The privacy statement was last updated on  October 1, 2025

KPMG Caucasus and Central Asia (“KPMG CCA”, “we”, or “us” )1 is dedicated to protecting the confidentiality and privacy of information entrusted to us. As part of this fundamental obligation, KPMG CCA is committed to the appropriate protection and use of personal information (sometimes referred to as “personal data”, “personally identifiable information” or “PII”) that has been collected  via our websites, web-based and mobile applications, meetings and events (in-person and virtual), marketing materials and content, and other services, in each case that link to, post or otherwise refer to this Privacy Statement.

Generally, our intent is to collect only the personal information that is provided voluntarily so that we can offer information and/or services to those individuals or offer information about employment opportunities. Please, read this privacy statement (“Privacy Statement”) to be aware about what information we collect how we use, share and protect it, and about your rights.

Who are we?

This Privacy Statement applies to KPMG Caucasus and Central Asia (“KPMG CCA”) refers to all KPMG member firms in Georgia, Kazakhstan, Kyrgyzstan, Armenia, Uzbekistan, Azerbaijan which are member firms of the KPMG network of independent member firms affiliated with KPMG International Limited (“KPMG International”), a private English company limited by guarantee.

1. Collection and use of personal information

    1.1 What information we collect

    1.2 The legal grounds we have to use your personal information

    1.3 Cookies

    1.4 Children

2. Sharing and transfer of personally identifiable information

3. Choices

4. Your rights

5. Data security and integrity

6. Links to other sites

7. The use of Artificial intelligence (AI)

8. Changes to this KPMG statement

9. Policy questions and enforcement

 

1. Collection and use of personal information

1.1 What information we collect

1.1.1.  General provisions

We may collect personal data directly or indirectly

Directly. We obtain personal data directly from Individuals in a variety of ways, for example when they complete our online forms, subscribe to our newsletters, completing surveys, register for webinars, attend meetings or events we host, visit our offices or for recruitment purposes. We may also obtain personal data directly when, for example, we are establishing a business relationship, performing professional services through a contract.

When you register or submit personal information to KPMG we will use this information in the manner outlined in this Privacy Statement. Your personal information is not used for other purposes, unless we obtain your permission, or unless otherwise required or permitted by law or professional standards. For example, if you register to a KPMG web site and provide information about your preferences we will use this information to personalize your user experience. Where you register or login using a third party single user sign-in we may also recognize you as the same user across any different devices you use and personalize your user experience across other KPMG sites you visit. If you send us a resume or curriculum vitae (CV) to apply online for a position with KPMG, we will use the information that you provide to match you with available KPMG job opportunities.

In some cases where you have registered for certain services we will store your email address temporarily until we receive confirmation of the information you provided via an email (i.e. where we send an email to the email address provided as part of your registration to confirm a subscription request).

Indirectly. We obtain personal data about individuals indirectly from a variety of sources, including our clients and recruitment services:

Social and professional networking sites -- If you choose to register or login to a KPMG web site using a third party single sign-in service that authenticates your identity and connects your social media login information (e.g. LinkedIn, Google, or Twitter) with KPMG, we will collect any information or content needed for the registration or log-in that you have permitted the social media provider to share with us, such as your name and email address. Other information we collect will depend on the privacy settings you have set with your social media provider, so please review the privacy statement or policy of the applicable service.

Business clients – In the course of providing professional services to our business clients, we may receive or otherwise access personal data for which the client is the controller or owner and/or operator in accordance with applicable data protection laws. Our services may also include processing personal data under our clients’ control on our hosted software applications, which may be governed by different privacy terms, policies, and notices.

Recruitment services -- We may obtain personal data about candidates from an employment agency, and other parties including former employers, and other official related agencies.

Data subscription services – We may obtain business personal data from external data providers to reach out to prospective new clients.

1.1.2  Information about employees and candidates

We process personal information of our employees, former employees and candidates for vacant positions. The specific types of information and purposes of its processing depend on your relations with KPMG and are described in respective forms of consent for processing of personal information. If you belong to one of the categories mentioned, information about you may be included into KPMG talent pool on the condition that your consent has been obtained. In this case your information shall be processed according to Regulations on the talent pool of KPMG Caucasus Central Asia .

1.1.3. Information required for marketing activities

For promoting our services we develop various marketing activities: organize events (including webinars), publish content on topics of interest, send newsletters about our services, events and publications to the (potential) clients and persons related to them as well to the visitors to our events. We aim at making the information you receive up–to–date and corresponding to your interests. In order to achieve this we may require your personal information (full name, email address, place of work, job position, other contact information).

For collecting your personal information we may use the services administrated by the third parties (e.g. online registration platforms or websites for holding webinars). The relevant suppliers process personal information in accordance with their own policies and we are not responsible for the confidentiality or the information you provide to such platforms. To get more detailed information we recommend that you study the policies of the abovementioned service providers before submitting the data collection forms.

Following your registration for an event, a training session or any other format organized by KPMG and/or its partners, using electronic communication tools, in KPMG offices or in other locations, you acknowledge that the photos and video registrations of the event will be used by KPMG and/or the event organizers to promote the event in the public space (internet, including social media platforms, media), in digital format or in printed form, in accordance with information on the processing of personal data contained in this Privacy Statement.

1.2 The legal grounds we have to use your personal information

KPMG generally collects only the personal information necessary to fulfill your request. Where additional, optional information is sought, you will be notified of this at the point of collection.

