Data Privacy Statement

Forvis Mazars Group takes the security of and our legal responsibilities around your personal data seriously. This statement explains relevant information about our processing of personal data collected via this website.

Data Controller 

Forvis Mazars Group predominately acts as a data processor on behalf of our group member firms.  Forvis Mazars Group is the Data Controller for all personal data provided to us for our own purposes. Should you make an enquiry which concerns one of our member firms, we will forward the request to them on your behalf.  In such circumstances your personal data will be processed by them in accordance with the privacy information of the relevant member firm.

Personal data we process

The personal data we process as a result of your visiting our website depends on the data you provide to us.  If you access our site but do not interact further with us, we will only process data contained in cookies which are necessary to be able to run our site (see ‘Cookies’ for more info).  Should you decide to interact with us by, for example, submitting a request form, we will process the personal data you provide for the purposes stated on the form.  Some fields are mandatory as without them we will be unable to make further contact with or identify you to process your request.

We process personal data collected via our website and other sources for the purposes set out in this statement. 

We may collect your personal data directly from:

  • You;
  • Your representatives, employer or other party you authorise to provide your personal data to us;
  • Our member firms;
  • Third parties such as event providers we partner with;
  • The public domain, especially if you interact with us using social media.

Legal basis for processing

We rely on a range of legal bases for our activities.  These are:

  • Consent: On occasion we will seek your consent to processing your personal data.
  • Legitimate interests: We may process your personal data in pursuit of our legitimate interests, those of our member firms or other third parties.  Our legitimate interests pursued include: 
    • creating, developing and or managing our relationship with you;
    • meeting our administrative, accounting and corporate obligations;
    • maintaining the security of our IT systems, offices and team; and
    • developing our business and services. 

Where we pursue interests on behalf of our member firms, those interests include developing their business, security management and meeting administrative, accounting and corporate obligations.

Other third parties whose legitimate interests may on occasion be pursued include:

  • Regulators in ensuring compliance with standards, obligations and the conduct of investigations.
  • Law enforcement in the prevention and detection of crime.
  • Complying with legal requirements, regulations or any obligations construed through professional body of which we are a member:  We are subject to legal, regulatory and professional obligations. We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data. 

Use of personal data 

We may process your personal data collected through our website for the purposes outlined below:

  • Responding to enquiries: When you raise an enquiry with us, we will use your information to process and respond to your request.  If your request involves one or more of our member firms, we may share your data with them to facilitate a complete response or to enable them to respond to you directly.
  • Understanding our audience: We collect certain data to enable us to understand the scope, reach and effectiveness of our brand and business activities, including our website and publications made available through it.
  • Recruitment and personnel administration: If you apply for a job through our website, we collect your personal data to consider your application and assess your suitability for employment.
  • Security, quality and risk management: Personal data may be processed in the context of maintaining security and within the scope of internal quality and risk analysis. 
  • Direct marketing: we may process personal data for direct marketing purposes to promote and develop our services and to provide you with information we think will be of interest to you. In all cases we will give you the opportunity to opt-out of our direct-marketing activities. Opt-out can be achieved by responding using the unsubscribe options contained within the information you have received or by contacting us.  

All personal data submitted through this site may be used by us in an anonymised form to assess and improve the services delivered herein and as part of our wider business development activities. 

Disclosures of personal data  

We may from time to time transfer or disclose your personal data to our group member firms or to third parties for any of the purposes listed above, including to governmental and professional agencies and third parties who perform services on our behalf, such as web hosting providers, IT service providers, payment providers and customer relationship management providers.

When we disclose your personal data to third parties who perform services on our behalf, we ensure that such service providers use your personal data only in accordance with our instructions. 

We may also disclose your personal data to third parties where we are required to do so by law, to our regulators, or for the purposes of or in connection with any legal proceedings, including for the purpose of establishing, exercising or defending our legal rights. 

We may share personal data with our group member firms where we have collected it on their behalf, where you have sent us a request concerning them, where to do so is necessary for administrative or security related purposes, or to enable them to provide professional services to their clients or prospective clients. 

If you are located in the EU, please note that owing to the global nature of our operations, we may transfer your personal data outside the European Economic Area (EEA) to countries whose data protection laws may not be as extensive as those in the jurisdiction where you are located.  When we transfer data outside the EEA, we will only transfer such personal data (i) to a country which the European Commission considers to have adequate data protection laws; or (ii) where we have put in place an appropriate data transfer mechanism, such as Standard Contractual Clauses, to ensure that your personal data are adequately protected, including but not limited to your consent.

We do not sell or rent your personal data.   

Duration of processing 

We will hold your personal data for the longest of the following periods: (i) as long as is necessary for the purpose of which it was collected; (ii) any retention period that is required by law; or (iii) the end of the liability period in which litigation or investigations might arise in respect of our services.  

After the applicable retention period(s) have expired, personal data will be deleted or anonymized. 

Data security 

We ensure appropriate technical and organisational controls are in place to protect your personal data from loss, misuse, alteration and unintentional destruction, such as the use of anti-virus, firewalls, secure servers, hard disk encryption software, password protection, two-factor authentication, intrusion and anomaly detection and physical access controls.

Our personnel who have access to your personal data have been trained to maintain the confidentiality of such data.  They will only be granted access to your personal data to the extent that they need this information to perform their duties properly. The persons who can consult your personal data are also bound by strict confidentiality obligations.  

Conditions to protect data to at least the same standard as we do are cascaded to all our contractors, (sub) processors and suppliers.    

Regular monitoring and testing of our security defences is carried out to ensure they continue to be effective against the latest threats.  

Data transferred over the internet by us and through this website are protected using encryption technologies, however no transaction carried out over the internet can ever be guaranteed to be secure. 

Data subject rights 

You may exercise a number of rights in relation to your personal data including: 

  • Accessing the personal data we hold about you. 
  • Asking us to correct any of your personal data we hold which are inaccurate. 
  • Requesting to have your personal data deleted.
  • Withdrawing consent to our processing of your personal data (where we process your personal data based on consent).
  • Putting in place restrictions on our processing of your personal data. 
  • Objecting to our processing of your personal data.
  • Asking us to transfer your data to another controller (data portability). 

We will handle all exercise of your data subject rights in accordance with the requirements of applicable privacy law.  Should you wish to exercise any of your data subject rights or have any questions about this statement please contact using our contact form

If you are dissatisfied with the way we have handled your personal data and we are unable to resolve the issue for you, you may take the matter to the Autorité de protection des données (Belgian Data Protection Authority). Further details can be found via their website at https://www.dataprotectionauthority.be/citizen.

Children and our website  

Forvis Mazars Group understands the importance of protecting children's privacy, especially in an online environment. Our sites are not intentionally designed for or directed at children. We do not knowingly collect or maintain information about anyone under the age of 16 through our website. If you are under 16 years of age you must obtain the consent of a parent or guardian to submit information via our website. Please ask them to review this information before you communicate with us.   

Cookies  

Navigation on our website will result in cookies being placed on your computer. Cookies are small text files that are placed on your computer by the websites that you visit. 

For further details, please consult our Cookie Policy. 

Changes to this privacy statement 

This privacy statement was last updated in February 2023.  We may amend it from time to time. Any changes will be published on this page and we recommend you check here regularly to ensure you remain in agreement with our data processing activities.