Last updated on March 24, 2026
Information on the processing of personal data
KPMG Baltics SIA* (address: Roberta Hirša iela 1, Riga, LV-1045, Latvia, e-mail: datu_iesniegumi@kpmg.lv) and KPMG Law ZAB SIA (address: Roberta Hirša iela 1, Riga, LV-1045, Latvia, e-mail: datu_iesniegumi@kpmglaw.lv) (hereinafter – KPMG) as controllers of personal data are obliged to protect the confidentiality and privacy of the information entrusted to it. As part of this fundamental obligation, KPMG is committed to the appropriate protection and use of personal information (sometimes referred to as “personal data”, "personally identifiable information" or "PII") that has been collected online.
In general, our purpose is to process only those personal data that visitors to our websites have provided voluntarily, so that we are able to offer information and/or services only to these visitors or to offer information about job opportunities. Please review this Privacy Policy ("Privacy Policy") to learn more about how we collect, use, share, and protect the PII we collect.
1. Collectionand use of personal data
1.1. What kind of information we collect
We collect and process personal data about any third party who uses our website or contacts us. In some cases, KPMG may already have your personal data (for example, if you are a former employee, candidate, client or have previously worked with KPMG).
When registering or providing personal data to KPMG, we use this information in accordance with this Privacy Policy. Your personal data will not be used for any other purpose unless we have obtained your consent or the use of such data is required or permitted by applicable laws and regulations or professional standards.
Further it is described the type of information we collect and process.
Requesting a service on the website: if you submit a request for a service on the website (for example, a request for a consultation or an offer), we collect the following data:
• name, surname
• e-mail address
• phone number
• country
• company
• position in the company
• sector of activity
• information whether you are a KPMG client
• a description of your request (information in the free text field).
We use this information to contact you, evaluate your request, and provide an appropriate service or response. Please do not provide more personal data in the description of the request than is necessary for the processing of the respective request.
Contact Questionnaire: If you use the contact form to ask a question or receive other information, we collect:
• name, surname
• e-mail address
• phone number
• country
• company
• position in the company (voluntary field)
• the type of question
• the content of your message (information specified in the free text field).
We use this data to process your question, provide an answer and document communications. Please do not provide more personal data in the description of the request than is necessary for the processing of the respective request.
Subscribe to newsletters: if you sign up for newsletters (news, newsletters, event invitations), we collect:
• e-mail Address
• name, surname
• company
• position in the company
We use this data to send you news releases and, if necessary, to tailor content to your role and business profile. If you provide information about your interests or preferred topics, we may use it to further personalize your experience.
In some cases, when you have signed up for certain services or newsletters, we temporarily retain your email address until we have received confirmation of the information you provided (for example, by sending a confirmation link to the email you provided).
Cookies, IP addresses, Google Analytics, web beacons: our website uses cookies and similar technologies that may collect certain information about your device and website usage (for example, IP address, browser type, time of visit, page view statistics). Detailed information is given below.
Applying for vacancies: if you apply for a job at KPMG (for example, by submitting a CV or cover letter online), the processing of your personal data is carried out in accordance with a separate KPMG Recruitment privacy policy, which is available on our website in the relevant section.
Alumni Club: If you join the KPMG Alumni Club, your personal data is processed in accordance with a separate KPMG Alumni Club privacy policy, which is available on our website.
Seminars: the processing of personal data related to registration for seminars, events or similar activities organized by KPMG (e.g. compilation of participant lists and contact information of participants) is carried out in accordance with the KPMG Seminar privacy policy.
Employees and similar: the processing of personal data that takes place within the framework of employment, subcontracting, service contract or similar relationship is regulated by KPMG's internal policies on the processing of data of employees and cooperation partners, as well as by the relevant employment, subcontractor or other agreements. These policies and contracts specify in detail what data is collected, for what purpose it is used and what are the procedures for its storage.
Customer data: if you become a KPMG customer, the scope and purposes of the processing of your personal data are specified in the relevant service agreement and other documents related to cooperation, as well as in applicable regulatory enactments.
In certain cases, the personal data we collect may also include special categories of personal data (sensitive data), such as information about a person's racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, sex life or sexual orientation, physical or mental health data, as well as data on possible or proven criminal convictions, to the extent permitted by applicable law in the particular case.
We generally only process such data if you provide it to us (for example, by filling in free text fields, attaching documents or otherwise voluntarily disclosing them) and if it is necessary for the provision of a particular service, request or cooperation. We recommend that you do not provide special categories of personal data unless such information is clearly necessary for the processing of your request or for the fulfilment of legal obligations.
