KPMG LLP (US)1 is dedicated to protecting the confidentiality and privacy of information entrusted to it. As part of this fundamental obligation, KPMG is committed to the appropriate protection and use of personal information (sometimes referred to as "personally identifiable information" or "PII") that has been collected by or provided to us through our websites and other online and mobile applications and services that link to or post this Privacy Statement (collectively, the “Online Services”).
Please review this Privacy Statement to learn more about how we collect, use, share and protect the PII that we have obtained. By using the Online Services, you consent to the collection and processing of your information as set forth in this Privacy Statement, now and as amended by us from time to time.
We and our service providers collect any information that you provide when you use the Online Services. For example, when you register for a service, we may collect basic information about you such as your name, username, password, email address, physical address, phone number, date of birth, and other personal and business demographic or contact information. You may also provide us with certain employment information in connection with an application for employment with KPMG. In some cases, you may have previously provided your information to KPMG (if, for example, you are a former employee).
We use the information we collect (including through the automatic collection of personal information, as described in Section 1.1 below) to: provide you with the Online Services; communicate with you; operate, maintain, and enhance the Online Services; and fulfill your specific requests. For example, if you send us an email message requesting information about KPMG, we will use your email address and other information you supply to respond to your request. If you send us a resume or curriculum vitae (CV) to apply online for a position with KPMG, we will use the information that you provide to match you with available KPMG job opportunities. Your personal information is used only for the purposes described in this Privacy Statement, unless we otherwise obtain your permission, or unless otherwise required or permitted by law or professional standards.
In some cases where you have registered for certain services we may store your email address temporarily until we receive confirmation of the information you provided via an email (i.e., where we send an email to the email address provided as part of your registration to confirm a subscription request). Please note that your rights for any particular product or service will be determined by the notice provided with such product or service, and in the event of a conflict between this notice and that notice, the specific notice provided with the product or service shall control. KPMG only collects "sensitive" personal information when the relevant individuals voluntarily provide us with this information, or where such information is required or permitted to be collected by law or professional standards. Sensitive information includes personal information regarding a person's race, ethnicity, political beliefs, trade union membership, religious or similar beliefs, physical or mental health, sexual life or criminal record. Please use your discretion when providing sensitive information to KPMG, and under any circumstances, do not provide sensitive information to KPMG, unless you thereby consent to KPMG's use of that information for its legitimate business purposes and consent to the transfer and storage of such information to and in KPMG databases. If you have any questions about whether the provision of sensitive information to KPMG is, or maybe, necessary or appropriate for particular purposes, please contact KPMG at firstname.lastname@example.org.
An Internet Protocol (“IP”) address is a number assigned to your computer or internet-enabled device whenever you access the internet. It allows computers and servers to recognize and communicate with one another. IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to maintain and improve the Online Services and to generate and analyze statistics about the Online Services and your use of the Online Services.
Cookies may be placed on your computer or internet-enabled device whenever you visit the Online Services. This allows the Online Services to remember your computer or device and serves a number of purposes.
On some of our Online Services, a notification banner will appear requiring your consent to collect cookies. If you do not provide consent, your computer or internet-enabled device will not be tracked for marketing-related activities. A secondary type of cookie referred to as "user-input" cookies may still be required for necessary functionality. Such cookies will not be blocked through the use of this notification banner. Your selection will be saved in a cookie and is valid for a period of 90 days. If you wish to revoke your selection, you may do so by clearing your browser's cookies.
Although most browsers automatically accept cookies, you may be able to choose whether or not to accept cookies via your browser's settings (often found in your browser's Tools or Preferences menu). You may also be able to delete cookies from your device. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of the features of the Online Services.
Below is a list of the types of cookies used on the Online Services:
|Purpose||Description||Type & Expiry|
|Performance (i.e., User's Browser)||Our Online Services are built using common internet platforms. These have built-in cookies which help compatibility issues (e.g., to identify your browser type) and improve performance (e.g., quicker loading of content).||
Deleted upon closing the browser
|Security (e.g. Asp .NET) Cookies||If you register for access to a restricted area, our cookies ensure that your device is logged for the duration of your visit. You will need your username and password to access the restricted areas.||
Deleted upon closing the browser
|Site Preferences||Our cookies may also remember your site preferences (e.g., language) or seek to enhance your experience (e.g., by personalizing a greeting or content). This will apply to areas where you have registered specifically for access or create an account.||
Deleted upon closing the browser
|Analytical||We use several third party analytics tools to help us understand how site visitors use our web site. This allows us to improve the quality and content on kpmg.com for our visitors. The aggregated statistical data cover items such as total visits or page views, and referrers to our web sites. For further details on our use of Google Analytics, see below.||Persistent, but will delete automatically after two years if you no longer visit kpmg.com|
|Site visitor feedback||
We use a third-party survey tool to invite a percentage of visitors to provide their feedback. Cookies are used to prevent visitors from being invited multiple times.
The first cookie (1) is set if the visitor is not invited to participate in the survey, and is used to ensure visitors are not invited after their first page view.
