Document Insights

Privacy notice

Data protection notices according to Art. 13, 14 EU General Data Protection Regulation (DSGVO)

The following data protection information is intended to explain to you in an understandable, transparent and clear manner how your personal data is processed by us as part of Document Insights. However, if you have any questions of understanding or other queries regarding data protection at PwC Solutions GmbH, hereinafter "PwC", please feel free to contact us using the contact details below. Document Insights is an application that allows a user to quickly train an AI to specifically extract the information they are looking for from digital documents

1. Responsible

The responsible party within the meaning of Art.4 (7) DSGVO for the processing of your personal data is the

PwC Solutions GmbH
Friedrich-Ebert-Anlage 35-37
60327 Frankfurt am Main

E-mail: webkontakt_anfragen@de.pwc.com
Switchboard: +49 69 9585-0

as far as the processing operations described in clauses 4 and 5 are concerned.

However, the responsibility for the processing described in clause 6 lies with the respective client (with whom PwC has concluded a contract for the use of Document Insights and within the framework of which you receive access to Document Insights), which uses Document Insights in the course of its own business activities. For these processing operations described in clause 6, the customer is the sole controller within the meaning of Art. 4 (7) of the German Data Protection Regulation (DSGVO) and is therefore also subject to all obligations under the data protection laws applicable in Germany. Clause 6 is purely informative against this background. The relevant data protection declarations are therefore those of the respective customer.

2. Data subject rights

You have the following rights against PwC under applicable data protection law with respect to personal data relating to you.

Right to information: You can request information from PwC at any time about whether and what personal data PwC has stored about you. The provision of information by PwC is free of charge for you. The right to information does not exist or is restricted if and to the extent that the information would disclose confidential information, e.g. information subject to professional secrecy.

Right to rectification: If your personal data stored by PwC is inaccurate or incomplete, you have the right to request PwC to correct this data at any time.

Right to erasure: You have the right to request PwC to erase your personal data if and to the extent that the data is no longer needed for the purposes for which it was collected or, if the processing is based on your consent, you have withdrawn your consent. In this case, PwC must stop processing your personal data and remove it from its IT systems and databases.

There is no right to deletion,

Right to restrict processing: You have the right to request that PwC restrict the processing of your personal data.

Right to data portability: You have the right to receive from PwC the data you have provided in a structured, common and machine-readable format, as well as the right to have this data transferred to another controller.

This right exists only if

Right to object to processing: If the processing of your data is based on Art. 6 (1) f) DSGVO, you may object to the processing at any time.

You can assert all of the data subject rights described above against PwC by sending your specific request to the following e-mail address: DE_Datenschutz@pwc.com

3. Right of appeal to a data protection supervisory authority

In accordance with Art. 77 DSGVO, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection law.

4. Processing operations for which PwC is responsible

Description of the data processing on the website/app and legal basis for the processing

For the fulfillment of the processing purposes listed below, data transfer to third parties also takes place. We share your data with service providers bound by instructions, both within the PwC network and with other third parties, such as IT service providers, who support us in our activities, e.g. as part of the administration and maintenance of the websites and the associated systems and/or for other internal or administrative purposes. PwC WPG is a member of the global PwC network, which consists of the individual legally independent PwC firms. In the course of our activities, we use other German or foreign PwC network companies as network-internal IT service providers bound by instructions, which provide services of operation, maintenance and care of the IT systems and applications used by the PwC network companies. In addition to PricewaterhouseCoopers GmbH Wirtschaftsprüfungsgesellschaft based in Germany, this includes in particular PwC IT Services Ltd. based in the United Kingdom (UK). If we pass on data to service providers bound by instructions, we do not require a separate legal basis for this. In addition, we share your data in individual cases both within the PwC network and with other third parties who use your data on their own responsibility. For example, in individual cases we also transfer personal data to other companies in the PwC network to support and improve the effectiveness of our business processes (including coordinated marketing activities). If this transfer takes place to a PwC network company outside the European Economic Area, an appropriate level of data protection is ensured for the foreign transfer. To this end, the PwC network companies have, among other things, concluded an internal data protection agreement which provides for compliance with the EU standard contractual clauses of the EU Commission within the meaning of Article 46 (2) c) of the GDPR for the transfer of personal data from EU/EEA countries to other companies. If you have any questions regarding this internal data protection agreement and further security mechanisms, please feel free to contact our data protection officer, e.g. at DE_Datenschutz@pwc.com. In addition, in individual cases, we also disclose your data to other third parties, such as public authorities, courts or other bodies, if we are required by law or by official or court order of an EU member state to disclose personal data to these bodies. These bodies also use the data on their own responsibility. If there is a legal obligation to disclose the data, the legal basis for the data transfer is Art. 6 para. 1 lit. c) DSGVO. If, on the other hand, the disclosure is aimed at fulfilling a contractual or pre-contractual measure with you as a natural person, the legal basis is Art. 6 (1) (b) DSGVO. Otherwise, the transfer is based on our legitimate interests and the legal basis is Art. 6 para. 1 lit. f) DSGVO. We and the other companies in the PwC network have an interest in making our work processes efficient and in sharing business processes within the PwC network for this purpose.