The applicable legislation allows us to process personal information so long as we have ground under the law to do so. It also requires us to tell you what those grounds are. As a result, when we process your personal information, we will rely on one of the following processing conditions:

• Performance of a contract: this is when the processing of your personal information is necessary in order to perform our obligations under a contract;
• Legal obligation: this is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency;
• Your consent: in some cases, we will ask you for specific permission to process some of your personal information, and we will only process your personal information in this way if you agree to us doing so.  You may withdraw your consent at any time by contacting KPMG at ccadataprivacy@kpmg.com;

Public Interest – We may process personal data in order to perform a specific task in the public interest or in the exercise of official authority vested in us;

• Legitimate interests: we will process information about you where it is in our legitimate interest in running a lawful business to do so in order to further that business, so long as it doesn’t outweigh your interests;

Examples of the ‘legitimate interests’ referred to above are:

• To offer information and/or services to individuals who visit our website or offer information about employment opportunities.
• To prevent fraud or criminal activity and to safeguard our IT systems.
• To customize individuals’ online experience and improve the performance usability and effectiveness of KPMG’s online presence.
• To conduct, and to analyze, our marketing activities.
• To meet our corporate and social responsibility obligations.

The applicable law may not include some of the legal basis described above. We will process your personal information only in alignment with applicable law requirements.

Special categories of personal data are defined according to the related legislation and processed by KPMG only in accordance with applicable laws.

1.3 Cookies

Our websites may use cookies. Where cookies are used, a statement will be sent to your browser explaining the use of cookies. To learn more, please refer to our Cookies Notice.

1.4 Children

KPMG understands the importance of protecting children’s privacy, especially in an online environment. In particular, our sites are not intentionally designed for or directed at children under the age of 14. It is our policy never to knowingly collect or maintain information about anyone under the age of 14, except as part of an engagement to provide professional services. We may occasionally receive details about children attending performances and other events we host with their parents or guardians 

Сhildren’s personal information will be processed by KPMG only in accordance with applicable law.

2. Sharing and transfer of personal information

2.1 Transfer within the network of KPMG firms

We share information about you with other firms in the KPMG global organization as part of international engagements, and with KPMG International Limited, its related entities and other KPMG firms where required or desirable to meet our legal and regulatory obligations around the world.  Other parts of the KPMG organization are also used to provide services to us and you, for example hosting and supporting IT applications, provision of certain forms of insurance for KPMG firms and their clients, performing client conflicts checks and Anti-Money Laundering checks, assisting with client engagement services and otherwise as required in order to continue to run KPMG’s business.

2.2 Transfers to third parties

We do not share personal information with third parties, except as necessary for our legitimate professional and business needs, to carry out your requests, and/or as required or permitted by law or professional standards. When we transfer your personal information it will continue to be protected by means of contracts we have in place with those organization/third parties and containing data protection clauses Each organization/third party is required to safeguard personal data in accordance with our contractual obligations and/or data protection legislation.

KPMG will not transfer the personal information you provide to any third parties for their own direct marketing use.

3. Choices

In general, you are not required to submit any personal information to KPMG, but we will require you to provide certain personal information in order for you to receive additional information about our services and events. KPMG will also ask for your permission for certain uses of your personal information, and you can agree to or decline those uses. If you opt-in for particular services or communications, such as an e-newsletter, you will be able to unsubscribe at any time by following the instructions included in each communication. If you decide to unsubscribe from a service or communication, we will try to remove your information promptly, although we may require additional information before we can process your request.

As described in “Cookies” above, if you wish to prevent cookies from tracking you as you navigate our sites, you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Note, however, that some portions of our sites may not work properly if you elect to refuse cookies.

4. Your rights

If KPMG processes personal information about you, you have the following rights:

• Access and correction: you have the right to ask us to verify whether we are processing personal data about you. This is sometimes called a ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you, we will provide it to you free of charge. Before providing personal information to you, we may ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information. If the information we hold about you is incorrect, you are entitled to ask us to correct any inaccuracies in the personal information.
• Object to processing: you have the right to object to us processing your personal information if we are not entitled to use it anymore.
• Rights to withdraw your consent and/or lodge a complaint to supervisory authority.
• Erasure; you have the right to ask us to delete your personal data after you withdraw your consent to processing or when we no longer need it for the purpose it was originally collected. You also may have other rights, depending on applicable law.

You can make a request or exercise these rights by contacting KPMG at ccadataprivacy@kpmg.com , outlining the purpose for which your contacts have been provided to us, and we will make all reasonable and practical efforts to comply with your request, so long as it is consistent with applicable law and professional standards.

5. Data security and integrity

KPMG has reasonable security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite KPMG's best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who have a need to know. Those individuals who have access to the data are required to maintain confidentiality of such information.

We also make reasonable efforts to retain personal information only for so long i) as the information is necessary to comply with an individual's requests and/or perform contractual obligations, ii) as necessary to comply with legal, regulatory, internal business or policy requirements, or iii) until the person that has provided the personal information asks that the information be deleted. The period for which data is retained will depend on the specific nature and circumstances under which the information was collected; however, subject to requirements of i)-iii) above, personal information will not be retained longer than required according to the applicable legislation.

6. Links to other sites

Please be aware that KPMG web sites will typically contain links to other sites, including sites maintained by other KPMG member firms that are not governed by this Privacy Statement but by other privacy statements that will often differ somewhat. We encourage users to review the privacy policy of each Web site visited before disclosing any personal information.

