January 04, 2024
2. About BRIDGEBIS
3. The “BRIDGEBIS.COM” website
4. Collection of Your Personal Information
This privacy notice explains how BRIDGEBIS company (“BRIDGEBIS”) collects and uses personal data and describes the rights you have with respect to your personal data.
In this notice, “BRIDGEBIS,” “our”, “we” or “us” refers to the organization of BRIDGEBIS.
2. ABOUT BRIDGEBIS
BRIDGEBIS LLC is a New York State Limited Liability Company that provides professional services to clients and does participate in client engagements. BRIDGEBIS LLC oversees implementation of policies and has authority to represent or bind any thereof.
3. The “BRIDGEBIS.com” Website
The “BRIDGEBIS.com” website (the “Website”) is comprised of global content, which relates to the business and operations of BRIDGEBIS. The global content on the Website is owned and operated by BRIDGEBIS LLC (“BRIDGEBIS”), a Limited Liability Company registered in the New York State.
4. Collection of Your Personal Information
BRIDGEBIS processes personal data for a variety of purposes. We collect this personal data directly from you, for example, if you engage us to prepare your tax return, if you visit bridgebis.com (our Website), if you submit your contact details to receive marketing communications from us, if you submit event-related data to attend BRIDGEBIS events or submit a job application via the BRIDGEBIS careers website. Finally, we obtain your personal data via publicly available sources, such as LinkedIn. This privacy notice is intended to cover all the above-mentioned scenarios.
Listed below more detailed information regarding various purposes for which we process personal data:
- Visitors to bridgebis.com
- Individuals whose personal data we obtain in connection with providing services to our clients.
- Insolvency services
- Contacts in our customer relationship management (CRM) systems
- Participants of BRIDGEBIS meetings, conferences, events and learning sessions
- Individuals who use our applications
- Individuals who visit our social media sites, social media plugins and tools
- Individuals who correspond with BRIDGEBIS and representatives including employees and consultants via email
- Individuals who correspond with BRIDGEBIS via voicemail services
- Job applicants
- BRIDGEBIS /Ethics
- Visitors to BRIDGEBIS offices
If you have any questions regarding the processing of your personal data or wish to contact the data protection officer of an EY member firm, please contact the BRIDGEBIS https://www.bridgebis.com/contact/ who will send your query to the appropriate person or team within the organization.
4.a. What Data Is Covered
In this privacy notice, “personal data” means any information relating to an individual who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier. Personal data also refers to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of an individual.
It also includes special categories of personal data (special category data) from which we can determine or infer an individual’s.
- Racial or ethnic origin
- Political opinions
- Religious or philosophical beliefs
- Membership of a trade union
- Genetic data
- Biometric data
- Physical or mental health or condition
- Sex life or sexual orientation
As well as personal data relating to criminal convictions and offenses.
4.b. Your Rights in Relation To Personal Data
You have the following rights in relation to your personal data:
- To access the personal data held by BRIDGEBIS about you.
- To have your personal data corrected, for example, if it is incomplete or incorrect.
- To opt out of receiving marketing communications at any time
- To restrict or object to the processing of personal data or request erasing personal data (in certain circumstances and subject to applicable law)
- To receive a copy of the personal data which you have provided to BRIDGEBIS, in a structured, commonly used and machine-readable format (known as “data portability”) (in certain circumstances and subject to applicable law)
- Where you have provided personal data voluntarily, or otherwise consented to its use, the right to withdraw your consent.
- The right to complain to a data protection authority (see section “Complaints ”)
If you have a query or wish to exercise your rights, please speak to the person you usually deal with at BRIDGEBIS representatives https://www.bridgebis.com/contact/ who will send your query to the appropriate person or team within the organization.
If you are concerned about an alleged breach of privacy law or any other regulation by BRIDGEBIS, you can contact the person you usually deal with at BRIDGEBIS or at “Contact US” https://www.bridgebis.com/contact/ who will send your query to the appropriate person or team within the organization. An BRIDGEBIS privacy leader will investigate your complaint and give you information about how it will be handled.
