M&A Port: Consent to the processing of personal data
By providing my personal data as described below I hereby grant my consent to the processing of my personal data for the purpose of direct marketing – I may be approached by Deloitte with commercial communication, offers, promotional communication etc., within the below mentioned period of data storage.
The personal data I hereby voluntarily provide to the personal data controller (identified below) are:
The data is collected and will be processed by the following entities that are part of DeloitteCE group of companies or by their subcontractors or IT suppliers:
Personal data controller: Deloitte CZ Services s.r.o., with its registered seat at Italská 2581/67, Vinohrady, 120 00 Prague 2, the Czech Republic, ID No.: 05660904, registered in the Commercial register maintained by the Municipal Court in Prague, file C 268054 (“Deloitte”)
Processors of personal data:
Our approved administrative and IT service suppliers:
Contentful GmbH, Max-Urich-Straße 3, 133 55 Berlin, Germany
Deloitte Advisory & Management Consulting Private Limited Company, Dózsa Gy út 84.C., 1068 Budapest, Hungary
Deloitte CE Business Service Sp. z o.o., Al. Jana Pawla II 22, 00-133 Warsaw, Poland
Deloitte Central Europe Service Centre s.r.o., Italská 2581/67, 120 00, Prague 2 - Vinohrady, the Czech Republic
Deloitte Global Services Limited, Hill House, 1 Little New Street, EC4A 3TR London, the United Kingdom
Digital Resources a.s., Poděbradská 520/24, 190 00 Prague 9, the Czech Republic
Non-EU based (all non-EU based data processors have concluded the EU approved Standard Contractual Clauses with us ensuring an adequate level of Personal Data protection as required by the Data Protection Legislation):
Deloitte Touche Tohmatsu Services, Inc., 30 Rockefeller Plaza, New York, 10112 – 0015, USA
Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA
The personal data controller and data processor(s) shall establish technological, physical, administrative and procedural safeguards all in line with the industry accepted standards in order to protect and ensure the confidentiality, integrity or accessibility of the personal data processed; prevent the unauthorized use of or unauthorized access to the personal data or prevent a personal data breach (security incident) in accordance with Deloitte CE instructions, policies and applicable laws. Deloitte CE is a holder of ISO 27001 certification – widely recognized global information standard.
The personal data will be made accessible to the following personal data recipients or categories of recipients:
Deloitte in Czech Republic: Deloitte Advisory s.r.o. Deloitte Audit s.r.o., Deloitte BPS a.s., Deloitte CZ Services s.r.o., Deloitte Security s.r.o., Deloitte Legal s.r.o., advokátní kancelář a ELBONA AUDIT s.r.o.
The maximum period for which the personal data will be stored is:
After this period expires your personal data will be permanently deleted, unless you give Deloitte any additional consent to process your data further or there will be any new legal purpose of processing present – like negotiation on service offering, agreement on provision of service concluded.
The processing of your personal data is necessary to fulfil the purpose described here-above. If consent is not granted or you later send a request for rectification or erasure of your data, and withdraw your consent, this may mean that Deloitte will not be able to include you in marketing or promotional activities or similar.
You have your right to:
request access to your personal data (and request a copy of the personal data that we process),
request us to update and correct your personal data (right to rectification),
request us to delete your personal data (where possible), or
require a restriction on the processing of your data.
You may object to the processing (in certain cases as specified by GDPR), as well as execute your right to data portability (receive a copy of personal data which you provided to us in a structured machine –readable format and request us to transmit such data to another data recipient).
You can enforce all rights described here by sending an e-mail to: firstname.lastname@example.org, or by a written notice to:
It is also your right to lodge a complaint with a local data protection supervisory authority in the country of your residence in case you are of an opinion that the processing of your personal data infringes the GDPR.
Contact details of the data protection office: CEprivacy@deloittece.com