KPMG Online Privacy Statement

Last updated on: March 21, 2019

KPMG believes it is important to safeguard the privacy and confidentiality of information entrusted to it. For this reason, we process your personal data carefully and securely. This Online Privacy Statement applies to the website of KPMG Netherlands. In this Online Privacy Statement you can read how we collect, use, share and protect personal data through our website. We have separate privacy statements for information on KPMG's processing of personal data in the context of recruitment, our preference center and application forms for e.g. reports, which can be found via the following links [recruitment, preference center, forms].

Who is responsible for your personal data?
KPMG Staffing & Facility Services B.V. is responsible for processing your personal data. It usually shares this responsibility with the KPMG entity that primarily determines the purpose and means of the data processing. KPMG Staffing & Facility Services B.V. is a subsidiary of KPMG N.V. and is registered in the commercial register in the Netherlands under number 34153861.

Within the KPMG organisation, KPMG Staffing & Facility Services B.V. is charged as much as possible with compliance with privacy legislation, including the information obligation and the exercise of rights. If you have questions or complaints about the processing of your personal data, you can also contact KPMG Staffing & Facility Services B.V.

What types of personal data do we process?
KPMG processes personal data when you visit our website. For example, if you provide your email address and when you register your interests in KPMG's services. KPMG only collects those personal data that are necessary. Additional personal data are collected only if you give permission for this.

We may process the following (types of) personal data when you visit our website:

  • Name
  • Email address
  • Company name
  • Job title
  • Telephone number
  • IP Address
  • Login details
  • Your interests and preferences
  • Social media name
  • Information on your surfing and viewing behaviour and possible your location and other cookie information

The KPMG website may redirect you to other websites, including those of KPMG organisations abroad. This Online Privacy Statement does not apply to those websites; other privacy statements are applicable there. We recommend that you read the privacy statement of every website you visit so that you always know what happens with your personal data.

For what purposes do we use personal data?
KPMG processes personal data for the following purposes:

  • We use the information you provide about your preferences to personalise your user experience.
  • If you ask us for information about KPMG or if you register to make use of our services, we will use your email address and other information you give to us to respond to your question or registration.
  • If you register for an online KPMG account, your personal data is used to create an online KPMG account. 
  • To construct/expand your profile, possibly in combination with data already available on you, after which we may for example approach you as part of of sales.
  • We also use your personal data to optimise your visit to our website as far as possible, and to further improve our services.

Your personal data is not used for other purposes than those for which you initially provided this information. Exceptions are if we have to comply with a statutory obligation, if you have given us permission to process your personal data also for a different purpose, or if further processing is permitted by privacy legislation.

What are the legal bases for processing of personal data?
Privacy legislation, including the General Data Protection Regulation (GDPR), permits companies to process personal data if this happens on one of the legal bases stated in the GDPR. If we process your personal data, we do so based on a legitimate interest, based on your consent or based on a law.

Your personal data is processed based on the legitimate interest that KPMG has in the following cases:

  • Acquiring engagements (sales), among others by sending relevant information.
  • Managing existing customers and relationships (customer relationship management & account management). 
  • Optimising and/or personalising content. 
  • Optimising our operations, such as standardising processes. 
  • In the context of privacy or security audits.

When invoking this legal basis for processing personal data, we will always weigh your privacy interest against our business interest.

It is also possible that you have specifically and explicitly consented to us processing your personal data for a particular purpose. For example, to send you information by email for marketing purposes, including invitations to events organised by KPMG. You can withdraw your consent at any time using the link included in every email you receive from us, through your online KPMG-account or by sending an email to KPMG on

We may also process your personal data if we are required to do so by law.

Who do we share personal data with?
For some activities we engage contractors. For example, for registration for events organised by KPMG. In all such cases we have concluded an appropriate (processing) agreement with the third party, which inter alia safeguards correct and secure data processing.

In addition, KPMG may transfer personal data to other KPMG organisations or to external companies abroad that we work with or that work on our behalf. KPMG may also process personal data in a different country than your country of residence. Transfer by KPMG of personal data abroad takes place in compliance with European (and Dutch) privacy legislation.

KPMG must also disclose your personal data if we are required to do so by law. Furthermore, personal data may also be necessary for privacy or security audits, or to be able to carry out an investigation due to a complaint or a security threat.

KPMG will not transfer personal data you provide to us to third parties for direct marketing purposes of such third parties.

Where is your personal data stored?
We store your data in various databases. We always maintain strict security measures. It may be that your personal data is transferred to countries outside the European Union and stored there. In this case, we will ensure that your privacy is protected appropriately. 