When you access our website, we collect the data that is technically necessary to display this website to you. This is the following personal data that is automatically transmitted to our server by your browser:

The processing of this personal data is based on Art. 6 para. 1 lit. f) DSGVO. The website cannot be called up and offered to users without the use of this data; there is a legitimate interest in making the call-up and use of the website technically possible. In addition, the data is stored in order to technically secure the website. The controller has an interest in the security and availability of this website.

The log file information is stored for 90 days and then deleted.

This website is hosted by a service provider Microsoft Corporation One Microsoft Way Redmond, WA 98052-6399 USA, the data collected on our website is therefore stored on the servers of the service provider. The server locations are in Germany and in other EU countries.

Data is transferred abroad, but only to countries in the European Union or the European Economic Area.

Appointment booking or contact by e-mail

We offer dedicated appointment bookings on our website so that you can contact us with questions about PwC, our website and other inquiries. In addition, you can contact us by e-mail. Die eigenständige Terminbuchung erfolgt nicht über die Anwendung, sondern über Google Calendar. Bei dieser Terminbuchung sowie der Kontaktaufnahme mit uns per E-Mail werden die von Ihnen mitgeteilten Daten (insbesondere Ihre E-Mail-Adresse, Ihren Vor- und Nachnamen und den Text Ihrer Anfrage sowie ggf. weitere Angaben, die Sie per E-Mail gemacht haben), von uns gespeichert, um Ihre Anfrage zu bearbeiten und Ihre Fragen zu beantworten.

The data processing is justified according to Art. 6 para. 1 lit. f) DSGVO. We have an interest in contacting you via the website in response to your request. If your request is aimed at the fulfillment of a contractual or pre-contractual measure with you as a natural person, Art. 6 para. 1 lit. b) DSGVO is the legal basis for the data processing.

We will delete the data generated in the course of your inquiry as soon as it is no longer required for processing your inquiry. Insofar as legal storage obligations exist, the data will be stored for the duration of the legally prescribed storage obligation.

The use of the standalone appointment booking is completely voluntary for you and not a prerequisite for the use of the website. A Google Account is required to use this feature. We are not responsible for the processing of data in this function. Here, the responsibility for the processing of data lies with Google LLC. The terms of use and privacy policy of Google LLC then apply.

Registration and login

Calling up and using our website is generally possible without logging in or registering. However, some functionalities of the website can only be used after registration, these include in particular:

Registration via the website is not possible. Registration is carried out by the provider following the conclusion of a contract. For this purpose, the user receives his initial user information by e-mail and can thus carry out the registration.

For registration we process the following information:

The processing of this personal data is based on Art. 6 (1) c) in conjunction with Art. 32 DSGVO.

Your data will be deleted by us after expiry of the contract. Insofar as legal storage obligations exist, the data will be stored for the duration of the legally prescribed storage obligation.

5. Cookies use

In order to make visiting our website attractive and to enable the use of certain functions, we and certain third parties use cookies on our website. These are small text files that are stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (so-called session cookies). Other cookies remain on your terminal device and enable us or our partner companies to recognise your browser the next time you visit us (so-called persistent cookies).