Before transferring any documents or personal data, we will agree with you on a secure way of transferring data (for example, via encrypted email, secure data exchange platform or other solution). A wider exchange of information and documents will take place only after the establishment of a contractual relationship between KPMG and the client.
1.2. Legal basis for processing your personal data
KPMG only collects personal data that is necessary to fulfill your request. If additional information is required, the provision of which is optional, you will be notified of this at the time of obtaining the information.
The laws and regulations in force in the Republic of Latvia allow us to process personal data to the extent that we have a legitimate basis to do so. When processing personal data, we will rely on one of the following processing conditions:
• Performance of a contract: in this case, the processing of your personal data is necessary for the performance of our contractual obligations. For example, provide you with services, as well as prepare an offer before concluding a contract;
• Legal obligation: in this case, we need to process your personal data in order to comply with a legal obligation, for example, to store data for tax purposes or to provide information to a public authority or law enforcement agency, as well as in the field of prevention of money laundering and terrorist financing;
• Your consent: in certain cases, we will ask for your specific consent to process part of your personal data, and we will only process your personal data in this way if you consent to such processing.
You can withdraw your consent at any time by contacting KPMG via e-mail address: datu_iesniegumi@kpmg.lv (KPMG Baltics SIA) or datu_iesniegumi@kpmglaw.lv (KPMG Law ZAB SIA).
• Legitimate interests: we will process your personal data where such processing coincides with our legitimate interests in the legitimate conduct of business in order to promote the growth of the company to the extent that it does not infringe your fundamental rights and freedoms. For example:
‒ provide information and/or services to persons visiting our website or provide information about employment opportunities;
‒ answer questions, requests submitted through the websites www.kpmg.com/lv and www.kpmglaw.lv;
‒ prevent fraud or criminal activity and protect our IT systems;
‒ customize an individual's online experience and improve the usability and effectiveness of KPMG's websites;
‒ implement marketing activities and analyze them;
‒ ensure compliance with our corporate and social responsibility conditions;
‒ exercise our fundamental rights in the European Union, in accordance with Articles 16 and 17 of the Charter of Fundamental Rights of the EU, including our right to freedom of establishment and the right to property.
1.3 Automatic collection of personal information
In some instances, KPMG and its service providers uses cookies, web beacons and other technologies to automatically collect certain types of information when you visit us online, as well as through emails that we may exchange. The collection of this information allows us to customize your online experience, improve the performance, usability and effectiveness of KPMG's online presence, and to measure the effectiveness of our marketing activities.
1.3.1 IP adreses
An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognise and communicate with one another. IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to conduct web site trend and performance analysis.
We do not use IP addresses to identify you individually, except as objectively necessary for IT security, incident investigation, or as required by applicable law.
1.3.2 Cookies
When you visit our website, cookies will usually be placed on your computer or internet-connected device. Thus, the site remembers your computer or device, and it serves several purposes.
Some of our pages will display a notification at the top asking for your consent to the use of cookies. If consent is not given, your computer or internet-connected device will not be used for marketing activities. To ensure functionality, it may be necessary to use other types of cookies, which are called user input cookies. These cookies will also be used if you have indicated in the above notice that cookies are not allowed. The parameters you choose will be stored in the cookie and will be valid for 90 days. If you want to cancel the selected parameters, you can do this by deleting cookies in your Internet browser.
Most Internet browsers automatically accept cookies, however, you have the option to choose whether to accept cookies by specifying it in the settings of your Internet browser (usually such a choice can be made in the settings menu of the browser program). You may delete cookies from your device at any time. Please note that if you do not accept cookies, you will not be able to take full advantage of some of the options offered by our website.
More information on managing cookies is provided in the help section of your internet browser or on websites such as www.allaboutcookies.org.
