Generally we collect your personal information from you directly (for example, when we deal with you in person or over the phone, when you send us correspondence (including via email), when you complete a questionnaire, form or survey, or when you subscribe to our publications).
Sometimes it may be necessary for us to collect your personal information from a third party. For example, we may collect your personal information from your employer where they are our client, from your personal representative, another KPMG member firm or a publicly available record.
We may also collect personal information about you from your use of our websites and information you provide to us through contact mailboxes or through the registration process on our websites.
KPMG holds personal information in hard copy and electronic formats. We take security measures to protect the personal information we hold including physical (for example, security passes to enter our offices and storage of files in lockable cabinets) and technology (for example, restriction of access, firewalls, the use of encryption, passwords and digital certificates) security measures. We also have document retention policies and processes. In some cases, KPMG engages third parties to host electronic data (including data in relation to the services we provide) on our behalf.
KPMG collects, holds and uses personal information for a number of purposes including:
- to provide professional services
- to provide technology services and solutions
- to respond to requests or queries
- to maintain contact with our clients and other contacts (including alumni)
- to keep our clients and other contacts informed of our services and industry developments
- to notify of seminars and other events
- for administrative purposes
- for recruitment purposes
- for purposes relating to the employment of our personnel, providing internal services or benefits to our partners and staff and for matters relating to the partnership
- when engaging service providers, other KPMG member firms, contractors or suppliers relating to the operation of our business
- to manage any conflict of interest or independence (including auditor independence) obligations or situations
- to conduct surveys
- for seeking your feedback
- to meet any regulatory obligations
- as part of an actual (or proposed) acquisition, disposition, merger or de-merger of a business (including KPMG’s business) or entering into an alliance, joint venture or referral arrangement, or
- for any other business related purposes.
If you do not provide us with the personal information we have requested, we may not be able to complete or fulfil the purpose for which such information was collected, including providing you or our clients with the services we were engaged to perform.
The types of third parties to whom we may disclose your personal information include:
- experts or other third parties contracted as part of an engagement
- our service providers
- our professional advisers
- other KPMG member firms or the KPMG International Co-operative
- as part of an engagement, if you are a customer, an employee, a contractor or supplier of services to one of our clients, then we may disclose your personal information as part of providing services to that client
- as part of an actual (or proposed) acquisition, disposition, merger or de-merger of a business (including KPMG’s business) or to enter into an alliance, joint venture or referral arrangement, or
- government or regulatory bodies or agencies, as part of an engagement or otherwise, (for example, the Australian Taxation Office).
We do not disclose personal information to third parties for the purpose of allowing them to send marketing material to you. However, we may share non personal, de-identified or aggregated information to them for research or promotional purposes.
KPMG is a member firm of the KPMG network which has over 150 independent member firms globally that are affiliated with the KPMG International Co-operative.
Depending on the nature of the engagement or circumstances of collection, we may disclose your personal information to other KPMG member firms or entities overseas to fulfil the purpose for which the personal information was collected, or a related or ancillary purpose or otherwise in accordance with the Privacy Act. The countries to which such disclosures are made, and types of personal information disclosed, depend on the specific circumstances of the engagement.
For a list of where our member firms are located, see KPMG's global locations.
We may also store, process or back-up your personal information on servers that are located overseas (including through third party service providers). These servers are commonly located in the United States of America, the United Kingdom, Singapore, The Netherlands and Ireland.
In some circumstances, KPMG also uses third party service providers to carry out its functions and provide services. These service providers are typically located in India.