How do we protect your personal data?
KPMG has a security policy and procedures in place to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data. We endeavour to strictly limit access to personal data to those who on behalf of KPMG must be involved in processing your personal data and those who are otherwise authorised to do so within the boundaries of the privacy legislation. Persons who have access to personal data are obliged to keep the information confidential. Where necessary, this has been contractually agreed upon.

How long do we keep personal data?
KMPG retains personal data no longer than necessary for its purposes, no longer than is permitted by law or until you ask for your personal data to be erased. KPMG has drawn up an internal retention policy for this that is regularly updated.

Are cookies being used? 
KPMG uses cookies, web beacons and other techniques to collect information when you make use of our website. Processing this data enables us to improve and personalise the functioning, usability and effectiveness of the services and to measure the effectiveness of our marketing activities. 

A ‘cookie’ is a small piece of text that a website places on your computer, tablet or smartphone by which the website can recognise your device. Cookies are used for various purposes. When we use the term ‘cookies’ in this Online Privacy Statement, we mean cookies, web beacons, pixels and other comparable techniques.

Other instruments or widgets of third parties are also used on our web pages, e.g. the LinkedIn button, in order to provide additional functionality. In such cases a cookie is placed on your device so that you can make use of third party services more easily. If you use third party instruments or widgets, these third parties may also process your personal data. For more information on this, please refer to the third party's privacy statement.

A so-called cookie banner may appear on our website in which your consent is requested for the use of cookies. If you do not give your consent, we will only place functional cookies (your consent is not required because they do not breach your privacy) and analytical cookies that are set in a privacy-friendly manner (this does not require your consent either). As an additional measure we have also masked the IP address as standard for a number of cookies.

If you do give your consent, we also place other cookies, such as tracking and social media cookies. You can set your internet browser so that you get a warning when you receive a cookie or to refuse cookies. You should realise that if you do not accept cookies, you may not be experiencing the full functionality of the website.

Below is a list of the types of cookies used on our website.

Goal Description Removal
Privacy preferences  This cookie keeps track of whether you have given consent.

Permanent after session

Removed automatically ninety days after session.

Website preferences These cookies remember your website preferences (e.g. language setting) or improve the personal experience (e.g. by means of a personalised greeting or content). Our cookies are used on parts of the website that you can access using your own online account. 


Removed after you close your browser.

Analytical We use various (external) cookies to analyse the use of our website. This enables us to improve the quality and content of our website. Information being collected: IP address, number of unique visitors, search terms, visitor's location (country code), date, duration and frequency of visits, hardware used, browser type, marketing campaign data. In doing so, we can for example make use of cookies and Google scripts to measures how effective our content is and to better respond to your interests. 

Permanent after session

Removed automatically if you do not use the KPMG website for three years.

Marketing In the context of improving our marketing campaigns we use third party services to measure the effectiveness of our advertising and for the purpose of cost control. Reporting is aggregated, and not on an individual level. 

Permanent after session

Removed automatically if you do not use the KPMG website for two years.

Social (e.g. Gigya, Google+, Facebook, Twitter) We use (external) social media widgets and/or buttons to offer visitors the option of sharing information from our websites on social media and via email. In this context the interactions and activities of visitors to our website who use these services are tracked on an aggregate level (i.e. not on an individual level), e.g. the number of times information is shared (social share count)). We recommend that you read the privacy statements of these parties.  Privacy statement social media (e.g. Gigya, Google+, Facebook, Twitter)


What are your rights?
You have the right to access your personal data. You also have the right to rectification, erase and limit the use of your data, object to certain types of processing and to transfer your personal data.

Some of this you can do yourself in your online account. You can also unsubscribe from our newsletter yourself. You can do this in the preference center [link] or by using the link at the bottom of every newsletter. 

You can also file a request to exercise your rights described above by contacting In this case, we are obliged to check your identity. For this reason, we may ask you for additional information in order to confirm your identity. 

Do you have any questions or complaints?
KPMG believes it is important to safeguard the privacy and confidentiality of information that is entrusted to it. If you have a request or a question regarding the processing of your personal data or you wish to object to it, please send your remark, question or objection by email to

KPMG has appointed a data protection officer. For questions and requests in connection with the processing of your personal data you can also contact our Data Protection Officer by email on

You also always have the right to file a complaint with the Data Protection Authority.

Changes to this privacy statement
KPMG may change this Online Privacy Statement from time to time. When we make changes to this Online Privacy statement, we will revise the ‘date of last change’ shown at the top of the page. In addition, we will give a brief overview of the most important changes compared to the previous version.

References in this Online Privacy Statement to ‘KPMG’, ‘we’, ‘our’ and ‘us’ are to KPMG N.V. and it's subsidiaries.