Forvis Mazars Global Privacy Statement: Website

Forvis Mazars Global facilitates operations across our network and is the organisation responsible for personal data collected via this website.

Each of our network firms operates their own personal data protection controls. If you are looking for the privacy statement of any of our firms, please refer to their websites.

Terminology used in this statement has primarily been aligned to EU and UK law. If you are located in another jurisdiction and we are required to comply with personal data protection laws applicable to you by virtue of that location, the wording herein should be read as if it has been aligned to the equivalent terminology applicable under the relevant personal data protection law.

Data controller.

Forvis Mazars Global Limited is the data controller for the personal data collected through this website.

Collection of your personal data

To enable us to operate and deliver our services, we may collect your personal data from:

You directly
Our network firms
Law enforcement or similar agencies
Our suppliers
Third parties you authorise us to obtain your personal data from

We will always only ask you to provide the minimum personal data necessary to fulfil any specific objective. Where we ask you to provide us with certain data and you are unable or unwilling to do so it may affect how we are able to interact with you.

In general, we collect the following categories of personal data:

Category	Examples
Demographic	Name, email address, postal address, telephone number(s), preferences, interests, jurisdiction.
Business data	Company name, financial information, business address.
Employment	Employer, job title. Where you submit an employment application employment history, responsibilities, experience, health, education.
Internet identifiers	Cookies based usage and interaction with our website.

Purpose and legality of processing

We collect your personal data for purposes and on the lawful bases set out below. Not all personal data we collect will be used for every purpose. An explanation of the legal basis is set out following the table.

Purpose	Legal basis
Handling and responding to enquiries submitted to us	Legitimate interests (own) Consent
Understanding the use and effectiveness of our website	Legitimate interests (own)
Managing, maintaining and evolving our security posture	Legitimate interests (own and network firms)
Facilitating employment opportunities	Consent Legitimate interests Explicit consent for sensitive data Legal processes
Compliance with legal and regulatory obligations to which we are subject	Compliance with legal obligations Legal processes
Direct marketing in the promotion of our network and Firms	Legitimate interests Consent
Supporting our network Firms, including facilitating contact with them	Legitimate interests (own and network firms) Consent

Legitimate interests: The majority of our processing of your personal data is carried out on the basis of the pursuit of our legitimate interests and those of our network firms. Those interests concern the facilitation and delivery of our services for our own purposes and those of our network firms, business development, workforce analysis and support, financial management, compliance with legal and regulatory obligations to which we are subject, security management and interests associated with managing the relationship between us and our network firms.

Compliance with legal obligations: Where we are required under legal or regulatory obligations, we will process your personal data in accordance with the relevant requirement(s).

Consent: In the event it is necessary and appropriate, we will seek or have otherwise received your consent to process your personal data.

Forvis Mazars Global does not routinely collect special category personal data. In the event such personal data are processed we rely on:

Explicit consent: In the event it is necessary and appropriate, we seek or have otherwise received your consent to process your personal data.

Legal processes: If required, your personal data may be processed for the establishment, exercise or defence of legal claims.

Security

We ensure appropriate technical and organisational controls are in place to protect your personal data from loss, misuse, alteration and unintentional destruction, such as the use of anti-virus, firewalls, secure servers, hard disk encryption software, password protection, physical access controls, two-factor authentication, intrusion and anomaly detection.

Our personnel who have access to your personal data have been trained to maintain the confidentiality of such data.  They will only be granted access to your personal data to the extent that they need this information to perform their duties properly. The persons who can consult your personal data are also bound by strict confidentiality arrangements.

Conditions to protect data to at least the same standard as we do are cascaded to all our contractors, processors and suppliers. 

Regular monitoring and testing of our security defences is carried out to ensure they continue to be effective against the latest threats.

Data transferred over the internet by us are protected using encryption technologies. Please note, no communication carried out over the internet can ever be guaranteed to be secure.

Third parties

Where necessary your personal data may be disclosed to:

Network firms: Forvis Mazars Global provides IT and other support services to Forvis Mazars network firms globally. In turn, we may provide your personal data to our network firms to enable us to deliver those services safely and securely. We may agree to certain global activities, such as surveys, where it may also be necessary to provide your personal data to our network firms. Should you communicate your personal data to us in respect of a network firm and require us to share those data with the relevant firm(s), your data will be processed by us but will also be transferred to the network firm for their own purposes.