The following types of cookies are used on our websites:
Purpose | Description | Type and expiry date |
Performance cookies | Our websites are created using widely used Internet platforms. They contain built-in cookies that help prevent compatibility problems (e.g. identify the type of internet browser) and improve performance (e.g. faster loading of content). | Session Deleted when you close the browser. |
Security cookies | If you register for a limited section of the website, cookies will ensure that your device is registered for the entire duration of the visit. To access the restricted section of the website, you will need to enter the user name and password. | Session Deleted when you close the browser. |
Site settings cookies | Cookies can also remember menus on your website (e.g. language) or improve the experience (e.g. by creating a personalized address or content). This will apply to the sections of the site where you have registered or created an account. | Session Deleted when you close the browser. |
Analytical cookies | We use a number of analytical tools developed by third parties to help us understand how visitors use our website. This allows us to improve the quality and content of kpmg.com site. The statistics collected include information about the total number of visits or page views and references to our websites. More information about the use of Google Analytics is available by clicking here. | Permanently, but will be automatically deleted after two years if you do not visit our website again. |
Site visitor feedback cookies | We invite some visitors to the site to comment through a survey developed by a third party. With the help of cookies, it is possible to avoid a situation where one person is asked to fill out a survey twice. The first cookie (1) is created when the visitor is not invited to participate in the survey and ensures that visitors are not invited after viewing the first page. The second cookie (2) is created when the visitor is invited to participate in the survey and ensures that the visitor is not invited to complete the survey again 90 days after the first invitation. | 1. Session. Are deleted when you close the browser. 2. Permanently. Are automatically deleted after 90 days or when you run a survey. |
Social sharing | Using widgets or buttons developed by third parties, we offer you additional features - to share the content of our websites on social media pages and email. Using widgets or buttons, a cookie may be placed on your device to make it easier to use the service, provide interactive information (e.g. updating information about the number of social shares) and record information about your activities on the Internet and on our website. Before using such services, we recommend that you review the privacy information of each provider. | Permanently, but will be automatically deleted after two years if you do not visit our website again. |
Some of our websites may use other tools and widgets developed by third parties that provide additional functionality. By using widgets or buttons, a cookie may be placed on your device in order to facilitate the use of the service and to ensure that your actions on our website are reflected correctly.
Cookies do not contain your email address or other information that would help identify you. Analytics may contain other information that identifies you, including your IP address, but such information is only intended to determine the number of unique visits to the site and the location of visitors, not to identify specific individuals.
Important: By browsing our websites or entering login information to access registered user sections, you agree that we may place cookies on your computer or internet-connected device.
1.3.3 Google Analytics
KPMG uses Google Analytics analytics services provided by Google Inc. (Google). Google's privacy policy is available by clicking here and information about the basic principles of how Google Analytics works is available by clicking here.
In order to give website visitors more choice about how Google Analytics collects their data, Google has developed an Internet browser add-on called "Google Analytics Opt-out". This add-on communicates with the Google Analytics JavaScript (ga.js), specifying what information about the visit to the website should not be sent to Google Analytics. The "Google Analytics Opt-out" web browser add-on does not prevent the sending of information to the site itself or other web analytics services.
1.3.4 Web beacon
A web beacon is a small image file on a website that can be used to extract certain information from your computer; for example, the IP address, the time at which the page content was viewed, the type of browser and the cookies previously set by the same server. KPMG uses web beacons only in accordance with applicable laws.
KPMG or its service providers may use web beacons to determine the effectiveness of third-party websites that provide us with recruitment or marketing services, or to compile visitor statistics and manage cookies.
You have the option to make some of the web beacons unusable by refusing the cookies associated with them. The web beacon may, however, record an anonymous visit from your IP address, but the cookie information will not be recorded.
In some of our newsletters and elsewhere, we may confirm the recipient's email address using the links obtained in the messages. We collect this information to measure user interest and improve opportunities for future users.
1.3.5 Location-dependent services
KPMG may collect and use the location information provided by your computer or mobile device. Location information is collected for the purpose of providing you with information about services that we think may be of interest to you, based on your location, as well as to improve our products and services offered based on location.
1.4 Social media and apps
KPMG websites could include functionality that allows you to share content through social media apps such as the Facebook Like button and Twitter widget. These social media apps may collect and use information about your use of the KPMG websites (see information on "Social Sharing" cookies above). The personal data you provide in social media apps may be collected and used by other participants in the respective social media app, and this relationship is governed by the privacy policies in force of the companies that provide the app. We have no control or obligation to control these companies or the way they use your information.
KPMG's websites may host blogs, forums, crowdsourcing, and other apps or services (collectively, "social media features"). The purpose of these social media features is to promote the sharing of knowledge and content. The personal data you provide in any of KPMG's social media features may be shared with other users of the relevant social media feature (unless otherwise determined at the time of data collection) over whom we have no or limited control.
1.5 Children
KPMG understands the importance of protecting children's privacy, especially in the online environment. Our websites are not intentionally designed or intended for children under the age of 13. It is our policy that we never knowingly collect or maintain information about individuals under the age of 13, except as part of the provision of professional services.
1.6 Direct marketing
We process your personal data in order to send you direct marketing information, for example, to send information about:
· seminars, conferences;
· KPMG-related activities;
· industry news in tax regulation, auditing standards, legislation, business consulting;
· new services.
Categories of personal data | Legal basis | Retention period |
- Name - Last name - Position - Company | Your consent or KPMG legitimate interest in providing information on KPMG's services, events and major industry news. | As long as you want to receive direct marketing from us – until you withdraw your consent or objected to processing of such personal data. |
In order to send news tailored to a specific profession, we use your position and it constitutes profiling.