By registering on any KPMG web site and then navigating to another KPMG web site while still logged in, you agree to the use of your personal information in accordance with the privacy statement of the KPMG web site you are visiting.

7. The use of Artificial Intelligence (AI)

KPMG may use Artificial Intelligence (AI) technologies to support and improve our services. KPMG ensures AI is used in line with applicable regulations and laws. Any data processed by an AI system is handled according to our commitments to privacy fairness and transparency.

8. Changes to this KPMG statement

KPMG may modify this Privacy Statement from time to time to reflect our current privacy practices. When we make changes to this statement, we will revise the "updated" date at the top of this page. We encourage you to periodically review this Privacy Statement to be informed about how KPMG is protecting your information.

9. Policy questions and enforcement

KPMG is committed to protecting the online privacy of your personal information.

If you have questions or comments about our administration of your personal information, please contact us at ccadataprivacy@kpmg.com You may also use this address to communicate any concerns you may have regarding compliance with our Privacy Statement. We will acknowledge your email and seek to resolve your concern within reasonable period of time and no longer than the applicable law provides for each type of request.

If you are not satisfied with the response you receive, you may escalate your concern to the Global Privacy Officer by sending an email to globalprivacyoffice@kpmg.com . Global Privacy Officer will acknowledge your email within 14 days and seek to resolve your concern within one month of receipt. When the concern is complex or we have a large volume of concerns, we will notify you that the concern will take longer than one month to resolve, and we will seek to resolve your concern within three months of the concern being first raised.  We may accept your concern (and in that case implement one of the measures set out in the ‘Your Rights’ section above), or we may reject your concern on legitimate grounds.

In any event, you always have the right to lodge a complaint with the regulator in charge of protecting personal information in your jurisdiction.

1  “KPMG”, “we”,  “us” and “our” refers to the global organization or to one or more of the member firms of KPMG International Limited (“KPMG International”), each of which is a separate legal entity. 

KPMG International Limited is a private English company limited by guarantee and does not provide services to clients. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.

 

Maxfiylik siyosati — oxirgi yangilangan sana: 2025-yil 1-oktyabr

KPMG Kavkaz va Markaziy Osiyo (“KPMG CCA”, “biz” yoki “kompaniyamiz”) siz tomonidan bizga ishonib topshirilgan axborotning maxfiyligi va daxlsizligini ta’minlashga qat’iy sodiqdir. Ushbu asosiy majburiyat doirasida KPMG CCA tomonidan veb-saytlarimiz, onlayn va mobil ilovalarimiz, uchrashuvlar va tadbirlarimiz (yuzma-yuz yoki masofaviy shaklda), marketing materiallari va boshqa tegishli xizmatlar orqali to‘plangan shaxsiy ma’lumotlar (ba’zida “shaxsiy axborot”, “identifikatsiyalanuvchi shaxsiy ma’lumotlar” yoki “PII” deb yuritiladi)ni tegishli tarzda himoya qilish va ulardan qonuniy asosda foydalanish borasida qat’iy choralar ko‘riladi.

Umuman olganda, biz faqat siz tomonidan ixtiyoriy ravishda taqdim etilgan shaxsiy ma’lumotlarni yig‘amiz. Buning asosiy maqsadi — sizga tegishli axborot va/yoki xizmatlarni taqdim etish yoki mavjud bo‘lgan ish o‘rinlari to‘g‘risida sizni xabardor qilishdir. Ushbu Maxfiylik siyosati bilan tanishib chiqishingizni so‘raymiz — unda biz qanday turdagi axborotni to‘plashimiz, undan qanday foydalanishimiz, uni qanday himoya qilishimiz va sizning ushbu jarayondagi huquqlaringiz haqida batafsil ma’lumot keltirilgan.

Biz kimmiz?

Ushbu Maxfiylik siyosati KPMG Kavkaz va Markaziy Osiyo (“KPMG CCA”) hududida faoliyat yurituvchi barcha KPMG a’zolik firmalariga nisbatan qo‘llaniladi. Jumladan, ushbu siyosat quyidagi davlatlarda joylashgan firmalarni qamrab oladi: Gruziya, Qozog‘iston, Qirg‘iziston, Armaniston, O‘zbekiston va Ozarbayjon.

Ushbu firmalar, KPMG International Limited (Buyuk Britaniyada ro‘yxatdan o‘tgan, kafolatli xususiy kompaniya) bilan bog‘liq bo‘lgan, o‘zaro mustaqil a’zolik firmalaridan iborat KPMG global tarmog‘iga a’zodir. Har bir firma alohida yuridik shaxs bo‘lib, KPMG International yoki boshqa a’zolik firmalar nomidan harakat qilish vakolatiga ega emas.

 

Mazmuni

1.     Shaxsiy ma’lumotlarni yig‘ish va undan foydalanish

• 1.1 Qanday ma’lumotlarni yig‘amiz
• 1.2 Shaxsiy ma’lumotlardan foydalanishga asos bo‘luvchi huquqiy zaminlar
• 1.3 Cookies (Kukilar)dan foydalanish
• 1.4 Voyaga yetmaganlarning ma’lumotlari

2.     Shaxsiy identifikatsiyalanuvchi ma’lumotlarni ulashish va transchegaraviy uzatish

3.     Tanlov erkinligi

4.     Sizning huquqlaringiz

5.     Axborot xavfsizligi va ma’lumotlar yaxlitligi

6.     Tashqi veb-saytlarga havolalar

7.     Sun’iy intellekt (AI)dan foydalanish

8.     Mazkur Maxfiylik siyosatiga o‘zgartirishlar kiritilishi

9.     Savollar, shikoyatlar va nazorat tartibi

1. Shaxsiy ma’lumotlarni yig‘ish va ulardan foydalanish

1.1 Qanday axborotni yig‘amiz

1.1.1 Umumiy qoidalar

Biz shaxsiy ma’lumotlarni bevosita yoki bilvosita tarzda yig‘ishimiz mumkin.

