of consent or on the basis of a contract concluded with you;
• the processing is carried out by automated means.

Right to object to processing: If the processing of your data is based on Art 6 para 1 lit f) GDPR, you may object to the processing at any time.

You may assert all of the data subject rights described above against PwC WPG by addressing your specific request to the following contact details:
By email:

By mail:
PricewaterhouseCoopers GmbH WPG
Dr. Tobias Gräber, Datenschutzbeauftragter
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main

4. Right to lodge a complaint with a supervisory authority

In accordance with Art 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data infringes data protection law.

5. Provision of data

Even if partial automatic transmission of data takes place when you call up our website, you are not legally or contractually obliged to provide data in connection with the use of our homepage.
In connection with the contact form and contacting us by email, you are free to send us data via these channels, but without providing us your personal data in the context of contacting us in this way we cannot process and answer any enquiries from you in this respect.

6. Description of the data processing on the website/app and legal basis for the processing

6.1 Recipient of the data

In order to fulfil the processing purposes listed below, data is also transferred to third parties. This may also include the transfer of personal data to European and non-European countries and the storage of data outside the EU or the European Economic Area (EEA).

Recipients bound by instructions

We share your data with service providers bound by instructions, both within the PwC network and with other third parties, such as IT service providers, who support us in our activities, e.g. as part of the administration and maintenance of the websites and the related systems and/or for other internal or administrative purposes.

PwC WPG is a member of the global PwC network, which consists of the individual legally independent PwC firms. In the course of our activities, we use other German or foreign PwC network companies as network-internal IT service providers bound by instructions, which provide services for the operation, maintenance and care of the IT systems and applications used by the PwC network companies. This is in particular PwC IT Services Ltd. based in the United Kingdom (UK).

If we pass on data to service providers bound by instructions, we do not require a separate legal basis for this.

Independent recipients

In addition, we share your data in individual cases both within the PwC network and with other third parties who use your data under their own responsibility. For example, in individual cases we also transfer personal data to other companies in the PwC network to support and improve the effectiveness of our business processes (including coordinated marketing activities). In addition, in individual cases, we also pass on your data to other third parties, such as public authorities, courts or other bodies, if we are required by law or by official or court order of an EU member state to disclose personal data to these bodies. These bodies also use the data on their own responsibility.

Insofar as you have explicitly consented, Art 6 para 1 lit a) GDPR is the legal basis for the data transfer. If there is a legal obligation to disclose the data, the legal basis for the data transfer is Art 6 para 1 lit c) GDPR. If, on the other hand, the disclosure is necessary for the fulfilment of a contractual or pre-contractual measure with you as a natural person, Art 6 para 1 lit b) GDPR is the legal basis. Otherwise, the transfer is based on our legitimate interests and the legal basis is Art 6 para 1 lit f GDPR. We and the other companies in the PwC network have an interest in making our work processes efficient and in sharing business processes within the PwC network for this purpose.

Data transfer to recipients in third countries outside the EU/EEA

Insofar as any of the above-mentioned data transfers are made to a recipient outside the EEA (to so-called “third countries”), an appropriate level of data protection for the foreign transfer is ensured by means of suitable security measures. For data transfers within the PwC network, the PwC network companies have, among other things, concluded an internal data protection agreement which provides for compliance with the EU standard contractual clauses of the EU Commission within the meaning of Art 46 para 2 lit c) GDPR for the transfer of personal data from EU/EEA countries to PwC network companies outside the EU/EEA.

If you have any questions about such data protection contracts based on the EU standard contractual clauses or if you would like more information about further security mechanisms and security measures for the transfer of data to third countries, please feel free to contact our data protection officer, e.g. at

6.2 Processing of personal data when accessing the website

When you visit our website, we collect the data that is technically necessary to display this website to you. This involves the following personal data which is automatically transmitted to our server by your browser:

  • IP address
  • Date and time of your request/call to the website (the app)
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (information about which specific webpage you have visited)
  • Access status/http status code
  • Transferred data volume
  • Website requesting the access
  • Browser (information about the browser you use)
  • Operating system and its interface (operating system of the computer you use to access the website or app)
  • Language and version of the browser software

The processing of this personal data is based on Art 6 para 1 lit f) GDPR. The website cannot be accessed and offered to users without using such data; there is a legitimate interest in making the call-up and use of the website technically possible.

The aforementioned data will be stored for 90 days and then deleted.

6.3 Service provider

This website is hosted by a service provider [OPEN TELEKOM CLOUD der T-Systems International GmbH, Hahnstraße 43d, 60528 Frankfurt am Main], the data collected on our website is therefore stored on the service provider's servers. The server locations are located in Germany.

