We have security measures in place at our offices, including CCTV and building access controls.
There are signs in our office showing that CCTV is in operation. The images captured are securely stored and only accessed on a need to know basis (e.g. to look into an incident). We use the CCTV images for the legitimate purposes of promoting security and safety of our personnel and members of the public, preventing and detecting crime and establishing, exercising and defending legal claims. We may disclose CCTV images to law enforcement bodies as requested and permitted by data protection law.
CCTV recordings are typically automatically overwritten after a short period of time (between 21 and 60 days after being recorded) unless an issue is identified that requires investigation (such as a theft).
We require visitors to our offices to sign in at reception and keep a record of visitors for a short period of time. Our visitor records are securely stored and only accessible on a need to know basis (e.g. to look into an incident).
We monitor traffic on our guest WIFI networks using industry standard intrusion detection systems. This allows us to see limited information about a users network behaviours but will include being able to see at least the source and destination addresses the user is connecting from and to. We cannot inspect any encrypted web pages and therefore do not have access to any information (personal or otherwise) that the user might share via these web pages.
This section of our privacy statement describes why and how PwC collects and uses personal data in connection with the Frontier Network.
We will collect personal data in connection with the Frontier Network as described below.
Personal data provided directly by you:
Mobile number (where relevant)
PwC host name
PwC host email address
PwC telephone contact details
Personal data inferred or derived from your use of the application:
We monitor traffic on our networks using industry standard intrusion detection systems. This allows us to see limited information about a user’s network behaviours but will include being able to see at least the source and destination addresses the user is connecting from and to. We cannot inspect any encrypted web pages and therefore do not have access to any information (personal or otherwise) that the user might share via these web pages.
We use personal data for the following purposes:
We use personal data to set up and provide access to the Frontier Network so that our clients and PwC partners and staff can access the internet and collaborate on projects. We have security measures in place to monitor traffic on our networks and detect incidents. Any incident investigation will require the Frontier Network logs to be analysed. When investigating an issue (such as a virus on device) the PwC may contact and follow up with relevant Frontier Network user as part of the investigation.
Legal grounds: Performance of a contract or legitimate interests
This processing is necessary to provide access to the Frontier Network and, where we process personal data for security purposes, this processing is necessary for the purposes of the legitimate interests pursued by us in providing a secure network.
When and how we share personal data and locations of processing
In addition to the general information about when and how we share personal data and locations of processing (provided here), personal data processed by us in connection with the Frontier Network may be transferred to:
Third party organisations that provide applications/functionality, data processing or IT services to us
We are part of a global network of firms and in common with other professional service providers, we use third parties to help us provide the Frontier Network and these third parties may be located in other countries. We share personal data processed in connection with the Frontier Network as follows:
Tata Consultancy Services Limited
IT services in relation to the operation of the Frontier Network
Registered office is at Nirmal Building, 9th floor, Nariman Point, Mumbai, 400021, India
UK branch office, located at 18, Grosvenor Place, London, SW1X 7HS
Where the locations of processing are outside of the EU, we have the European Commission approved standard contractual clauses in place to provide appropriate safeguards for personal data transferred outside of the EU. The standard contractual clauses are available here.
We retain personal data processed in connection with the Frontier Network as follows:
The personal details stipulated under Collection of Personal Data section above, including associated network activity are held for 30 days on the PwC wireless network access system and then automatically purged as per the standard PwC configuration (note the backup retention period is 4 months).
Individuals’ rights and how to exercise them
You have certain rights over your personal data. Please see further information about these rights and how to exercise them in the “Individuals’ rights and how to exercise them” section of our pwc.co.uk privacy statement (available here).