Bevosita yig‘ish.
Biz shaxsiy ma’lumotlarni bevosita jismoniy shaxslardan quyidagi holatlarda yig‘amiz:

• onlayn shakllarimizni to‘ldirishda,
• axborot byulletenlariga obuna bo‘lishda,
• so‘rovnomalarda ishtirok etishda,
• vebinar va boshqa tadbirlarga ro‘yxatdan o‘tishda,
• kompaniyamiz tomonidan tashkil etilgan uchrashuv va voqealarda ishtirok etishda,
• ofislarimizga tashrif buyurganda yoki
• ishga qabul qilish jarayonida.

Shuningdek, ishbilarmonlik munosabatlarini o‘rnatish yoki professional xizmatlar ko‘rsatish bo‘yicha shartnoma asosida faoliyat olib borayotganimizda ham shaxsiy ma’lumotlar bevosita yig‘ilishi mumkin.

Siz KPMG’ga ro‘yxatdan o‘tganingizda yoki shaxsiy ma’lumotlaringizni taqdim etganingizda, ushbu axborotdan mazkur Maxfiylik siyosatida belgilangan tartibda foydalaniladi. Shaxsiy ma’lumotlaringiz faqat sizning roziligingiz bilan yoki amaldagi qonunlar va professional standartlar talab qilgan hollar bundan mustasno, boshqa maqsadlar uchun ishlatilmaydi.

Misol uchun, agar siz KPMG veb-saytida ro‘yxatdan o‘tib, o‘z xohishlaringiz (afzalliklaringiz) haqida ma’lumot bergan bo‘lsangiz, ushbu ma’lumotlardan sizga moslashtirilgan foydalanuvchi tajribasini taqdim etish uchun foydalanamiz.

Agar siz uchinchi tomonning yagona autentifikatsiya tizimi (masalan, Google, LinkedIn, Twitter) orqali ro‘yxatdan o‘tsangiz yoki tizimga kirgan bo‘lsangiz, sizni bir nechta qurilmalarda bitta foydalanuvchi sifatida aniqlashimiz va KPMG’ning boshqa veb-resurslarida ham shaxsiylashtirilgan foydalanuvchi tajribasini taqdim etishimiz mumkin.

Agar siz bizga rezyume yoki tarjimai holingizni (CV) onlayn tarzda yuborsangiz, taqdim etgan ma’lumotlaringiz KPMG’dagi mavjud bo‘sh ish o‘rinlari bilan mosligini aniqlash uchun ishlatiladi.

Ayrim hollarda, siz muayyan xizmatlar uchun ro‘yxatdan o‘tganingizda, biz siz bergan elektron pochta manzilingizga tasdiqlovchi xat yuborgunimizcha ushbu manzilni vaqtincha saqlab turamiz (masalan, sizning obuna so‘rovingizni tasdiqlash uchun yuboriladigan pochta orqali).

Biznes mijozlar

Biz biznes mijozlarimizga professional xizmatlar ko‘rsatish jarayonida, mos ravishda amaldagi ma’lumotlarni himoya qilish qonunchiligiga muvofiq, mijoz egasi yoki operatori bo‘lgan shaxsiy ma’lumotlarni olishimiz yoki ularga kirish huquqiga ega bo‘lishimiz mumkin.

Shuningdek, mijozlarimiz nazoratida bo‘lgan shaxsiy ma’lumotlarni bizning serverlarimizda joylashgan dasturiy ta’minotlar orqali qayta ishlashimiz mumkin. Bunday xizmatlarga nisbatan maxfiylikka oid alohida shartlar, siyosatlar yoki bildirishnomalar qo‘llanilishi mumkin.

Ishga qabul qilish xizmatlari

Biz bo‘sh ish o‘rinlariga nomzodlar haqida shaxsiy ma’lumotlarni quyidagi manbalardan olamiz:

• ishga joylashtirish agentliklari,
• sobiq ish beruvchilar,
• boshqa tegishli rasmiy tashkilotlar yoki manbalar.

Ma’lumotlar obunasi xizmati

Yangi potensial mijozlar bilan bog‘lanish maqsadida, biz tashqi ma’lumot yetkazib beruvchilar orqali biznesga oid shaxsiy ma’lumotlarni olishimiz mumkin.

1.1.2 Xodimlar va nomzodlarga oid ma’lumotlar

Biz o‘zimizning amaldagi xodimlarimiz, sobiq xodimlarimiz hamda bo‘sh ish o‘rinlariga da’vogar nomzodlar to‘g‘risidagi shaxsiy ma’lumotlarni qayta ishlaymiz.

Yig‘iladigan ma’lumotlarning aniq turlari va ularning qayta ishlanish maqsadi sizning KPMG bilan bo‘lgan munosabatingizga bog‘liq bo‘lib, shaxsiy ma’lumotlarni qayta ishlash uchun berilgan rozilik shakllarida aniq ko‘rsatilgan bo‘ladi.

