Data Ethics Policy

Introduction and purpose

Technology continues to evolve, shape and transform how businesses function and people interact. Turning data into value for our clients at an increased level of quality, speed and scale raises ethical dilemmas and challenges that we must address.

At KPMG Acor Tax (“KPMG”), our Global Code of Conduct outlines the responsibilities all our people have towards each other, our clients and the public. Our Values drive our daily behaviours and guide our decisions, and our information protection policies and standards address how we protect the confidentiality, the integrity and the availability of our data, including personal data. To supplement our Values and information protection policies, this Data Ethics policy has been developed specifically to assist us in making responsible decisions on how we should handle data and develop and utilize new digital technologies. It aims at promoting a sound and ethical data culture within our firm and in our business relationships.

For information on how KPMG processes personal information, please refer to our Privacy Statement at:

Our Data Ethics principles

When servicing our clients, we obtain, combine, analyse and use data to provide insights and advice on financial and non-financial information. At all levels, it must therefore be clear who is responsible for the use of data to safeguard adherence to our principles, policies and Values.

Data processing at KPMG is carried out with respect for relevant data privacy regulations and in accordance with our Privacy Statement. We always consider what data are necessary, from what sources data should be obtained, and how sensitive this data is considered to be based on KPMG data classifications.

Unintended discriminatory effects on individuals must be eliminated. We must strive to ensure that our data usage does not reinforce bias or have other unjustified adverse effects.

Our data processing must be sufficiently transparent. Our people, clients and third parties should have access to insight into their own data. Clear and understandable information should be provided about the processing of data, including its purpose, function, security and limitations.

Our data processing must be sufficiently secure, robust and reliable, and it must strictly adhere to our information protection and security policies. We should only collect and process client data to fulfil specific tasks for our clients. Data must be stored securely, with access restricted to partners and employees based on their work-related needs, and be retained in accordance with our data retention policy

We treat both client and our own data with great confidentiality, and exercise care and caution in our data usage and data processing. Where data is shared with subcontractors or other third parties, we remain accountable. 

New technologies

Every day we strive to incorporate data and technology in the way we work at KPMG. Through our insights as tax experts and our knowledge within technology and data, we can leverage new technologies to enhance the value for both our clients and us. Any such tools undergo thorough evaluation and approval processes by KPMG's IT security and risk organization before implementation.

Data Ethics encompass the ethical considerations surrounding our use of data, development and deployment of artificial intelligence within research, process optimization, analytical enhancement, predictions or ChatGPT queries. At KPMG, we have created our own artificial intelligence environment to secure that any data processing, training of data models and use of artificial intelligence models is strictly internal, with no external connectivity in order to secure confidentiality and privacy and data security in all aspects of data processing.   

Approval and follow-up

This policy has been approved by KPMG Acor Tax's executive management team and will be reviewed at least annually.