The second cookie (2) is set if the visitor is invited to participate in the survey, and is used to ensure the visitor is not invited again to participate for a period of 90 days.
|Social sharing||We use third party social media widgets or buttons to provide you with additional functionality to share content from our Online Services to social media platforms and email. Use of these widgets or buttons may place a cookie on your device to make their service easier to use, ensure your interaction is displayed webpages (e.g. the social share count cache is updated) and log information about your activities across the Internet and on our Online Services. We encourage you to review each provider's privacy information before using any such service. For further details on our use of social media widgets and applications, see below.||Persistent, but will be deleted automatically after two years if you no longer visit kpmg.com|
Other third-party tools and widgets may be used on our individual web pages or portions of the Online Services to provide additional functionality. Use of these tools or widgets may place a cookie on your device to make their service easier to use, and ensure your interaction is displayed properly.
BY ACCESSING OR USING OUR ONLINE SERVICES OR ENTERING YOUR LOGIN DETAILS TO ACCESS AREAS RESERVED FOR REGISTERED USERS, YOU AGREE THAT WE, OR A THIRD PARTY ACTING ON OUR BEHALF, CAN PLACE THESE COOKIES ON YOUR COMPUTER OR INTERNET ENABLED DEVICE.
Our Online Services may not recognize browser-based Do Not Track signals. However, as discussed above under “Cookies,” you may be able to modify your browser settings to block all cookies, or to block “third-party” cookies. Cookies that we set on our Online Services are considered “first-party” cookies. Details on your ability to restrict or change the personal information that we may collect about you are listed below under the Choice and Access sections of this statement.
KPMG uses several third party usage analytics tools including Google Analytics. More information about how Google Analytics is used by KPMG can be found here: https://www.google.com/analytics/terms/us.html
A web beacon is a small image file on a web page that can be used to collect certain information from your computer, such as an IP address, the time the content was viewed, a browser type, and the existence of cookies previously set by the same server. KPMG only uses web beacons in accordance with applicable laws.
KPMG or its service providers may use web beacons to track the effectiveness of third party web sites that provide us with recruiting or marketing services or to gather aggregate visitor statistics and manage cookies.
You have the option to render some web beacons unusable by rejecting their associated cookies. The web beacon may still record an anonymous visit from your IP address but cookie information will not be recorded.
In some of our newsletters and other communications, we may monitor recipient actions such as email open rates through embedded links within the messages. We collect this information to gauge user interest and to maintain and improve the Online Services.
Please be aware that if you opt to render some web beacons unusable, you may not be able to fully experience some of the features of the Online Services.
KPMG and its service providers may collect and use the geographical location of your computer or mobile device (e.g., via tracking beacons, Bluetooth, or GPS) in connection with certain Online Services, but only with your express consent. With respect to the collection of precise information about the location of your mobile device, once you have consented to the collection you may adjust or withdraw this consent at any time by managing your Location Services preferences through the settings of your mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.
Please be aware that if you opt to exercise your right to alter, or altogether turn off, location-based services, you may not be able to fully experience some of the features of the Online Services.
The Online Services may include functionality to enable sharing via third party social media applications (such as the Facebook Like button and Twitter widget) or allow you to use a social media identity to log into our Online Services where you have the option to do so. These social media applications may collect and use information regarding your use of the Online Services (see details on ‘Social Sharing’ cookies above). Please be aware that certain of the personal information that you provide via such social media applications may be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. We do not have control over, or responsibility for, those companies or their use of your information.
In addition, the Online Services may host blogs, forums, crowd-sourcing and other applications or services (collectively “social media features”). The purpose of social media features is to facilitate the sharing of knowledge and content. Any personal information that you provide on any KPMG social media feature may be shared with other users of that social media feature (unless otherwise stated at the point of collection), over whom we may have limited or no control.
KPMG understands the importance of protecting children's privacy, especially in an online environment. In particular, our Online Services are not intentionally designed for or directed at children under the age of 13. It is our policy never to knowingly collect or maintain information about anyone under the age of 13, except as part of an engagement to provide professional services.
We do not share personal information with unaffiliated third parties, except as stated in this Privacy Statement, including as necessary for our legitimate professional and business needs, to carry out your requests, to market our services, as required or permitted by law or professional standards, or otherwise with your consent.
In some instances, KPMG may share PII about you with various third-party service providers and vendors working on our behalf. These third parties include providers of administrative, identity management, website hosting, data analysis, data back-up and security management services. Each such third party is required to safeguard PII in accordance with its contractual obligations and data protection legislation applicable to its provision of services.
KPMG may also disclose PII in order to respond to lawful requests of government or law enforcement agencies, including to meet national security or law enforcement requirements or where disclosure is required by applicable laws, court orders, or government regulations. In the event that the ownership of KPMG or an affiliate or their assets changes as the result of a merger, acquisition, or sale of assets, information owned or controlled by KPMG may be transferred to another company. Information may also be shared in connection with the consideration, negotiation, or completion of a corporate transaction in which we are acquired by or merged with another company or we sell, liquidate, assign or transfer all or a portion of our assets. These disclosures may also be needed for data privacy or security audits and/or to investigate or respond to a complaint or security threat. KPMG does not sell PII to any third parties. Also, KPMG will not transfer the PII you provide to any third parties for their own direct marketing use.