Agar siz yuqoridagi toifalardan biriga tegishli bo‘lsangiz, siz haqingizdagi ma’lumotlar KPMG Kavkaz va Markaziy Osiyoning iste’dodlar rezervi (talent pool) bazasiga kiritilishi mumkin, faqat sizning roziligingiz mavjud bo‘lgan taqdirda.

Bunday holatda, sizning ma’lumotlaringiz “KPMG Kavkaz va Markaziy Osiyo Iste’dodlar rezervi to‘g‘risidagi Nizom”ga muvofiq tarzda qayta ishlanadi.

1.1.3 Marketing faoliyatlari uchun zarur bo‘lgan ma’lumotlar

Biz xizmatlarimizni targ‘ib qilish maqsadida turli marketing faoliyatlarini amalga oshiramiz. Bunga quyidagilar kiradi:

• tadbirlar (shu jumladan vebinarlar) tashkil etish,
• mavzuli materiallar va kontentlar nashr etish,
• xizmatlarimiz, tadbirlarimiz va nashrlarimiz haqida axborot byulletenlarini yuborish (potensial mijozlar va ular bilan bog‘liq shaxslarga, shuningdek, tadbirlarimizda ishtirok etgan mehmonlarga).

Biz sizga yuboriladigan axborot yangilangan, dolzarb va sizning qiziqishlaringizga mos bo‘lishiga intilamiz. Shu sababli, biz quyidagi shaxsiy ma’lumotlarni so‘rashimiz mumkin:

• to‘liq ism-familiya,
• elektron pochta manzili,
• ish joyi,
• lavozimi,
• boshqa aloqa ma’lumotlari.

Ma’lumotlarni yig‘ish uchun biz uchinchi tomon tomonidan boshqariladigan xizmatlardan (masalan, onlayn ro‘yxatga olish platformalari yoki vebinarlar uchun veb-saytlar) foydalanishimiz mumkin.

Bu xizmatlar shaxsiy ma’lumotlarni o‘zlarining maxfiylik siyosatlari asosida qayta ishlaydi. Shu boisdan, biz ushbu platformalarga siz tomonidan taqdim etilgan ma’lumotlarning maxfiyligiga javobgar emasmiz.

Ma’lumotlar yuborilishidan avval, yuqorida tilga olingan xizmat ko‘rsatuvchilarning maxfiylik siyosatlari bilan diqqat bilan tanishishingizni tavsiya qilamiz.

Tadbir, trening va boshqa faoliyatlarga oid fotosurat va video materiallardan foydalanish

KPMG va/yoki uning hamkorlari tomonidan tashkil etilgan tadbir, trening yoki boshqa shakldagi faoliyatlarga, elektron kommunikatsiya vositalari orqali, KPMG ofislarida yoki boshqa joylarda ro‘yxatdan o‘tganingizdan so‘ng, siz quyidagilarni tushunasiz va rozilik bildirasiz: tadbir jarayonida olingan fotosuratlar va video yozuvlar KPMG va/yoki tadbir tashkilotchilari tomonidan jamoatchilikka (internet, shu jumladan ijtimoiy tarmoqlar, ommaviy axborot vositalari) targ‘ib qilish uchun, raqamli yoki chop etilgan shaklda, ushbu Maxfiylik bayonotida ko‘rsatilgan shaxsiy ma’lumotlarni qayta ishlash qoidalariga muvofiq foydalaniladi.

1.2 Shaxsiy ma’lumotlaringizdan foydalanish uchun huquqiy asoslar

KPMG odatda sizning so‘rovingizni bajarish uchun zarur bo‘lgan faqatgina shaxsiy ma’lumotlarni yig‘adi. Qo‘shimcha va ixtiyoriy ma’lumot so‘ralganda, siz buni ma’lumot yig‘ish paytida xabardor qilinasiz.

Amaldagi qonunchilik bizga shaxsiy ma’lumotlarni faqat qonuniy asos mavjud bo‘lsa qayta ishlashga ruxsat beradi. Shuningdek, qonun sizga bu asoslar haqida ma’lumot berishni talab qiladi. Shunday qilib, biz sizning shaxsiy ma’lumotlaringizni qayta ishlaganda, quyidagi qonuniy asoslardan biriga tayangan holda harakat qilamiz:

• Shartnoma bajarilishi: sizning shaxsiy ma’lumotlaringizni qayta ishlash bizning shartnoma bo‘yicha majburiyatlarimizni bajarish uchun zarur bo‘lgan holatlar;
• Qonuniy majburiyat: qonun tomonidan talab qilingan holatlar, masalan, soliq hisoboti yuritish yoki davlat organlariga yoki huquqni muhofaza qiluvchi organlarga ma’lumot taqdim etish uchun shaxsiy ma’lumotlarni qayta ishlash;
• Sizning roziligingiz: ba’zi holatlarda biz shaxsiy ma’lumotlaringizning ayrim turlarini qayta ishlash uchun maxsus rozilik so‘raymiz va faqat roziligingiz bo‘lsa ma’lumotlaringizni qayta ishlaymiz. Roziligingizni istalgan vaqtda bekor qilishingiz mumkin, buni amalga oshirish uchun KPMGga ccadataprivacy@kpmg.com manzili orqali murojaat qilishingiz mumkin;
• Jamoat manfaatlari: biz shaxsiy ma’lumotlarni jamoat manfaatlariga xizmat qiluvchi yoki bizga berilgan vakolat doirasida ma’lum vazifalarni bajarish maqsadida qayta ishlashimiz mumkin;
• Legitim manfaatlar: qonuniy biznes yuritish jarayonida bizning qonuniy manfaatlarimiz uchun, shuningdek, sizning manfaatlaringizga ustunlik bermaydigan holatda shaxsiy ma’lumotlaringizni qayta ishlash.