You have the right to withdraw your consent or object to receiving our direct marketing mailings at any time in the following way:
• in the footer of the received e-mail by clicking on the "Unsubscribe" link;
• by contacting us by writing to e-mail datu_iesniegumi@kpmg.lv (KPMG Baltics SIA) or datu_iesniegumi@kpmglaw.lv (KPMG Law ZAB SIA).
After we receive your request we will discontinue sending our direct marketing e-mails to you. The withdrawal of your consent does not affect the data processing carried out during the period your consent was effective.
2. Sharing and transfer of personal data
2.1. Transfer within the firms of the KPMG member network
We may upon particular circumstances share information about you with other member firms of the KPMG network as part of international engagements, and with KPMG International and other member firms where required or desirable to meet our legal and regulatory obligations around the world. Other parts of the KPMG network are also used to provide services to us and you, for example hosting and supporting IT applications, provision of certain forms of insurance for member firms and its clients, performing client conflicts checks and Anti-Money Laundering checks, assisting with client engagement services and otherwise as required in order to continue to run KPMG’s business.
This share is based on a legitimate interest in transmitting personal data within the group of undertakings for internal administrative purposes or this processing is necessary for compliance with a legal obligation. If we do this your personal information will continue to be protected in order to ensure that the level of protection of natural persons guaranteed by the GDPR is not undermined.
2.2. Transfer to third parties
We may sometimes share personal data with trusted third parties to help us provide efficient and quality services. These recipients have a contractual obligation to protect the data we entrust to them. We may contact several or all of the following categories of recipients:
• KPMG member firms, where necessary for administrative purposes and to provide professional services to our clients (e.g. providing services that include advice from KPMG member firms in different territories);
• parties that support us in providing services (e.g. providers of telecommunications systems, email room support, IT systems support, direct marketing organization, archiving services, document preparation services and cloud software services);
• our professional consultants, including lawyers, auditors and insurers;
• prospective buyer, successor, merger partner or seller and their advisors in connection with an actual or potential transfer or merger/acquisition, part or all of our company or assets, or any related rights or interests.
• payment service providers;
• marketing service providers;
• law enforcement or other competent authorities or other third parties, subject to the conditions and requirements set forth in applicable law;
• recruitment service providers.
2.3. Transfers outside the European Economic Area
We store personal data on servers located in the European Economic Area (EEA). We may transfer personal data to KPMG International, KPMG member firms (more information is available by clicking here) and trusted third-party organizations located within or outside the EEA if we have a business reason to involve these organizations. Each organisation is required to protect personal data in accordance with our contractual obligations and applicable legislation on the processing and protection of personal data.
3. Your rights
If KPMG processes your personal data, you have the following rights:
· Ask questions: If you have questions or comments about how we administer your personal data, please contact us by writing to datu_iesniegumi@kpmg.lv ("KPMG Baltics SIA") or datu_iesniegumi@kpmglaw.lv (KPMG Law ZAB SIA).
· Right of access and rectification: You have the right to access this data. This is sometimes referred to as a "subject access request." If we acknowledge that we are obliged to provide you with personal data, it will be provided free of charge. Before providing personal data, we may ask you to prove your identity and provide sufficient information about your cooperation with us so that we can find your personal data. If the information we hold about you is incorrect, you have the right to ask us to correct any inconsistencies in your personal data.
· Right to object to processing: You have the right to object to our processing of your personal data if we no longer have the right to use it.
· Other rights: In addition, you have the right to request the erasure of your data if we hold it for too long, to restrict data processing in certain situations and/or to obtain electronic copies of the information we hold about you.
You can request the exercise of this right by contacting KPMG by writing to e-mail datu_iesniegumi@kpmg.lv ("KPMG Baltics SIA") or datu_iesniegumi@kpmglaw.lv (KPMG Law ZAB SIA), and we will make every effort to satisfy your request to the extent that it complies with applicable laws and professional standards.
4. Data security and integrity
KPMG has appropriate security policies and procedures in place to protect personal information from unauthorized loss, unauthorized use, alteration, or destruction. Despite KPMG's efforts, absolute security against all threats cannot be ensured. To the best of our ability, access to your personal information is limited and accessible only to those who need to know it. Those persons who have access to the data must comply with the conditions of confidentiality with regard to such information.