Our suppliers: We engage a range of suppliers to assist us in the delivery our of our solutions and services. To enable you to access those solutions, fix faults, provide support or explore options available to us, it may be necessary for us to communicate your personal data to our suppliers or prospective suppliers for relevant activities.

Our insurers: As part of our insurance, we are on occasion required to provide information about the personal data we hold, our teams and suppliers to our insurers.

Law enforcement and regulators: On occasion we may be required to provide limited personal data to other third parties such as law enforcement and our regulators.

Your authorised recipients: Where we have your consent, we may share your personal data with those you have authorise us to.

We do not sell or rent your personal data.

International transfers

Forvis Mazars Global primarily processes your personal data within the European Economic Area, the United Kingdom, and the United States. Some of our team members are located in other jurisdictions.

As a result, your personal data may be transferred to other jurisdictions for processing by us. Where we transfer your personal data to other jurisdictions, we rely on the following transfer mechanisms in order of precedence:

Decision of adequacy from the European Commission or Information Commissioner’s Officer (as applicable);
Standard contractual clauses authorised by the relevant supervisory authority for personal data;
Your consent.

Should you require further information on the transfer mechanism and clauses used (where applicable), this can be sought via the contact information at the end of this statement.

General rights

You may exercise a number of rights over your personal data including:

Accessing a copy of the personal data we hold about you.
Asking us to correct any of your personal data which we hold and are inaccurate.
Requesting to have your personal data deleted.
Withdrawing consent to our processing of your personal data (where we process your personal data based on consent).
Putting in place restrictions on our processing of your personal data.
Objecting to our processing of your personal data.
Asking us to transfer your data to another controller (data portability).

We will handle all exercise of your data subject rights in accordance with the requirements of applicable privacy law. Should you wish to exercise any of your data subject rights or have any questions about this statement please contact us using the contact details below.

In the event you are dissatisfied with the way Forvis Mazars Global has handled your personal data and we are unable to resolve the matter for you, you are entitled to raise your concern with the relevant supervisory authority for data protection. The supervisory authority for Forvis Mazars Global is the Information Commissioner’s Office in the United Kingdom. Details can be found at https://ico.org.uk.

California Privacy Rights

This section applies specifically to individuals located in California.

Under the California Consumer Privacy Act, residents of California are provided with certain rights regarding their personal information:

The right to know, by way of our privacy statement and any specific inquiries you direct to us, the categories of personal information we collect from you, the source(s) of your personal information, what we use that information for, whether it is being disclosed or sold, and if so, to whom;
The right to “opt-out” of the sale of your personal information to any third parties;
The right to request we stop sharing your personal information with third parties;
The right, with some exceptions, to have your personal information deleted from our possession or control;
The right to correct inaccuracies in your personal information; and
The right to receive equal service and pricing from us, even if you exercise any of your privacy rights.

For all California residents, any such enquiries shall be responded to within forty-five (45) days and at no cost to you. We must verify your identity with respect to such inquiries. Depending on the nature of the personal information at issue, we may require additional measures or information from you as part of that verification.

California Civil Code Section 1798.83 permits California residents who use our website to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. Please note, we do not and will not sell personal information about California residents. We also have not done so for the last 12 months.

For California residents under age 18 who have publicly posted content or information, you may request and obtain removal of such content or information pursuant to California Business and Professions Code Section 22581, provided you are registered user of any website where this statement is posted. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information you have posted and that the law may not require or allow removal in all instances, even if requested.

To contact us to exercise any of the California rights listed above, please use the contact details at the end of this notice.

Data retention

We retain your personal data for as long as necessary in accordance with legal and regulatory requirements to which we are subject.

Profiling and automated decision taking

Your personal data are not used for the purpose of automated decision taking.

Limited profiling may occur for the purpose security management to enable us to ensure our systems remain secure and detect behavioural anomalies.

Cookies

Our website uses cookies. For further information please click here.

Contact

Forvis Mazars Global is the data controller for your personal data it collects through this website.

Any questions, concerns or requests to exercise your rights can be sent to privacy@global.forvismazars.com.

Alternatively you can write to us at:

Forvis Mazars Global, 30 Old Bailey, London, EC4M 7AU.

Last updated: June 2024