Legitim manfaatlarga misollar:

• Bizning veb-saytimizga tashrif buyurgan shaxslarga ma’lumot va/yoki xizmatlarni taklif qilish yoki ish imkoniyatlari haqida axborot berish;
• Firibgarlik yoki jinoyat faoliyatining oldini olish hamda IT tizimlarimiz xavfsizligini ta’minlash;
• Foydalanuvchilarning onlayn tajribasini moslashtirish va KPMG onlayn resurslarining samaradorligi hamda foydalanish qulayligini yaxshilash;
• Marketing faoliyatlarimizni tashkil etish va tahlil qilish;
• Korporativ va ijtimoiy mas’uliyat majburiyatlarini bajarish.

Amaldagi qonunchilik yuqorida keltirilgan barcha qonuniy asoslarni o‘z ichiga olmaydi. Biz shaxsiy ma’lumotlaringizni faqat amaldagi qonunchilik talablariga muvofiq ravishda qayta ishlaymiz.

Maxsus kategoriyalarga kiruvchi shaxsiy ma’lumotlar tegishli qonunlar asosida aniqlanadi va KPMG tomonidan faqat amaldagi qonunchilikka muvofiq tarzda qayta ishlanadi.

1.3 Cookie-fayllar

Bizning veb-saytlarimiz cookie-fayllardan foydalanishi mumkin. Cookie-fayllar qo‘llanilganda, brauzeringizga cookie-fayllar qanday ishlatilishini tushuntiruvchi bildirishnoma yuboriladi. Batafsil ma’lumot olish uchun iltimos, Cookie-fayllar to‘g‘risidagi bildirishnomamizga murojaat qiling.

1.4 Bolalar

KPMG onlayn muhitda, ayniqsa bolalarning maxfiyligini himoya qilish muhimligini yaxshi tushunadi. Ayniqsa, bizning saytlarimiz 14 yoshdan kichik bolalar uchun mo‘ljallanmagan va yo‘naltirilmagan. Biz hech qachon 14 yoshdan kichik shaxslar haqida ma’lumotni ixtiyoriy ravishda yig‘maymiz va saqlamaymiz, bundan faqat professional xizmat ko‘rsatish doirasida foydalaniladi. Ba’zida esa biz ota-onalar yoki vasiylari bilan birga bo‘lgan bolalar haqidagi ma’lumotlarni o‘tkazmalar yoki boshqa tadbirlar jarayonida olamiz.

Bolalarning shaxsiy ma’lumotlari KPMG tomonidan faqat amaldagi qonunlarga muvofiq tarzda qayta ishlanadi.

2. Shaxsiy ma’lumotlarni ulashish va uzatish

2.1 KPMG firmalari tarmog‘i doirasida uzatish

Xalqaro loyihalar doirasida siz haqingizdagi ma’lumotlarni KPMG global tashkilotidagi boshqa firmalar bilan hamda KPMG International Limited, uning tegishli tashkilotlari va boshqa KPMG firmalari bilan qonuniy va tartibga oid talablarni bajarish uchun ulashamiz. KPMG tashkilotining boshqa bo‘linmalari ham bizga va sizga xizmat ko‘rsatish uchun jalb qilinadi, masalan, IT-ilovalarni joylashtirish va qo‘llab-quvvatlash, KPMG firmalari va ularning mijozlari uchun sug‘urta xizmatlarini taqdim etish, mijozlar o‘rtasidagi manfaatlar to‘qnashuvini va Pul yuvishning oldini olish tekshiruvlarini amalga oshirish, mijozlar bilan ishlashda yordam berish va boshqa KPMG faoliyatini davom ettirish uchun zarur bo‘lgan vazifalar.

2.2 Uchinchi shaxslarga uzatish

Shaxsiy ma’lumotlaringizni uchinchi shaxslarga faqatgina bizning qonuniy professional va biznes ehtiyojlarimiz, sizning so‘rovingizni bajarish, hamda qonun va professional standartlar talab qilganda yoki ruxsat berganda ulashamiz. Ma’lumotlaringiz uzatilganda, ular tegishli shartnomalar va ma’lumotlarni himoya qilish bandlari bilan himoyalangan bo‘ladi. Har bir tashkilot yoki uchinchi tomon shaxsiy ma’lumotlarni himoya qilish bo‘yicha biz bilan tuzilgan shartnomaviy majburiyatlarga yoki ma’lumotlarni himoya qilish qonunchiligiga muvofiq xavfsizligini ta’minlashi lozim.

KPMG siz taqdim qilgan shaxsiy ma’lumotlarni uchinchi tomonlarning o‘zlarining to‘g‘ridan-to‘g‘ri marketing maqsadlarida foydalanishi uchun uzatmaydi.