5. Reasons For Which BRIDGEBIS Process Personal Data
5.a. Visitors to BRIDGEBIS.com
Personal data that we collect about you when you visit our site falls into several categories.
Information That You Provide Voluntarily
We collect personal data that you provide voluntarily through our Website, for example, when completing online forms to contact us, subscribing to a newsletter, using one of our online benchmark tools, subscribing to receive marketing communications from us, participating in surveys or registering for events that we are organizing. The information we collect about you include the following:
- Job title, job level or job function, role
- Company or organization
- Company data
- Contact information, including primary email, email address and telephone numbers
- Demographic information, such as industry, country, postcode, preferences and interests
- Other information relevant to client surveys or similar research
- Information relating to events captured through event-related forms, such as dietary restrictions, hotel and flight information, registration/participation status, media interview attendance, previous event experience and gender.
- Information pertinent to fulfilling our services to you
- Any other personal data that you voluntarily choose to provide to us
We do not intentionally collect sensitive category data, unless you provide us with such data. While there may be free text boxes on the site where you are able to enter any information, we do not intend to process sensitive information. You are not required to provide, and should not disclose, sensitive personal information in the free text boxes. If you choose to provide any sensitive personal information in this manner, you acknowledge you consent to the collection and processing of this sensitive information.
If you register on our site, your personal data will be stored in our CRM system . Data of registrants is deleted after an individual has not actively engaged with BRIDGEBIS for 24 months, or sooner if required by law.
If you have opted out of receiving BRIDGEBIS publications, your basic contact details will remain on our opt-out list.
Information that we collect automatically
When you visit our Website, we collect certain personal data automatically from your device. Specifically, the data we collect automatically include information, such as your IP address, pixel ID, device type, unique device identification number, browser type, operating system, broad geographic location (e.g., country or city-level location) and other technical information. We also collect information about how your device has interacted with our Website, including the pages accessed, current URL, time you visited the site and links clicked. Collecting this information enables us to better understand the visitors who come to our site, where they come from and what content on our site is of interest to them.
Our Website uses Adobe Analytics (“Adobe”) in order to provide reporting, visualizations and analysis of data. Adobe processes the following types of personal data: your IP address (to populate geosegmentation reports and to identify internal BRIDGEBIS and external users accessing our Website) and user IDs, email addresses, names and passwords to the extent provided directly by visitors of the Website. Your personal data will be processed by Adobe for the following purposes: (i) to capture web metrics about the journey of users within our Website (e.g. pages viewed and links clicked); (ii) to analyze and understand overall site traffic information; (iii) to allow us to make informed decisions about our Website; and (iv) to authenticate users and permit them to access our Website. BRIDGEBIS is the data controller for the purposes of this processing and licenses Adobe from Adobe Systems Software. Click here to learn more about Adobe’s privacy practices and to make choices regarding Adobe’s tracking activities.
Our Website also uses various social media plugins.
Purposes for which we process your personal data as a visitor to our site are:
- To administer and manage our site, including to confirm and authenticate your identity, and prevent unauthorized access to restricted areas of our Website.
- To personalize and enrich your browsing experience by displaying content (including targeted advertising) that is more likely to be relevant and of interest to you.
- To analyze the data of visitors to our Website and site traffic information
- To capture web metrics about the journey of users within our site
- To determine the company, organization, institution or agency that you work for or with which you are otherwise associated.
- To develop our business and services
- To provide you with marketing communications, BRIDGEBIS materials and online benchmarking tools
- To conduct benchmarking and data analysis (for example, regarding usage of our site and demographic analyses of visitors of our site)
- To understand how visitors use the features and functions of our Website.
- To conduct quality and risk management reviews
- To enable the better management of BRIDGEBIS events.
- To enable teams managing events to coordinate their email campaigns and event notifications more effectively.
- To allow for event and webinar sign-up.
- To allow for content download and lead capturing.
- To allow services and information to be delivered effectively to you.
