Transparency Notice
Cabrera & Company is an independent law firm that is a member of the PwC network.
We value your privacy
We at the Firm, as a data controller and/or processor, are committed to your privacy and to complying with the Data Privacy Act of 2012 in relation to all Personal Information and Sensitive Personal Information that we collect from you. For this reason, we want to make sure you understand how we handle your information.
For most purposes, we determine what happens to the information we collect about you, which for all intents and purposes are related to your interest in the Firm.
What information do we collect about you?
The Firm will collect all personal information and data, including sensitive personal information, as defined under the Data Privacy Act of 2012 and its Implementing Rules and Regulations.
Why do we collect your personal information?
When we collect information, it shall be in connection with the relationship that you have with the Firm (e.g. prospective employment, employment, internship, consultancy, contractual) or any business/professional interest that you may have with us (e.g. firm visits, trainings and seminars, social events and programs).
How do we collect information about you?
We usually collect your personal information and sensitive personal information, (including those of your relatives and/or other persons related to you) from you directly, but we may also collect it from other sources. The collection of these information from other sources includes instances when the collection of information is being made by someone else other than a member of the PwC network on our behalf. You will be informed accordingly about these instances.
When you share your information with us, you also confirm and grant us permission to collect and verify related information from other sources, unless you advise us not to do so.
How do we use your information?
When we use your information, we limit our use to what is lawful and necessary to the relationship that you have with us.
Our legitimate interests in our relationship with you and our business provide a lawful basis for us to use your information in the ways agreed with you. We may also process your information to further our legitimate interests in our broader business purpose, which is to build trust in society and solve important problems. Where we process based on our legitimate interests, we’ll do so only to the extent our interests do not override your fundamental rights and freedoms which require your personal information and sensitive personal information to be protected.
It’s essential to our business that we comply with all our legal and professional obligations and also with our obligations as a member of the PwC network. Other PwC firms must do the same. That means we use your information to the extent necessary in connection with compliance (by us or another PwC firm) with obligations under:
- the PwC network’s regulations, standards and policies, including the PwC Network Information Security Policy and PwC Network Data Protection Policy
- applicable laws and professional rules (including your compliance with your obligations under applicable laws and professional rules, where relevant to your employment relationship, including your business relationship with another PwC firm (e.g. where we provide services to another PwC firm and you’re involved in providing those services on our behalf)
As a technology-enabled firm, our IT systems and applications, and keeping them secure and up-to-date, are key to our business. That means we use your information to the extent necessary to operate, administer, manage, improve and analyze performance and use of the IT systems and applications we or any other PwC firm uses. This includes monitoring use of those systems and applications for security purposes and for any compliance purposes referred to above.
How do we transfer and store information about you?
Transfers within the PwC network
PwC is a global network. Information about you may be transferred and disclosed to other PwC firms and affiliate firms for any purposes for which they may use it lawfully. For a list of countries where PwC firms are located, please see http://www.pwc.com/gx/en/office-locations/index.jhtml .
As a result, your information may be transferred and stored within and outside the country you are in. This includes countries that do not have laws considered to provide adequate protection for personal information and sensitive personal information.
Processing locations and transfers to third party service providers
PwC firms use servers and other resources in various countries to process your information. Your information may also be transferred to service providers, Agent or Company that are not members of the PwC network (third party service providers) to process on PwC firm’s behalf. Third party service providers may include providers of IT services, including identity management, website hosting and management, data analysis, data back-up, security and storage services, and any third party services providers they use in their operations. Third party service providers are bound to maintain appropriate levels of security and confidentiality and to process personal information and sensitive personal information only as instructed by a relevant PwC firm.
Other disclosures required or permitted by law
We or other PwC firms may disclose information about you to law enforcement, regulatory and other government agencies and to professional bodies and other third parties, as required by and/or in accordance with, applicable laws and/or regulations. This includes disclosures outside the country you are in. PwC firms may also review and use your information to determine whether disclosure is required or permitted.
How long will we keep information about you?
We will keep your personal information and sensitive personal information for such period/s as may be appropriate or necessary for the reasonable needs of the business or as may be required or permitted by applicable laws and/or regulations.
How do we protect your information?
The Data Privacy Act of 2012 and its implementing rules and regulations prescribe the level of security required in preserving the confidentiality, integrity and availability of personal information. In compliance, our privacy policy lays down safety measures and safeguards that are reasonable under the circumstances but in no case lesser than the degree of security required under the law.
Your rights
If you would like to exercise your rights (as listed below) to or have any concerns about our handling of your personal information and sensitive personal information, please contact our Data Privacy Officer.
Rights you can exercise:
- request a copy of your information which you supplied to us or those normally disclosed to you in the course of your employment
- request us to correct or delete your information
- object to us processing your information
- inform the Firm of any clarification and/or complaint you have in relation to the personal information and sensitive personal information being collected, processed, shared, and/or purged
- lodge a complaint with the National Privacy Commission