The use of the L&D QR app implies the processing of personal data. KPMG believes it is important to safeguard the privacy and confidentiality of information entrusted to it. Therefore, we process your personal data carefully and securely. This Privacy statement applies to the L&D QR app. The application is meant to be used by both staff members and (external) trainers. In this Privacy statement you can read how we collect, use, share and protect personal data through the L&D QR app.

 

Data controller

KPMG Staffing & Facility Services B.V. is responsible for processing your personal data. It usually shares this respon­sibility with the KPMG entity that primarily determines the purpose and means of the data processing. KPMG Staffing & Facility Services B.V. is a subsidiary of KPMG N.V. and is registered in the commercial register in the Netherlands under number 34153861.

Within the KPMG organisation, KPMG Staffing & Facility Services B.V. is charged as much as possible with compliance with privacy legislation, including the information obligation and the exercise of rights. If you have questions or com­plaints about the processing of your personal data, you can also contact KPMG Staffing & Facility Services B.V.

 

Personal data

The following personal data is processed when using the L&D QR app:

• First and last name of the trainer;
• First and last name of the attendee (KPMG employee);
• Time of entry and departure of the attendee (KPMG employee);
• Attended course.

 

Purpose and legal basis

The purpose of this personal data processing is to automate and digitalize the process of registering attendance at training courses and award PE points.

Your personal data is not used for other purposes than those for which you initially provided this information. Excep­tions are if we have to comply with a statutory obligation, if you have given us permission to process your personal data also for a different purpose, or if further processing is permitted by privacy legislation.

It is in the legitimate interest for KPMG to correctly register attendance to training courses and automate this process, and to provide an easy way to register for training courses to staff members. The privacy impact of the L&D QR app is limited as the personal data processing is limited to what is strictly necessary for the use of the L&D QR app.

 

Security and retention

KPMG has a security policy and procedures in place to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data.

Your data will not be transferred to countries outside the European Union.

We endeavour to strictly limit access to personal data to those who on behalf of KPMG must be involved in processing your personal data and those who are otherwise authorised to do so within the boundaries of the privacy legislation. Persons who have access to personal data are obliged to keep the information confidential. Where necessary, this has been contractually agreed upon.

Trainers can only access the attendance list, including the first and last name of the attendees, for the training courses he or she will provide. These attendance lists will be removed in the L&D QR app within 24 hours after the training. This is the same for the (other) registration data: this will also be removed within one week after the training.

 

Third parties

For this data processing, KPMG may use the services of third parties, such as IT-services and other (administrative) support. Appropriate arrangements will be made with these parties in order to ensure a correct and secure data processing in compliance with applicable legislation.

 

Questions or complaints

You are legally entitled to request information about your personal data processed by KPMG. Furthermore you may request KPMG for access, or to transfer to you (data portability), rectify or erase, or to restrict the processing of your personal data. If you intent to exercise these rights, or in case of other questions or comments on the processing of your personal data, you may contact us at privacy@kpmg.nl. KPMG has a data protection officer, which can be contacted via FG@kpmg.nl.

If you believe that the processing of your personal data infringes the applicable privacy legislation, you have the right to lodge a complaint with a supervisory authority in your country (in the Netherlands this is the Dutch Data Protection Authority).

More information on the collection, use, processing and protection of personal data by KPMG can be found in our Online Privacy Statement. KPMG staff members can find more information on the processing of their personal data by KPMG here.