The following cookie categories are used:

These cookies are required for the operation and functionality of the website. They make the website technically accessible, secure and usable and provide essential and basic functionalities, such as navigation on the website, correct display of the website in the internet browser or consent management.

ProviderNameCookie categoryFunctionDuration
PwCppms_privacyRequired CookieStores the visitor's consent to data collection and use365 days

The analytics cookies enable us to store data in an aggregated form about our website visitors and their experiences on our website. We use this data to fix bugs and improve the experience for all visitors.

ProviderNameCookie categoryFunctionDuration
PwCpk_ses.<websiteID>.<domainHash>Analysis cookieIndicates an active session of the visitor. If the cookie is not present, the session ended over 30 minutes ago and was counted in a pk_id cookie.30 minutes
PwCpk_id.<websiteID>.<domainHash>Analysis cookieUsed to recognise visitors and record their various characteristics.13 months
PwCpiwik_authAnalysis cookieStores session information for the user interface (UI) of Piwik PRO. As long as this cookie is valid and contains a login and a token_auth parameter, a visitor is considered to be logged in and a PIWIK_SESSID cookie is updated.24 minutes
PwCPIWIK_SESSIDAnalysis cookieStores a PHP-Session-ID.24 minutes
PwCstg_traffic_source_priorityAnalysis cookieStores the type of traffic source that explains how the visitor arrived at your website.30 minutes
PwCstg_last_interactionAnalysis cookieDetermines whether the session of the last visitor is still running or a new session has started.365 days
PwCstg_returning_visitorAnalysis cookieDetermines whether the visitor has been on your website before - these are returning visitors.365 days
PwCstg_fired__Analysis cookieDetermines whether the combination of a tag and a trigger was triggered during the current visitor session.Session
PwCstg_utm_campaignAnalysis cookieStores a name of the campaign that directed the visitor to your website.Session
PwCstg_pk_campaignAnalysis cookieStores a name of the campaign that directed the visitor to your website.Session
PwCstg_externalReferrerAnalysis cookieStores a URL of a web page that referred a visitor to your website.Session
PwC_stg_optoutAnalysis cookieUsed to disable all tracking tags in the tested domain.365 days
PwCppms_webstorageAnalysis cookieA so-called stringified object that contains information about created cookies for each module. It stores data about each cookie created, such as a key, a value, an expiry date, a path, a domain and more. This is the same data that was used to create a cookie.A ppms_webstorage item is not automatically removed. However, a visitor can delete it manually. Individual entries in the item are removed after a corresponding cookie has expired.
PwCppms_data_storeAnalysis cookieStores information from forms on your website. After a visitor submits a form, the data is passed to Audience Manager. However, if a form redirects a visitor to another page, the data can be lost. Therefore, form data is kept as a backup in local storage. (A page to which a visitor is redirected must have a form tracker, otherwise Piwik PRO cannot collect form data).After the form tracker has sent data to the server. This can happen directly after a visitor submits a form or after a new page is loaded in his browser.
Hotjar_hjClosedSurveyInvitesAnalysis cookieUser Tracking: Used to prevent the user from filling out the same survey multiple times.365 days
Hotjar_hjDonePollsAnalysis cookieUser Tracking: Used to prevent the user from filling out the same survey multiple times.365 days
Hotjar_hjMinimizedPollsAnalysis cookieUser Tracking: Used to ensure that a minimized survey remains minimized even when navigated365 days
Hotjar_hjShownFeedbackMessageAnalysis cookieUser Tracking: Used to minimize incoming feedback if the user has already filled it in or minimized it365 days
Hotjar_hjidAnalysis cookieUser Tracking: Used to distinguish between users365 days
Hotjar_hjRecordingLastActivityAnalysis cookieUser Tracking: Used for recording a sessionSession
Hotjar_hjTLDTestAnalysis cookieUser tracking: cookie sharing from Hotjar across different subdomainsSession
Hotjar_hjUserAttributesHashAnalysis cookieUser Tracking: Backup of user attributes as hash to check if there are any changesSession
Hotjar_hjCachedUserAttributesAnalysis cookieUser Tracking: User attributes that are necessary for Hotjar to process the information.Session
Hotjar_hjLocalStorageTestAnalysis cookieUser Tracking: Test if the LocalStorage is usableUnder 100ms
Hotjar_hjIncludedInPageviewSampleAnalysis cookieUser tracking: indication for Hotjar if user is in daily sample of users (pageview limit)30 minutes
Hotjar_hjIncludedInSessionSampleAnalysis cookieUser tracking: indication for Hotjar if user is in daily sample of users (session limit)30 minutes
Hotjar_hjAbsoluteSessionInProgressAnalysis cookieUser tracking: deciding whether the user is visiting the page for the first time30 minutes