7. Contact form and contact by email

We provide a contact form on our website so that you can contact us with questions about PwC, our microsite and other enquiries. You can also contact us by email.

When you contact us via the contact form or by email, the data you provide (in particular your email address, your first and last name and the text of your enquiry as well as any other information you have provided in the contact form or by email) will be stored by us in order to process your enquiry and answer your questions.

The data processing is justified according to Art 6 para 1 lit f) GDPR. We have an interest in contacting you via the website in response to your enquiry. If your request is aimed at the fulfilment of a contractual or pre-contractual measure with you as a natural person, Art 6 para 1 lit b) GDPR is the legal basis for the data processing.

We will delete the data generated in the course of your enquiry/contact as soon as the microsite is deleted. Insofar as there is a legal obligation to retain data, the data will be stored for the duration of the legally required retention period. The use of the contact form is voluntary for you and is not a prerequisite for the use of the website.

8. Use of cookies

In order to make visiting our website attractive and to enable the use of certain functions, we and certain third parties use cookies on our website. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us or our partner companies to recognise your browser the next time you visit us (so-called persistent cookies).

The following cookie categories are used:

Name: OCSession
Platform: Censhare
Description: Stores session information for the user login
Expires: 30 minutes
Category: Functional

Name: piwik_auth
Platform: Piwik
Description: Stores session information for the user interface (UI) of Piwik PRO. As long as this cookie is valid and contains a login and a token_auth parameter, a visitor is considered to be logged in and a PIWIK_SESSID cookie is updated.
Expires: 24 minutes
Category: Analytical

Platform: Piwik
Description: Stores a PHP-Session-ID
Expires: 24 minutes
Category: Analytical

Functional cookies are required for the operation and functionality of the website. They make the website technically accessible, secure and usable and provide essential and basic functionalities, such as navigation on the website, correct display of the website in the internet browser or consent management. Analytics cookies enable us to store data in an aggregated form about our website visitors and their experiences on our website. We use this data to fix bugs and improve the experience for all visitors.

The legal basis for the use of required cookies is Sec 15 para 1 sen 1 German Telemedia Act ("TMG") or on the basis of Art 6 para 1 lit f) GDPR to protect our legitimate interests. In particular, our legitimate interests lie in being able to provide you with a technically optimised website that is user-friendly and tailored to your needs, and to ensure the security of our systems. Furthermore, we use cookies on the basis of your consent pursuant to Art 6 para 1 lit a) GDPR.

8.1 Disabling the cookie settings

Most browsers are pre-set to accept cookies automatically. You can object to the creation of cookies by disabling cookies in your browser’s system settings. Please note, however, that some of the cookies are technically necessary for the functionality of our website, otherwise the page cannot be requested and displayed. By disabling cookies, you will not be able to use parts of the website (without restrictions).

We will only use cookies that are not technically necessary for the functionality of our website if you have provided us with your prior express consent.

In addition, you can also control the installation of cookies yourself at any time by changing your browser settings and/or deleting all cookies (settings can be found in the footer at the bottom of the page).

9. Links to social media

Our website currently contains links to the following social media providers: LinkedIn and YouTube by means of corresponding social media buttons. In order to prevent any unwanted transfer of your usage data (e.g. address of the currently visited page) to these services, you only then access the services by clicking on the link. On the service page, these social networks may collect usage data and possibly user data. We have no influence on the collected data and data processing procedures, nor are we aware of the full extent of the data collection, the purposes of the processing, the storage periods. We also have no information on the deletion of the collected data by the plug-in provider.

Therefore, we inform you according to our current knowledge Only when you klick on the links does your browser establish a direct connection with the servers of the aforementioned services. In this way, the information that you have visited our website indirectly (referrer) is forwarded to these services. If you are already logged in to the service with your personal user account while visiting our website, you can usually "share" the document (so-called "sharing") or leave a comment etc. after clicking on the social media buttons.

If you do not wish such data transmission, we advise you not to click on the social media buttons. The purpose and scope of the data collection by the social services, as well as the further processing and use of your data there, as well as your rights in this regard and setting options for protecting your privacy, can be found in the data protection notices of these services.

10. Links

Our website contains hyperlinks to websites/services of other providers. When activating these hyperlinks, you will be redirected from our website directly to the website of the other provider. You will recognise this by the change of URL, among other things. We cannot accept any responsibility for the confidential handling of your data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please inform yourself about the handling of your personal data by these companies directly on these websites.