3. Tanlovlar

Umuman olganda, siz KPMGga hech qanday shaxsiy ma’lumotni taqdim etishga majbur emassiz, ammo biz sizga xizmatlarimiz va tadbirlarimiz haqida qo‘shimcha ma’lumot yuborish uchun ba’zi shaxsiy ma’lumotlarni so‘rashi mumkin. KPMG shaxsiy ma’lumotlaringizning ayrim maqsadlarda ishlatilishi uchun ruxsat so‘raydi va siz bu foydalanishga rozilik berishingiz yoki rad etishingiz mumkin. Masalan, agar siz elektron yangiliklar byulleteniga obuna bo‘lsangiz, har qanday vaqtda har bir xabarda ko‘rsatilgan ko‘rsatmalarga amal qilib obunani bekor qilishingiz mumkin. Agar siz xizmat yoki kommunikatsiyadan voz kechsangiz, biz ma’lumotlaringizni imkon qadar tezda o‘chirib tashlashga harakat qilamiz, ammo so‘rovingizni bajarishdan oldin qo‘shimcha ma’lumot talab qilinishi mumkin.

Yuqorida “Cookie-fayllar” bo‘limida ta’kidlanganidek, agar siz saytlarimizni ko‘rib chiqishda cookie-fayllarning ishlashini cheklamoqchi bo‘lsangiz, brauzeringizni barcha cookie-fayllarni rad etish yoki cookie-fayl yuborilganda xabar berish rejimiga o‘rnatishingiz mumkin. Shuni yodda tutingki, cookie-fayllarni rad etsangiz, saytlarimizning ayrim funksiyalari to‘g‘ri ishlamasligi mumkin.

4. Sizning huquqlaringiz

Agar KPMG siz haqingizda shaxsiy ma’lumotlarni qayta ishlasa, siz quyidagi huquqlarga egasiz:

• Ma’lumotlarga kirish va ularni to‘g‘rilash: Siz bizdan shaxsiy ma’lumotlaringiz qayta ishlanayotganligini tasdiqlashni so‘rashingiz mumkin. Bunday so‘rov “Sub’yektning ma’lumotlarga kirish so‘rovi” deb ataladi. Agar biz sizga ma’lumotlarni taqdim etishga majbur ekanligimizni tasdiqlasak, bu ma’lumotlarni bepul taqdim etamiz. Shaxsiy ma’lumotlarni taqdim etishdan oldin, biz sizdan shaxsiyatingizni tasdiqlovchi hujjat va biz bilan o‘zaro aloqalaringiz haqida yetarli ma’lumot so‘rashi mumkin, shunda biz siz haqingizdagi ma’lumotlarni aniqlay olamiz. Agar bizda saqlanayotgan ma’lumotlar noto‘g‘ri bo‘lsa, siz ularni to‘g‘rilashni talab qilish huquqiga egasiz.
• Qayta ishlashga qarshi chiqish: Agar bizda sizning shaxsiy ma’lumotlaringizni qonuniy asosda ishlatish huquqi yo‘q bo‘lsa, siz ushbu ma’lumotlarning qayta ishlanishiga qarshi chiqishingiz mumkin.
• Rozilikni bekor qilish va nazorat organiga shikoyat qilish huquqi: Siz har qanday vaqtda o‘z roziligingizni bekor qilishingiz hamda tegishli nazorat organlariga shikoyat qilishingiz mumkin.
• Ma’lumotlarni o‘chirib tashlash (erasure): Siz shaxsiy ma’lumotlaringizni qayta ishlash uchun bergan roziligingizni bekor qilganingizdan yoki ular dastlab to‘plangan maqsad uchun endi zarur bo‘lmaganda, ularni o‘chirib tashlashni talab qilish huquqiga egasiz.
• Bundan tashqari, amaldagi qonunchilikka muvofiq boshqa huquqlaringiz ham bo‘lishi mumkin.

Ushbu huquqlardan foydalanish yoki so‘rov yuborish uchun siz KPMGga ccadataprivacy@kpmg.com elektron manzili orqali murojaat qilishingiz mumkin. Murojaatda ma’lumotlaringiz bizga qanday maqsadda taqdim etilganini aniq ko‘rsatishingiz kerak bo‘ladi. Biz qonunchilik va professional standartlarga muvofiq, iloji boricha sizning so‘rovingizga amaliy javob berishga harakat qilamiz.

5. Ma’lumotlarning xavfsizligi va yaxlitligi

KPMG shaxsiy ma’lumotlarni ruxsatsiz yo‘qotilish, noto‘g‘ri ishlatilish, o‘zgartirilish yoki yo‘q qilinishdan himoya qilish maqsadida maqbul xavfsizlik siyosatlari va protseduralarini joriy qilgan. Shunga qaramay, KPMG tomonidan barcha xavf-xatarlarga qarshi to‘liq kafolat berish imkoniyati mavjud emas. Bizning imkoniyatlarimiz doirasida, shaxsiy ma’lumotlarga kirish faqat ushbu ma’lumotlarga ehtiyoji bo‘lgan shaxslar bilan cheklangan. Ma’lumotlarga kirish huquqiga ega bo‘lgan shaxslar ushbu ma’lumotlarning maxfiyligini saqlash majburiyatiga ega.

Shuningdek, biz shaxsiy ma’lumotlarni saqlashda quyidagi mezonlarga asoslanamiz:
i) ma’lumotlar shaxsning so‘rovlari yoki shartnoma majburiyatlarini bajarish uchun zarur bo‘lgan muddatgacha;
ii) qonuniy, tartibga soluvchi, ichki biznes yoki siyosat talablariga muvofiq zarur bo‘lgan muddatgacha;
iii) shaxs ma’lumotlarni o‘chirishni talab qilmagunicha.