- Any other purpose for which you provided information to BRIDGEBIS.
Legal grounds for processing personal data of visitors of our site are:
- Our legitimate interest in the effective delivery of information and services to you, and the effective and lawful operation of our businesses.
- Our legitimate interest in developing and improving our Website, and your user experience
- Explicit consent of the visitor
When you engage us to provide you with professional services, we collect and use personal data when we have a valid business reason to do so in connection with those services. For an overview of our services, click here .
In the context of providing professional services to clients, BRIDGEBIS also processes personal data of individuals who are not directly our clients (for example, employees, customers or suppliers of our clients). See the section “Individuals whose personal data we obtain in connection with providing services to our clients ” for additional information.
The majority of the personal data we collect and use to provide our services is supplied voluntarily by (or collected by us from third-party sources at the request of) our clients. Because of this, if you are a client of BRIDGEBIS, then it will generally be obvious to you what personal data we collect and use. This information can include:
- Basic information, such as your name, the company you work for, your position and your relationship to a person
- Contact information, such as your postal address, email address and telephone numbers
- Financial information, such as payment-related information
- Any other personal data relating to you or other third parties which you provide to us for the purpose of receiving our services.
We use this information:
- To provide services to you
- To administer our relationship and maintain contractual relations.
- For accounting and tax purposes
- For marketing and business development
- To comply with our legal and regulatory obligations.
- To establish, exercise or defend legal rights.
- For historical and statistical purposes
Given the diversity of the services we provide, we process many categories of personal data. Please see below (non-exhaustive) examples of personal data categories for our main service lines:
In providing assurance services, BRIDGEBIS will process information that contains personal data, such as payroll files, board records and other documents attributable to the audit client’s and any group companies’ activities. Examples of categories of personal data that are processed are:
- Contact details, such as name, address, telephone numbers and email address
- Details of employment, such as employment number, employment department, role and employment time
- Personal identity number
- Other categories of personal data needed for conducting the audit in accordance with good auditor’s and auditing standards
II. Advisory and Consulting Services
In providing advisory services, BRIDGEBIS processes a wide variety of information, including potentially all types of personal data. The scope depends on the service and the sector in which the BRIDGEBIS is active. For example, providing cybersecurity services for a bank involves the processing of different types of personal data than helping a client in the pharmaceutical sector build a better way of tracking health outcome data.
Examples of personal data categories received or processed by Advisory client engagement team members are:
- Contact details, such as name, address, telephone numbers and email address
- Human Resources and supplier records of clients, which include personal details of employees or suppliers of the client, such as name, contact details, date of birth, race, government identification numbers, employment contracts and service contracts.
- Financial data, such as wage and salary information.
- Personal data of employees potentially impacted by supply chain changes or outsourcing.
- Customer data, including race or gender during a customer experience engagement.
III. Strategy and Transactions
In addition, we also process identification and background information as part of our client acceptance, finance, administration and marketing processes, including audit independence, anti-money laundering, conflicts, reputational and financial checks, and to fulfill any other legal or regulatory requirements to which we are subject.
The checks could include the following:
- Identity verification: proof of name and address
- Ultimate beneficial ownership of corporate and other legal entities
- Conflicts checks: to avoid a conflict of interest with any other client.
- Anti-money laundering, proceeds of crime and terrorist financing checks.
- Politically exposed persons (PEP) checks: those with prominent roles in government, judiciary, courts, central banks, embassies, armed forces and state-owned enterprises, including their family members and close associates.
- Adverse media checks
- Government sanctions list checks
- Independence checks
These checks are made for legal, regulatory or business reasons and need to be repeated during the course of our engagements. As part of these checks, we are required to process special category data (for example, to verify if you are a politically exposed person or to collect information about criminal convictions where this is required for anti-money laundering laws). It is important you provide us with all necessary information and documents as this affects our ability to provide services to you.
Legal grounds for processing personal data of our clients are:
Performance of a contract
- Compliance with a legal or regulatory obligation.
