Privacy Statement

Introduction

This clarification text provides information about how and to what purpose personal data is processed by Strategy& Turkey; the laws, policies and procedures considered during data processing; and the rights of individuals regarding their personal data. This statement is valid for all information provided by individuals themselves or by others to Strategy& Turkey.

 “Strategy& Turkey”[1] means Strategy& member firms[2] established in Turkey; Strategy& Turkey’s partners, authorized representatives and employees; subsidiaries and affiliates. Each firm in the Strategy& network is a separate legal entity. For detailed information on Strategy& member firms please check :https://www.pwc.com/gx/en/about/office-locations.html

Personal data is any information relating to an identified or identifiable living person. Strategy& Turkey processes personal data for the purposes articulated in the clarification text, and the lawful basis for means of collecting, transfer, processing and which data is processed is again ascertained by this clarification text.

When collecting and using personal data, Strategy& Turkey’s policy is to be transparent about why and how we process personal data. To find out more about our specific processing activities, see the relevant parts of this statement.

[1]
“PwC Bağımsız  Denetim ve Serbest Muhasebeseci Mali Müşavirlik A.Ş,”  (PwC SMMM)
“PwC Yeminli Mali Müşavirlik A.Ş.” (PwC YMM)
“PwC Danışmanlık Hizmetleri A.Ş,”  (PwC Danışmanlık)
“PwC Yönetim Danışmanlığı A.Ş,”  (PwC Yönetim Danışmanlığı)

“PwC Serbest Muhasebeci Mali  Müşavirlik Limited Şirketi (PwC SMMM Ltd.)

[2]
"PricewaterhouseCoopers is a worldwide network of individual partnerships and companies. The institutions that carry out businesses under the name "PricewaterhouseCoopers", and all PricewaterhouseCoopers entities including shareholders, members and employees of the relevant institutions, will be referred to as “PwC Member Firms”.

Security

Strategy& Turkey pays great attention to the security of the data it keeps. Strategy& Turkey adhere to internationally recognized security standards and our information security management system relating to client confidential data is independently certified as complying with the requirements of ISO/IEC 27001: 2013. Strategy& Turkey has policies, procedures and training in place for data protection, and regularly review the appropriateness of the measures it has in place to keep the data it holds secure.

Strategy& Turkey Information Security Policy aims to protect information assets from internal or external threats whether deliberate or accidental, such that:

  • Data subject rights are respected
  • Confidentiality of information is maintained
  • Integrity of information can be relied upon
  • Information is available when the business needs it
  • Relevant statutory, regulatory, and contractual obligations are met
  • The Strategy& brand is protected
  • Continual improvement of Information Security Management System is ensured

Strategy& Turkey only shares data in compliance with the purposes specified in this clarification text with the third parties when it’s legally allowed and under agreed upon conditions. When Strategy& Turkey shares data with third parties it makes binding contracts to protect the data and ensure compliance with data protection, privacy and security, and takes all necessary administrative and technical measures.

Strategy& Turkey obtains support from domestic or foreign professional service providers to improve its effectiveness and productivity while carrying out its services and businesses. So, personal data is transferred outside of the countries which Strategy& Turkey and its clients are located in. It also includes non-European Union (EU) countries and countries that do not have specific laws for personal data protection. Strategy& Turkey provides proper protection of personal data and conducts lawful transfer of personal data abroad.

Strategy& Turkey may transfer personal data, except any data relating to health and sexual life to the persons, entities and institutions below in compliance with this policy:

1. Other Strategy& Member Firms

To see the countries where Strategy& Member Firms are located, please refer to this link.

  • Strategy& share personal data with Strategy& Member Firms when this is necessary to carry out administrative tasks or provide professional services to clients (e.g. advisory received from Strategy& Member Firms in various countries during service provision).
  • Strategy& Turkey also makes use of other Strategy& member companies’ resources for information technology (IT) support and service.
  • Other Strategy& member companies utilize the data of Strategy& Turkey’s contacts to gather information about a client or opportunity they are interested in within the scope of client services that can be given (see the “Potential and existing clients or others related to them” part of this document to learn about processing this type of data).

2. Professional institutions that provide application/function, data protection or BT services to Strategy& Turkey

Strategy& Turkey obtains support from professional service providers for the provision of its services and executing and managing its intercompany IT systems. Among these services are using IT providers, cloud-based software as service providers, ID management, website hosting and management, data analysis, data back-up, security and retention services. Servers of professional service providers that Strategy& Turkey receive from allow and make it possible to keep data in safe data centres around the world and to store personal data in any of these centres thanks to cloud infrastructure. See below for detailed information about these service providers from the there.3. Service providers supporting goods, service or information provision in various ways

In some client commitments Strategy& Turkey work with other service providers to provide professional services to clients.

 4. Clients

When Strategy& Turkey needs to process personal data to provide professional services to clients and for fulfilment of the agreement between them it process personal data of clients and also in the scope of  the relevant services  share it with clients  in the deliverables it prepares (e.g., draft and final reports).

 5. Auditors, insurance companies and other professional consultants

Strategy& Turkey firms are engaged in data sharing with independent auditors which includes personal data as well under the legislation they have to comply with. In the scope of Strategy& Turkey insurance policies currently in force, Strategy& need to share personal data should there be any third party claim to indemnification.

Strategy& Turkey also cooperates with other professional consultants (e.g., law firms) to establish, use or protect its legal rights and to obtain advisory regarding managing the company. Personal data will be shared with these consultants as long as the data is related to the services they commit to provide.

6. Other third parties with whom sharing personal data is compulsory as per legal offices, administrative offices, other official institutions, regulatory institutions and laws and regulations in effect

When Strategy& Turkey encounters parties with authority to obtain disclosure of personal data, such as to check that Strategy& Turkey are complying with applicable law and regulation, to investigate an alleged crime, to establish, exercise or defend legal rights, it will only carry out requests concerning personal data where the law or regulation in effect authorizes Strategy& Turkey to do so.

Changes to this privacy statement

This privacy statement was last updated on July 2023 and will be updated in regular basis.

Contact Us

You can contact us to learn more about Strategy& Türkiye solutions

Follow us