Ma’lumotlarni saqlash muddati yig‘ilgan shaxsiy ma’lumotlarning tabiatiga va yig‘ilish sharoitlariga bog‘liq bo‘ladi. Biroq yuqoridagi mezonlar (i)- (iii) ga muvofiq, shaxsiy ma’lumotlar faqat amaldagi qonunchilik talablariga muvofiq zarur bo‘lgan muddatgacha saqlanadi.

6. Boshqa saytlarga havolalar

Iltimos, e'tiboringizni qaratingki, KPMG veb-saytlarida ko‘pincha boshqa saytlar, jumladan, ushbu Maxfiylik bayonotiga emas, balki boshqacha maxfiylik siyosatlariga bo‘ysunadigan boshqa KPMG a’zo firmalari tomonidan boshqariladigan saytlar havolalari mavjud bo‘ladi. Har bir tashrif buyurilgan veb-saytning maxfiylik siyosatini shaxsiy ma’lumotlarni oshkor qilishdan oldin diqqat bilan ko‘rib chiqishingizni tavsiya qilamiz.
Agar siz har qanday KPMG veb-saytida ro‘yxatdan o‘tib, tizimga kirgan holda boshqa KPMG veb-saytiga o‘tgan bo‘lsangiz, siz tashrif buyurayotgan KPMG veb-saytining maxfiylik bayonotiga muvofiq shaxsiy ma’lumotlaringiz ishlatilishini qabul qilgan hisoblanasiz.

7. Sun’iy intellekt (AI)dan foydalanish

KPMG xizmatlarimizni qo‘llab-quvvatlash va takomillashtirish maqsadida Sun’iy Intellekt (AI) texnologiyalaridan foydalanishi mumkin. KPMG AI texnologiyalarining amaldagi qonun va tartibga solish normalariga muvofiq qo‘llanilishini ta’minlaydi. AI tizimi tomonidan qayta ishlanadigan har qanday ma’lumot maxfiylik, adolat va oshkoralikka bo‘lgan majburiyatlarimizga muvofiq boshqariladi.

8. Ushbu KPMG bayonotidagi o‘zgarishlar

KPMG o‘z amaldagi maxfiylik siyosatini aks ettirish maqsadida ushbu Maxfiylik bayonotini vaqti-vaqti bilan yangilashi mumkin. Bayonotga kiritilgan o‘zgarishlar sahifaning yuqorisida ko‘rsatilgan “yangilangan” sanani o‘zgartirish orqali aks ettiriladi. Shaxsiy ma’lumotlaringiz qanday himoyalanayotgani haqida muntazam ravishda xabardor bo‘lishingiz uchun ushbu Maxfiylik bayonotini vaqti-vaqti bilan ko‘rib chiqishingizni tavsiya qilamiz.

9. Siyosat bo‘yicha savollar va nazorat

KPMG sizning shaxsiy ma’lumotlaringizning onlayn maxfiyligini himoya qilishga sodiqdir.
Agar sizda shaxsiy ma’lumotlaringizni boshqarish bo‘yicha savollar yoki fikr-mulohazalar bo‘lsa, iltimos, ccadataprivacy@kpmg.com elektron manzili orqali biz bilan bog‘laning. Siz ushbu manzilga Maxfiylik bayonotiga rioya qilinishiga oid har qanday tashvishlaringizni ham yo‘llashingiz mumkin. Biz sizning elektron pochtangizni qabul qilib, munosib muddat ichida, lekin har doim amaldagi qonunchilikda belgilangan maksimal muddatdan oshmaydigan holda, masalani hal qilishga harakat qilamiz.

Agar sizga berilgan javobdan qoniqmasangiz, tashvishingizni Global Privacy Officerga oshirishingiz mumkin. Buning uchun globalprivacyoffice@kpmg.com manziliga murojaat qiling. Global Privacy Officer sizning xabaringizni 14 kun ichida qabul qilib oladi va tashvishingizni bir oy ichida hal qilishga intiladi. Murakkab yoki ko‘p sonli tashvishlar mavjud bo‘lsa, sizga bu jarayon bir oy davom etmasligi haqida xabar beriladi va tashvish uch oy ichida hal qilinishga harakat qilinadi. Biz tashvishingizni qabul qilib, yuqoridagi "Sizning huquqlaringiz" bo‘limida belgilangan choralarni amalga oshirishimiz mumkin yoki qonuniy asoslar bilan rad etishimiz mumkin.

Har qanday holatda, siz o‘z yurisdiktsiyangizda shaxsiy ma’lumotlarni himoya qiluvchi nazorat organiga shikoyat qilish huquqiga egasiz.

Izoh:
“KPMG”, “biz”, “bizning” va “bizga” atamalari KPMG International Limited (“KPMG International”)ga a’zo bo‘lgan global tashkilot yoki uning bir yoki bir nechta mustaqil a’zo firmalariga tegishli bo‘lib, har biri alohida yuridik shaxs hisoblanadi. KPMG International Limited – bu Angliya kompaniyasi bo‘lib, mijozlarga xizmat ko‘rsatmaydi. Hech bir a’zo firma KPMG International yoki boshqa a’zo firmani uchinchi tomonlar oldida majbur qilish yoki vakillik qilish huquqiga ega emas, shuningdek, KPMG International ham hech bir a’zo firmani shunday vakillik qilish huquqiga ega emas.