- Our legitimate interest in providing you with seamless, consistent, high-quality services and securing prompt payment of any fees, costs and debts in respect of our services.
- Our legitimate interest in understanding any conflict of interest or challenge with regard to independence legislation.
- Our legitimate interest in safeguarding BRIDGEBIS against inadvertently dealing with the proceeds of criminal activities or assisting in any other unlawful or fraudulent activities (for example, terrorism).
5.c. Individuals whose personal data we obtain when providing services to our clients
As part of the professional services BRIDGEBIS provides to clients, BRIDGEBIS processes personal data of individuals with whom we do not have a direct (contractual or other) relationship. For example, if we perform a statutory audit, our engagement team will be required to audit our client’s books, which could include payroll data for employees of the client, supplier data, financial administration, data regarding claimants and legal proceedings. To take another example: if we undertake a due diligence review of an acquisition of a target on behalf of a client, BRIDGEBIS obtains personal data concerning the target’s employees, management and customers.
We seek confirmation from our clients that they have the authority to provide personal data to us in connection with the performance of the services and that any personal data they provide to us has been processed in accordance with applicable law.
Given the diversity of services we provide, we process many categories of personal data such as:
- Personal details (such as name, age, data of birth, gender, marital status and country)
- Contact details (such as phone numbers, email address and postal address)
- Financial details (such as salary, payroll, and income )
- Employment details (such as role, rank, experience, performance data and employment numbers)
Legal grounds for processing personal data of individuals whose personal data we obtain in connection with providing services to our clients are:
- Compliance with a legal or regulatory obligation
- Our legitimate interest in making sure our clients are provided with seamless, consistent and high-quality services worldwide
5.d. Insolvency Services
Once a company undergoes an insolvency, one or more BRIDGEBIS insolvency practitioners (i.e., administrators and liquidators) could be appointed to manage the company’s affairs, business and property. Similarly, when a debtor is subject to insolvency or a restructuring regime, one or more BRIDGEBIS insolvency practitioners could be appointed to manage the debtor’s affairs, business and property.
In this section:
- Office holder refers to the BRIDGEBIS insolvency practitioners.
- Company refers to the insolvent entity for which the office holders have been appointed.
- Debtor refers to the individual who is subject to an insolvency or restructuring regime.
- “You” refers to the data subjects concerned by the insolvency procedure of the company or debtor.
In providing insolvency services, BRIDGEBIS processes your personal data for the legitimate interests of assisting the office holders in the performance of their legal and regulatory obligations with regard to the insolvency procedures. For clarity purposes, the company or debtor remains data controller of your personal data processed for purposes that are not related to the legal and regulatory obligations of the office holders.
Most of the personal data we process is obtained from you directly, but we also indirectly obtain personal data about you.
The office holders and BRIDGEBIS process your personal data for the following (non- exhaustive) purposes:
- Communicating with the company or debtor’s creditors and individual creditors: specific information essential in order to carry out statutory duties (this information is to be used to assess, for example, an entitlement to any dividend should one be payable)
- Provision of references or reports to government departments, regulatory authorities and appropriate bodies in connection with the holding of public office or responding to requests
- Provision of statutory returns
- Case administration purposes, including the realization of assets, agreement of claims and payment of distributions
- Processing for personal purposes of employees in accordance with the law and the company’s own policies
- Administration of payroll, raising invoices, credit control and other data relating to the company’s finances
- The reasonable and lawful provision of information to interested parties.
- The prevention and detection of crime or fraud
- Establishing, exercising or defending legal rights, taking legal advice, taking or defending legal proceedings
- Complying with legal obligations to which the company or debtor is subject.
- Quality and risk management purposes
The types of personal data processed for the above purposes include (but are not limited to) name, address, identifying information, payroll information, as well as any information with your dealings with the company or debtor that are necessary for the performance of the office holders’ statutory obligations during the insolvency procedure.
You have certain rights in relation to your personal data. If you have a query or wish to exercise your rights, please make a written request to the party responsible for your personal data (the company, debtor or the office holder) using the contact details provided in communications about the insolvency.