The legal basis for the use of required cookies is Sec 15 para 1 sen 1 German Telemedia Act ("TMG") or on the basis of Art 6 para 1 lit f) GDPR to protect our legitimate interests. In particular, our legitimate interests lie in being able to provide you with a technically optimised website that is user-friendly and tailored to your needs, and to ensure the security of our systems. Furthermore, we use cookies on the basis of your consent pursuant to Art 6 para 1 lit a) GDPR.

Insofar as we use cookies on the basis of your consent, you can revoke your consent at any time with effect for the future, e.g. by adjusting your cookie settings here:

Your revocation does not affect the lawfulness of the processing carried out until revocation.

Hotjar

This website uses Hotjar. Provider is Hotjar Ltd, Level 2, St Julians Business Centre, 3, Elia Zammit Street, St Julians STJ 1000, Malta, Europe (website: https://www.hotjar.com). Hotjar is a tool for analyzing your user behavior on our website. With Hotjar, we can record your mouse and scroll movements and clicks, among other things. Hotjar can also determine how long you have remained with the mouse pointer on a certain spot. From this information, Hotjar creates so-called heat maps, which can be used to determine which areas of the website are viewed preferentially by website visitors. Furthermore, we can determine how long you stayed on a page and when you left it. We can also determine at which point you abandoned your entries in a contact form (so-called conversion funnels). In addition, Hotjar can be used to obtain direct feedback from website visitors. This function serves to improve the website operator's web offerings.

Hotjar uses cookies. Cookies are small text files that are stored on your computer and saved by your browser. They serve to make our offer more user-friendly, effective and secure. In particular, these cookies allow us to determine whether our website has been visited with a specific end device or whether the functions of Hotjar have been deactivated for the browser in question. Hotjar cookies remain on your terminal device until you delete them. You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited. The use of Hotjar and the storage of Hotjar cookies is based on Art. 6 (1) lit. f DSGVO. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.

Deactivation of Hotjar

If you wish to disable data collection by Hotjar, click on the following link and follow the instructions there: https://www.hotjar.com/opt-out Please note that disabling Hotjar must be done separately for each browser or device. For more information about Hotjar and the data it collects, please see Hotjar's privacy policy at the following link: https://www.hotjar.com/privacy

Contract for order processing We have entered into an order processing agreement with Hotjar to implement the strict European data protection regulations.

Deactivation of cookie settings

Most browsers are preset to accept cookies automatically. You can object to the generation of cookies by deactivating cookies in the system settings of your browser. However, please note that some cookies are absolutely necessary for the function of our website, otherwise the page cannot be accessed and displayed. By disabling cookies, you will not be able to use parts of the website (without restrictions). We generally only use cookies that are not absolutely necessary for the function of our website with your prior express consent. In addition, you can also control the installation of cookies yourself at any time by changing your browser settings and/or deleting all cookies.

6. Processing operations for which the customer is responsible

Processing of customer data within Document Insights

Insofar as you upload data of the client, in particular the documents and their content ("client data") for the purpose of training a "Machine Learning Model" in Document Insights, this data and the related processing shall remain the responsibility of the client (Art.4 (7) DSGVO). In this respect, PwC, as a Software-as-a-Service (SaaS) provider, will act for the client as a processor within the meaning of Art.4 (8) DSGVO. Art.4 para. 8 DSGVO.

Contact us and get a product demo