KPMG and our service providers may use personal information in an aggregated, anonymized form for research and development. This data does not identify you individually, but rather helps to identify trends in user preferences and behaviors. In addition, we may share de-identified reports on user demographics and traffic patterns, as well as de-identified information, with third parties.
Cross Border Transfer. KPMG is a US limited liability partnership and may transfer certain PII across geographical borders to KPMG International and other KPMG member firms or to outside companies working with us or on our behalf. KPMG may also store PII in a jurisdiction other than where you are based and such jurisdiction may not provide the same level of protection for your personal information as your home country. By providing your information to KPMG, you are consenting to this transfer and/or storage of your information across borders. Each member firm is required to safeguard personal data in accordance with its contractual obligations and data protection legislation applicable to its provision of services. Your personal data will only be transferred if appropriate or suitable safeguards are in place. If you are located in the EU you may have additional rights. You can find more information under Section 7 below.
We may require you to provide certain PII in order for you to receive additional information about our services and events. KPMG may also ask for your permission for certain uses of your PII, and you can agree to or decline those uses. If you opt-in for particular services or communications, such as an e-newsletter, you will be able to unsubscribe at any time by following the instructions included in each communication. If you decide to unsubscribe from a service or communication, we will try to remove your information promptly, although we may require additional information before we can process your request.
If you have submitted personal information to KPMG, under most circumstances you have the right to reasonable access to that data to correct any inaccuracies. You can also make a request to update or remove information about you and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards. To request access to or correction, updating, or removal of your personal information please contact us at email@example.com.
KPMG has and requires its service providers to have security policies and procedures in place to help protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite KPMG’s efforts, however, security cannot be guaranteed against all threats. We seek to limit access to your personal information to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information. We also make efforts to retain personal information only for so long as the information is needed for our professional, marketing or analytic purposes or to comply with an individual’s request, or until that person asks that the information be deleted.
KPMG participates in the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding certain personal information received by KPMG in the U.S. from European Union member countries and Switzerland. Please see our KPMG LLP (U.S.) Privacy Shield Policy for information about KPMG’s data practices regarding personal information it receives from European Union member countries and Switzerland pursuant to the respective Privacy Shield frameworks. To learn more about the Privacy Shield program generally, and to view KPMG’s certification, please visit https://www.privacyshield.gov/.
KPMG provides services, marketing and offerings in the U.S. and does not direct such activities to data subjects that are located in the EU. However, in certain circumstances, such interactions occur. To know more about it, please also note the additional EU specific notices.
This section applies to any California residents about whom we have collected personal information, including through use of our website or mobile applications, by purchasing or utilizing our products or services, or by communicating with us electronically, in paper correspondence, or in person.
For purposes of this section, “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California consumer or household. Personal information does not include publicly-available information or information that has been de-identified.
The types of personal information we collect about you will depend on your relationship with KPMG. For example, in many cases, we may collect personal information from our business clients during the course of an engagement to provide services to our clients, and our collection and use of personal information is governed by our contract with that entity. In other cases, we may collect personal information directly from consumers.
We may collect the following categories of personal information:
We may collect or use personal information for the following purposes:
We may collect personal information from the following sources:
We may have disclosed the following types of personal information to third parties for a business or commercial purpose in the previous twelve (12) months:
We do not sell personal information and did not sell personal information in the previous twelve (12) months.
You may be entitled by applicable law to exercise the following rights with respect to your personal information:
You may also authorize someone to exercise the above rights on your behalf. If we have collected information on your minor child, you may exercise the above rights on behalf of your minor child.
The above rights are subject to our being able to reasonably verify your identity and authority to make these requests.
To exercise your rights, submit your request in one of the following ways:
We will respond to authorized and verified requests as soon as practicable and as required by law. Please note that, where we have received your information through our business clients, or where we are otherwise operating as a service provider, we may refer you to the business with whom you have a direct relationship in order to implement your request, pursuant to applicable law.
In addition, the above rights are subject to various exclusions and exceptions under the law, and, under certain circumstances, we may be unable to implement your request. We will advise you of any reason for denying or restricting a request.
KPMG may modify this Privacy Statement from time to time to reflect our current privacy practices. When we make changes to this statement, we will revise the "updated" date at the top of this page. We encourage you to periodically review this Privacy Statement to be informed about how KPMG is protecting your information.
KPMG is committed to protecting the online privacy of your personal information. If you have questions or comments about our administration of your PII, please contact us at firstname.lastname@example.org. You may also use this address to communicate any concerns you may have regarding compliance with our Privacy Statement.
1 "KPMG,” “we,” “our,” and “us” refers to KPMG LLP (US), the United States member firm of KPMG International, a Swiss cooperative. KPMG International provides no client services.