5. Duration of storage of personal data
We make reasonable efforts to retain personal data only for as long as (i) it is necessary to comply with a person's request, (ii) as long as it is necessary to comply with a legal obligation, to pursue KPMG's legitimate interests, to fulfil contractual obligations, or (iii) for as long as the data subject's consent to the relevant processing of personal data is valid. The period of time for which data will be stored will depend on the individual nature and circumstances of the process of collecting information. In case of withdrawal of consent or after the purpose of processing has been achieved, personal data is deleted.
You have the right to request information about a specific storage period by writing to us on datu_iesniegumi@kpmg.lv (KPMG Baltics SIA) or datu_iesniegumi@kpmglaw.lv (KPMG Law ZAB SIA).
7. Links to otherpages
Please note that KPMG's pages may contain links to other websites, including those maintained by other KPMG member firms, which are not subject to this Privacy Policy but are subject to other privacy statements, which may vary. Before disclosing personal data, we recommend that users review the privacy policy of each such site.
By registering on any KPMG website and then navigating to another KPMG website by saving the login session, you consent to the use of your personal information in accordance with the privacy statement of the KPMG website you are visiting.
8. Policy change
KPMG may change this Privacy Policy from time to time to incorporate our most recent privacy statements. When we make changes to this message, we will change the date of the last revisions, which is indicated at the top of this page. We will inform you of any changes affecting you in the processing of personal data described in this Privacy Policy through the appropriate communication channel, taking into account the channel we use to send other information.
9. Policies and ourstrengths
KPMG works to protect the privacy of your personal information online. If you have any questions or comments about the processing of your personal data, please contact us by e-mail datu_iesniegumi@kpmg.lv (KPMG Baltics SIA) or datu_iesniegumi@kpmglaw.lv (KPMG Law ZAB SIA). These email addresses may also be used to notify you of any problems you may encounter regarding compliance with our online Privacy Policy.
We will acknowledge receipt of your email within 20 days and will try to respond to your question within one month of receiving the email. If your question is difficult or we receive a lot of questions, we will inform you that it takes more than one month to resolve the issue, and we will try to resolve your issue within three months of the time the question was first submitted. We may accept your question (and in this case implement one of the measures listed in the "Your rights" section) or reject it on a legitimate basis.
In any case, you always have the right to submit a complaint to the competent authority in Latvia, which ensures the supervision of the processing and protection of personal data in Latvia, the Data State Inspectorate (more information about the Data State Inspectorate, including the possibilities of communication with it, is available by clicking here). Note: Individuals have the right to lodge complaints with the competent authority at the place of work or residence or at the place where the infringement was committed (in the European Union). Consequently, you have the right to apply to the competent authority of the relevant jurisdiction.
Annex
Transfer of data to third parties
We do not share personal information with third parties except as necessary for our legitimate professional and business needs to meet your requirements and/or when permitted by law or professional standards. This responsibility includes:
· Our service providers: We transfer your personal data to our third-party service providers, such as our (IT) system providers, hosting service providers, payroll payers, consultants (such as legal advisers) and other providers of goods or services. KPMG works with such service providers to process your personal data on our behalf. We will only share your personal data with them if they comply with our standards on data processing and security. We only provide them with personal data that allows them to provide our services.
· In the event of a reorganisation or sale of our firm: Personal data will also be disclosed to KPMG in connection with the sale, transfer or other disposal of any elements of KPMG's business to which the personal data relates.
· Courts, tribunals, law enforcement or competent authorities: KPMG will disclose personal data in order to respond to requests from courts, tribunals, government or law enforcement agencies, or, where necessary or reasonable, to comply with applicable law, court or tribunal orders or rulings, or governmental or professional requirements.
· Audits: Disclosure of personal data will be necessary for data privacy or security audits and/or to investigate or respond to complaints or security threats.
· Insurers: Professional rules and business requirements oblige us to maintain substantial insurance coverage for our economic activities (our "insurance program"). This is necessary to help any KPMG member firm cover the costs that may arise in connection with claims that may be made if it is established that something has not happened as planned during the provision of services. In order to ensure that the insurance programme operates efficiently, it involves different actors in the insurance market (e.g. brokers, insurers and reinsurers, as well as their professional advisers and other third parties who are engaged when a claim is received). Some of these insurance market participants will ask us to provide your personal data. This information will be used by insurance market participants for the subscription and ongoing administration of the insurance program in the event of a claim in which you are involved and to allow insurance market participants to comply with their legal and regulatory obligations. Some insurance market participants will process this information on our behalf (as our service providers described above do), while others will want to process your personal data independently of us.
* KPMG Baltics SIA, a limited liability company registered in Latvia and an independent member firm of KPMG, which are related to the private guarantee company "KPMG International Limited", registered in the United Kingdom, a member firm of the global organization. All rights reserved.